Add server setup basics

2024-03-13 09:09:02 +00:00 · 2024-03-13 09:09:02 +00:00 · 40e5024402
commit 40e5024402
3 changed files with 54 additions and 0 deletions
--- a/basic_serverblock.txt
+++ b/basic_serverblock.txt
@ -0,0 +1,15 @@
+
+
+server {
+        listen 80;
+        listen [::]:80;
+
+        root /var/www/your_domain/html;
+        index index.html index.htm index.nginx-debian.html;
+
+        server_name your_domain www.your_domain;
+
+        location / {
+                try_files $uri $uri/ =404;
+        }
+}
--- a/setup_basic_nginx.sh
+++ b/setup_basic_nginx.sh
@ -0,0 +1,16 @@
+apt install nginx
+
+ufw allow 'Nginx HTTP'
+
+mkdir -p /var/www/your_domain/html
+chown -R $USER:$USER /var/www/your_domain/html
+chmod -R 755 /var/www/your_domain
+
+echo "Hello world" | /var/www/your_domain/html/index.html
+
+cp basic_serverblock.txt /etc/nginx/sites-available/your_domain
+
+ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/
+
+# sudo nano /etc/nginx/nginx.conf
+server_names_hash_bucket_size 64;
--- a/setup_machine.sh
+++ b/setup_machine.sh
@ -0,0 +1,23 @@
+export MY_USER="my_user"
+
+# Create non-root user
+adduser $MY_USER
+usermod -aG sudo $MY_USER
+
+# Set up firewall
+ufw allow OpenSSH
+ufw enable
+
+# Disable ssh password login
+# sudo nano /etc/ssh/sshd_config
+# PermitRootLogin no
+# PasswordAuthentication no
+# ChallengeResponseAuthentication no
+# UsePAM no
+# sudo systemctl restart ssh
+
+# Enable ssh login
+rsync --archive --chown=$MY_USER:$MY_USER ~/.ssh /home/$MY_USER
+
+# Fail2ban for SSH
+apt install fail2ban