How to set up Ubuntu Server

From Wiki
Jump to navigation Jump to search

Backups

Before installing, be sure to fully back up

  • databases
  • crontabs
  • the file system

Install

  • Install from disk, which will involve setting up the network. The resulting /etc/network/interfaces should look like this:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
	address 123.45.67.54
	netmask 255.255.255.0
	network 123.45.67.0
	broadcast 123.45.67.255
	gateway 123.45.67.254
  • May need to fix /etc/resolv.conf to look like this:
search mydomain.com
nameserver 123.45.105.105
nameserver 123.45.115.115
  • May need to fix time zone:
sudo dpkg-reconfigure tzdata

SSH

  • Install ssh, if you haven't already:
sudo apt-get install ssh
  • copy the ssh key files from backup if you're rebuilding an existing server
  • edit /etc/ssh/sshd_config, set PermitRootLogin to "no"

Packages

  • Set sources to local mirror:
cd /etc/apt
cp sources.list sources.list.orig
sed -e 's/http:\/\/security.ubuntu.com/http:\/\/mirror.mydomain.com\/security.ubuntu.com/' -i sources.list
sed -e 's/http:\/\/us.archive.ubuntu.com/http:\/\/mirror.mydomain.com\/us.archive.ubuntu.com/' -i sources.list
  • perform system-wide package updates:
sudo apt-get update
sudo apt-get upgrade
  • If packages are held back (as for kernel upgrades), run this when you're ready to reboot:
sudo apt-get -s dist-upgrade (to see what will happen)
sudo apt-get dist-upgrade
  • install atop, emacs23-nox, nmap, ntp, postfix, mailutils, logwatch, smartmontools, sysstat, sysv-rc-conf, tofrodos, unzip, xfsprogs, zip.

Security

  • run sysv-rc-conf to disable any unnecessary services.
  • Firewall: Edit this file as /etc/init.d/firewall: Firewall Example

Give it 755 permissions. Activate with 

sudo sysv-rc-conf firewall on
sudo /etc/init.d/firewall restart

Check with 

sudo iptables -L -n

Misc Package Configuration

  • Edit /etc/defaults/sysstat, set ENABLED to true.
  • Add these lines to /etc/ntp.conf:
server 0.us.pool.ntp.org
server 1.us.pool.ntp.org
server 2.us.pool.ntp.org
server 3.us.pool.ntp.org

Postfix

  • edit /etc/aliases, make root point to your user name, then run
sudo newaliases
  • create ~/.forward and enter your real email address there.
  • edit /etc/postfix/main.cf, update the following lines to look like this:
relayhost = smtp.mydomain.com:587
inet_interfaces = localhost
  • Restart the daemon and test with
mail -s test root

(Ctrl-D to finish the message).

Retrieved from "https://wiki.scott5.org/index.php?title=How_to_set_up_Ubuntu_Server&oldid=635"