Initial development server setup for Ubuntu 18.04

When I start a new project, I carry out the same basic steps. In most cases it starts with a server install of Ubuntu. Here are the main snippets of what I carry out on a fresh install of Ubuntu 18.04 Server:

First commands after installing, and logged in to the server as the user account:

sudo apt update
sudo apt upgrade
sudo apt install curl emacs-nox nginx git ufw fail2ban
mkdir ~/bin #for future use
ip addr

The ip addr command gets an IP address, e.g. 192.168.2.26, so we can replace with the ip address in the code below with what it returns.

My minimal emacs config file (in ~/.emacs.d/init.el) is as follows [1]:

(defvar autosave-backup-directory "~/.emacs.d/autosave-backup/")
(setq backup-directory-alist
	`((".*" . ,autosave-backup-directory)))
(setq auto-save-file-name-transforms
	`((".*" ,autosave-backup-directory t)))
(setq-default tab-width 2)
(global-visual-line-mode 1)
(setq inhibit-startup-screen t)

[1] Source on github

Changes in /etc/ssh/sshd_config:

# What ports, IPs and protocols we listen for
Port 2922
...
PermitRootLogin no

Uncomplicated Firewall: ufw

sudo ufw app list
sudo ufw allow OpenSSH
sudo ufw allow "Nginx Full"
sudo ufw enable
sudo ufw status

Prepare /var/www folder for future applications:

sudo usermod -aG www-data $USER
sudo chgrp -R www-data /var/www
sudo chmod -R 775 /var/www
sudo chmod g+s /var/www

The rest of the setup happens on the local workstation (in my case it’s either Mac or Linux).

Add the server IP address and hostname to /etc/hosts on my local workstation:

sudo -- sh -c "echo '192.168.2.26 perseus' >> /etc/hosts"

Make ssh a little quicker with .ssh/config addition:

Host perseus
  Hostname perseus
  User steve
  Port 2922

Add ssh key-based authentication:

## If you don't have an ssh keypair already, run keygen first, otherwise just run ssh-copy-id
ssh-keygen -b 4096
ssh-copy-id perseus

Bash alias for sshfs on the workstation (.bash_profile on MacOS, .bashrc on Ubuntu workstations):

mkdir -p ~/perseus/www ~/perseus/home
echo "alias map-perseus='sshfs perseus:/var/www ~/perseus/www && sshfs perseus:/home/steve ~/perseus/home'" >> ~/.bash_profile

Verify nginx is accessible from the workstation using curl:

curl http://perseus/

At this point the server is installed with its basic packages and configuration and I can edit files from my workstation. From here I can install an application’s stack-specific packages on the server.

Feel free to get in touch with your suggestions. I look to improve and refine this. Or let me know if you adopt what I have or made use of it in some way.

(Edited from a previous version on 2019-01-14)


Leave a Comment

Permitted HTML tags in your comment: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>