If you frequently setup new VPSes or re-initialize them, you may find yourself typing the same commands over and over. There are various technologies to alleviate these hassles and get your environment consistently setup every time without all the manual work.

Big Boy Solutions

If you’re managing many systems, you may wish to invest in Ansible or some other configuration management tool such as Puppet, Chef, or Salt. If your provider supports it, you could consider using cloud-init, which allows you to declare configurations using a YAML syntax.

A Low End Solution

Since I’m generally using lowend providers whose environments do not support fancy cloud tools, I generally use the following method to setup new hosts.

After logging in as root, I do the following:

apt-get -y install git
git clone https://github.com/raindog308/setup.git
cd setup
./setup_debian10.sh <hostname>

This repository is a private repo on github, so it’s available anywhere.

The Setup Script

This is an example of a setup script I use.

#!/bin/bash

HOSTNAME_FQDN=${1}

if [ -z "${HOSTNAME_FQDN}" ] ; then
  echo "ERROR: HOSTNAME_FQDN not set!"
  echo "Aborting."
  exit 1
fi

Takes the hostname as a first argument, since there’s no way for the script to know what we want to call the box. So, as an example, I’d execute this as

  ./setup_debian10.sh deb10.lowend.party

Continuing with the script:

echo "updating sshd config"
sed -i 's/^Port/^#Port/' /etc/ssh/sshd_config
echo "Port 5555" >> /etc/ssh/sshd_config
sed -i 's/^PermitRootLogin/#PermitRootLogin/' /etc/ssh/sshd_config
echo "PermitRootLogin prohibit-password" >> /etc/ssh/sshd_config
sed -i 's/^UseDNS/#UseDNS/' /etc/ssh/sshd_config
echo "UseDNS no" >> /etc/ssh/sshd_config
systemctl restart ssh

I precede each section with an echo command stating what it’s doing to make troubleshooting easier (otherwise many commands execute silently).

These commands setup sshd, specifically:

• change the port
• disable root password logins
• disable UseDNS

Note that for each configuration change there are two commands:

1. a sed in-place edit command that comments out any existing config for that directive. So for example, any line that begins with Port is commented out
2. an echo statement that appends the sshd directive to the sshd_config file. (It does not matter what order directives appear in).

echo "updating /etc/profile"
echo "set -o vi" >> /etc/profile
echo "alias ll='ls -al'" >> /etc/profile

These are some “creature comforts” I put in /etc/profile. You could also put them in individual user .bash_profiles.

echo "generating locales"
locale-gen --purge en_US.UTF-8

This sets my preferred locale.

echo "setting timezone"
timedatectl set-timezone America/Los_Angeles

This sets my preferred timezone.

echo "apt-get update"
apt-get update 
print "apt-get upgrade"
apt-get -y upgrade

This updates apt and applies all upgrades.

echo "apt-get faves"
apt-get -y install unzip dnsutils nmap

These are tools I find useful to have on all systems. You may have a different list.

echo "setting hostname"
echo $HOSTNAME_FQDN > /etc/hostname
hostname -F /etc/hostname

Here we set the hostname, both in the config file and for the running system.

echo "configuring root .ssh"
if [ ! -d /root/.ssh ] ; then
  mkdir /root/.ssh
fi
if [ ! -d /root/.ssh ] ; then
  echo "ERROR: could not mkdir /root/.ssh"
  echo "Aborting."
exit 1
fi
chown root:root /root/.ssh
chmod 700 /root/.ssh
echo 'ssh-rsa SSH-KEY-TEXT-HERE' > /root/.ssh/authorized_keys
chown root:root /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys

These commands ensure that root’s .ssh is setup properly and installs my ssh key.

Further Improvements

• This is a sample of how to do a quick and dirty system setup that only takes a couple commands. Some other things you might consider doing:
• adding users (e.g., “useradd -m -s /bin/bash raindog308”). If you want to set passwords, read this article.
• setting root’s password
• git cloning setup files for nginx and other web components, then using sed (or perl) to tweak the setups for what you’re doing
• setting up mail (e.g., postfix), including configuring aliases and running newaliases
• setting up additional scripts to setup different kinds of servers, so you can call the main, universal setup and then call other scripts as needed

• Author
• Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308

Latest posts by raindog308 (see all)

• One Week From Tomorrow…THE WORLD WILL LOSE THEIR MINDS!Lines Are Already Forming! - November 21, 2024
• Crunchbits Discontinuing Popular Annual Plans – The Community Mourns! - November 20, 2024
• RackNerd’s Black Friday 2024: Bigger, Better, and Now in Dublin! - November 19, 2024