ubuntu_server_setup
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
ubuntu_server_setup [2020/02/24 09:45] mstraub [Basic Packages] |
ubuntu_server_setup [2021/10/18 16:19] (current) mstraub [Java] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Ubuntu Server Setup ====== | ====== Ubuntu Server Setup ====== | ||
| - | This document should outline a few steps that are useful after a fresh install of an Ubuntu Server. | + | This document should outline a few steps that are useful after a fresh install of an Ubuntu Server - last updated for 20.04. |
| - | ===== Basic Packages ===== | + | ===== Install Useful Tools ===== |
| - | If you are dealing with a minimal installation (meta-package ubuntu-minimal) you may want to beef it up a bit. Check what packages are typically bundled e.g. when installing Ubuntu Server or just select your server style: | + | <code bash> |
| - | <code> | + | sudo apt install mlocate htop ncdu ranger tldr tree vim |
| - | tasksel # ncurses GUI | + | |
| - | tasksel --list-tasks | + | |
| - | tasksel --task-packages server | + | |
| </code> | </code> | ||
| - | Some additional packages for easier CLI handling: | + | ===== More Software ===== |
| - | <code> | + | |
| - | sudo apt install bash-completion ubuntu-release-upgrader-core software-properties-common | + | |
| - | </code> | + | |
| - | And some more useful tools: | + | ==== Samba / CIFS ==== |
| - | <code bash> | + | |
| - | sudo apt install htop ncdu ranger tldr tree vim | + | |
| - | </code> | + | |
| - | ===== Oracle Java ===== | + | If you need to mount Windows network drives: |
| - | If you need Oracle Java install it from this 3rd party repo (which is updated regularly): | ||
| <code bash> | <code bash> | ||
| - | sudo add-apt-repository ppa:webupd8team/java | + | sudo apt install cifs-utils |
| - | sudo apt-get update | + | |
| - | sudo apt-get install oracle-java8-installer | + | |
| </code> | </code> | ||
| - | [[http://www.webupd8.org/2012/09/install-oracle-java-8-in-ubuntu-via-ppa.html|original source]], [[https://wiki.ubuntuusers.de/Java/Installation/Oracle_Java/Java_8|more info @ ubuntuusers.de]] | + | ==== Java ==== |
| + | Ubuntu provides multiple versions of OpenJDK, e.g.: | ||
| + | <code bash> | ||
| + | sudo apt install openjdk-17-jdk-headless | ||
| + | </code> | ||
| + | |||
| + | If you need other versions check https://adoptium.net (previously named adoptopenjdk). Unfortunately as of 2021-10 they don't provide ppas but only .tar.gz files. But this may change soon. | ||
| ===== Lighttpd ===== | ===== Lighttpd ===== | ||
| Line 69: | Line 63: | ||
| ===== Enable Automatic Security Updates ===== | ===== Enable Automatic Security Updates ===== | ||
| - | Quickly enable unattended upgrades: | + | Install unattended-upgrades: |
| + | |||
| + | <code bash> | ||
| + | sudo apt install unattended-upgrades | ||
| + | </code> | ||
| + | |||
| + | Or reconfigure it if it's already installed: | ||
| <code bash> | <code bash> | ||
| sudo dpkg-reconfigure -plow unattended-upgrades | sudo dpkg-reconfigure -plow unattended-upgrades | ||
| Line 75: | Line 75: | ||
| This creates the file ''/etc/apt/apt.conf.d/20auto-upgrades''. | This creates the file ''/etc/apt/apt.conf.d/20auto-upgrades''. | ||
| - | Then set ''Unattended-Upgrade::Remove-Unused-Dependencies'' to ''true'' in ''/etc/apt/apt.conf.d/50unattended-upgrades''. | + | To avoid filling up small hard drives over time (e.g. with multiple kernel versions) it may be useful to activate the equivalent of ''sudo apt autoremove'': |
| + | |||
| + | Set ''Unattended-Upgrade::Remove-Unused-Dependencies'' to ''true'' in ''/etc/apt/apt.conf.d/50unattended-upgrades''. | ||
| See also: | See also: | ||
| * ''/etc/apt/apt.conf.d/20auto-upgrades'' (and ''man apt.conf'') | * ''/etc/apt/apt.conf.d/20auto-upgrades'' (and ''man apt.conf'') | ||
| * [[https://help.ubuntu.com/community/AutomaticSecurityUpdates]]\\ | * [[https://help.ubuntu.com/community/AutomaticSecurityUpdates]]\\ | ||
| - | * [[https://help.ubuntu.com/16.04/serverguide/automatic-updates.html]] | + | * [[https://ubuntu.com/server/docs/package-management]] |
| - | + | ||
| - | ==== Ubuntu <= 14.04 ==== | + | |
| - | Unattended-Upgrade::Remove-Unused-Dependencies seems to be broken in Ubuntu 14.04. This entry in ''/etc/crontab'' should do the trick by daily executing autoremove: | + | |
| - | + | ||
| - | <code> | + | |
| - | 0 0 * * * root apt-get autoremove -y >> /var/log/autoremovecronjob.log 2>&1 | + | |
| - | </code> | + | |
| Line 112: | Line 106: | ||
| # http://patorjk.com/software/taag/#p=display&h=1&f=Calvin%20S&t=my-server-name | # http://patorjk.com/software/taag/#p=display&h=1&f=Calvin%20S&t=my-server-name | ||
| + | # http://patorjk.com/software/taag/#p=display&h=1&v=0&f=ANSI%20Regular&t=my-server-name | ||
| echo "┌┬┐┬ ┬ ┌─┐┌─┐┬─┐┬ ┬┌─┐┬─┐ ┌┐┌┌─┐┌┬┐┌─┐" | echo "┌┬┐┬ ┬ ┌─┐┌─┐┬─┐┬ ┬┌─┐┬─┐ ┌┐┌┌─┐┌┬┐┌─┐" | ||
| echo "│││└┬┘───└─┐├┤ ├┬┘└┐┌┘├┤ ├┬┘───│││├─┤│││├┤ " | echo "│││└┬┘───└─┐├┤ ├┬┘└┐┌┘├┤ ├┬┘───│││├─┤│││├┤ " | ||
| Line 119: | Line 114: | ||
| # figlet my-server-name | # figlet my-server-name | ||
| </file> | </file> | ||
| + | |||
| + | Don't forget to make the file executable. | ||
| + | |||
| + | When using ''byobu'' delete ''~/.hushlogin'' to still see the greeting (and all other info you usually get when logging in). | ||
| ===== More Resources ===== | ===== More Resources ===== | ||
| - | [[http://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers]]\\ | + | [[https://www.ubuntupit.com/best-linux-hardening-security-tips-a-comprehensive-checklist/]] |
| - | [[https://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics]] | + | |
ubuntu_server_setup.1582533956.txt.gz · Last modified: 2020/02/24 09:45 by mstraub
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
