Skip to main content

Basiskonfiguration Ubuntu vServer

aktualisiert am 09.12.25

Passwort und SSH

apt update
apt upgrade
passwd
vim /etc/ssh/sshd_config #rauten weg bei permitrootlogin prohibit-password, strictmode yes und pubkeyaut yes

Docker

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

alternativ über apt:

# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Fail2Ban

apt install fail2ban
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
vim /etc/fail2ban/jail.local
systemctl start fail2ban.service
systemctl enable fail2ban.service

Portainer

#FIREWALL VORHER KONFIGURIEREN, SODASS KEIN ANDERER AUF DIE PORTAINER WEB-UI KOMMT
#--> Port 9443 nur von meiner pub-ip erreichbar machen

docker volume create portainer_data

docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:lts

No Comments
Back to top