Ubuntu Server Setup

assuming you got it up and running already, eventually through PXE

Quick post-install

Check what exact version you got installed

lsb_release -a

Get a lease to proceed remotely

ip addr
dhclient -v NETIF
apt update
apt install openssh-server

and eventually continue through ssh

Better networking

See Better Networking for Ubuntu

GRUB & kernel arguments

cp -pi /etc/default/grub /etc/default/grub.dist
vi /etc/default/grub

#GRUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=3
GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX="netcfg/do_not_use_netplan=true net.ifnames=0 biosdevname=0 mitigations=0"
#ipv6.disable=1
#i915.enable_psr=0 

update-grub
grep netplan /boot/grub/grub.cfg

Eventually validate that networking get correctly setup at boot time by rebooting the box

reboot

Editor

apt install nvi elvis-tiny
apt purge vim vim-common vim-runtime vim-tiny
apt install xxd
update-alternatives --config vi
update-alternatives --config editor

Packages

Clean-up the configuration file

    mv -i /etc/apt/sources.list /etc/apt/sources.list.dist
    grep -vE '^#|^$' /etc/apt/sources.list.dist > /etc/apt/sources.list
vi /etc/apt/sources.list

and check that the repositories point to the nearest mirror

deb http://ru.archive.ubuntu.com/ubuntu/ bionic main restricted universe
deb http://ru.archive.ubuntu.com/ubuntu/ bionic-updates main restricted universe
#multiverse
#bionic-backports
deb http://security.ubuntu.com/ubuntu bionic-security main restricted universe

Alternatively, you can build your own configuration with some helper

And in case you have an HTTP PROXY on your network for that purpose

nmap -p 3142 x.x.x.x
vi /etc/apt/apt.conf.d/02proxy

Acquire::http { Proxy "http://x.x.x.x:3142"; };

apt update

Update

Check for major release uprgade

do-release-upgrade

Proceed with patches

cat /etc/apt/apt.conf.d/02proxy
apt update
apt full-upgrade

and see Ubuntu Server Operations for further maintenance

Additional packages

Install a few more packages for full-fledged systems (non-containers)

export DEBIAN_FRONTEND=noninteractive
apt install \
    ethtool \
    hwinfo \
    openssh-client \
    openssh-server \
    screen \
    sudo

    #ifupdown \
    #ifupdown2 \
    #xfsprogs \
    #xfsdump \

and even more for any kind of system incl. containers that you wanna troubleshoot

export DEBIAN_FRONTEND=noninteractive
apt install \
    apt-utils \
    apt-transport-https \
    bzip2 \
    curl \
    dnsutils \
    dos2unix \
    git \
    htop \
    iputils-ping \
    iotop \
    ksh \
    less \
    lftp \
    lsb-release \
    lynx \
    man-db \
    mc \
    mlocate \
    net-tools \
    netcat \
    nmap \
    pwgen \
    software-properties-common \
    sysstat \
    telnet \
    unzip \
    vim-tiny \
    wget \
    whois

    #elvis-tiny \
    #vim-nox \
    #inetutils-ping \

Environment

Choose your side, comrad (make it a true server)

systemctl get-default
systemctl set-default multi-user.target

Time Setup

Either setup outbound email

apt install \
postfix bsd-mailx rsyslog
#pmailq mailutils

or just disable the shit (that’s a friendly word, don’t take it badly)

systemctl status postfix
systemctl stop postfix
systemctl disable postfix

Tweak your environment

Setup GNU/Screen

Fixing locales

warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)

==> quick fix

locale-gen en_US.UTF-8
update-locale LANG=en_US.UTF-8
#dpkg-reconfigure locales

==> full fix, check the current setting,

locale

(re-)generate the locale

apt install language-pack-en-base
locale-gen en_US.UTF-8
update-locale en_US.UTF-8
dpkg-reconfigure locales
cat /etc/default/locale
locale

LANGUAGE and LC_ALL are still missing. Add those the brutal way,

cat >> /etc/bash.bashrc <<EOF
export LANGUAGE="en_US.UTF-8"
export LC_ALL="en_US.UTF-8"
EOF
source /etc/bash.bashrc

Old-school init scripts

at startup

systemctl status rc-local
vi /etc/rc.local

#!/bin/bash
#nothing here yet

chmod +x /etc/rc.local

at shutdown

cat > /lib/systemd/system/rc-local-shutdown.service <<-EOF
[Unit]
Description=/etc/rc.local_shutdown Compatibility
ConditionFileIsExecutable=/etc/rc.local_shutdown
DefaultDependencies=no
After=rc-local.service basic.target
Before=shutdown.target

[Service]
ExecStop=/etc/rc.local_shutdown
StandardInput=tty
RemainAfterExit=yes

[Install]
WantedBy=shutdown.target
EOF

vi /etc/rc.local_shutdown

#!/bin/bash
#nothing here yet

chmod +x /etc/rc.local_shutdown
systemctl daemon-reload 
systemctl enable rc-local-shutdown.service

Do not clear the screen

tested on Bionic

On a bare-metal system, prevent the system from clearing the screen after boot (equivalent of getty --noclear)

#systemctl edit getty@tty1
ls -lF /etc/systemd/system/getty.target.wants/
vi /lib/systemd/system/getty@.service

[Service]
TTYVTDisallocate=no

systemctl daemon-reload

Revert to the default set of packages

draft/untested

Revert to default installed pkgs,

dpkg --get-selections >output
dpkg --set-selections <output
apt-get dselect-upgrade

Super-duper sysprep

We do not need the hostname to change dynamically

#systemctl stop systemd-hostnamed.service
#systemctl disable systemd-hostnamed.service

…and countless daemons to disable

Resources

how can I remove the clear screen before login https://askubuntu.com/questions/58097/how-can-i-remove-the-clear-screen-before-login

Prevent the console from clearing the screen? https://serverfault.com/questions/255969/prevent-the-console-from-clearing-the-screen

Configure Locales in Ubuntu https://www.thomas-krenn.com/en/wiki/Configure_Locales_in_Ubuntu

old-school init scripts

How can I execute command on startup (rc.local alternative) on Ubuntu 16.10 https://askubuntu.com/questions/886620/how-can-i-execute-command-on-startup-rc-local-alternative-on-ubuntu-16-10

(dead link) https://askubuntu.com/questions/952300/how-can-i-execute-command-on-shutdown-rc-local-alternative-on-ubuntu


NETHENCE | PUB | LAB