Notes tagged with "Vps"

Install Caddy on Ubuntu VPS

Setting Caddy Up on Ubuntu

  1. First we need to install caddy on the server:
    ```

    sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl

    curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg

    curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list

    sudo chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg

    sudo chmod o+r /etc/apt/sources.list.d/caddy-stable.list

    sudo apt update
    sudo apt install caddy

    ```

1. Next, let's reconfigure caddy:

    Change /etc/caddy/Caddyfile to read:

    ```json
    {
            log {
                    output file /var/log/caddy/caddy_log.txt
                    level DEBUG
            }
    }
    import sites-enabled/*

    ```

1. Make sure we have a 404 error page:
    
    the Caddyfile should look something like this:
    ```json
    ```
    {
            log {
                    output file /var/log/caddy/caddy_log.txt
                    level DEBUG
            }
           
    }
    
    :443 {
    
            handle_errors {
                header Content-Type text/html
                respond <<HTML
                        <html>
                            <head><title>Oops</title></head>
                            <body>
                                <h5>whoa, we have a problem partner...</h5>
                            </body>
                        </html>
                    HTML 200
            }
    
    }
    import sites-enabled/*
    ```
    ```


1. make sure we have have these directories and that they are owned 
   by the caddy user:

    * /var/log/caddy
    * /etc/caddy/sites-enabled
    * /etc/caddy/sites-disabled

1. restart caddy:

    ```bash
    ... sudo systemctl restart caddy.service
    ```


1. create a new static site file so we can test the setup:


    ```json
    [site-url]  {
            root * /var/www/site_dir
            file_server
    }
    ```
    ```

1. make sure ports 80 and 443 is open on the firewall:


    ```bash
    ... sudo ufw allow http 
    ... sudo ufw allow https 

    ```

server ubuntu vps caddy
Ubuntu VPS Security

Optimizing Ubuntu Server

Services and programs you can likely kill:

This was taken from this site

  1. BASICS

    Killing these didn’t impact the system at all when I tested:

    ... sudo apt remove snapd -y --purge
... sudo apt remove lxcfs -y --purge
... sudo apt remove policykit-1 -y --purge
... 
... sudo apt remove lvm2 -y --purge
... sudo apt remove at -y --purge
... sudo apt remove mdadm -y --purge
... sudo apt remove open-iscsi -y --purge
... sudo apt remove accountsservice -y --purge

  2. EXTREME

    server ubuntu vps
Ubuntu VPS Setup

New Ubuntu VPS Set Up

We’ve assuming we’ve created the initial droplet and that we are able to ssh as root into the box. Next steps are as follows:

Add Admin User Account

  1. SSH into the droplet as root:

    Run these commands on the server

    
# create your admin user
... adduser usrnme
# set up ssh key
# this was the old way:
#   ... mkdir /home/usrnme/.ssh
#   ... chmod 700 /home/usrnme/.ssh
#   ... cp /root/.ssh/authorized_keys /home/usrnme/.ssh
#   ... chown -R usrnme:usrnme /home/usrnme/.ssh/authorized_keys
#   ... chmod 600 /home/usrnme/.ssh/authorized_keys
# this is shorter and :
... rsync --archive --chown=usrnme:usrnme ~/.ssh /home/usrnme
# add user to sudo
... usermod -aG sudo usrnme

  2. Install Neovim

    server ubuntu vps