Set up Guide for the server
This is a Guide for how to setup my Server
Installing the Operating System
- Download the Operating System(OS) you want to use for your server, I am gonna use Debian, since it a very stable OS.
- Burn the iso of the OS on a USB-Sticker, for windows you can use Rufus , on linux you can use popsicle
- Start the PC/Laptop you want to use with the USB-Stick and boot with the USB-Stick
- Follow the Instruction of the, OS Installer
Sudo Debian
If you have problems with sudo on debian switch to the root account or add sudo privillige to your current account:
su root, gets you root accessexport PATH="$PATH:/sbin:/usr/sbin:usr/local/sbin", allows you to use the adduser command- adduser username sudo
- exit
Connecting via ssh
To connect to your server via ssh:
- Install ssh:
sudo apt-get install openssh-server - Check ssh is running:
sudo systemctl status ssh - Find your IP address or your host name
- Connect to your system:
ssh username@hostname
Configure a Static IP
If you want to Access the server via the same IP, its useful to set a static IP address Additionally the Standard DNS server your ISP can read your internet flow, that why its good to change your DNS:
Way 1: Per Command Line
- Show your IP devices:
ip -c link show - Backup your internet config:
sudo cp /etc/network/interfaces ~/ - Edit your config:
sudo nano /etc/network/interfaces- Enter(example):
auto eth0 iface eth0 inet static address 192.168.178.2 netmask 255.255.255.0 gateway 192.168.178.1 dns-nameservers 8.8.8.8 8.8.4.4
- Restart networking:
sudo systemctl restart networking
I had some issues with this so I recommend way 2.
Way 2: Network Manager
Via the Gnome Network Manager:
- Open your Settings and press on Wifi to set static ip for wifi and Network for static ip for ethernet
- After that press on the settings tab and switch to the IP4-Tab
- Select as IPV-4 Method manually
- for Adress give the ip your pc should have e.g. 192.168.178.100, for netmask it should normally be 255.255.255.0 for gateway select the ip from your router, you can get the router ip by going to your router settings webpage(e.g. fritz.box).
- You can also select a custom dns
Enable Automatic Security Updates
It is good practise to auomatically install security-updates for a server:
- install unattended-upgrades: `sudo apt install unattended-upgrades apt-listchanges bsd-mailx
- Install, to automatically restart:
sudo apt install apt-config-auto-update - if you sue a laptop:
sudo apt install powermgmt-base - Turn on the security updates:
sudo dpkg-reconfigure -plow unattended-upgrades - Make sure its working:
sudo unattended-upgrades --dry-run --debug - Check its status:
systemctl status unattended-upgrades
Protect ssh
In order to not get hacked via ssh, its important to protect your ssh connection:
- Install fail2ban:
sudo apt install fail2ban - Check its active:
systemctl status fail2ban.service
Don't sleep when closing Lid
If you have a Laptop you don't want the laptop to sleep when its lid get closed:
sudo nano /etc/systemd/logind.conf- Change:
#HandleLidSwitch=suspend #HandleLidSwitchExternalPower=suspendtoHandleLidSwitch=ignore HandleLidSwitchExternalPower=ignore
Turning off the Screen
Having the Screen on, is using power, we can reduce the power consumption by disabling the screen:
- If you have Gnome installed, do it via gnome settings under power
Setting up the Services
Install Docker
If we want to set up anything we should do it with docker, so that requirements/dependencies don't mix and we have Improved security.
sudo apt-get update- Update the
aptpackage index and install packages to allowaptto use a repository over HTTPS
sudo apt-get update
sudo apt-get install \
ca-certificates \
curl \
gnupg- Add Docker’s official GPG key:
sudo mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg- Use the following command to set up the repository:
echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null- Update apt:
sudo apt-get update- Install docker:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin- Verify its working:
sudo docker run hello-world- Make it run rootless, replace
$ROOTby your username:
sudo groupadd docker
sudo gpasswd -a $USER docker- logout and login again
Install Docker-Compose
Compose is used to deploy/run compose files, which are config files for a docker container:
- Installing compose
curl -SL https://github.com/docker/compose/releases/download/v2.17.2/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose- giving it execuable permission
sudo chmod +x /usr/local/bin/docker-composeDocker Manager
Way 1: Yacht
I had the problem with yacht that it didn't correctly depict cpu usage.
Its nice to have a WebUI to manage/see all docker most popular are yacht and portainer:
- Crate a folder where you will save docker configs,
cd /home/
mkdir Docker- You might Need to edit the volume in
yacht_compose.ymlto the correct path(replace your username). - To send a file from you local pc to the server use the following command:
scp yacht_compose.yml username@hostname:/home/lupos/Documents- Installing Yacht:
docker-compose -f yacht_compose.yml up -d- Stopping with:
docker-compose down - You can Access yacht via the ip adresss and then the port 8000
- The standard login is: admin@yacht.local, pass
Way 2: Portainer
Portainer is a freemium.
Follow this guide
- run the following commands:
docker volume create portainer_data
docker run -d -p 8001:8000 -p 9445:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest- You can Access the Dashboard via the website ``https://your_ip:9445`
Nextcloud
Nextcloud is like google-Cloud, I use it to store files, locally in the server and access them:
- If you use an external HDD to save your files, navigate to it, it should be in
\mnt\or\media(for removable devices) - You might Need to edit the volume in
nextcloud_compose.yml, to the correct path(replace your username), also edit the password, aldo edit the PUID and PGID to the number you get from the commandid $user - Send the file to your server and Install Nextcloud:
scp nextcloud_compose.yml username@hostname:/home/lupos/Docker
docker-compose -f nextcloud_compose.yml up -d- You should be able to reach it under the ip and then the port 444 e.g.
http://192.168.178.1:444 - If you have problems with uploading files, Increase the size limit of file upload:
cd /config/nginx/site-confs
nano default.conf- When setting u, choose for storage and database: "MySQL/MariaDB" and then enter what is written in the nextcloud ompose file, it should look like this:
Not working well for me
Interlude
Reinstalling Docker
If sth. went wrong and you want to reinstall the container do the following:
- Stop the container:
docker stop $(docker ps -a -q)- remove the container:
docker rm $(docker ps -aq)Bad Permission external HDD
If you need sudo for everything you do on you external HDD than your permissions are wrongly set:
- If your HDD is somewhere else mounted replace /media with where your HDD is mounted:
sudo chmod ugo+wx /media - Alternatively try:
sudo chown user media - You can investigate with
ls -ldwho the owner is and what privilliges you have.
Media Stack
1. Torrenting
At First we need the stack that does the torrenting it will be behind a VPN.
- edit the torrent-compose.yml and change the gluetun serveice enviroment variable so that they fit for your VPN. e.g. Proton-VPN
- VPN_SERVICE_PROVIDER=custom
- VPN_TYPE=wireguard
- VPN_ENDPOINT_IP= 169.150.218.85
- VPN_ENDPOINT_PORT=51820
- WIREGUARD_PUBLIC_KEY=THs9F9xVAiGy48Mc0DnGGPFaVqypz4FtBLbn6Jw2BWM=
- WIREGUARD_PRIVATE_KEY= SElY3AP6XLffrbQoDbpVGlYtTDREMdmWZAzC8fJxg3M=
- WIREGUARD_PRESHARED_KEY=
- WIREGUARD_ADDRESSES=10.2.0.2/32
Copied from here.
- Make the folder Structure for your media, follow this guide.
- Copy the file to your server and run the docker change .env if neseccary
scp torrent_compose.yml username@hostname:/home/lupos/Docker
scp gluetune/.env username@hostname:/home/lupos/Docker
docker-compose -f torrent_compose.yml up -d- You should be able to reach it under the ip and then the port e.g.
http://192.168.178.1:8085- qbittorent port: 8085
- The default username/password is
admin/adminadmin
2. To Watch
- Edit the volumes like you need
- Copy and start it
scp jellyfin_compose.yml username@hostname:/home/lupos/Docker
docker-compose -f jellyfin_compose.yml up -d- You should be able to reach it under the ip and then the port e.g.
http://192.168.178.1:8085- jellyfin port: 8096
- sonarr port: 8989
- radarr port: 7878
- bazarr port: 6767
- lidarr port: 8688
- readarr port: 8799
- flaresolverr port: 8191
- jellyseerr port: 5055
- calibre port: 8083
- prowlarr port: 9696
3. Setting it up
We now need to change a bunch of setting to set it up properly.
In general follow this guide.
- First open Jellyfin and set it up
- Now set up prowplar
- Add FlareSolverr to Prowlarr
- Add trackers
- Add apps(sonarr & co)
- Add folder structure
- Set up sonarr, radarr, lidarr, readearr
- Add download client
- Add index prolwar
- Set up jellyseer
- Add Radarr and Sonarr
- Set up bazarr
Shell in a box
With shell in a box we can access the shell via the webrowser.
- install it:
sudo apt install openssl shellinabox - configure it:
sudo nano /etc/default/shellinabox - Start it with:
sudo systemctl restart shellinabox - listens on port 4200