Skip to content

Instantly share code, notes, and snippets.

@jcarter62

jcarter62/gist:998ee21f1ae296f970c0e8973f6c1ebc

Last active February 21, 2020 19:59
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save jcarter62/998ee21f1ae296f970c0e8973f6c1ebc to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save jcarter62/998ee21f1ae296f970c0e8973f6c1ebc to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. [email protected] revised this gist Feb 21, 2020. 1 changed file with 75 additions and 32 deletions.
    107 changes: 75 additions & 32 deletions gistfile1.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,66 +1,98 @@
    #Ubuntu Server Setup

    Things to do:

    Update Available Package Lists:
    # sudo apt-get update
    [ ] Update Available Package Lists:

    `# sudo apt-get update`

    Upgrade installed packages:<br>
    `# sudo apt-get upgrade`

    Other Tasks:<br>
    `# sudo apt-get autoremove`

    Discover Packages: [https://packages.ubuntu.com][https://packages.ubuntu.com]

    Add user to system:

    `sudo adduser <name>`

    ##Give sudo access to a user:
    [Link to reference](https://phpraxis.wordpress.com/2016/09/27/enable-sudo-without-password-in-ubuntudebian/)

    Upgrade installed packages:
    # sudo apt-get upgrade
    Other Tasks:
    # sudo apt-get autoremove
    /etc/sudoers.d contains a file for each account allowed. You will create a file
    in the folder /etc/sudoers.d, named the same as your new user.

    Discover Packages: <a href="https://packages.ubuntu.com">https://packages.ubuntu.com</a>
    Example, user named `joe`
    ```
    # sudo -i
    # adduser joe
    # cd /etc/sudoers.d
    # touch joe
    # vi joe
    ```
    Add the following to this file `joe`

    Add User: sudo adduser <name>
    Giving sudo access to user:
    /etc/sudoers.d contains a file for each account allowd.
    copy existing /etc/sudoers.d//vagrant to <name> and change existing name to <name>
    Do not just copy /etc/sudoers to /etc/sudoers.d/<name>, as this will break sudo.
    `joe ALL=(ALL) NOPASSWD:ALL`

    Notice that the first word is the same as the user name. Login as this new user, then
    execute `sudo -i`. You should not see the password prompt.

    # SSH Keypairs
    On any system:
    Generate key pairs
    # ssh-keygen

    `# ssh-keygen`

    Save to file, which will create a private and public key, key pair. For example if you save the pair to a file such as ~/.ssh/linuxclass

    On the remote system. Login as the non-admin user such as <student>

    Install public key
    ```
    # cd ~
    # mkdir .ssh
    # touch .ssh/authorized_keys
    # vi .ssh/authorized_keys
    ```
    paste the linuxclass.pub into the authorized_keys as one line, then save the file.

    ```
    # chmod 700 .ssh
    # chmod 644 .ssh/authorized_keys
    ```

    On local system:
    # ssh -p 2222 <student>@localhost -i ~/.ssh/linuxclass

    Disable password logins:
    # sudo vi /etc/ssh/sshd_config
    `# ssh -p 2222 <student>@localhost -i ~/.ssh/linuxclass`

    ### Disable password logins:

    `# sudo vi /etc/ssh/sshd_config`

    Find the line similar to:
    PasswordAuthentication yes

    `PasswordAuthentication yes`

    -- change it to --
    PasswordAuthentication no

    Change sudo for a user, so they don't need a password:
    reference: https://phpraxis.wordpress.com/2016/09/27/enable-sudo-without-password-in-ubuntudebian/
    edit /etc/sudoers.d/<name>
    change line for this user to:
    user ALL=(ALL) NOPASSWD:ALL
    `PasswordAuthentication no`

    ***
    ---
    Deploy Flask app to Apache:
    https://www.bogotobogo.com/python/Flask/Python_Flask_HelloWorld_App_with_Apache_WSGI_Ubuntu14.php
    ***

    Edit /etc/apache2/envvars
    Add line:
    export APP_DIR=/home/..../path2app/

    Edit the file:

    `/etc/apache2/envvars`

    Add line:

    `export APP_DIR=/home/..../path2app/`

    Apache Config information: https://stackoverflow.com/a/49807673
    `
    [Apache Config information: ](https://stackoverflow.com/a/49807673)
    ```
    <VirtualHost *:80>
    ServerName MY_SERVER_NAME
    @@ -75,4 +107,15 @@ Apache Config information: https://stackoverflow.com/a/49807673
    WSGIApplicationGroup %{GLOBAL}
    </Directory>
    </VirtualHost>
    `
    ```

    <ul>
    <li>
    [Ubuntu Packages](https://packages.ubuntu.com])
    </li>
    <li>[Enable sudo without passwords](https://phpraxis.wordpress.com/2016/09/27/enable-sudo-without-password-in-ubuntudebian/)</li>
    </ul>




  2. jcarter62 revised this gist Feb 21, 2020. No changes.
  3. jcarter62 renamed this gist Feb 21, 2020. 1 changed file with 0 additions and 0 deletions.
    0 gistfile1.txt → gistfile1.md
    View file
    File renamed without changes.
  4. jcarter62 revised this gist Feb 21, 2020. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion gistfile1.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -8,7 +8,7 @@ Upgrade installed packages:
    Other Tasks:
    # sudo apt-get autoremove

    Discover Packages: https://packages.ubuntu.com
    Discover Packages: <a href="https://packages.ubuntu.com">https://packages.ubuntu.com</a>

    Add User: sudo adduser <name>
    Giving sudo access to user:
  5. jcarter62 created this gist Feb 21, 2020.
    78 changes: 78 additions & 0 deletions gistfile1.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,78 @@
    Things to do:

    Update Available Package Lists:
    # sudo apt-get update

    Upgrade installed packages:
    # sudo apt-get upgrade
    Other Tasks:
    # sudo apt-get autoremove

    Discover Packages: https://packages.ubuntu.com

    Add User: sudo adduser <name>
    Giving sudo access to user:
    /etc/sudoers.d contains a file for each account allowd.
    copy existing /etc/sudoers.d//vagrant to <name> and change existing name to <name>
    Do not just copy /etc/sudoers to /etc/sudoers.d/<name>, as this will break sudo.

    On any system:
    Generate key pairs
    # ssh-keygen
    Save to file, which will create a private and public key, key pair. For example if you save the pair to a file such as ~/.ssh/linuxclass

    On the remote system. Login as the non-admin user such as <student>
    Install public key
    # cd ~
    # mkdir .ssh
    # touch .ssh/authorized_keys
    # vi .ssh/authorized_keys
    paste the linuxclass.pub into the authorized_keys as one line, then save the file.
    # chmod 700 .ssh
    # chmod 644 .ssh/authorized_keys

    On local system:
    # ssh -p 2222 <student>@localhost -i ~/.ssh/linuxclass

    Disable password logins:
    # sudo vi /etc/ssh/sshd_config
    Find the line similar to:
    PasswordAuthentication yes
    -- change it to --
    PasswordAuthentication no

    Change sudo for a user, so they don't need a password:
    reference: https://phpraxis.wordpress.com/2016/09/27/enable-sudo-without-password-in-ubuntudebian/
    edit /etc/sudoers.d/<name>
    change line for this user to:
    user ALL=(ALL) NOPASSWD:ALL

    ***
    Deploy Flask app to Apache:
    https://www.bogotobogo.com/python/Flask/Python_Flask_HelloWorld_App_with_Apache_WSGI_Ubuntu14.php
    ***

    Edit /etc/apache2/envvars
    Add line:
    export APP_DIR=/home/..../path2app/




    Apache Config information: https://stackoverflow.com/a/49807673
    `
    <VirtualHost *:80>
    ServerName MY_SERVER_NAME

    WSGIDaemonProcess appname threads=5 home=${APP_DIR}
    WSGIScriptAlias / "${APP_DIR}your_app.wsgi"

    <Directory "${APP_DIR}">
    Options Indexes FollowSymLinks MultiViews ExecCGI
    AllowOverride None
    Require all granted
    WSGIProcessGroup appname
    WSGIApplicationGroup %{GLOBAL}
    </Directory>
    </VirtualHost>
    `