Skip to main content

Things to do with your Ubuntu Containers Image fresh install

·3 mins

I’m using ROCK64 at home. ROCK64 is very similar with Raspberry PI 3 with more RAM. Because I want to learn docker, I decide to use my ROCK64 machine as my docker server. I’m using an image created by ayufan. You can download the image in here. I’m using Ubuntu 18.04 Bionic Containers Image (DockerCE & Kubernetes). You need SDcard reader and I recommeded using an application Etcher to burn it.

1. Secure your admin account
#

Your default admin account is rock64. It is not a good idea if you want to publish your server to internet with default admin account. So we will rename our administrator account using step below.

First we need to enable root by using below command:

sudo passwd root

Insert your root password. Next, we need to allow root in SSH by changing some settings using below command:

sudo vim /etc/ssh/sshd_config

If you dont see the following line, just add it into the last line:

PermitRootLogin yes

Restart your SSH service using below command:

service sshd restart

Then close all SSH session and re-login using root. Use below command to change your account name and group:

usermod -l <newname> -d /home/<newname> -m <oldname>
groupmod -n <newgroup> <oldgroup>

Next, try to login using new account and change your password:

sudo passwd <newname>

Do not forget to lock your root account using command:

sudo passwd -l root

Change SSH settings back to:

PermitRootLogin no

2. Set your time zone
#

Use below command to change your time zone:

sudo dpkg-reconfigure tzdata

Follow the instruction on your screen.

3. Change computer name
#

Modify both file below and change your computer name:

sudo vim /etc/hostname
sudo vim /etc/hosts

The changes require reboot, so use below command to reboot:

sudo reboot

4. Install firewall
#

To simplify firewall installation we will install Uncomplicated Firewall or UFW. Try below command to check if you already have the application or not

sudo ufw status

If you dont have the application, install it using below command:

sudo apt-get install ufw

Next, we need to allow SSH to our machine using below command:

sudo ufw allow ssh

or you can use below command to allow SSH port (22):

sudo ufw allow 22/tcp

Once you set the firewall rule, you can enable UFW using below command:

sudo ufw enable

There will be a confirmation before you enable firewall.

Command may disrupt existing ssh connections. Proceed with operation (y|n)?

Press “y” and then enter to apply the changes.

You need to allow the port in firewall for every service with external port you create in Docker.

5. Register Dynamic DNS + Port forward
#

I’m using cheap internet connection at home and the IP address is changing from time to time. So I need Dynamic DNS to make sure I can contact my server. I try to use No-IP before but it require 30 days re-activation confirmation. I recommend to use FreeDNS services. The problem with FreeDNS, it is not integrate with my router. The easiest solution is to make task scheduler using crontab in my Ubuntu server.

First we need to create an account in FreeDNS then create sub domain. After that click on Dynamic DNS section and you can see there is a link with words like quick cron excample. Open the link and follow the instruction to create crontab in your server.

Once the DNS pointing to my router IP address, I just need to forward my SSH port in my Router. The settings are different on each router. I recommend to use a different port on the internet so anyone need to guess your port in order to use your SSH service.

I’m using Termius to access my server from my android device.

Henry Thomas
Author
Henry Thomas
Just a guy with a pen and a dream