Benutzer-Werkzeuge

Webseiten-Werkzeuge


software_handreichungen:ubuntu_server_18.04_lts

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen RevisionVorhergehende Überarbeitung
Nächste Überarbeitung
Vorhergehende Überarbeitung
software_handreichungen:ubuntu_server_18.04_lts [2019/03/10 20:19] andreassoftware_handreichungen:ubuntu_server_18.04_lts [2019/03/21 18:51] (aktuell) andreas
Zeile 1: Zeile 1:
 ====== Ubuntu Server 18.04 LTS ====== ====== Ubuntu Server 18.04 LTS ======
  
-===== ddclient with No-IP =====+<WRAP center round important 60%> 
 +Alles wird als root ausgeführt. 
 +</WRAP> 
 + 
 +===== IP einstellen ===== 
 +<file yaml /etc/netplan/01-netcfg.yaml> 
 +# This file describes the network interfaces available on your system 
 +# For more information, see netplan(5). 
 +network: 
 +  version: 2 
 +  renderer: networkd 
 +  ethernets: 
 +    ens160: 
 +      addresses: [192.168.XXX.XXX/24] 
 +      gateway4: 192.168.XXX.XXX 
 +      nameservers: 
 +         addresses: [XXX.XXX.XXX.XXX,XXX.XXX.XXX.XXX] 
 +</file> 
 + 
 +Und mit dem folgenden Befehl die Änderung übernehmen:
 <file bash> <file bash>
-sudo apt install ddclient+netplan apply
 </file> </file>
  
-<file ini /etc/ddclient.conf> +===== Server Mail Versand ermöglichen =====
-# Configuration file for ddclient generated by debconf +
-+
-# /etc/ddclient.conf+
  
-protocol=noip +==== Installieren ==== 
-use=web +<file bash> 
-web=checkip.dyndns.org +apt install postfix mailutils 
-server=dynupdate.no-ip.com +</file> 
-login=XX No-IP login email XX +  * Internet Site 
-password=XX No-IP login password XX + 
-XX No-IP Hostname XX+==== Konfigurieren (am Beispiel von domainfactory) ==== 
 +<file ini /etc/postfix/main.cf> 
 +# See /usr/share/postfix/main.cf.dist for a commented, more complete version 
 + 
 + 
 +# Debian specific:  Specifying a file name will cause the first 
 +# line of that file to be used as the name.  The Debian default 
 +# is /etc/mailname. 
 +#myorigin /etc/mailname 
 + 
 +smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) 
 +biff = no 
 + 
 +# appending .domain is the MUA's job. 
 +append_dot_mydomain = no 
 + 
 +# Uncomment the next line to generate "delayed mail" warnings 
 +#delay_warning_time = 4h 
 + 
 +readme_directory = no 
 + 
 +# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on 
 +# fresh installs. 
 +compatibility_level 
 + 
 +# TLS parameters 
 +smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem 
 +smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key 
 +smtpd_use_tls=yes 
 +smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 
 +smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 
 + 
 +# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for 
 +# information on enabling SSL in the smtp client. 
 + 
 +smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination 
 +myhostname = XX-hostname-XX 
 +alias_maps hash:/etc/aliases 
 +alias_database = hash:/etc/aliases 
 +mydestination = $myhostname, XX-hostname-XX.XX-domain-XX.de, localhost.localdomain, localhost 
 +relayhost = sslout.df.eu:465 
 +mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 
 +mailbox_size_limit = 0 
 +recipient_delimiter = + 
 +inet_interfaces = all 
 +inet_protocols = all 
 + 
 +smtp_sasl_auth_enable = yes 
 +smtp_sasl_security_options = noanonymous 
 +smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd 
 +smtp_use_tls = yes 
 +smtp_tls_wrappermode = yes 
 +smtp_tls_security_level = encrypt 
 +</file> 
 + 
 +<file ini /etc/postfix/sasl_passwd> 
 +sslout.df.eu:465 XX-email-XX:XX-passwort-XX
 </file> </file>
  
-Einstellung testen: 
 <file bash> <file bash>
-ddclient -daemon=0 -debug -verbose -noquiet+postmap /etc/postfix/sasl_passwd 
 +chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db 
 +service postfix restart
 </file> </file>
  
-<file ini /etc/default/ddclient+==== Einstellung testen ==== 
-# Configuration for ddclient scripts  +<file bash
-# generated from debconf on Sun Mar 10 17:54:08 CET 2019 +echo "Test - Body" | mail -s "Test - Subject" XXX@XXX.XXX 
-+</file>
-/etc/default/ddclient+
  
-# Set to "true" if ddclient should be run every time DHCP client ('dhclient' +==== Log checken ==== 
-# from package isc-dhcp-client) updates the systems IP address+<file bash> 
-run_dhclient="false"+cat /var/log/mail.log 
 +</file>
  
-# Set to "true" if ddclient should be run every time a new ppp connection is  +===== root Mails empfangen ===== 
-established. This might be useful, if you are using dial-on-demand+<file ini /etc/aliases> 
-run_ipup="false"+See man 5 aliases for format 
 +postmaster:    root 
 +root: XXX@XXX.XXX 
 +</file>
  
-# Set to "true" if ddclient should run in daemon mode +**Einstellungen übernehmen:** 
-# If this is changed to true, run_ipup and run_dhclient must be set to false. +<file bash> 
-run_daemon="true"+newaliases 
 +</file>
  
-# Set the time interval between the updates of the dynamic DNS name in seconds. +==== Einstellung testen ==== 
-# This option only takes effect if the ddclient runs in daemon mode. +<file bash> 
-daemon_interval="3600"+echo "Test - Body" | mail -s "Test - Subjectroot
 </file> </file>
  
 +==== Log checken ====
 <file bash> <file bash>
-sudo  service ddclient restart+cat /var/log/mail.log
 </file> </file>
 +
 +===== DynDNS =====
 +[[https://www.duckdns.org/|Duck DNS]]
 +
 +**Anleitung:** [[https://www.duckdns.org/install.jsp|Duck DNS - install - linux cron]]
 +
 +===== unattended-upgrades =====
 +
 +==== Installieren ====
 +<file bash>
 +apt-get install unattended-upgrades
 +</file>
 +
 +==== Einstellugen ====
 +<file ini /etc/apt/apt.conf.d/50unattended-upgrades>
 +// Automatically upgrade packages from these (origin:archive) pairs
 +//
 +// Note that in Ubuntu security updates may pull in new dependencies
 +// from non-security sources (e.g. chromium). By allowing the release
 +// pocket these get automatically pulled in.
 +Unattended-Upgrade::Allowed-Origins {
 +        "${distro_id}:${distro_codename}";
 + "${distro_id}:${distro_codename}-security";
 + // Extended Security Maintenance; doesn't necessarily exist for
 + // every release and this system may not have it installed, but if
 + // available, the policy for updates is such that unattended-upgrades
 + // should also install from here by default.
 + "${distro_id}ESM:${distro_codename}";
 + "${distro_id}:${distro_codename}-updates";
 +// "${distro_id}:${distro_codename}-proposed";
 +// "${distro_id}:${distro_codename}-backports";
 +};
 +
 +// List of packages to not update (regexp are supported)
 +Unattended-Upgrade::Package-Blacklist {
 +// "vim";
 +// "libc6";
 +// "libc6-dev";
 +// "libc6-i686";
 +};
 +
 +// This option will controls whether the development release of Ubuntu will be
 +// upgraded automatically.
 +Unattended-Upgrade::DevRelease "false";
 +
 +// This option allows you to control if on a unclean dpkg exit
 +// unattended-upgrades will automatically run 
 +//   dpkg --force-confold --configure -a
 +// The default is true, to ensure updates keep getting installed
 +//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
 +
 +// Split the upgrade into the smallest possible chunks so that
 +// they can be interrupted with SIGTERM. This makes the upgrade
 +// a bit slower but it has the benefit that shutdown while a upgrade
 +// is running is possible (with a small delay)
 +//Unattended-Upgrade::MinimalSteps "false";
 +
 +// Install all unattended-upgrades when the machine is shutting down
 +// instead of doing it in the background while the machine is running
 +// This will (obviously) make shutdown slower
 +//Unattended-Upgrade::InstallOnShutdown "true";
 +
 +// Send email to this address for problems or packages upgrades
 +// If empty or unset then no email is sent, make sure that you
 +// have a working mail setup on your system. A package that provides
 +// 'mailx' must be installed. E.g. "user@example.com"
 +Unattended-Upgrade::Mail "root";
 +
 +// Set this value to "true" to get emails only on errors. Default
 +// is to always send a mail if Unattended-Upgrade::Mail is set
 +Unattended-Upgrade::MailOnlyOnError "true";
 +
 +// Remove unused automatically installed kernel-related packages
 +// (kernel images, kernel headers and kernel version locked tools).
 +//Unattended-Upgrade::Remove-Unused-Kernel-Packages "false";
 +
 +// Do automatic removal of new unused dependencies after the upgrade
 +// (equivalent to apt-get autoremove)
 +//Unattended-Upgrade::Remove-Unused-Dependencies "false";
 +
 +// Automatically reboot *WITHOUT CONFIRMATION*
 +//  if the file /var/run/reboot-required is found after the upgrade 
 +Unattended-Upgrade::Automatic-Reboot "true";
 + 
 +// If automatic reboot is enabled and needed, reboot at the specific
 +// time instead of immediately
 +//  Default: "now"
 +Unattended-Upgrade::Automatic-Reboot-Time "02:00";
 +
 +// Use apt bandwidth limit feature, this example limits the download
 +// speed to 70kb/sec
 +//Acquire::http::Dl-Limit "70";
 +
 +// Enable logging to syslog. Default is False
 +// Unattended-Upgrade::SyslogEnable "false";
 +
 +// Specify syslog facility. Default is daemon
 +// Unattended-Upgrade::SyslogFacility "daemon";
 +
 +// Download and install upgrades only on AC power
 +// (i.e. skip or gracefully stop updates on battery)
 +// Unattended-Upgrade::OnlyOnACPower "true";
 +
 +// Download and install upgrades only on non-metered connection
 +// (i.e. skip or gracefully stop updates on a metered connection)
 +// Unattended-Upgrade::Skip-Updates-On-Metered-Connections "true";
 +</file>
 +
 +==== PPA hinzufügen (am Beispiel Syncthing) ====
 +<file ini /etc/apt/apt.conf.d/50unattended-upgrades>
 +...
 +
 +Unattended-Upgrade::Allowed-Origins {
 + ....
 + "Syncthing:syncthing";
 +};
 +
 +...
 +</file>
 +
 +Quelle: https://askubuntu.com/a/87854/687750
software_handreichungen/ubuntu_server_18.04_lts.1552245542.txt.gz · Zuletzt geändert: 2019/03/10 20:19 von andreas