September 16, 2009 @ 1:52 am It was fun setting up your very own server. I remembered the time when I received the root password to my very first virtual server back in March 2006 ($22/month for a merely 192MB of memory), it took me hours setting it up to exactly the way I wanted. At the end of the day when it started to pump out my websites on TCP port 80 — joy!
Well. It’s still fun the second time around when I moved hosting, but it wasn’t the same. 3rd time? Hmm. By now I probably have set up 30+ virtual servers due to expansion or migration, and it feels a lot like work than fun. In the effort to possess the 3 great virtues of a programmer according to Larry Wall, laziness, impatience, and hubris, I decided to write some simple scripts to quickly get my low end virtual servers up running and configured in no time!
Here is one that I want to share today.
- Download lowend-debian.sh
Usage:
- Buy a new low end VPS from any provider
- Build a standard Debian 5 minimum install
- Got the root password
sshinto your new low end box, and$ ssh root@my-new-box Linux lowendbox 2.6.18-blah #1 SMP Wed Aug 26 15:47:17 MSD 2009 i686 ... Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. # wget -q http://www.lowendbox.com/scripts/lowend-debian.sh # bash ./lowend-debian.sh ...
What it does is:
- Remove
rsyslogd(memory hog on OpenVZ system) andportmap(mostly useless). - Run
apt-get update && apt-get upgradeto get the server up to date. - Install and configure
dashas/bin/sh. - Install and configure
inetutils-syslogas default system logger. - Install and configure
dropbearas OpenSSH replacement.
Once done, it should bring the memory usage to around 4-5MB on a 32bit Debian (where 2.8MB is from bash and dropbear that handles the SSH connection). It should also work on Ubuntu-based distributions (tested on a 64MB Ubuntu 9.04 VPS). Feel free to check the code to make sure I am not doing anything malicious like hijacking the server and install a ssh key or something :)
Nice, but there is no security setup by default. What do you do?
Download link is broken.
…/scirpts/lowend-debian.sh
should be
…/scripts/lowend-debian.sh
:)
Arg. Link fixed.
As of security — that really depends on your need (setting up sudoer, creating users, setting up firewalls). I have my scripts for those but I prefer not to show them :)
You install inetutils-syslog as default syslogger, how do you think about limiting rsyslogd by using ulimit -s 128? Is it safe to do that?
Instead of “rm -rf /bin/sh”, I’d recommend “dpkg-divert –rename /bin/sh”.
@Moi — the main issue I found with rsyslogd is its VSZ which is a lot greater than RSS. Although it might not use that much memory, it is still bad on an OpenVZ system where privvmpages counts the pages that are allocated.
@dne — thanks for the suggestion.
it will better to start some tutorial series, like:
1) vps start configuration
2) lighttpd and php install
3) mysql and bind install
4) postfix install and full configuration for virtual domains
6) (whatever else you think)
5) security tricks/tips
let me know what you think.
btw something you forgot on the script..
Thanks for this :)
Btw you spelled virtues wrong :p (virues)
Thanks. Fixed. Last time I checked spelling was not in the list of virtues of programmers :)
hey lowenbox. release more scripts!
Thanks for the script!
Thanks for the great script!
I tried dropbear but it doesn’t play nice with git and none of the fixes I’ve seen work for me so I’ve abandoned it for just now.
Seemingly the ulimit -s limit isn’t honoured by default ssh configurations, a bit of googling found me:
UsePrivilegeSeparation = no
Which will have ssh respecting your limits. Dropped ~3MB VSZ with that, google for the connotations.
[...] ist wirklich Minimal – 15Mb Ramauslastung nach der Installation, mit einigen Tweaks (Siehe Hier) konnte ich die Auslastung auf 9Mb drücken – unter voller Konfiguration als IRC Bouncer mit [...]