LowEndSetup: Initializing and Reinitializing Your VPS

If you frequently setup new VPSes or re-initialize them, you may find yourself typing the same commands over and over. There are various technologies to alleviate these hassles and get your environment consistently setup every time without all the manual work.
Big Boy Solutions
If you’re managing many systems, you may wish to invest in Ansible or some other configuration management tool such as Puppet, Chef, or Salt. If your provider supports it, you could consider using cloud-init, which allows you to declare configurations using a YAML syntax.
A Low End Solution
Since I’m generally using lowend providers whose environments do not support fancy cloud tools, I generally use the following method to setup new hosts.
After logging in as root, I do the following:
apt-get -y install git
git clone https://github.com/raindog308/setup.git
cd setup
./setup_debian10.sh <hostname>
This repository is a private repo on github, so it’s available anywhere.
The Setup Script
This is an example of a setup script I use.

#!/bin/bash

HOSTNAME_FQDN=${1}

if [ -z "${HOSTNAME_FQDN}" ] ; then
echo "ERROR: HOSTNAME_FQDN not set!"
echo "Aborting."
exit 1
fi
Takes the hostname as a first argument, since there’s no way for the script to know what we want to call the box. So, as an example, I’d execute this as
./setup_debian10.sh deb10.lowend.party
Continuing with the script:
echo "updating sshd config"
sed -i 's/^Port/^#Port/' /etc/ssh/sshd_config
echo "Port 5555" >> /etc/ssh/sshd_config
sed -i 's/^PermitRootLogin/#PermitRootLogin/' /etc/ssh/sshd_config
echo "PermitRootLogin prohibit-password" >> /etc/ssh/sshd_config
sed -i 's/^UseDNS/#UseDNS/' /etc/ssh/sshd_config
echo "UseDNS no" >> /etc/ssh/sshd_config
systemctl restart ssh
I precede each section with an echo command stating what it’s doing to make troubleshooting easier (otherwise many commands execute silently).
These commands setup sshd, specifically:

change the port
disable root password logins
disable UseDNS

Note that for each configuration change there are two commands:

a sed in-place edit command that comments out any existing config for that directive. So for example, any line that begins with Port is commented out
an echo statement that appends the sshd directive to the sshd_config file. (It does not matter what order directives appear in).

echo "updating /etc/profile"
echo "set -o vi" >> /etc/profile
echo "alias ll='ls -al'" >> /etc/profile
These are some “creature comforts” I put in /etc/profile. You could also put them in individual user .bash_profiles.
echo "generating locales"
locale-gen --purge en_US.UTF-8
This sets my preferred locale.
echo "setting timezone"
timedatectl set-timezone America/Los_Angeles
This sets my preferred timezone.
echo "apt-get update"
apt-get update
print "apt-get upgrade"
apt-get -y upgrade
This updates apt and applies all upgrades.
echo "apt-get faves"
apt-get -y install unzip dnsutils nmap
These are tools I find useful to have on all systems. You may have a different list.
echo "setting hostname"
echo $HOSTNAME_FQDN > /etc/hostname
hostname -F /etc/hostname
Here we set the hostname, both in the config file and for the running system.
echo "configuring root .ssh"
if [ ! -d /root/.ssh ] ; then
mkdir /root/.ssh
fi
if [ ! -d /root/.ssh ] ; then
echo "ERROR: could not mkdir /root/.ssh"
echo "Aborting."
exit 1
fi
chown root:root /root/.ssh
chmod 700 /root/.ssh
echo 'ssh-rsa SSH-KEY-TEXT-HERE' > /root/.ssh/authorized_keys
chown root:root /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
These commands ensure that root’s .ssh is setup properly and installs my ssh key.
Further Improvements

This is a sample of how to do a quick and dirty system setup that only takes a couple commands. Some other things you might consider doing:
adding users (e.g., “useradd -m -s /bin/bash raindog308”). If you want to set passwords, read this article .
setting root’s password
git cloning setup files for nginx and other web components, then using sed (or perl) to tweak the setups for what you’re doing
setting up mail (e.g., postfix), including configuring aliases and running newaliases
setting up additional scripts to setup different kinds of servers, so you can call the main, universal setup and then call other scripts as needed

 
The post LowEndSetup: Initializing and Reinitializing Your VPS appeared first on LowEndBox .

Top News