Skip to content

Ubuntu Server

Initial requirements

sudo add-apt-repository ppa:git-core/ppa && \
sudo apt update && \
sudo apt upgrade -y && \
sudo apt install -y git build-essential curl zsh bat \
eza jq micro fzf imagemagick samba apt-transport-https

Dotfiles and zsh

cloning dotfiles and starting zsh:

git clone https://github.com/nataliafonseca/dotfiles.git ~/.dot && \
echo ". ~/.dot/zsh/.zshenv" > ~/.zshenv && exec zsh

setting zsh as default:

chsh -s $(which zsh) # might require a reboot for terminal emulators to adjust

SSH configuration

creating keys:

ssh-keygen -t ed25519 # or retrieve id_ed25519 and id_ed25519.pub and place in $HOME/.ssh/
cat ~/.ssh/id_ed25519.pub # add to github if not there already

to get from 1password:

# needs to be authenticated! `op account add` + `eval $(op signin)` 
op read op://Personal/<1p_item_title>/private_key | tr -dc '[:alnum:]+/=\n -' > ~/.ssh/id_ed25519 && \
op read op://Personal/<1p_item_title>/public_key | tr -dc '[:alnum:]+/=\n -' > ~/.ssh/id_ed25519.pub

getting authorized_keys and fixing any permissions:

curl -o ~/.ssh/authorized_keys --create-dirs https://github.com/nataliafonseca.keys && \
(echo -n '* '; cat ~/.ssh/id_ed25519.pub) > ~/.ssh/allowed_signers && \
sudo chown -R $USER:$USER ~/.ssh && \
sudo chmod 700 ~/.ssh && \
sudo chmod 600 ~/.ssh/authorized_keys && \
sudo chmod 600 ~/.ssh/allowed_signers && \
sudo chmod 600 ~/.ssh/id_ed25519 && \
sudo chmod 644 ~/.ssh/id_ed25519.pub

adding key to agent:

eval "$(ssh-agent -s)"
ssh-add

enabling ssh server:

sudo sed -i '/^#\?PasswordAuthentication/c\PasswordAuthentication no' /etc/ssh/sshd_config && \
sudo systemctl restart sshd && \
systemctl enable --now sshd

Mounting external drives

find the partitions uuids:

lsblk -f

add at the end of /etc/fstab:

# Optional mounts that won't block boot if unavailable
UUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX   /hdd    ext4    nofail,user 0 0
UUID=XXXXXXXXXXXXXXXX   /data   ntfs-3g nofail,user,permissions 0 0

to mount immediately:

sudo systemctl daemon-reload && \
sudo mkdir -p /hdd /data && \
sudo chown $USER:$USER /hdd /data && \
sudo mount /hdd && \
sudo mount /data

SMB share

creating smb.conf from template:

sudo cp $DOTDIR/docs/templates/smb.conf /etc/samba/smb.conf

creating smb credentials:

sudo smbpasswd -a $USER

enabling the services and allowing if firewall ufw:

sudo systemctl enable --now smbd nmbd && \
sudo ufw allow samba # if this errors cause no ufw that's fine

configuring services to wait until internet is on:

sudo mkdir -p /etc/systemd/system/smbd.service.d && \
sudo mkdir -p /etc/systemd/system/nmbd.service.d && \
sudo cp $DOTDIR/docs/templates/smb-network-wait.conf /etc/systemd/system/smbd.service.d/network-wait.conf && \
sudo cp $DOTDIR/docs/templates/nmb-network-wait.conf /etc/systemd/system/nmbd.service.d/network-wait.conf && \
sudo systemctl daemon-reload

Installations

docker
curl -fsSL https://get.docker.com | bash && \
sudo usermod -aG docker $USER && \
newgrp docker &&
github cli
(type -p wget >/dev/null || (sudo apt update && sudo apt install wget -y)) \
 && sudo mkdir -p -m 755 /etc/apt/keyrings \
 && out=$(mktemp) && wget -nv -O$out https://cli.github.com/packages/githubcli-archive-keyring.gpg \
 && cat $out | sudo tee /etc/apt/keyrings/githubcli-archive-keyring.gpg > /dev/null \
 && sudo chmod go+r /etc/apt/keyrings/githubcli-archive-keyring.gpg \
 && sudo mkdir -p -m 755 /etc/apt/sources.list.d \
 && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
 && sudo apt update \
 && sudo apt install gh -y
1password cli
curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
  sudo gpg --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg && \
  echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/$(dpkg --print-architecture) stable main" | \
  sudo tee /etc/apt/sources.list.d/1password.list && \
  sudo mkdir -p /etc/debsig/policies/AC2D62742012EA22/ && \
  curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol | \
  sudo tee /etc/debsig/policies/AC2D62742012EA22/1password.pol && \
  sudo mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22 && \
  curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
  sudo gpg --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg && \
  sudo apt update && sudo apt install 1password-cli

node:

node pt. 1 - installing nvm
curl -o- "https://raw.githubusercontent.com/nvm-sh/nvm/$(curl -fsSL https://api.github.com/repos/nvm-sh/nvm/releases/latest | jq -r '.tag_name')/install.sh" | bash && \
export NVM_DIR="$HOME/.config/nvm" && \
reload # shell need to reload to see nvm and create symlinks if needed
node pt. 2 - installing node
nvm install 'lts/*' && \
nvm use 'lts/*' && \
nvm alias default 'lts/*' && \
corepack enable