From ba7b3dd348698a9c64bc10cbc2f20811c71c92ae Mon Sep 17 00:00:00 2001 From: goynov Date: Mon, 30 Jun 2025 23:04:00 +0300 Subject: [PATCH] update server manual --- .docs/server-installation.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.docs/server-installation.md b/.docs/server-installation.md index fe4cf0f..8051504 100644 --- a/.docs/server-installation.md +++ b/.docs/server-installation.md @@ -56,11 +56,11 @@ or ## Tools to install 1. Let's Encrypt CertBot, for certificates issuing and renewal. The certificate is installed using the following command: `certbot certonly -d your.server.name`. Use `--nginx` or `--apache` in order to have automatic renewal -1. ffmpeg - for converting video and audio content +1. ffmpeg - for converting video and audio content `sudo apt install ffmpeg` 1. OpenSSH Server - to be able to access the server remotely 1. UFW - Firewall, configure to allow access only on 443, 80, and 22 (if possible, only for specific hosts) 1. rsync - for backup -1. fail2ban - to protect from SSH attacks +1. fail2ban - to protect from SSH attacks: `sudo apt install fail2ban` 1. postfix - in order to get CRON jobs notifications 1. mailutils - CRON jobs mail notifications 1. In order to enable web server monitoring you can install and run: @@ -116,8 +116,9 @@ Restart the service: > sudo apt update > sudo apt install -y certbot > sudo apt install -y python3-certbot-nginx -> certbot certonly --nginx -d pronature-disk.bg73.net -> certbot certonly --nginx -d pronature-v1.bg73.net +> sudo certbot certonly --nginx -d pronature-disk.bg73.net +> sudo certbot certonly --nginx -d pronature-v1.bg73.net +> sudo certbot certonly --nginx -d pronature-v2.bg73.net ## NGINX rev proxy server config ### Install NGINX @@ -173,6 +174,10 @@ server { } ``` +### To create a passwd file: +> sudo apt install apache2-utils +> sudo htpasswd -c /etc/nginx/.htpasswd username + ## Firewall, enable services SSH Access: