This is a setup script to automate the setup and provisioning of Ubuntu servers. It does the following:
- Adds or updates a user account with sudo access
- Adds a public ssh key for the new user account
- Disables password authentication to the server
- Deny root login to the server
- Setup Uncomplicated Firewall (allow 22, port 80 and 443)
- Setup Fail2Ban (default config)
- Setup the timezone for the server (Default to "Europe/Rome")
- Install Network Time Protocol
SSH into your server and install git if it is not installed:
sudo apt-get update
sudo apt-get install gitClone this repository into your home directory:
cd ~
git clone https://github.com/jasonheecs/ubuntu-server-setup.gitRun the setup script
cd ubuntu-server-setup
bash setup.shWhen the setup script is run, you will be prompted to enter the username of the new user account.
Following that, you will then be prompted to add a public ssh key (which should be from your local machine) for the new account. To generate an ssh key from your local machine:
ssh-keygen -t ed25519 -a 200 -C "user@server" -f ~/.ssh/user_server_ed25519
cat ~/.ssh/user_server_ed25519.pubFinally, you will be prompted to specify a timezone for the server.
- Install nginx (tutorial)[https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-20-04]
- Configuring Fail2Ban to Monitor Nginx Logs tutorial
- Change SSH port (from 22 to another) and edit ufw port
- Secure Nginx with Let's Encrypt: tutorial
- Create SSH key and add it to github secrets, to use it in github actions: tutorial
This setup script has been tested against Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04 and Ubuntu 22.04.
Tests are run against a set of Vagrant VMs. To run the tests, run the following in the project's directory:
./tests/tests.sh