Docker on Ubuntu installation

ubuntu-docker.sh

apt update
apt remove docker docker-engine docker.io containerd runc
apt install -y apt-transport-https ca-certificates curl software-properties-common gnupg curl lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
apt install -y docker-ce docker-ce-cli containerd.io mc fail2ban htop git iotop lsof ufw docker-compose
systemctl status docker

ufw allow ssh
ufw allow from 10.0.0.0/8
ufw enable

mkdir /opt/portainer-certs
cd /opt/portainer-certs
openssl genrsa -out portainer.key 2048
openssl ecparam -genkey -name secp384r1 -out portainer.key

openssl req -new -x509 -sha256 -key portainer.key -out portainer.crt -days 3650

ufw allow 443/tcp
docker run -d -p 443:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data -v /opt/portainer-certs:/certs --restart unless-stopped --security-opt no-new-privileges --name portainer portainer/portainer-ce --ssl --sslcert /certs/portainer.crt --sslkey /certs/portainer.key

git clone https://github.com/docker/docker-bench-security.git
cd docker-bench-security
sh docker-bench-security.sh

echo 'docker system prune -a -f' > /etc/cron.weekly/docker_cleanup

dpkg-reconfigure --priority=low unattended-upgrades