The Debian logo on a grey background.
Table of Contents

Change network to static IP

  1. Edit the network/interface file, make sure to be root beforehand:

    nano /etc/network/interfaces

  2. Add the following lines (replace address, netmask and gateway with your own values):

    iface eth0 inet static
	  address 192.168.1.200
	  netmask 255.255.255.0
	  gateway 192.168.1.1

  3. Reboot the computer:

    systemctl reboot

SSH Pubkey

Goal

Use a private/public key pair to connect to another computer using SSH. We’ll also see how to disable the connection with a username/password.

  1. Generate the key pair on your local computer:

    ssh-keygen -t rsa -b 4096

  2. Copy the public key (the one ending with .pub) to the remote server. Preferably to the home directory of the user you want to use to connect.

  3. Add key to authorized keys:

    mkdir ~/.ssh
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
rm id_rsa.pub
chmod 700 ~/.ssh/
chmod 600 ~/.ssh/*

(Optional) Disable connection with username/password

  1. Modify the file /etc/ssh/sshd_config:

    nano /etc/ssh/sshd_config

  2. Set the following lines:

    PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

  3. Restart the SSH server:

    service ssh restart

Storage

Check disk space and usage

You can check how much space is available on each volume using:

 df -h

You can quickly get the size of a folder with:

 du -hs

You can explore a three view of a folder/disk using ncdu:

apt-get install ncdu
ncdu

Increase disk space

Goal

Increase the disk space of the server’s storage. Source: How to Resize a Live Filesystem on Linux

Warning

ONLY follow these steps if it’s the only partition on the disk. If there is a swap partition, you need to remove it first.

  1. Check list of disks:

    fdisk --l

  2. Find the disk you want to increase the size of (e.g: /dev/xvda) and enter:

    fdisk /dev/xvda

  3. Press p to list the partitions. Make sure there’s only one.

  4. If so, press d, the partition has been deleted.

  5. Press n to create a new partition.

  6. Follow what’s asked on screen. You probably want Partition type to be p, Partition number to be 1.

  7. Make sure to match the First sector from whatever it was before (typically 2048).

  8. Last sector is the highest possible by default, to take the entire disk space.

  9. It will find a ext4 signature, DO NOT REMOVE IT, so press n.

  10. Now press p again to list the partitions. Compare the listing with the one you did before you deleted the partition. Make sure the columns Boot, Start, Id, and Type are the same.

    • If Boot isn’t the same, press a.

  11. When absolutely sure, press w.

  12. Now extends the partition filesystem using:

    resize2fs /dev/xvda1

  13. Check your changes using:

    df -h

Mount new disk

Goal

Intialize and mount a brand new empty disk to the server. We’ll use the /data mount point and the ext4 filesystem.

  1. Check the connected disk using:

    fdisk -l

  2. Find the right one (e.g: /dev/xvdb) and do:

    cfdisk /dev/xvdb

    Select GPT, select new, select write, select quit

  3. Now the new partition should show up in fdisk:

    fdisk -l /dev/xvdb

  4. Find the partition (should be something like /dev/xvdb1).
    Initialize the filesystem:

    mkfs.ext4 /dev/xvdb1

  5. Find the new partition UUID with:

    blkid /dev/xvdb1

  6. Add the following line to the /etc/fstab (replace the UUID with the one you found at step 5 and path if necessary):

    UUID=a43c3374-7e1a-49a3-b7e8-877827ddb7ed /data ext4 rw 0 0

  7. Mount the disks using:

    mount -a

From there on, the disk will be mounted automatically at boot.

Setup SMTP server

Goal

Setup a SMTP server to send emails. Source: StackOverflow

  1. Change to your mail config directory:

    cd /etc/mail

  2. Make a auth subdirectory:

    mkdir auth
chmod 700 auth

  3. Create a file with your auth information to the smtp server:

    cd auth
nano client-info

  4. In the file, put the following, matching up to your smtp server:

    AuthInfo:your.isp.net "U:root" "I:user" "P:password"

  5. Generate the Authentication database, make both files readable only by root:

    makemap hash client-info < client-info
chmod 600 client-info
cd ..

  6. Add the following lines to sendmail.mc (ris:ErrorWarningthe first single quote for each string should be changed to a backtick):

    define(`SMART_HOST',`your.isp.net')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl

  7. Lastly, run:

    sudo sendmailconfig

Cloudflared

Goal

Setup a Cloudflared tunnel to access your server from the internet.

  1. Install the latest version of Cloudflared:

    wget -q https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
dpkg -i cloudflared-linux-amd64.deb
cd /root/.cloudflared

  2. Login to Cloudflared:

    cloudflared tunnel login

    This will open a web browser. Select the domain you want to add Argo to.

  3. Generate and download a Cloudflare certificate for the domain (see: Cloudflare Docs):

    mv cert.pem cert.pem.[domain name]
cloudflared tunnel  --origincert cert.pem.[domain name] create [tunnel name]
cloudflared tunnel --origincert cert.pem.[domain name] list
cloudflared tunnel --origincert cert.pem.[domain] route dns [tunnel name] [sub.domain]

  4. Create a configuration file for the tunnel:

    nano /etc/cloudflared/[domain].yml

    Paste the following content:

    tunnel: [domain name]
credentials-file: /root/.cloudflared/[json file that was create].json
logfile: /var/log/cloudflared.[domain name].log
 
ingress:
 
- hostname: [domain]
    originRequest:
    originServerName: [domain]
    service: https://localhost
 
- hostname: "*.[domain]"
    originRequest:
    originServerName: [domain]
    service: https://localhost
 
- service: http_status:404

  5. Enable and start the service:

    systemctl enable cloudflared@[domain name]
systemctl start cloudflared@[domain name]