This page is more for my benefit, but I thought I’d share the steps I use when I configure a fresh Ubuntu server. This post assumes you’re familiar with command-line stuff or are proficient with Google and/or Stack Overflow.
- I opt for a minimal install and then manually add what I need. When the time comes, I install only OpenSSH and Standard System Utilities.
- Once I get logged in, I generate the locale and configure the time zone because installing everything else seems to go more smoothly.
locale-gen en_US en_US.UTF-8 # Or as appropriate
- Time to configure the DNS servers with Cloudflare, OpenDNS and Google DNS . I’ll edit
/etc/systemd/resolved.conf(Ubuntu 19.04) so it’s at the top of the resolve list and it’ll stick between reboots.
- Next, I update apt and start installing what I need, typically starting with nano (because I can never remember the commands for vi,) some command line utilities, and LAMP server (Apache, MySQL, and PHP/Perl/Python)
sudo apt update
sudo apt install nano update-notifier-common build-essential dnsutils
sudo apt install lamp-server^ # The caret is important
sudo apt install certbot# For Let's Encrypt certificates (follow instructions @ certbot.eff.org)
sudo a2enmod rewrite ssl
From here, I’ll start mucking with mail servers. This step is a work in progress as I’m still figuring it out. [3 Dec 2017]
sendmail mailutils spamassassin pyzor razor opendkim postfix-policyd-spf-python dovecot-imapd
These guides have helped setting up mail filtering and signing, as well as using the existing Lets Encrypt certificates for securing transmission.