firefrost-operations-manual/docs/tasks/task-092-trinity-core/phase-1-ubuntu-setup.md

Task #92 Phase 1: Ubuntu Server Setup

Status: Ready to begin
Hardware: HP Laptop
Target OS: Ubuntu Server 24.04 LTS

---

Step 1: Create Bootable USB

On another computer:

1. Download Ubuntu Server 24.04 LTS:
   https://ubuntu.com/download/server

2. Download Rufus (Windows):
   https://rufus.ie/

3. Flash the ISO to USB:

   • Insert USB drive (8GB+)
   • Open Rufus
   • Select the USB drive
   • Select the Ubuntu ISO
   • Click Start
   • Wait for completion

---

Step 2: Install Ubuntu Server

On the HP laptop:

1. Insert USB drive
2. Power on, press F9 (or F12/ESC) for boot menu
3. Select USB drive
4. Follow installer:

Screen	Selection
Language	English
Keyboard	English (US)
Install type	Ubuntu Server
Network	Use DHCP (auto)
Proxy	Leave blank
Mirror	Default
Storage	Use entire disk
Your name	michael
Server name	trinity-core
Username	michael
Password	[your choice]
OpenSSH	✅ Install OpenSSH server
Snaps	Skip (none needed)

5. Wait for install to complete
6. Remove USB, reboot

---

Step 3: First Boot — System Update

SSH in from your main PC, or use the laptop directly:

sudo apt update

sudo apt upgrade -y

sudo reboot

---

Step 4: Install Cockpit (Web Management)

sudo apt install cockpit -y

sudo systemctl enable --now cockpit.socket

Access: https://[laptop-ip]:9090
Login: michael / [your password]

---

Step 5: Configure UFW Firewall

sudo apt install ufw -y

sudo ufw default deny incoming

sudo ufw default allow outgoing

sudo ufw allow 22/tcp

sudo ufw allow 9090/tcp

sudo ufw enable

sudo ufw status

Expected output:

Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
9090/tcp                   ALLOW       Anywhere

---

Step 6: Install fail2ban

sudo apt install fail2ban -y

sudo systemctl enable fail2ban

sudo systemctl start fail2ban

sudo fail2ban-client status

---

Step 7: Configure Lid Switch (Shelf Mode)

Edit the config:

sudo nano /etc/systemd/logind.conf

Find and uncomment/change this line:

HandleLidSwitch=ignore

Save (Ctrl+O, Enter, Ctrl+X), then:

sudo systemctl restart systemd-logind

Test: Close the lid — laptop should stay on.

---

Step 8: Install Docker

sudo apt install ca-certificates curl -y

sudo install -m 0755 -d /etc/apt/keyrings

sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc

sudo chmod a+r /etc/apt/keyrings/docker.asc

echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update

sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y

Add yourself to docker group (no sudo needed for docker commands):

sudo usermod -aG docker michael

Log out and back in, then test:

docker run hello-world

---

Step 9: Install Node.js (for MCP development)

curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -

sudo apt install nodejs -y

node --version

npm --version

---

Step 10: Verify Installation

Run these checks:

echo "=== System ===" && uname -a

echo "=== Cockpit ===" && systemctl status cockpit.socket --no-pager

echo "=== UFW ===" && sudo ufw status

echo "=== fail2ban ===" && sudo fail2ban-client status

echo "=== Docker ===" && docker --version

echo "=== Node ===" && node --version

---

Phase 1 Complete Checklist

• Ubuntu Server 24.04 installed
• SSH working from main PC
• System updated
• Cockpit accessible at :9090
• UFW configured (22, 9090 only)
• fail2ban running
• Lid switch ignored (shelf mode)
• Docker installed and working
• Node.js 20.x installed

Next: Phase 2 — SSH Infrastructure

---

Fire + Frost + Foundation = Where Love Builds Legacy 💙🔥❄️