Ubuntu OS installation, commands and configuration Snips.
Ubuntu 22.04 Install
Ubuntu 20.04 Install
network:
version: 2
ethernets:
ens192:
addresses:
- "192.168.1.100/24"
- "192.168.1.101/24"
nameservers:
addresses:
- 1.1.1.1
- 1.0.0.1
search:
- mydomain.com
routes:
- to: "default"
via: "192.168.1.1"
(Above shows how to use multiple IPs)
apt install snmpd
Edit /etc/snmp/snmpd.conf
syslocation 123 Main St, City, State, Zip [28.3771904, -81.5733203]
sysContact NOC <[email protected]>
sysServices 72
master agentx
agentaddress udp:161
view all included .1 80
rocommunity yourcommunity 10.20.30.40/32
rocommunity yourcommunity 192.168.0.0/24
Note: syslocation section in brackets is [longitude, latitude]. Replace "yourcommunity" and allowed IP/Subnet
If Using LibreNMS run the below commands to enable Linux Distro detection:
curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro
echo "extend distro /usr/bin/distro" >> /etc/snmp/snmpd.conf
systemctl restart snmpd
Common commands for Ubuntu Firewall management
Everything assumes you are root or "sudo -i" or you need to use sudo before commands.
FIRST: I like to disable IPv6 Rules, so "nano /etc/default/ufw" and change IPV6= from yes to no"
If ufw was previously configured and want to set it to defaults use:
ufw disable
ufw default deny incoming
ufw default allow outgoing
ufw enable
Don't Enable UFW if you are are connected remotely until you've added a rule to allow your IP or to the port using commands below. Then "ufw enable"
Commands for allowing traffic:
### Allow all traffic from IP/Subnet*
ufw allow from 123.123.123.0/24
ufw allow from 213.213.213.123
### Allow from IP to IP
ufw allow from 123.123.123.123 to 23.23.23.23
### Allow specific ports from everywhere:
ufw allow 123/tcp
### Or port range
ufw allow 123:321/tcp
### Allow specific ports from specific IP or Subnet (Use tcp, udp or leave out for both:
ufw allow from 123.123.123.0/24 to any port 123/udp
ufw allow from 123.123.123.123 to any port 123
## OR
ufw allow from 123.123.123.0/24 to any proto tcp port 123
### Allow in to spcific specific interfaces
ufw allow in on eth0 to any port 123
### Deny specific IP or subnet
ufw deny from 123.123.123.123
ufw deny from 123.123.123.0/24
ufw deny proto tcp from 123.123.123.123 to any port 123,321 (blocks ports 123 & 321)
### Deny outbound to port
ufw deny out 123
### Delete Rules: Show numbers for each rule, then delete the rule by its number.
ufw status numbered
ufw delete 2
(deleted rule 2)
## OR Delete by rule:
ufw delete allow 123
### Diable and reset Firewall
ufw disable
ufw reset
Reference: https://www.howtogeek.com/437958/how-to-use-the-chmod-command-on-linux/
Commands to update Ubuntu Network settings via command line when Netplan is in use.
Check you're replacing the name of the adapter and IP addresses if copying these commands.
Set IP Address:
netplan set "network.ethernets.eth0.addresses=[1.1.1.1/24]"
#USE COMMAS FOR MULTIPLE IPS
Above command will add the IP, but not replace the existing IP. To delete the existing addresses before adding use:
netplan set "network.ethernets.eth0.address=null"
#OR WIPE OUT WHOLE CONFIG - DELETES THE .yaml file
netplan set "network.ethernets.eth0=null"
Commands for starting from scratch with name servers and route/gateway:
#Wipe Config:
netplan set "network.ethernets.eth0=null"
#Rebuild Config:
netplan set "network.ethernets.eth0.addresses=[1.2.3.4/24]"
netplan set "network.ethernets.eth0.nameservers.addresses=[1.1.1.1, 1.0.0.1]"
netplan set "network.ethernets.eth0.gateway4=1.2.3.1"
The "gateway4" option has been deprecated in exchange for "routes". You will get a warning when applying this config. I searched for an hour and tried every combination I could and did not find a command line example of adding the default route"
You can ignore this for now and maybe they'll update the command line options. Or, you can manually edit the YAML file (which defeats the purpose of using the command line and change gateway4 to the following:
network:
version: 2
ethernets:
ens192:
addresses:
- "1.2.3.4/24"
nameservers:
addresses:
- 1.1.1.1
- 1.0.0.1
routes:
- to: default
via: 1.2.3.1
Overall, Netplan sucks and needs a better command line!
resolvectl flush-caches
Intall Webmin on Ubuntu 22.04:
curl -o setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh
sh setup-repos.sh
apt update
apt install webmin -y
Browse to https://{SERVERIP}:10000 and log in as a user in sudo group.
Set Timezone:
timedatectl set-timezone America/Denver
Set NTP Server(s):
nano /etc/systemd/timesyncd.conf
[Time]
NTP=time.cloudflare.com
FallbackNTP=pool.ntp.org
Restart Service and Check Status:
systemctl restart systemd-timesyncd
timedatectl timesync-status
adduser adminuser
#Enter password
usermod -aG sudo adminuser