sudo apt install gdebi-core
- Install the taskel and samba server packages
sudo tasksel install samba-serversudo cp /etc/samba/smb.conf /etc/samba/smb.conf_backupsudo bash -c 'grep -v -E "^#|^;" /etc/samba/smb.conf_backup | grep . > /etc/samba/smb.conf'sudo nano /etc/samba/smb.conf-
[public] comment = public anonymous access path = /var/samba/ browsable =yes create mask = 0660 directory mask = 0771 writable = yes guest ok = yes - restart the service
sudo systemctl restart smbd
- Visual Studio Code on Linux
- or
sudo snap install --classic code - or if you like living on the edge
sudo snap install --classic code-insiders
code /etc/sysctl.conf
- add the following line to the end of the sysctl.conf file
fs.inotify.max_user_watches=524288
- enter the following command in your shell
sudo sysctl -p
- make sure VS Code isn't listening to unnecessary files
"files.watcherExclude": {
"**/.git/objects/**": true,
"**/.git/subtree-cache/**": true,
"**/node_modules/*/**": true
}
sudo apt install git -y
Simply follow the prompts. There is no need to enter a password. Continue to hit the enter/return key until you see ASCII art.
ssh-keygen
If for some reason, when you attempt to clone a repository and you receive a sign_and_send_pubkey: signing failed: agent refused operation - this means your key for one reason or another hasn't been added. If this is the case, enter the following commands:
chmod 700 ~/.ssh &&
chmod 600 ~/.ssh/* &&
ssh-add
sudo apt update -y &&
sudo apt upgrade -y &&
sudo apt install zsh -y &&
sudo apt install powerline fonts-powerline -y &&
git clone https://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh
cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc
nano .zshrc or code .zshrc
chsh -s /bin/zsh
sudo reboot
sudo apt install curl -y &&
curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.35.3/install.sh | bash
export NVM_DIR="$([ -z "${XDG_CONFIG_HOME-}" ] && printf %s "${HOME}/.nvm" || printf %s "${XDG_CONFIG_HOME}/nvm")"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm
If you receive an error message regarding manpath i.e.: manpath: can't set the locale;..., please run the following command:
sudo locale-gen "en_US.UTF-8"
sudo apt update && sudo apt upgrade -y &&
sudo apt install mongodb -y &&
sudo systemctl status mongodb (to check status)
sudo systemctl status mongodb
sudo systemctl stop mongodb
sudo systemctl start mongodb
sudo systemctl restart mongodb
sudo apt update &&
sudo apt install nginx -y
sudo ufw allow 'Nginx HTTP' &&
sudo ufw status (it's ok if it says inactive)
To enable: sudo ufw enable
sudo touch /etc/nginx/sites-available/YOUR_DOMAIN_NAME.com
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name example.com;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
sudo nginx -t
sudo ln -s /etc/nginx/sites-available/YOUR_DOMAIN_NAME.com /etc/nginx/sites-enabled/
sudo systemctl reload nginx
sudo ln -s /etc/nginx/sites-available/YOUR_SITE_CONFIGURATION_FILE /etc/nginx/sites-enabled/
server {
listen 80 kanebridge.local;
listen [::]:80 kanebridge.local;
server_name _;
location / {
# default port, could be changed if you use next with custom server
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
# if you have try_files like this, remove it from our block
# otherwise next app will not work properly
# try_files $uri $uri/ =404;
}
}
sudo ln -s /etc/nginx/sites-available/YOUR_SITE_CONFIGURATION /etc/nginx/sites-enabled
sudo systemctl restart nginx
code /etc/hosts
sudo apt install mysql-server mysql-common mysql-client -y &&
sudo systemctl start mysql &&
sudo systemctl enable mysql &&
sudo mysql_secure_installation &&
systemctl start mysql
additional reading: How to install MySQL
service mysql status
Assuming that you're not a crazy person and pass your db password into the command line, you have a file located at your home directory named .my.cnf that is populated with the following values:
[mysqldump]
user=YOURUSERNAME
password=YOUR_PASSWORD
SELECT user,authentication_string,plugin,host FROM mysql.user;
If you notice that it's using the auth_socket plugin, execute the following command to use 'mysql_native_password`:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
mysqldump YOUR_DB_USER_NAME YOUR_TARGET_DATABASE > YOUR_LOCAL_DIRECTORY/NAME_OF_YOUR_SQL_FILE.sql
mysqldump YOUR_DB_USER_NAME YOUR_TARGET_DATABASE < YOUR_LOCAL_DIRECTORY/NAME_OF_YOUR_SQL_FILE.sql
sudo apt remove --purge mysql-server mysql-client mysql-common -y
sudo apt autoremove -y
sudo apt autoclean
rm -rf /etc/mysql
sudo find / -iname 'mysql*' -exec rm -rf {} \;
sudo apt install -y software-properties-common &&
sudo add-apt-repository universe &&
sudo add-apt-repository ppa:ondrej/php &&
sudo apt update &&
sudo apt install php7.4-cli php7.4-fpm php7.4-bcmath php7.4-curl php7.4-gd php7.4-intl php7.4-json php7.4-mbstring php7.4-mysql php7.4-opcache php7.4-sqlite3 php7.4-xml php7.4-zip -y &&
php --version
## take that version and apply it to the next command)
sudo apt update &&
sudo add-apt-repository ppa:ondrej/php -y &&
sudo apt update &&
sudo apt install php7.4-cli \
php7.4-fpm \
php7.4-bcmath \
php7.4-curl \
php7.4-gd \
php7.4-intl \
php7.4-json \
php7.4-mbstring \
php7.4-odbc \
php7.4-mysql \
php7.4-opcache \
php7.4-sqlite3 \
php7.4-xml \
php7.4-zip -y
sudo update-alternatives --config php
Then select the version you desire.
Make sure to get the latest instructions as I maintain this document when I have the time. https://getcomposer.org/download/
sudo apt update &&
sudo apt install curl php-cli php-mbstring git unzip -y &&
cd ~ &&
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&
HASH="$(wget -q -O - https://composer.github.io/installer.sig)"
php -r "if (hash_file('SHA384', 'composer-setup.php') === '$HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" &&
sudo php composer-setup.php --install-dir=/usr/local/bin --filename=composer &&
sudo rm composer-setup.php
You have a few options here, by default the user:group for php is www-data:www-data.
You can simply add the www-data user to your group for example:
id cesar
Should list out all of the groups your belong to. In my case, it's cesar:cesar (user:group).
What I did to resolve any permissions issue is add the www-data user to my group (since by default whenever you clone a repo, your user is the owner and group.
TLDR;
sudo adduser www-data YOUR_USER_NAME
- Download here
- their installation instructions have been solid. I've never had an issue within the Ubuntu distro
- Make sure to note that you will need to install KVM to run Android emulators
sudo apt update -y &&
sudo apt upgrade -y &&
sudo apt install memcached libmemcached-tools -y &&
systemctl start memcached &&
systemctl enable memcached
ps aux | grep memcached
code /etc/memcached.conf
systemctl restart memcached
sudo apt install php-memcached -y
sudo apt install redis-server -y
sudo systemctl restart redis.service
sudo systemctl status redis
sudo apt install nfs-common && sudo apt install cifs-utils -y
sudo mount -t cifs //WINDOWS-COMPUTER-NAME/SHARED-FOLDER /home/YOUR-LINUX-HOST-USERNAME/DESTINATION-PATH -o username=YOUR-LINUX-HOST-USERNAME,uid=$(id -u),gid=$(id -g),forceuid,forcegid,password=YOUR-PASSWORD
Installing SSL Certificates via Certbot
- Open a terminal shell
- Add the following repository with the following command:
sudo add-apt-repository ppa:certbot/certbot - Run apt updates with the following command:
sudo apt update - Install Certbot's NGINX package with the following command:
sudo snap install --classic certbot - Reload NGINX with the following command:
sudo systemctl reload nginx - Then modify firewall rules:
sudo ufw allow 'Nginx Full' sudo ufw delete allow 'Nginx HTTP' - Generate a SSL certificate:
sudo certbot --nginx -d example.com -d www.YOUR-DOMAIN.com
Sometimes Nginx can crash for various reasons. If you prefer to make Nginx automatically restart after a crash, then we need to edit the Nginx service unit. First, copy the original Nginx service unit to the /etc/systemd/system/ directory.
sudo cp /lib/systemd/system/nginx.service /etc/systemd/system/nginx.service
Then edit the service unit.
sudo nano /etc/systemd/system/nginx.service
Add the following line in the [service] section.
Restart=always
RestartSec=2
Like so:
Type=forking
PIDFile=/var/run/nginx.pid
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
Restart=always
RestartSec=2
This will make Nginx try to restart itself every 2 seconds after a crash. Save and close the file. Then restart Nginx.
sudo systemctl restart nginx
sudo apt update
sudo apt install cifs-utils -y
chmod a+x craft
sudo chmod -R 774 .env &&
sudo chmod -R 774 composer.json &&
sudo chmod -R 774 composer.lock &&
sudo chmod -R 774 config/license.key &&
sudo chmod -R 774 storage/* &&
sudo chmod -R 774 vendor/* &&
sudo chmod -R 774 web/cpresources/*
sudo chown -R www-data:www-data ./storage/*
sudo apt install openjdk-8-jdk -y &&
wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add - &&
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list' &&
sudo apt update &&
sudo apt install jenkins -y &&
sudo systemctl start jenkins
sudo systemctl status jenkins
sudo service jenkins stop &&
/usr/share/jenkins &&
sudo mv jenkins.war jenkins.war.old &&
sudo wget https://updates.jenkins-ci.org/latest/jenkins.war &&
sudo service jenkins start
- If you experience issues with access, run the following command:
sudo chown root:root jenkins.war
Note: Make sure to select the correct filter in the dropdown. By default it selects "Global VPJN Client (32-Bit)". Please change that selection to NetExtender
- Visit the following site and download the appropriate platform installation file for NetExtender
sudo apt install pptpd
sudo apt install python2
sudo apt install default-jre
sudo apt install openssh-client &&
sudo apt install openssh-server
sudo systemctl stop ssh
sudo systemctl start ssh
sudo systemctl restart ssh
sudo systemctl disable ssh
sudo apt remove opnessh-server
sudo systemctl status httpd
OpenSSH server config file – sshd_config (located in /etc/ssh/) OpenSSH client config file – ssh_config (located in /etc/ssh/)
Update the following to secure SSH:
PermitRootLogin no
ChallengeResponseAuthentication no
PasswordAuthentication no
PermitEmptyPasswords no
UsePAM no
AuthenticationMethods publickey
PubkeyAuthentication yes
Port [YOUR DESIRED PORT]
If you REALLY want to be safe:
sudo ufw allow from 192.168.171.1/29 to any port 22
sudo apt update &&
sudo apt upgrade &&
sudo apt install -y fail2ban
sudo nano /etc/fail2ban/jail.local
Paste the following:
[sshd]
enabled = true
port = YOUR DESIRED PORT
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
sudo fail2ban-client set sshd unbanip IP_ADDRESS
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
sudo apt update
sudo apt install jenkins
- Navigate to
/usr/share/jenkins - Stop the jenkins server
sudo service jenkins stop - Move existing jenkins war file
sudo mv jenkins.war jenkins.war.old - Download latest jenkins war file
/usr/share/jenkins && sudo wget https://updates.jenkins-ci.org/latest/jenkins.war - Start the Jenkins server
sudo service jenkins start
Install Docker
sudo apt updatesudo apt install apt-transport-https ca-certificates curl software-properties-commoncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"sudo apt updateapt-cache policy docker-cesudo apt install docker-cesudo systemctl status docker
sudo usermod -aG docker ${USER}su - ${USER}- Confirm that the docker group has been added:
id -nG
Installing Docker Compose
-sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-composesudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
sudo snap install skype --classic
sudo snap install slack --classic
sudo apt install kazam
sudo add-apt-repository ppa:obsproject/obs-studio -y &&
sudo apt update -y &&
sudo apt install obs-studio -y
sudo apt update && sudo apt upgradesudo rebootsudo apt install update-manager-coresudo do-release-upgradesudo rebootsudo apt updatesudo apt list --upgradablesudo apt upgradesudo rebootsudo apt --purge autoremovesudo apt install update-manager-coresudo do-release-upgrade- IF YOU RECEIVE THE FOLLOWING OR SIMILAR MESSAGE:
Checking for a new Ubuntu release
There is no development version of an LTS available.
To upgrade to the latest non-LTS develoment release
set Prompt=normal in /etc/update-manager/release-upgrades
- Run the following command:
sudo do-release-upgrade -d
- Run the following command:
- Check version :)
lsb_release -a
sudo apt install v4l-utils
- Visit Howdy and follow their installation steps