Skip to content

Instantly share code, notes, and snippets.

@Trefex

Trefex/OVH_README.md

Last active January 23, 2020 20:11
Show Gist options
  • Star 17 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save Trefex/7028000be4d497851091 to your computer and use it in GitHub Desktop.
Save Trefex/7028000be4d497851091 to your computer and use it in GitHub Desktop.
Download ZIP
How I setup my VPS on ovh-com
Raw
OVH_README.md

Config is 2vCPU, 2 GB RAM and running Debian 7 on 64 bits.

apt-get update
apt-get upgrade
apt-get install htop

Add localadmin user

adduser localadmin
apt-get install sudo
sudo update-alternatives --config editor
visudo

Add the localadmin user as root

localadmin  ALL=(ALL) NOPASSWD: ALL

Put SSH port to something else

vim /etc/ssh/sshd_config

Set Port to the value you like. Hidden for security purpose Restart SSH

service ssh restart

Setting up service to ban IP's on many failed login attempts

apt-get install fail2ban

Change port of SSH action to the port defined earlier, and restart service

service fail2ban restart

Installed LAMP stack

tasksel install web-server
adduser trefex
mkdir /home/trefex/public_html
mkdir /home/trefex/logs
chown trefex.www-data /home/trefex/public_html/
chmod 750 /home/trefex/public_html/
chmod 750 /home/trefex/logs/
chmod 711 /home/trefex/
apt-get install php5 libapache2-mod-php5 mysql-server libapache2-mod-auth-mysql php5-mysql
mysql_secure_installation
apt-get install phpmyadmin

Configured Virtual Hosts

ls -al
cd /etc/apache2/sites-available/
ls -al
less default
cp default trefex.com
vim trefex.com
a2ensite trefex.com
service apache2 reload

Contents of /etc/apache2/sites-available/trefex.com

<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        ServerName trefex.com
        ServerAlias www.trefex.com

        DocumentRoot /home/trefex/public_html

        ErrorLog /home/trefex/logs/error.log
        CustomLog /home/trefex/logs/access.log combined
</VirtualHost>

Install webmin to administer unix machine in a more user friendly way

apt-get update

Edit /etc/apt/sources.list and add

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib
cd /root
wget http://www.webmin.com/jcameron-key.asc
apt-key add jcameron-key.asc

Add public SSH key to server to prevent password logon and ease of use

mkdir ~/.ssh
chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0644 ~/.ssh/authorized_keys
vim ~/.ssh/authorized_keys

Enable mod_rewrite in Apache 2

a2enmod rewrite
service apache2 restart

Ruby - to get latest version, do not use apt-get install ruby

wget -O ruby-install-0.5.0.tar.gz https://github.com/postmodern/ruby-install/archive/v0.5.0.tar.gz
tar -xzvf ruby-install-0.5.0.tar.gz
cd ruby-install-0.5.0/
sudo make install

Installing ruby gem and ruby env. Install rbenvusing https://github.com/sstephenson/rbenv

ruby-install --install-dir ~/.rbenv/versions/2.1.3 ruby 2.1.3
rbenv global 2.1.3
wget http://production.cf.rubygems.org/rubygems/rubygems-2.4.5.tgz
tar -zxvf rubygems-2.4.5.tgz
cd rubygems-2.4.5
ruby setup.rb
gem install backup
gem install whenever

Also enable suPHP to execute PHP as owner of files

apt-get install libapache2-mod-suphp
service apache2 restart

In Jessie, suPHP is not available anymore and should be replaced by php-fpm

apt install php5-fpm php5-dev libapache2-mod-fastcgi

Follow this guide: https://www.linode.com/docs/websites/apache/install-php-fpm-and-apache-on-debian-8

@JamesSwift
Copy link

Interesting overview. Thanks for sharing.

You find my little project of interest: https://github.com/JamesSwift/SharedServerTools

It's basically an automated version of what you do (although I use a different stack (nginx)). So that when I spin up new VPS instances I can get them setup just how I like quickly and without forgetting anything.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment