Skip to content

SayantanRC/myserver

BranchesTags

Repository files navigation

My Raspberry Pi 4 server

Setting SSH with key

On local machine:

ssh-keygen -t rsa -b 2048 -C "my raspberry pi server" -f ~/.ssh/myserver

Press enter when asked to enter passphrase. Keep it blank.

Add the following to your local machine's ~/.ssh/config file

Host myserver
  User p1c.ash.e3
  Hostname p1cashe3
  UpdateHostKeys yes
  IdentityFile ~/.ssh/myserver

Copy it to the server

ssh-copy-id -i ~/.ssh/myserver.pub p1c.ash.e3@p1cashe3

Enter password when prompted.
Now login using SSH to server. Now we don't need to specify full username and hostname. It is already specified in ~/.ssh/config

ssh myserver

Disable password login and root login through SSH

On server:

sudo vim /etc/ssh/sshd_config

Change some of the lines as below:

PermitRootLogin no
PasswordAuthentication no

Restart SSH service:

sudo systemctl restart ssh

Protect root access

On server

  1. Update sudeors 
    sudo visudo -f /etc/sudoers.d/p1cashe3
    Enter the following 
    Defaults        insults

p1c.ash.e3    ALL = PASSWD: /usr/bin/su
  2. Comment out other files. 
    sudo mv /etc/sudoers.d/010_pi-nopasswd /etc/sudoers.d/.010_pi-nopasswd # raspberry pi os
sudo mv /etc/sudoers.d/90-cloud-init-users /etc/sudoers.d/.90-cloud-init-users # ubuntu server
  3. Set a strong root password and a strong user password. Use the passwd command.
  4. Restart sudo with sudo -k.

Increase swap size

https://pimylifeup.com/raspberry-pi-swap-file/

Show memory usage in docker stats

https://stackoverflow.com/a/77278502/10967630

Limit memory / CPU for a single docker container

https://stackoverflow.com/questions/42345235/how-to-specify-memory-cpu-limit-in-docker-compose-version-3

Limit total docker usage memory / CPU

https://unix.stackexchange.com/questions/537645/how-to-limit-docker-total-resources

Setting tunnelling with Tailscale and duckdns

  1. Sign up for a tailscale account at https://login.tailscale.com/start
  2. Follow onscreen prompts to download and install tailscale on the server
  3. Sign up for duckdns at https://www.duckdns.org
  4. Create a subdomain
  5. Go to "install" tab at top and click on "pi". Follow the instructions to create the duck.sh file.
  6. Now edit the file as below 
      IP=`tailscale ip | head -n 1`
  echo url="https://www.duckdns.org/update?domains=YOUR_DOMAIN&token=YOUR_TOKENb&ip=$IP" | curl -k -o ~/duckdns/duck.log -K -
  7. Run the script. Now you should be able to reach the server using the YOUR_DOMAIN.duckdns.org (as long as the other device is also on the same tailscale network.)

Change DNS

https://www.cyberciti.biz/faq/howto-linux-bsd-unix-set-dns-nameserver

Resources:
https://www.digitalocean.com/community/tutorials/how-to-edit-the-sudoers-file
nextcloud/previewgenerator#233

Good youtube videos:
https://www.youtube.com/watch?v=fKuqYQdqRIs
Dynamic DNS (DDNS) for Free: Remote Access to Home Server

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages