Created
June 20, 2024 15:21
-
-
Save nixoletas/06c1e79501717959af3bf2ddb26afef7 to your computer and use it in GitHub Desktop.
Script to run on a first ubuntu server boot setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Update the package lists for upgrades and new package installations | |
sudo apt update | |
# Upgrade all installed packages to their latest versions | |
sudo apt upgrade -y | |
# Install essential packages | |
sudo apt install -y curl wget git vim build-essential ufw | |
# Set the timezone (replace 'America/New_York' with your desired timezone) | |
sudo timedatectl set-timezone America/New_York | |
# Enable the UFW firewall | |
sudo ufw enable | |
# Allow SSH connections through the firewall | |
sudo ufw allow ssh | |
# Optionally, allow HTTP and HTTPS traffic | |
# sudo ufw allow http | |
# sudo ufw allow https | |
# Add a new user (replace 'username' with your desired username) | |
# sudo adduser username | |
# Grant sudo privileges to the new user (replace 'username' with the username) | |
# sudo usermod -aG sudo username | |
# Disable password authentication for SSH (enhances security, especially if using SSH keys) | |
sudo sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config | |
sudo systemctl reload sshd | |
# Enable automatic security updates (recommended for critical security patches) | |
sudo apt install -y unattended-upgrades | |
sudo dpkg-reconfigure -plow unattended-upgrades | |
# Clean up package lists to free up space | |
sudo apt autoremove -y | |
sudo apt autoclean -y | |
# Reboot the system to apply any changes | |
sudo reboot |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment