Bad quality debian docker server setup notes

Use Debian Firmware Non Free Netinstall

Use encrypted lvm

Sudo

su; apt install sudo; vim /etc/sudoers

Add user

Move to testing

In /etc/apt/source.list replace stable with testing > Full update

Install base

ssh vim vim-nox vim-python cmake htop tmux yadm python3-pip rsync antigen nmon ranger p7zip-full curl ndcu

Laptop as server

No sleep

In /etc/systemd/logind.conf

HandleLidSwitch=ignore

systemctl restart systemd-logind

Powertop

cat << EOF | sudo tee /etc/systemd/system/powertop.service
[Unit]
Description=PowerTOP auto tune

[Service]
Type=idle
Environment="TERM=dumb"
ExecStart=/usr/sbin/powertop --auto-tune

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable powertop.service

SSH

Client

ssh-keygen -t ed25519

Share id25519.pub

Server

Push public keys to ~/.ssh/authorized_keys
Edit /etc/ssh/sshd_config

systemctl reload ssh

Yadm

Dot files manager

yadm clone <repo>
pip3 install envtpl
yadm alt

For root

To support yadm in sudo commands

sudo yadm clone /home/<user>/.yadm/repo.git

Python

Remove freaking debian python2

apt autoremove python2
update-alternatives --install /usr/bin/python python /usr/bin/python3 1

Firewall

Install: ufw

DNS

Add local Name alias

Docker

Install: docket.io

systemctl start docker

Compose

Save in git

Simple WUI

https://www.portainer.io/

docker volume create portainer_data
docker run --name portainer -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer

Monitoring WUI

https://github.com/google/cadvisor

docker run --name cadvisor -d -p 8080:8080 -v /:/rootfs:ro -v /var/run:/var/run:ro -v /sys:/sys:ro -v /var/lib/docker/:/var/lib/docker:ro -v /dev/disk/:/dev/disk:ro google/cadvisor:latest

Monitoring WUI Graph

https://github.com/weaveworks/scope

Monitoring TUI

https://github.com/TomasTomecek/sen

docker run --name sen --rm -v /var/run/docker.sock:/run/docker.sock -ti -e TERM tomastomecek/sen

Extract image

pip install git+https://github.com/larsks/undocker/
docker save <image> | undocker -i -o <dir> <image>

Mariadb (MySQL)

Install: mariadb-server mycli

mysql_secure_install
sudo mysql -u root -p
USE mysql;
UPDATE user SET plugin='' WHERE User='root';
FLUSH PRIVILEGES;

Nginx

Install: nginx

PHP FPM

Install: php-fpm php-zip php-xml php-tidy php-mbstring php-ldap php-intl php-imap php-gd php-curl

APCU

Install: php-dev

pecl channel-update pecl.php.net
pecl install apcu

LDAP

Install: slapd ldap-utils