jgrogan/recipes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add hosting fixes

Browse source
This commit is contained in:
jgrogan 2024-08-26 15:56:25 +01:00
parent 1a761fd17e
commit 2f446dc749
2 changed files with 10 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
doc/hosting_notes.md Normal file
View file

15
infra/scripts/setup_machine.sh
View file

@ -1,9 +1,5 @@
export MY_USER="my_user" export MY_USER="my_user"
# Create non-root user
adduser $MY_USER
usermod -aG sudo $MY_USER
# Set up firewall # Set up firewall
ufw allow OpenSSH ufw allow OpenSSH
ufw enable ufw enable
@ -14,10 +10,17 @@ ufw enable
# PasswordAuthentication no # PasswordAuthentication no
# ChallengeResponseAuthentication no # ChallengeResponseAuthentication no
# UsePAM no # UsePAM no
# sudo systemctl restart ssh
# Create non-root user
adduser $MY_USER
usermod -aG sudo $MY_USER
# Enable ssh login # Enable ssh login
rsync --archive --chown=$MY_USER:$MY_USER ~/.ssh /home/$MY_USER rsync --archive --chown=$MY_USER:$MY_USER ~/.ssh /home/$MY_USER/.ssh
# Fail2ban for SSH # Fail2ban for SSH
apt install fail2ban apt install fail2ban
# Restart ssh
sudo systemctl restart ssh