amanjuman

sudo useradd -rs /bin/false prometheus
sudo mkdir /etc/prometheus /var/lib/prometheus
cd /tmp && wget https://github.com/prometheus/prometheus/releases/download/v2.51.0/prometheus-2.51.0.linux-amd64.tar.gz
tar -xvf prometheus-*.*-amd64.tar.gz && cd prometheus-*.*-amd64
sudo mv console* /etc/prometheus
sudo mv prometheus.yml /etc/prometheus
sudo mv prometheus promtool /usr/local/bin/
sudo chown prometheus:prometheus /usr/local/bin/prometheus /etc/prometheus /var/lib/prometheus

sudo nano /etc/systemd/system/prometheus.service

amanjuman

Set Server Hostname

hostnamectl set-hostname fqdn.domain.tld

Install Required Packages

sudo apt install postfix libsasl2-modules mailutils -y

amanjuman

general:
  # This can be changed to allow messages to be sent from multiple IP addresses
  use_ip_pools: true

web:
  # The host that the management interface will be available on
  host: fqdn.domain.tld
  # The protocol that requests to the management interface should happen on
  protocol: https

amanjuman

Set Server Hostname

hostnamectl set-hostname fqdn.domain.tld

Install Docker

curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh
curl -SL https://github.com/docker/compose/releases/download/v2.24.1/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose && sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

amanjuman

Install Packages

sudo apt install netplan.io openvswitch-switch

Configure Netplan

nano /etc/netplan/network.yaml

network:

amanjuman

Enable System IP forwarding first

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf

Here is sample network configuration (remove comments "##") Replace your interface name, public IP, internal NAT IP

amanjuman

Install the dependencies:

apt update && apt install sudo wget gnupg gnupg2 dphys-swapfile -y

Verify the PGP Key

wget -O- https://repo.3cx.com/key.pub | gpg --dearmor | sudo tee /usr/share/keyrings/3cx-archive-keyring.gpg >> /dev/null

amanjuman

## Download Go
sudo wget --output-document /opt/go.tar.gz https://go.dev/dl/go1.22.0.linux-amd64.tar.gz

## Remove Existing Go and Extract Downloaded Go
sudo rm -rf /usr/local/go && sudo tar --directory /usr/local --extract --gzip --file /opt/go.tar.gz && sudo rm /opt/go.tar.gz

## Delete & Recreate user for Derper
sudo userdel -r derp && sudo useradd --system --create-home --home-dir /opt/derp --shell /bin/bash derp

## Export Profile path

amanjuman

Install telnet if not installed

sudo apt install telnet -y

Check if outbound SMTP port is open or not

telnet smtp.google.com 25

Set Hostname

hostnamectl set-hostname fqdn.domain.tld

Install docker

amanjuman

## Seed
## xeob8mPP2VPHBXHCexEPGjOMdBKgQ7qCv2tRC6BXSfQ2ahAeEHC374OyOykUYCyRKU/n8Azv6cw6/MLwNZq9HSYEPfKNFTKhJG2vKZUmFNzc9RDzxya9Lp9VsE34P/tWL4EBO+c7an3Lvi9vXYI79uTbVMcdmNQP5ZrQ6AIZYwCc/N1jdM71muV4Vc94jY9aRsmQvC6bOrxgHlAcWrUw8irEbUNCg5xe5INpnCjbRSXnojisx07zmNDSQ5BUH4LXhRok/uIuGg5qqJaans+FegDc1+aN2L2cTlcefYjTJnMNIjzuPFBClbaAszDTcmQ7wjF7TdYZgJTd3V+754+RlQ==
## WireGuard Server Configuration
[Interface]
Address = 172.73.74.1/24
ListenPort = 12345
PrivateKey = wLgZoPI44SU67MXktUnRMNYz4WbLTYIWweX03cBXukQ=

## Allow communication between WireGuard peers and MASQUERADE traffic
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;