Trace:

Differences

This shows you the differences between two versions of the page.


tech:linux:setup_new_box [2023/02/12 12:30] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== Setting up a new Linux box ======
 +This page goes through the various settings that take place to setup a new Ubuntu box. In this case I was setting Ubuntu 12.04 Precise Pangolin.
 +
 +===== Install Configuration / Steps =====
 +  * Hardware details
 +    * AMD 3 core CPU
 +    * 2 x 500 GB Hard disk
 +    * 1 DVD R/W
 +    * 16 GB RAM
 +  * Software install configuration
 +    * RAID 1 array with the two disks
 +    * Allocated 20 GB for SWAP and 480 GB for /
 +    * Include LAMP, Samba, Mail (Postfix) as default services to be installed
 +    * Configure server as "Internet Site"
 +
 +===== System Configuration =====
 +  * Update system by running "aptitude"
 +    * Completed Security Upgrades
 +    * Complete Package Upgrades
 +    * Reboot
 +  * Network configuration
 +    * Update settings on router to designate IP address for server MAC address (ensure same IP allocation)
 +      * Optionally do this for other devices on the network too
 +    * Update Port forwarding on router to server for HTTP, HTTPS, SSH and SMTP
 +    * Update info with DNS registry (such as godaddy) with WAN IP for A & MX records
 +  * Install svn (using aptitude)
 +  * Put [[tech:svn:using_subversion_to_version_control_etc|/etc on version control]]
 +  * Update /etc/skel with [[etc_skel|this]] set
 +  * Creating new users
 +    * Update /etc/default/useradd as required.  E.g. change SHELL to SHELL=/bin/bash
 +    * Create additional [[commands_to_add_users_and_groups#adding_user_-_ubuntu|users]] as required
 +    * Remember to delete the .svn directory inside the users home directory (of the new user).  Because we have /etc on subversion, this would have inadvertently bought in the .svn directory into the home folder.  We do not want that incorrect svn directory sitting there!
 +  * Install the [[most_common_packages|most common packages]] that will the required
 +
 +===== DNS Server Configuration =====
 +Currently ''ubv48'' is setup as DNS server using ''dnsmasq''.\\
 +Update ''/etc/resolv.conf'' file as below:
 +<code>
 +nameserver 192.168.1.48
 +nameserver 192.168.1.49
 +nameserver 192.168.1.1
 +nameserver 8.8.8.8
 +options timeout:1
 +options attempts:1
 +</code>
 +
 +Update ''/etc/network/interfaces'' file as below:
 +<code>
 +iface enp0s3 inet static
 +        address 192.168.1.47
 +        netmask 255.255.255.0
 +        network 192.168.1.0
 +        gateway 192.168.1.1
 +        broadcast 192.168.1.255
 +        dns-nameservers 192.168.1.48
 +        dns-nameservers 192.168.1.1
 +        dns-nameservers 8.8.8.8
 +</code>
 +===== apt related =====
 +  * [[tech:linux:apt_upgrades|Automatic apt upgrades]]
 +  * [[tech:linux:apt_update_resource_overload|APT update resource overload]]
 +
 +===== More items =====
 +  * Kernel
 +    * To avoid kernel update do this 
 +      * Debian: <code bash>aptitude hold linux-image-amd64</code>
 +      * Ubuntu: <code bash>aptitude hold linux-image-generic</code>
 +    * Reason: VirtualBox GA will need to be reinstalled every time kernel is updated
 +  * Mail
 +    * Setup postfix
 +    * Setup alias such that local mail gets forwarded (/etc/aliases)
 +  * SSH
 +    * Generate SSH private and public keys
 +  * Tuning
 +    * Change swapiness and other parameters based on server needs - [[tech:linux:sysctl_config|sysctl.conf]]
 +  * Others
 +    * Optionally ask server to reboot automatically on [[tech1:linux:kernel_panic|kernel panic]]
 +    * [[tech1:linux:others:i2c_piix4|Disable module i2c_piix4]] on Virtual Machines
 +    * Install NRPE to be monitored
 +      * nagios-nrpe-server nagios-plugins
 +    * Install x11-utils x11-xserver-utils
 +  * Packages to install 
 +    * If Physical Machine
 +      * cpp dkms gcc make heirloom-mailx mysql-common nmap postfix smartmontools sysstat unzip telnetd
 +    * If VM
 +      * cpp gcc make heirloom-mailx mysql-common nmap postfix sysstat unzip telnetd
 +
 +===== Other Items configuration =====
 +  * Remove cloud-init <code>aptitude purge cloud-init</code>
 +  * Remove snapd <code>apt autoremove --purge snapd</code>
 +  * [[apache_configuration|Apache Configuration]]
 +  * [[etc_skel#sudo_without_password|Setup to sudo without password]]
 +  * [[tech:linux:mail_server_setup|Mail Server Configuration]]
 +  * [[tech:linux:mysql:backups|MySQL Backups]]
 +  * [[tech:linux:others:ntp_update|Reset System Clock with NTP Update]]
 +  * [[tech:linux:others:pflogsumm_mail_report|Setup mail reporting using pflogsumm]]
 +  * [[tech:linux:others:notify_reboot_req|Notify if the system requires a reboot]]
 +  * [[tech:others:mounting_usb_drive_in_ubuntu&#permanently_mount_the_usb_drive|Mounting a USB drive permanently for Backups]]
 +  * Install telnetd - To be used in case SSH server is down.  Remember to change password immediately if doing a remote connection.
 +  * [[tech:linux:php_ini|Update php.ini]] configuration file to improve on default limits
 +  * Stop/Purge Ubuntu error reporting daemon <code>aptitude -y purge whoopsie</code>
 +  * [[apt_update_resource_overload|Disable APT update resource overload]]
 +  * Nagios
 +    * If only setting this up for being monitored install nagios-nrpe-server nagios-plugins
  

QR Code
QR Code tech:linux:setup_new_box (generated for current page)