Live servers

These boxes are running at Vultr, Sydney datacentre for low latency

• /arkroyal - Debian 9

• /nadeko - Docker host (based on Centos 7.4)

• /i19 - Debian 8

These boxes are at Linode in Singapore, and need to be decommissioned

• /shimakaze - Debian 8.8

Provisioning a new VPS

Assuming I'm using Vultr right now.

1. Pick specs
   • Sydney location, $5 VPS, Debian 9 should be good

   • Enable IPv6 and Auto Backups

   • Tick all SSH keys

   • Generic firewall group

   • Pick a good hostname and a leave the label as matching it
2. Deploy Now

3. Once the installation gets far enough it'll have an IP address allocated. Grab it and go add the DNS entry for it at https://www.gandi.net/en

4. Go to the server's settings and set your Reverse DNS, foo.meidokon.net

5. Configure backups: Weekly, Friday, 21:00 UTC

You should be pretty much sorted now.

Configuring the new VPS

Debian

1. Get onto the box via the new IP or DNS

2. Install minimal set of packages

   apt-get update
   apt-get install -y aptitude
   aptitude install -y git make
   aptitude install -y puppet-module-puppetlabs-stdlib

3. Clone the puppet code

   cd /etc/puppet/
   rmdir code
   git clone https://github.com/barneydesmond/personal-puppet.git code

4. Run puppet to conform the system:

   make -C /etc/puppet/code full

Your system should now be good.

Redhat

1. Get onto the box via the new IP or DNS

2. Install minimal set of packages

   yum install -y git make
   yum install -y puppetlabs-stdlib

3. Clone the puppet code

   cd /etc/puppet/
   rmdir code
   git clone https://github.com/barneydesmond/personal-puppet.git code
   rmdir modules
   ln -s /etc/puppet/code/modules

4. Run puppet to conform the system:

   make -C /etc/puppet/code full

Your system should now be good.

Raspberry Pi

Provisioning

1. Download the latest image, like Raspbian buster-lite, write it to SD card with balenaEtcher
2. Boot as normal, let it do the firstboot thing

3. Rename it: https://wiki.debian.org/HowTo/ChangeHostname or use raspi-config tool

4. Fully update

     apt update and full-upgrade
     apt install vim
     reboot

5. Change password for pi account

6. Install your ssh pubkeys
7. apt autoremove, autoclean

8. Install useful packages:

   apt install openjdk-8-jre-headless
   apt install haveged
   apt install lsof tcpdump netcat strace nmap

9. Empty motd, don't care about that on SSH login

   > /etc/motd

References

• https://community.ubnt.com/t5/UniFi-Routing-Switching/Step-By-Step-Tutorial-Guide-Raspberry-Pi-with-UniFi-Controller/td-p/2470231

Unifi stuff

1. Install Unifi repo

   echo 'deb http://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/unifi.list
   
   sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ubnt.com/unifi/unifi-repo.gpg

2. Install packages

   apt update
   apt install unifi

3. Faff with dhcpcd to ensure a static IP that's well-managed: https://raspberrypi.stackexchange.com/questions/37920/how-do-i-set-up-networking-wifi-static-ip-address/74428#74428

== Go lang stuff

https://danbruder.com/blog/installing-golang-1-9-on-raspberry-pi-3b/

Go deps for termshark et al: https://medium.com/@simon_prickett/raspberry-pi-coding-in-go-traffic-lights-559bc761fa07

  206  wget https://dl.google.com/go/go1.12.5.linux-armv6l.tar.gz
  212  tar -C /usr/local -xzvf go1.12.5.linux-armv6l.tar.gz
  215  cd /etc/profile.d/
  223  vim golang.sh  # export and append to PATH
  231  go version