Tag: Linux
-
Installing OpenRGB On Debian
I’m in the process of building a new gaming machine for my son and he wants all the RGB. I’ve not really played with RGB very much. I have an RGB keyboard and one set of lights in my machine (which I got to impress the kids). Even this fairly limited experience, however, has shown…
-
How to Work with AppImages Under Debian
There was a time, not that long ago, when you had fairly limited choices for installing software on your Debian machine. Either you installed it from the official repositories, you crossed your fingers that the project had their own .deb package, or you installed it from source. Recently we’ve seen a veritable explosion of choice…
-
A Simple Backup Script
I recently installed a new server. It doesn’t do much but I want to make sure it backed up anyway. While I explore better options for backups I decided to write a little script to grab the data from the machine and bundle it all up in some sort of compressed archive. I’ll then download…
-
Installing WordPress on Docker Behind an Nginx Reverse Proxy
That title is quite the mouthful but it has to be as this particular set up has a couple of gotchas in it. I assume that you have Docker installed and that the firewall is correctly configured as detailed in this earlier guide. I can’t stress enough, you have to have proved that the firewall…
-
Setting up an Nginx Reverse Proxy with Certbot Under Docker
I’m assuming you have the containers you want to reverse proxy to already set up and running correctly. Initial Setup Create a directory and file structure like the one shown below. The certbot directory is shared between nginx and certbot. It’s where certbot creates the certificate files and where nginx reads them from. You will…
-
Installing Docker on Debian with nftables
I’m going to assume you have a working and secured Debian install, I’ll be starting from where this article ended. The big issue that we’ll face with setup is getting Docker to work with nftables. Actually, I’m not even going to try and get them to work together I’m just going to configure nftables myself.…
-
How to Configure SSH
Coming into this article I’m expecting you to have a a machine with SSH access authenticated using passwords. Disable Root Login Via SSH To disable root login you’ll need to open the SSH config file and make a small change. Shelled into the machine open the SSH config file: Scroll down until you find a…
-
Installing and Configuring Fail2Ban
Fail2Ban is a service that scans log files for event such as failed login attempts and then updates firewall rules to ban connections from that address. This doesn’t solve problems with weak authentication but it does greatly slow down the rate of attacks. Fail2Ban is a must have if you run an accessible SSH server.…
-
Installing and Configuring nftables on Debian
Introduction Firewalling in Linux is, by necessity, a complex topic. There’s just no easy way around the problem, the firewall has a lot of moving parts and requires a lot of configuration options. To complicate matters further the Linux ecosystem is undergoing something of a change. The older iptables system is being replaced with nftables…
-
Configuring Sudo
Sudo is almost perfectly configured out of the box but the one thing I find a little irritating is the short default timeout for the session. I’m not against having a timeout but I’m the only person that has physical access to my machine and if some has gained remote access and has set up…
-
Monitor what is Happening With Sudo
Just a very quick note to show how you can monitor what is happening with the sudo command by running: If you run this command without the sudo prefix you will only get a list of your own sudo commands. Any attempt to use sudo by a user that doesn’t have sudo privileges will be…
-
Setting up a New Debian Server
I recently got a new server and I realized I don’t have a comprehansive guide for setting a machine up from scratch. This guide is particularly useful for setting up something like a VPS where you only have SSH access, it assumes you have installed a bare bones headless version of Debian and have root…