2.1 KiB


Setup files for my VPS

Steps to setup

Setup VM

  • login as root
  • disable ssh for root
  • add user: adduser <username>
  • move and chown ssh keys from root to the new user
  • add user to sudo: sudo usermod -aG sudo <username>
  • setup firewall to allow/disallow ports
  • logout and login as the new user

Install docker

$ curl -fsSL | sudo apt-key add -
$ sudo add-apt-repository "deb [arch=amd64] $(lsb_release -cs) stable"
$ sudo apt-get update
$ sudo apt-get install -y docker-ce docker-compose
$ sudo gpasswd -a $USER docker

Install fail2ban

$ sudo apt-get install geoip-bin geoip-database fail2ban

Setup space

  • copy/clone this repo to ~/space
  • setup SSL certificates (optional)
$ wget
$ chmod a+x ./certbot-auto
$ sudo ./certbot-auto certonly --server --manual --preferred-challenges dns -d *
$ sudo cp /etc/letsencrypt/live/* ~/space/certs/
$ sudo chown -R $USER:$USER ~/space/certs/
  • stop and disable resolvd
$ sudo service systemd-resolved stop
$ sudo systemctl disable systemd-resolved.service
  • edit /etc/resolv.conf to set the nameserver to
  • edit ~/space/space.service to set environment variables
    • set passwords to random values if new setup
    • set passwords to the previous values if a copy setup
    • set PH_SERVER_IP to the static IP of the server
  • setup the service and start
$ sudo cp ~/space/space.service /etc/systemd/system/
$ sudo systemctl enable space
$ sudo systemctl start space
  • edit /etc/resolv.conf to set the nameserver to
  • setup and start fail2ban
$ sudo cp fail2ban/iptables-pihole-geoip-fence.conf /etc/fail2ban/action.d/iptables-pihole-geoip-fence.conf
$ sudo cp fail2ban/pihole-geoip.conf /etc/fail2ban/filter.d/pihole-geoip.conf
$ sudo cp fail2ban/jail.local /etc/fail2ban/jail.local
$ sudo service fail2ban start