Skip to content

Instantly share code, notes, and snippets.

@alkavan

alkavan/rocky-linux-10_common-server-setup.md

Last active February 17, 2026 08:12
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save alkavan/ce9dc89ee4a9b9f0fcc25388e417c3c6 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save alkavan/ce9dc89ee4a9b9f0fcc25388e417c3c6 to your computer and use it in GitHub Desktop.
Download ZIP
Rocky Linux 10 | Common Server Setup
Raw
rocky-linux-10_common-server-setup.md

Rocky Linux 10 | Common Server Installation

Initial System Setup

Update system:

dnf update -y

Set your timezone and confirm (UTC is standard for any server):

timedatectl set-timezone UTC && date

Set the machine hostname:

hostnamectl set-hostname my.domain

Enable EPEL Repository

dnf install -y epel-release

Install nano text editor, tmux terminal multiplexer, htop monitor:

dnf install -y nano tmux htop

Reboot system, login back to server:

reboot

Local Firewall

In case want to use a firewall on the machine an not external access control like AWS Security Groups or other services.

Install firewalld service:

dnf install firewalld

Check firewall status (should print not running in red):

firewall-cmd --state

Start the firewall service:

systemctl start firewalld.service
firewall-cmd --state

Check the current state of firewall (ssh should be enabled):

firewall-cmd --get-active-zones
firewall-cmd --list-all

Remove cockpit service (if enabled, and that is what you want):

firewall-cmd --zone=public --remove-service=cockpit --permanent
firewall-cmd --reload

Swap Space

There are some good resons not to enable swap space on production machines.
However, this gist assumes either you're using this for a small website,
or you know excactly what you're doing.

Check if server has swap, if it does, you can skip this step:

swapon -s

Check how much memory the machine has, and how much disk space:

free -m && df -h

Create swap file on disk, and confirm size and permissions:

dd if=/dev/zero of=/swapfile count=2048 bs=1MiB
chmod 600 /swapfile
ls -lh /swapfile

Enable generate and enable swap space:

mkswap /swapfile
swapon /swapfile
swapon -s

If you want to make swap permanent, edit the filesystem configuration:

nano /etc/fstab

Then add the following line at the bottom:

/swapfile   swap    swap    sw  0   0

Swap Optimization

Rocky Linux defaults to a swappiness setting of 30, which is a fair middle ground for most desktops and local servers. For a VPS system, we'd probably want to move it closer to 0:

sysctl vm.swappiness=10

Cache Pressure

This option controls the tendency of the kernel to reclaim the memory which is used for caching of directory and inode objects. At the default value of vfs_cache_pressure=100 the kernel will attempt to reclaim dentries and inodes at a "fair" rate with respect to pagecache and swapcache reclaim.

Constantly reading and refreshing this information is generally very costly, so storing it on the cache for longer is excellent for your system's performance.

Check your current system settings:

cat /proc/sys/vm/vfs_cache_pressure

To make cache inode information from the cache more slowly. setting this to 50 might me good middle ground for a cloud server:

sysctl vm.vfs_cache_pressure=50

Persistent Cache Settings

This setting will persist until the next reboot. To make the setting persist between reboots, we can add the outputted lines to our sysctl configuration file:

nano /etc/sysctl.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment