JosefJezek/setup-ubuntu-server.md

## setup-ubuntu-server.md

      
    Raw
  

              setup-ubuntu-server.md
            
          
    Setup Ubuntu Server


https://help.ubuntu.com/14.04/serverguide

Update

locale-gen en_US.UTF-8
sudo apt-get update && sudo apt-get -y upgrade
Auto Update


https://help.ubuntu.com/lts/serverguide/automatic-updates.html

vi /etc/apt/apt.conf.d/50unattended-upgrades
vi /etc/apt/apt.conf.d/10periodic

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
GPG Keys

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys <KEY> <KEY>
Install base packages

sudo apt-get -y install ntp htop
Set SSH

sudo vi /etc/ssh/sshd_config
Port 25000
# Only all ipv4 addresses -> UFW - Skipping unsupported IPv6 'limit' rule - Ubuntu 12.04
ListenAddress 0.0.0.0
# Disable root login
PermitRootLogin no
UseDNS no
AllowUsers newuser

sudo adduser newuser
sudo usermod -a -G sudo newuser

sudo reload ssh
Set Timezone

date
more /etc/timezone
sudo dpkg-reconfigure tzdata

# Also be sure to restart cron as it won’t pick up the timezone change
sudo service cron restart
Set NTP

sudo vi /etc/ntp.conf
# statsdir /var/log/ntpstats/
server tak.cesnet.cz
server tik.cesnet.cz

sudo restart ntp
Setup Firewall UFW


https://help.ubuntu.com/14.04/serverguide/firewall.html

sudo ufw enable
sudo ufw status verbose

sudo ufw allow 22000
sudo ufw allow http
sudo ufw allow https

# Deny connections if an IP address has attempted to initiate 6 or more connections in the last 30 seconds
sudo ufw limit 22000/tcp

# Sometimes it is desirable to let the sender know when traffic is being denied, rather than simply ignoring it
sudo ufw reject auth

ufw allow from x.x.x.x to any port 3306
ufw allow in on eth0 to any port 80 proto tcp

tail /var/log/ufw.log
cat /var/log/messages | grep UFW
ufw logging on # low level
ufw logging off
ufw logging LEVEL

cat /etc/rsyslog.d/20-ufw.conf

# Reset the firewall to its default state
sudo ufw reset

https://wiki.ubuntu.com/UncomplicatedFirewall
http://www.fwbuilder.org

Mount

CIFS

sudo mkdir /media/data

sudo mount.cifs //server/data /media/data -o username=domain/administrator,iocharset=utf8,file_mode=0777,dir_mode=0777
# With password
sudo mount.cifs //server/data /media/data -o username=domain/administrator,password=windows,iocharset=utf8,file_mode=0777,dir_mode=0777

sudo umount /media/data
RM

/bin/rm: cannot execute [Argument list too long]
find . -name "*.pdf" -maxdepth 1 -print0 | xargs -0 rm

http://stackoverflow.com/questions/11289551/argument-list-too-long-error-for-rm-cp-mv-commands