Network
Configure Network through Netplan
cat /etc/netplan/50-cloud-init.yaml
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
ethernets:
ens18:
addresses:
- 192.168.13.44/24
gateway4: 192.168.13.1
nameservers:
addresses:
- 14.139.5.5
- 4.2.2.2
sudo netplan try
sudo netplan apply Code language: Lisp (lisp)Hostname
Change the Hostname through hostnamectl
Ensure that the changed hostname is preserved during system reboots
sudo hostnamectl set-hostname SERVERNAME
sudo nano /etc/cloud/cloud.cfg
# This will cause the set+update hostname module to not operate (if true)
preserve_hostname: trueCode language: Bash (bash)Time zone and Date Time Synchronization
sudo hostnamectl set-hostname SERVERNAME
sudo timedatectl set-timezone Asia/Kolkata
sudo nano /etc/systemd/timesyncd.conf
GNU nano 2.9.3 /etc/systemd/timesyncd.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See timesyncd.conf(5) for details.
[Time]
NTP=192.168.185.666 # update with real IP in use
FallbackNTP=ntp.ubuntu.com
sudo service systemd-timesyncd restart
sudo service systemd-timesyncd status
sudo timedatectl
Local time: Mon 2020-03-23 10:53:09 IST
Universal time: Mon 2020-03-23 05:23:09 UTC
RTC time: Mon 2020-03-23 05:23:10
Time zone: Asia/Kolkata (IST, +0530)
System clock synchronized: yes
systemd-timesyncd.service active: yes
RTC in local TZ: noCode language: PHP (php)SSH
ssh-keygen -b 4096Cockpit
# sudo apt install cockpit cockpit-packagekit cockpit-networkmanager cockpit-system cockpit-storaged
# sudo systemctl start cockpit
# sudo systemctl enable --now cockpit.socket
sudo systemctl status cockpit
Code language: PHP (php)Firewall Rules
sudo ufw status
sudo ufw enable
sudo ufw status numbered
sudo ufw show added
sudo ufw allow 22 comment 'SSH'
sudo ufw allow 80 comment 'WEB'
sudo ufw allow 443 comment 'WEB SSL'
sudo ufw allow 53 comment 'DNS'
sudo ufw allow 123/udp comment 'NTP TimeSync'
sudo ufw deny 123/tcp comment 'Trojan 123'
# Restrict Cockpit Access to Trusted IP only
sudo ufw delete allow 9090
sudo ufw allow proto tcp from 192.168.13.56 to any port 9090 comment 'Cockpit'
# OPTIONAL SERIES
sudo ufw allow 1194/udp comment 'OpenVPN'
sudo ufw allow 3306 comment 'MariaDB'
sudo ufw allow 5432 comment 'PostGres'
sudo ufw allow 143 comment 'IMAP'
sudo ufw allow 993 comment 'IMAP SSL'
sudo ufw allow 995 comment 'POP3 SSL'
sudo ufw allow 110 comment 'POP3 unEncrypt'
sudo ufw allow 25 comment 'SMTPD unEncrypt'
sudo ufw allow 587 comment 'SMTPD TLS'
sudo ufw allow 465 comment 'SMTPD SSL'
sudo ufw delete allow 25
sudo ufw reload
sudo ufw show added
sudo ufw status numbered
sudo ufw show listening
Code language: PHP (php)Install Some Utilities
sudo apt install tree tmux htop vim curl libcurl4 wget apt-transport-https ca-certificates
sudo apt install nmap whois inetutils-traceroute net-tools
sudo apt install cpu-checker
