Skip to content

Instantly share code, notes, and snippets.

@supairish

supairish/rails_install.md

Forked from ruanltbg/LAMP.md
Created June 1, 2013 01:22
Show Gist options
  • Save supairish/5688951 to your computer and use it in GitHub Desktop.
Save supairish/5688951 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
rails_install.md

Add necessary libs

$ su
$ apt-get install autoconf automake autotools-dev build-essential bison bzip2 curl git libreadline5 libsqlite3-0 sqlite3 libsqlite3-dev libxml2-dev libmysqlclient-dev libreadline5-dev libruby openssl libssl-dev zlib1g zlib1g-dev zlibc vim libv8-dev nodejs

Add rvm

$ \curl -L https://get.rvm.io | bash -s stable --ruby

Add rvm initializer in .bashrc

$ echo '[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm" # Load RVM function' >> ~/.bashrc || source ~/.bashrc

In case of error of ssh on cloning gems

$ rvm remove 1.9.3 (or whatever version of ruby you are using)
$ rvm pkg install openssl
$ rvm install 1.9.3 --with-openssl-dir=$rvm_path/usr

In case of error of the ruby racer / Google V8 / Nodejs

$ apt-get install python g++ make
$ mkdir ~/nodejs && cd $_
$ wget -N http://nodejs.org/dist/node-latest.tar.gz
$ tar xzvf node-latest.tar.gz && cd `ls -rd node-v*`
$ ./configure
$ make install
Raw
server.md

Content

  • Initial Server Setup
  • Install Fail2ban
  • Setup firewall
  • Install mysql

Initial Server Setup

1 - login in the server

$ ssh root@ip

2 - change root password

$ passwd

3 - create new user

$ /usr/sbin/adduser user_name

4 - give the user root privileges

$ visudo

#set the new user

user_name ALL=(ALL:ALL) ALL

5 - install gvim

$ apt-get install vim-gnome

6 - configure ssh

$ vim /etc/ssh/sshd_config

Port xxxx

Protocol 2

PermitRootLogin no

#add it at the bottom

UseDNS no

AllowUsers user_name #replace user_name with your username

Now reload the ssh

$ reload ssh

Install Fail2Ban

$ sudo apt-get install fail2ban
$ sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
$ sudo vi /etc/fail2ban/jail.local

[ssh]

enabled = true

port = xxxx # port setted in sshd_config

filter = sshd

logpath = /var/log/auth.log

maxretry = 6

restart fail2ban

$ sudo service fail2ban restart

Setup firewall

# Prevent killing ourself
$ sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# open ssh and web trafic port - xxxx is the port setted in sshd_config
$ sudo iptables -A INPUT -p tcp --dport xxxx -j ACCEPT
$ sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
# block all remaning trafic
$ sudo iptables -A INPUT -j DROP
# add loopback inteface (in first position)
$ sudo iptables -I INPUT 1 -i lo -j ACCEPT

Saving and restoring IP tables.

$ sudo apt-get install iptables-persistent
# yes for ipv4 and ipv6
# start iptables persistent
$ sudo service iptables-persistent start

nginx

unicorn

extra

Htop

Htop is a process viewer

$ sudo apt-get install htop
Raw
server_commands.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment