Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision | ||
opennic:setup:webmindind [2020-03-15T13:29:41Z] – fouroh-llc | opennic:setup:webmindind [2020-03-17T21:17:50Z] – fouroh-llc | ||
---|---|---|---|
Line 7: | Line 7: | ||
* Both IP4 and IP6 must be configured, Reverse DNS hostnames recommended. Port 53 for both TCP and UDP must be open (also TCP 22, 10000 for ssh and Webmin). | * Both IP4 and IP6 must be configured, Reverse DNS hostnames recommended. Port 53 for both TCP and UDP must be open (also TCP 22, 10000 for ssh and Webmin). | ||
- | Start from a recent Debian release, ssh into the VPS and make sure locale | + | The following describes the required state of the VPS - before installing DNS. You may use other than Linode for this but be advised that most provider like GCE, AWS, DigitalOcean |
+ | Here we start from a recent Debian release by Linode. At the time of writing that is Debian 9, and we recommend you install the smallest " | ||
+ | * Do not use ssh keys for now, install with a strong root password. | ||
+ | * Buy the backup for this Linode, and use the snapshot before each Debian upgrade. | ||
+ | * Review the values in the " | ||
+ | |||
+ | This is not a tutorial on mitigating attacks against your instance, and secure configuration is not going to alter the requirements: | ||
+ | < | ||
+ | apt-get -y update | ||
+ | apt-get -y install nano apt-transport-https tzdata dnsutils | ||
+ | apt-get -y install locales | ||
+ | locale-gen " | ||
+ | dpkg-reconfigure tzdata | ||
+ | apt-get install firewalld | ||
+ | |||
+ | firewall-cmd --add-service=https --permanent | ||
+ | firewall-cmd --add-port=22/ | ||
+ | firewall-cmd --add-port=10000-10100/ | ||
+ | firewall-cmd --add-port=53/ | ||
+ | firewall-cmd --add-port=53/ | ||
+ | firewall-cmd | ||
+ | firewall-cmd --reload | ||
+ | </ | ||
+ | |||
+ | At this point it is a good idea to reboot, to make sure you are still able to ssh into the instance. Then install webmin. | ||
+ | < | ||
+ | echo 'deb https:// | ||
+ | wget http:// | ||
+ | apt-key add jcameron-key.asc | ||
+ | apt-get update | ||
+ | apt-get -y install webmin | ||
+ | </ | ||
+ | |||
+ | This is a good time to take your first snapshot. Access your instance from the browser, by the IP4 address, at the default port 10000. I would recommend to continue all other installation and configuration from Webmin, for several reasons. | ||
+ | * If something breaks lets allow Webmin to break it, that was the fix is going to benefit everyone | ||
+ | * If something is not fully functional make a note of it NOW - document your own progress | ||
+ | * If something is not available make a note of it NOW - and ask to be implemented | ||
+ | |||
+ | ==== Anchoring the Host ==== | ||