Instantly share code, notes, and snippets.

Embed
What would you like to do?
VPS server is for Ubuntu 16.04 LTS after completing the initial Ubuntu installation. (Usage: bash /path/to/initial_ubuntu.sh)
#!/bin/bash
#Firstly, we have to login the root user via ssh.
# install some required package
# set locales (zh_TW.UTF-8 or en_US.UTF-8)
# some VPS hosting provider has not installed the sudo package.
# You should run this command: "apt-get install sudo" by root manually.
sudo locale-gen "en_US.UTF-8"
sudo dpkg-reconfigure locales
sudo echo 'LC_ALL="en_US.UTF-8"' > /etc/default/locale
export USERNAME=$1
if [ "$USERNAME" = "" ]
then
echo 'please add the user name!'
exit 1;
fi
apt-get update
apt-get install sudo
echo 'Upgrading the package...It will be let user type the yes | no'
echo 'We have to notice that this upgrade package will be installed the Apache2 HTTP server...'
# skip the kernel update (OpenVZ is not allowed updating the Kernel.)
sudo apt-mark hold linux-image-generic linux-headers-generic
sudo apt-get upgrade
sudo apt-get install -y curl wget vim ufw
sudo useradd -m $USERNAME
sudo usermod -s /bin/bash $USERNAME
sudo adduser $USERNAME sudo
echo 'Please set password for the $USERNAME ...'
sudo passwd $USERNAME
sudo ufw enable
sudo ufw default deny
sudo ufw allow in ssh
sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
sudo echo 'ClientAliveInterval 60' >> /etc/ssh/sshd_config
sudo service ssh restart
echo 'done. You should reboot now'
# edit profile and bashrc
#if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
# if [ -f "$HOME/.bashrc" ]; then
# . "$HOME/.bashrc"
# fi
# fi
# set current timezone
sudo dpkg-reconfigure tzdata
# create the .bashrc in home directory.
# Please refer this link:https://gist.github.com/mvanderw/dfe5984b1e57a17cad87 to view the default .bashrc file
# Prevent the Burte force attatck with the fail2ban
# See more details are about this link: https://www.linode.com/docs/security/using-fail2ban-for-security
sudo apt-get install fail2ban
sudo cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
# vim /etc/fail2ban/jail.local and edit the following settings.
# "bantime" is the number of seconds that a host is banned.
#bantime = 600
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
#findtime = 600
#maxretry = 3
# start the fail2ban client
fail2ban-client start
# check the fail2ban client status
fail2ban-client status
exit 0;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment