Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
UBUNTU / MINT SERVER - AFTER INSTALL TODO
[ SERVER PART ] (for desktop, scroll down)
sudo apt install -y build-essential libssl-dev libncurses5-dev libpcap-dev git apt-transport-https ca-certificates
git config --global core.autocrlf false
git config --global core.longpaths true
// NodeJS
cd /tmp
curl -sL https://deb.nodesource.com/setup_10.x -o nodesource_setup.sh
sudo bash nodesource_setup.sh
sudo apt install nodejs
nodejs -v
npm -v
sudo npm install -g yarn
sudo npm install -g ts-node
sudo npm install -g typescript
//Go
cd /tmp
wget -q https://storage.googleapis.com/golang/getgo/installer_linux
chmod +x installer_linux
./installer_linux
source $HOME/.bash_profile
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub
[go]
sudo apt install golang
echo 'export GOPATH=$HOME/go' >> ~/.bashrc
echo 'export PATH=${PATH}:${GOPATH}/bin' >> ~/.bashrc
source ~/.bashrc
[utils]
$sudo apt install build-essential openssl libssl-dev libudev-dev git curl gcc g++ make build-essential pkg-config xclip snapd
sudo apt-get install -y htop unzip zip unrar mc nethogs build-essential python-pip git
[ssh ?]
sudo apt-get install -y openssh-server
sudo nano /etc/ssh/sshd_config 5000
sudo restart ssh
[java / nvidia / shutter ?]
# java 8 & nvidia
sudo apt-get purge nvidia*
sudo add-apt-repository ppa:webupd8team/java
sudo add-apt-repository ppa:graphics-drivers
sudo add-apt-repository ppa:shutter/ppa
sudo apt-get update
sudo apt-get install oracle-java8-installer
sudo apt-get install nvidia-370
sudo apt-get install shutter
java -version
[User Interface ?]
sudo apt-get install -y guake
[Android Studio ?]
sudo apt-get install -y lib32stdc++6 libc6:i386 libncurses5:i386 libstdc++6:i386 lib32z1 libbz2-1.0:i386
https://developer.android.com/studio/preview/index.html
https://www.jetbrains.com/idea/download/#section=linux
cd ~/Downloads; wget https://github.com/square/java-code-styles/archive/master.zip; unzip master.zip
[DOCKER]
sudo apt-get install docker docker.io
sudo usermod -aG docker $USER
[Wordpress ?]
sudo apt-get install -y php5 php5-mysql mysql-client mysql-server
or
sudo apt-get install -y php5-fpm php5-cli php5-mysql -y
[nano /etc/mysql/my.cnf]
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8
[mysqld]
collation-server = utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server = utf8
$mysql -u root -p
show databases;
CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON * . * TO 'newuser'@'localhost';
FLUSH PRIVILEGES;
[failtoban ?]
sudo apt-get install -y fail2ban
sudo nano /etc/fail2ban/jail.conf
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
sudo /etc/init.d/fail2ban restart
sudo fail2ban-client status
==================
sudo apt-get update
sudo apt-get install letsencrypt
sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d example.com -d www.example.com
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
#always redirect to https ?
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;
}
Nginx config:
server {
listen 80;
listen [::]:80;
root /home/cleverbots;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name domain.com www.domain.com
# SSL configuration
#
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/... chain;
ssl_certificate_key /etc/letsencrypt/live/... priv key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable preloading HSTS for now. You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
location /static/ {
expires 30d;
add_header Last-Modified $sent_http_Expires;
alias /home/cleverbots/application/static/;
}
location / {
try_files $uri @tornado;
}
location @tornado {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:1337;
}
}
server {
listen 80;
listen [::]:80;
root /home/cleverbots/resume_bot;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name subdomain.domain.com;
# SSL configuration
#
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/... chain;
ssl_certificate_key /etc/letsencrypt/live/... priv key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable preloading HSTS for now. You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
location /static/ {
expires 30d;
add_header Last-Modified $sent_http_Expires;
alias /home/cleverbots/resume_bot/static/;
}
location / {
try_files $uri @tornado2;
}
location @tornado2 {
proxy_pass http://localhost:1338;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
https://www.ssllabs.com/ssltest/analyze.html
FOR DESKTOP ==========================
Shortcuts:
create file android_studio.desktop
[Desktop Entry]
Version=1.0
Type=Application
Name=Android Studio
Exec="/home/username/Programs/AndroidStudio/bin/studio.sh" %f
Icon=/home/username/Programs/AndroidStudio/bin/idea.png
Categories=Development;IDE;
Terminal=false
StartupNotify=true
StartupWMClass=jetbrains-android-studio
Name[en_GB]=android-studio.desktop
run $desktop-install-[TAB] android-studio.desktop
#####################
“full hinting” option in Appearance→Fonts→Details
sudo fc-cache -fv
~~~~~~~~~~ BASHRC ~~~~~~~~~~~
nano ~/.bashrc
JAVA_HOME=/usr/lib/jvm/java-8-oracle
df -h
ifconfig –a
ping –c 4 google.ro
[if unknown host] sudo nano /etc/resolv.conf nameserver 192.168.1.1 (line down) nameserver 8.8.8.8
apt-get clean && apt-get update && apt-get upgrade -y
[ssh if needed]
sudo apt-get install -y openssh-server
sudo nano /etc/ssh/sshd_config 5000
sudo restart ssh
sudo apt-get install -y guake htop zip rar unrar mc nethogs build-essential python-pip git redshift redshift-gtk lib32stdc++6
libc6:i386 libncurses5:i386 libstdc++6:i386 lib32z1 libbz2-1.0:i386
setup guake on "~". add guake to start applications. (redshift should be there)
# java 8 & nvidia
sudo apt-get purge nvidia*
sudo add-apt-repository ppa:webupd8team/java
sudo add-apt-repository ppa:graphics-drivers
sudo add-apt-repository ppa:shutter/ppa
sudo apt-get update
sudo apt-get install oracle-java8-installer
sudo apt-get install nvidia-370
sudo apt-get install shutter
java -version
Reboot your computer
~~~~~~ DESKTOP BUILD ~~~~~~~~~
https://developer.android.com/studio/preview/index.html
https://www.jetbrains.com/idea/download/#section=linux
cd ~/Downloads; wget https://github.com/square/java-code-styles/archive/master.zip; unzip master.zip
Configure IntelliJ Idea
your_install_folder_idea/bin/idea.vmoptions, increase the min and max memory like this (for speed up code parsing) :
# custom IntelliJ IDEA VM options
-Xms1024m
-Xmx4096m
-XX:ReservedCodeCacheSize=240m
-XX:+UseCompressedOops
For IDEA properties, open (or create) the file your_install_folder_idea/bin/idea.properties and increase the filesize like (otherwise IDEA won’t parse the big R.java required):
# custom IntelliJ IDEA properties
idea.max.intellisense.filesize=15000
idea.case.sensitive.fs=true
## Create SSH KEYS
$ ssh-keygen ENTER ENTER
[nethogs eth0]
sudo nano /etc/host.conf
order bind,hosts
nospoof on
[DOCKER]
sudo apt-get install docker docker.io
sudo usermod -aG docker $USER
[Wordpress ?]
sudo apt-get install -y php5 php5-mysql mysql-client mysql-server
or
sudo apt-get install -y php5-fpm php5-cli php5-mysql -y
[nano /etc/mysql/my.cnf]
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8
[mysqld]
collation-server = utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server = utf8
$mysql -u root -p
show databases;
CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON * . * TO 'newuser'@'localhost';
FLUSH PRIVILEGES;
[webmin]
sudo nano /etc/apt/sources.list
-> deb http://download.webmin.com/download/repository sarge contrib
wget -q http://www.webmin.com/jcameron-key.asc -O- | sudo apt-key add -
sudo apt-get update
sudo apt-get install webmin
sudo nano -w /etc/webmin/miniserv.conf [change the port]
serverip:5001
/????
sudo ufw allow 10000
sudo apt-get install -y build-essential python python-dev python-pip python-mysqldb libmysqlclient-dev supervisor libmemcached-dev memcached python-memcache dos2unix git fail2ban
[failtoban]
sudo apt-get install -y
sudo nano /etc/fail2ban/jail.conf
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
sudo /etc/init.d/fail2ban restart
sudo fail2ban-client status
pip install flask flask-login flask-mail sqlalchemy flask-sqlalchemy flask-wtf flask-migrate tornado flask-cache simpleencode flask-admin flask-security python-dateutil beautifulsoup4 mechanize selenium psutil
#========== delete something ===========
sudo apt-get --purge remove mysql-client mysql-server mysql-common
sudo apt-get autoremove
#------- supervisor config ----------------
;[program:orientdb]
;command=/home/orientdb_1.7/bin/server.sh ; the program (relative uses PATH, can take args)
;numprocs=1 ; number of processes copies to start (def 1)
;priority=999 ; the relative start priority (default 999)
;autostart=true ; start at supervisord start (default: true)
;autorestart=true ; retstart at unexpected quit (default: true)
;startsecs=10 ; number of secs prog must stay running (def. 1)
;startretries=3 ; max # of serial start failures (default 3)
;redirect_stderr=true ; redirect proc stderr to stdout (default false)
;stdout_logfile=/home/orientdb_1.7/log.txt ; stdout log path, NONE for none; default AUTO
;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
;stdout_logfile_backups=1 ; # of stdout logfile backups (default 10)
;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)
//------- ssh key
Start the PuTTYgen utility, by double-clicking on its .exe file;
For Type of key to generate, select SSH-2 RSA;
In the Number of bits in a generated key field, specify either 2048 or 4096 (increasing the bits makes it harder to crack the key by brute-force methods);
Click the Generate button;
Move your mouse pointer around in the blank area of the Key section, below the progress bar (to generate some randomness) until the progress bar is full;
A private/ public key pair has now been generated;
In the Key comment field, enter any comment you'd like, to help you identify this key pair, later (e.g. your e-mail address; home; office; etc.) -- the key comment is particularly useful in the event you end up creating more than one key pair;
Optional: Type a passphrase in the Key passphrase field & re-type the same passphrase in the Confirm passphrase field (if you would like to use your keys for automated processes, however, you should not create a passphrase);
Click the Save public key button & choose whatever filename you'd like (some users create a folder in their computer named my_keys);
Click the Save private key button & choose whatever filename you'd like (you can save it in the same location as the public key, but it should be a location that only you can access and that you will NOT lose! If you lose your keys and have disabled username/password logins, you will no longer be able log in!);
Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All;
Right-click again in the same text field and choose Copy.
If your SSH folder does not yet exist, create it manually:
mkdir ~/.ssh
chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0644 ~/.ssh/authorized_keys
Paste the SSH public key into your ~/.ssh/authorized_keys file (see Installing and Using the Vim Text Editor on an Cloud Server):
sudo vim ~/.ssh/authorized_keys
Tap the i key on your keyboard & right-click your mouse to paste.
Specify the username that you plan on using, when logging in to the SSH server, and whose profile you're saving, in the Auto-login username field;
Expand the SSH sub-category, under Connection;
Highlight the Auth sub-category and click the Browse button, on the right-hand side of the PuTTY window;
Browse your file system and select your previously-created private key;
sudo vim /etc/ssh/sshd_config
Tap the i key on your keyboard and edit the lines, referenced below:
[...]
PasswordAuthentication no
[...]
UsePAM no
[...]
To save, tap the following keys on your keyboard (in this order): Esc, :, w, q, Enter. Now, reload the SSH server's configuration:
sudo reload ssh
setup Fonts -> Hinting Full
# NPM & Other Stuff
sudo apt-get install -y build-essential
apt-get install git
sudo apt-get install nodejs
cd /tmp
curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -
sudo apt-get install -y nodejs
npm outdated -g --depth=0
npm update -g
npm cache clean
npm install -g hexo-cli
$ hexo init <folder>
$ cd <folder>
$ npm install
==================
sudo apt-get update
sudo apt-get install letsencrypt
sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d example.com -d www.example.com
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
#always redirect to https ?
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;
}
Nginx config:
server {
listen 80;
listen [::]:80;
root /home/cleverbots;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name domain.com www.domain.com
# SSL configuration
#
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/... chain;
ssl_certificate_key /etc/letsencrypt/live/... priv key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable preloading HSTS for now. You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
location /static/ {
expires 30d;
add_header Last-Modified $sent_http_Expires;
alias /home/cleverbots/application/static/;
}
location / {
try_files $uri @tornado;
}
location @tornado {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:1337;
}
}
server {
listen 80;
listen [::]:80;
root /home/cleverbots/resume_bot;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name subdomain.domain.com;
# SSL configuration
#
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/... chain;
ssl_certificate_key /etc/letsencrypt/live/... priv key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable preloading HSTS for now. You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
location /static/ {
expires 30d;
add_header Last-Modified $sent_http_Expires;
alias /home/cleverbots/resume_bot/static/;
}
location / {
try_files $uri @tornado2;
}
location @tornado2 {
proxy_pass http://localhost:1338;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
https://www.ssllabs.com/ssltest/analyze.html
FOR DESKTOP ==========================
Shortcuts:
create file android_studio.desktop
[Desktop Entry]
Version=1.0
Type=Application
Name=Android Studio
Exec="/home/username/Programs/AndroidStudio/bin/studio.sh" %f
Icon=/home/username/Programs/AndroidStudio/bin/idea.png
Categories=Development;IDE;
Terminal=false
StartupNotify=true
StartupWMClass=jetbrains-android-studio
Name[en_GB]=android-studio.desktop
run $desktop-install-[TAB] android-studio.desktop
#####################
“full hinting” option in Appearance→Fonts→Details
sudo fc-cache -fv
~~~~~~~~~~ BASHRC ~~~~~~~~~~~
nano ~/.bashrc
JAVA_HOME=/usr/lib/jvm/java-8-oracle
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment