Linux Server Initialization Checklist

sed -i 's/http:/https:/g' /etc/apt/sources.list
apt update && apt upgrade -y
apt install -y curl wget git screen htop zsh sudo rsync nano nload

mkdir -p ~/.ssh
nano ~/.ssh/authorized_keys

sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
systemctl restart sshd

sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
nano ~/.zshrc
source ~/.zshrc

curl -fsSL https://get.docker.com | sh

apt-get install -y unattended-upgrades apt-listchanges
dpkg-reconfigure unattended-upgrades

apt install -y zram-tools
echo -e "ALGO=zstd\nPERCENT=60" | tee -a /etc/default/zramswap
service zramswap reload

# Check if BBR is enabled
sysctl net.ipv4.tcp_congestion_control

echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p

apt install -y chrony
nano /etc/chrony/sources.d/corps.sources

# Add the following time servers:
pool time.apple.com iburst
pool time.google.com iburst
pool time.cloudflare.com iburst nts

chronyc reload sources

apt install -y systemd-resolved
systemctl enable --now systemd-resolved
nano /etc/systemd/resolved.conf

# TODO: Use sed to configure Cloudflare DNS and fallback DNS
DNS=1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
FallbackDNS=8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
DNSOverTLS=yes
MulticastDNS=no
LLMNR=no

systemctl restart systemd-resolved