firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
master
firefrost-operations-manual/docs/deployment/dev-vps-setup.md
Claude (Chronicler #51) aba8e042f4 docs: Complete Dev VPS deployment and configuration guide 
NEW DEV SERVER FULLY CONFIGURED AND DOCUMENTED

SERVER DETAILS:
- IP: 64.50.188.128
- Location: Chicago, IL (Breezehost)
- OS: Ubuntu Server 24.04.4 LTS (Noble Numbat)
- Specs: 2 CPU, 4GB RAM, 80GB NVMe, 512MB swap
- Cost: $10/month

SOFTWARE INSTALLED:
 Ubuntu 24.04 LTS (5 years support until April 2029)
 UFW Firewall (ports 22, 9090 open)
 Node.js (latest LTS v20.x)
 Docker v29.3.1 (with compose plugin)
 Cockpit web terminal (https://64.50.188.128:9090)

SECURITY:
 IPv6 disabled (manual configuration)
 Firewall configured (deny incoming by default)
 Root password set (stored in Vaultwarden)
 SSH access working (MobaXterm configured)
 Cockpit web terminal working

DOCUMENTATION INCLUDES:
- Complete server specifications
- Network configuration details
- Installed software versions
- Security configuration (firewall rules, IPv6 disabled)
- Service access methods (SSH, Cockpit)
- Docker configuration and commands
- Node.js setup and usage
- System monitoring commands
- Common maintenance tasks
- Development workflow examples
- Troubleshooting guide
- Future enhancement roadmap
- Complete deployment log

PURPOSE:
Development and testing environment for:
- Modpack version checker (NEXT PROJECT)
- CI/CD pipeline testing
- Dockerized service testing
- Safe experimentation without affecting production
- Development workflow testing

NEXT STEPS:
Phase 1 (Security): Create admin user, fail2ban, SSH keys only
Phase 2 (Dev Tools): Git, Python, Nginx, CI/CD runner
Phase 3 (Monitoring): Netdata, log aggregation, alerting

STATUS:  OPERATIONAL - Ready for development work

This completes the dev server setup. Next priority: Modpack
version checker for passive income generation.

Fire + Frost + Foundation = Where Love Builds Legacy 🔥❄️💙

Signed-off-by: Claude (Chronicler #51) <claude@firefrostgaming.com>
2026-04-01 11:06:56 +00:00

521 lines
9.2 KiB
Markdown
Raw Permalink Blame History

# Dev VPS - Initial Setup and Configuration
**Server:** Dev VPS (Development/Testing Environment)
**IP:** 64.50.188.128
**Location:** Chicago, IL
**Provider:** Breezehost
**Deployed:** April 1, 2026
**Configured by:** Chronicler #51
---
## Overview
Fresh Ubuntu 24.04 LTS server configured as a development and testing environment for Firefrost Gaming projects. Provides isolated environment for experimentation, CI/CD testing, and development work without affecting production infrastructure.
---
## Server Specifications
**Hardware:**
- CPU: 2x AMD Epyc (Cloud-2)
- RAM: 4GB (3.8GB usable)
- Storage: 80GB NVMe SSD (38GB allocated, 36GB free)
- Swap: 512MB
- Network: 1 Gbps (inbound/outbound)
**Network Configuration:**
- Primary IP: 64.50.188.128
- Gateway: 64.50.188.1
- Netmask: 255.255.255.0
- Interface: ens3
- MAC: 00:6C:80:0E:FB:72
- DNS Primary: 1.1.1.1 (Cloudflare)
- DNS Secondary: 8.8.8.8 (Google)
- IPv6: Disabled (was auto-assigned, manually disabled)
**Operating System:**
- Distribution: Ubuntu Server 24.04.4 LTS (Noble Numbat) Minimal
- Kernel: 6.8.0-106-generic x86_64
- Architecture: x86_64
- Support: Until April 2029 (5 years)
---
## Installed Software
### System Utilities
- **UFW Firewall:** v0.36.2-6 (active and enabled on boot)
- **Cockpit:** Latest (web-based server management)
- cockpit-storaged (storage management)
- cockpit-networkmanager (network configuration)
- cockpit-packagekit (package management)
### Development Tools
- **Node.js:** Latest LTS (v20.x series)
- **npm:** Latest (bundled with Node.js)
- **Docker:** v29.3.1 (latest stable)
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
### Planned Installations
- **Git:** For version control
- **fail2ban:** SSH brute-force protection
- **Python 3:** For automation scripts
- **Nginx:** Reverse proxy (if needed for testing)
---
## Security Configuration
### Firewall Rules (UFW)
**Status:** Active and enabled on system startup
**Logging:** On (low level)
**Default Policies:**
- Incoming: DENY
- Outgoing: ALLOW
- Routed: DISABLED
**Allowed Ports:**
| Port | Protocol | Service | Comment |
|------|----------|---------|---------|
| 22 | TCP | SSH | Remote access |
| 9090 | TCP | Cockpit | Web terminal |
**View current rules:**
```bash
ufw status verbose
```
**Add new rule:**
```bash
ufw allow [port]/tcp comment 'Service Name'
```
### IPv6 Configuration
**Status:** Disabled
IPv6 was auto-assigned by Breezehost but manually disabled for simplicity.
**Configuration in `/etc/sysctl.conf`:**
```
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
```
**To re-enable IPv6 (if needed):**
```bash
sed -i '/net.ipv6.conf.all.disable_ipv6/d' /etc/sysctl.conf
sed -i '/net.ipv6.conf.default.disable_ipv6/d' /etc/sysctl.conf
sysctl -p
reboot
```
### Root Access
**SSH:** Enabled (currently)
**Cockpit:** Enabled (root removed from disallowed-users)
**Password:** Set (stored in Vaultwarden)
**Future Hardening (TODO):**
- Create sudo-enabled admin user
- Disable root SSH login
- Enable SSH key-only authentication
- Install fail2ban for brute-force protection
---
## Service Access
### SSH Access
**Method 1: MobaXterm (Windows)**
```
Host: 64.50.188.128
Port: 22
User: root
Auth: Password or SSH key
```
**Method 2: Command Line**
```bash
ssh root@64.50.188.128
```
### Cockpit Web Terminal
**URL:** https://64.50.188.128:9090
**Login Credentials:**
- Username: `root`
- Password: [stored in Vaultwarden]
**Features Available:**
- Terminal (web-based SSH)
- System monitoring (CPU, RAM, disk, network)
- Storage management
- Network configuration
- Package management (APT)
- Service management (systemd)
- Log viewer
**Certificate Warning:** Self-signed certificate will trigger browser warning - this is normal, click "Accept Risk and Continue"
---
## Docker Configuration
**Version:** 29.3.1
**Status:** Installed and running
### Basic Docker Commands
**Test installation:**
```bash
docker run hello-world
```
**Common commands:**
```bash
# List running containers
docker ps
# List all containers (including stopped)
docker ps -a
# List images
docker images
# Pull an image
docker pull ubuntu:latest
# Run a container
docker run -it ubuntu:latest bash
# Remove stopped containers
docker container prune
# Remove unused images
docker image prune
```
### Docker Compose
**Installed:** Yes (v2 plugin)
**Usage:**
```bash
docker compose up -d
docker compose down
docker compose logs -f
```
---
## Node.js Configuration
**Version:** Latest LTS (v20.x)
**npm Version:** Latest (bundled)
### Basic Commands
**Check versions:**
```bash
node --version
npm --version
```
**Install packages globally:**
```bash
npm install -g [package-name]
```
**Install packages locally:**
```bash
npm install [package-name]
```
---
## System Monitoring
### Command Line Tools
**System info:**
```bash
# OS version
cat /etc/os-release
# Kernel version
uname -r
# System uptime
uptime
# Memory usage
free -h
# Disk usage
df -h
# CPU info
lscpu
# Network interfaces
ip a
# Active connections
ss -tulpn
```
### Cockpit Dashboard
Access via https://64.50.188.128:9090 for graphical monitoring:
- Real-time CPU/RAM/disk graphs
- Network traffic monitoring
- Service status
- System logs
---
## Common Maintenance Tasks
### Update System Packages
```bash
apt update
apt upgrade -y
apt autoremove -y
```
### Restart Services
```bash
# Restart Docker
systemctl restart docker
# Restart Cockpit
systemctl restart cockpit
# Restart UFW
ufw reload
```
### Check Service Status
```bash
systemctl status docker
systemctl status cockpit.socket
systemctl status ufw
```
### Clean Up Disk Space
```bash
# Remove old packages
apt autoremove -y
apt autoclean
# Remove Docker cruft
docker system prune -a
# Remove old logs
journalctl --vacuum-time=7d
```
---
## Development Workflow Examples
### Testing a Node.js Application
```bash
# Clone repo
git clone [repo-url]
cd [project]
# Install dependencies
npm install
# Run application
npm start
```
### Testing with Docker
```bash
# Build custom image
docker build -t myapp:latest .
# Run container
docker run -d -p 8080:8080 myapp:latest
# View logs
docker logs -f [container-id]
# Stop container
docker stop [container-id]
```
### Testing CI/CD Pipelines
```bash
# Clone Firefrost services repo
git clone https://[token]@git.firefrostgaming.com/firefrost-gaming/firefrost-services.git
# Test deployment script
cd firefrost-services
./deploy.sh --test
```
---
## Troubleshooting
### Cannot SSH to Server
**Check firewall:**
```bash
ufw status
```
**Ensure SSH is allowed:**
```bash
ufw allow 22/tcp
```
**Check SSH service:**
```bash
systemctl status ssh
```
### Cockpit Not Accessible
**Check service:**
```bash
systemctl status cockpit.socket
```
**Restart if needed:**
```bash
systemctl restart cockpit
```
**Check firewall:**
```bash
ufw allow 9090/tcp
```
### Docker Container Won't Start
**Check logs:**
```bash
docker logs [container-name]
```
**Check Docker service:**
```bash
systemctl status docker
```
**Restart Docker:**
```bash
systemctl restart docker
```
### Out of Disk Space
**Check usage:**
```bash
df -h
du -sh /* | sort -h
```
**Clean up:**
```bash
apt autoremove -y
apt autoclean
docker system prune -a
journalctl --vacuum-time=7d
```
---
## Future Enhancements
### Phase 1 (Security Hardening)
- [ ] Create sudo-enabled admin user (`architect`)
- [ ] Install fail2ban
- [ ] Disable root SSH login
- [ ] SSH key-only authentication
- [ ] Configure automatic security updates
### Phase 2 (Development Tools)
- [ ] Install Git
- [ ] Install Python 3 and pip
- [ ] Install Nginx (if needed)
- [ ] Set up CI/CD runner (GitHub Actions or Gitea Actions)
- [ ] Configure development database (PostgreSQL or MySQL)
### Phase 3 (Monitoring)
- [ ] Install Netdata for advanced monitoring
- [ ] Configure log aggregation
- [ ] Set up alerting (Discord webhooks)
- [ ] Integrate with Uptime Kuma on Command Center
---
## Cost and Resources
**Monthly Cost:** $10
**Provider:** Breezehost (locked-in pricing)
**Commitment:** Month-to-month (no contract)
**Resource Allocation:**
- CPU: Light (development workloads)
- RAM: Adequate for most dev tasks (4GB)
- Storage: Sufficient for testing (80GB)
- Network: Fast (1 Gbps)
---
## Related Documentation
- **Infrastructure Manifest:** `docs/core/infrastructure-manifest.md`
- **Command Center Setup:** `docs/deployment/command-center-setup.md`
- **Docker Best Practices:** `docs/guides/docker-best-practices.md`
- **Security Hardening Guide:** `docs/guides/server-security-hardening.md`
---
## Deployment Log
**April 1, 2026 - Initial Setup:**
1. ✅ Ubuntu 24.04 LTS installed (Noble Numbat Minimal)
2. ✅ System updated (apt update && upgrade)
3. ✅ Root password set
4. ✅ IPv6 disabled
5. ✅ UFW firewall configured (ports 22, 9090)
6. ✅ Node.js LTS installed
7. ✅ Docker v29.3.1 installed
8. ✅ Cockpit web terminal installed
9. ✅ Root login to Cockpit enabled
10. ✅ Server rebooted and tested
**Status:** ✅ OPERATIONAL - Ready for development work
---
**Fire + Frost + Foundation = Where Love Builds Legacy** 🔥❄️💙
---
**Last Updated:** April 1, 2026
**Configured by:** Chronicler #51
**Next Steps:** Security hardening (create admin user, fail2ban, SSH keys)
Reference in New Issue View Git Blame Copy Permalink