firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
dd34f92f3f1af173cd506b4108936a5cea8fa59f
firefrost-operations-manual/docs/deployment/dev-vps-setup.md
Claude (Chronicler #51) aba8e042f4 docs: Complete Dev VPS deployment and configuration guide 
NEW DEV SERVER FULLY CONFIGURED AND DOCUMENTED

SERVER DETAILS:
- IP: 64.50.188.128
- Location: Chicago, IL (Breezehost)
- OS: Ubuntu Server 24.04.4 LTS (Noble Numbat)
- Specs: 2 CPU, 4GB RAM, 80GB NVMe, 512MB swap
- Cost: $10/month

SOFTWARE INSTALLED:
 Ubuntu 24.04 LTS (5 years support until April 2029)
 UFW Firewall (ports 22, 9090 open)
 Node.js (latest LTS v20.x)
 Docker v29.3.1 (with compose plugin)
 Cockpit web terminal (https://64.50.188.128:9090)

SECURITY:
 IPv6 disabled (manual configuration)
 Firewall configured (deny incoming by default)
 Root password set (stored in Vaultwarden)
 SSH access working (MobaXterm configured)
 Cockpit web terminal working

DOCUMENTATION INCLUDES:
- Complete server specifications
- Network configuration details
- Installed software versions
- Security configuration (firewall rules, IPv6 disabled)
- Service access methods (SSH, Cockpit)
- Docker configuration and commands
- Node.js setup and usage
- System monitoring commands
- Common maintenance tasks
- Development workflow examples
- Troubleshooting guide
- Future enhancement roadmap
- Complete deployment log

PURPOSE:
Development and testing environment for:
- Modpack version checker (NEXT PROJECT)
- CI/CD pipeline testing
- Dockerized service testing
- Safe experimentation without affecting production
- Development workflow testing

NEXT STEPS:
Phase 1 (Security): Create admin user, fail2ban, SSH keys only
Phase 2 (Dev Tools): Git, Python, Nginx, CI/CD runner
Phase 3 (Monitoring): Netdata, log aggregation, alerting

STATUS:  OPERATIONAL - Ready for development work

This completes the dev server setup. Next priority: Modpack
version checker for passive income generation.

Fire + Frost + Foundation = Where Love Builds Legacy 🔥❄️💙

Signed-off-by: Claude (Chronicler #51) <claude@firefrostgaming.com>
2026-04-01 11:06:56 +00:00

9.2 KiB
Raw Blame History

Dev VPS - Initial Setup and Configuration

Server: Dev VPS (Development/Testing Environment)
IP: 64.50.188.128
Location: Chicago, IL
Provider: Breezehost
Deployed: April 1, 2026
Configured by: Chronicler #51

Overview

Fresh Ubuntu 24.04 LTS server configured as a development and testing environment for Firefrost Gaming projects. Provides isolated environment for experimentation, CI/CD testing, and development work without affecting production infrastructure.

Server Specifications

Hardware:

  • CPU: 2x AMD Epyc (Cloud-2)
  • RAM: 4GB (3.8GB usable)
  • Storage: 80GB NVMe SSD (38GB allocated, 36GB free)
  • Swap: 512MB
  • Network: 1 Gbps (inbound/outbound)

Network Configuration:

  • Primary IP: 64.50.188.128
  • Gateway: 64.50.188.1
  • Netmask: 255.255.255.0
  • Interface: ens3
  • MAC: 00:6C:80:0E:FB:72
  • DNS Primary: 1.1.1.1 (Cloudflare)
  • DNS Secondary: 8.8.8.8 (Google)
  • IPv6: Disabled (was auto-assigned, manually disabled)

Operating System:

  • Distribution: Ubuntu Server 24.04.4 LTS (Noble Numbat) Minimal
  • Kernel: 6.8.0-106-generic x86_64
  • Architecture: x86_64
  • Support: Until April 2029 (5 years)

Installed Software

System Utilities

  • UFW Firewall: v0.36.2-6 (active and enabled on boot)
  • Cockpit: Latest (web-based server management)
    • cockpit-storaged (storage management)
    • cockpit-networkmanager (network configuration)
    • cockpit-packagekit (package management)

Development Tools

  • Node.js: Latest LTS (v20.x series)
  • npm: Latest (bundled with Node.js)
  • Docker: v29.3.1 (latest stable)
    • docker-ce
    • docker-ce-cli
    • containerd.io
    • docker-buildx-plugin
    • docker-compose-plugin

Planned Installations

  • Git: For version control
  • fail2ban: SSH brute-force protection
  • Python 3: For automation scripts
  • Nginx: Reverse proxy (if needed for testing)

Security Configuration

Firewall Rules (UFW)

Status: Active and enabled on system startup
Logging: On (low level)
Default Policies:

  • Incoming: DENY
  • Outgoing: ALLOW
  • Routed: DISABLED

Allowed Ports:

Port Protocol Service Comment
22 TCP SSH Remote access
9090 TCP Cockpit Web terminal

View current rules:

ufw status verbose

Add new rule:

ufw allow [port]/tcp comment 'Service Name'

IPv6 Configuration

Status: Disabled

IPv6 was auto-assigned by Breezehost but manually disabled for simplicity.

Configuration in /etc/sysctl.conf:

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

To re-enable IPv6 (if needed):

sed -i '/net.ipv6.conf.all.disable_ipv6/d' /etc/sysctl.conf
sed -i '/net.ipv6.conf.default.disable_ipv6/d' /etc/sysctl.conf
sysctl -p
reboot

Root Access

SSH: Enabled (currently)
Cockpit: Enabled (root removed from disallowed-users)
Password: Set (stored in Vaultwarden)

Future Hardening (TODO):

  • Create sudo-enabled admin user
  • Disable root SSH login
  • Enable SSH key-only authentication
  • Install fail2ban for brute-force protection

Service Access

SSH Access

Method 1: MobaXterm (Windows)

Host: 64.50.188.128
Port: 22
User: root
Auth: Password or SSH key

Method 2: Command Line

ssh root@64.50.188.128

Cockpit Web Terminal

URL: https://64.50.188.128:9090

Login Credentials:

  • Username: root
  • Password: [stored in Vaultwarden]

Features Available:

  • Terminal (web-based SSH)
  • System monitoring (CPU, RAM, disk, network)
  • Storage management
  • Network configuration
  • Package management (APT)
  • Service management (systemd)
  • Log viewer

Certificate Warning: Self-signed certificate will trigger browser warning - this is normal, click "Accept Risk and Continue"

Docker Configuration

Version: 29.3.1
Status: Installed and running

Basic Docker Commands

Test installation:

docker run hello-world

Common commands:

# List running containers
docker ps

# List all containers (including stopped)
docker ps -a

# List images
docker images

# Pull an image
docker pull ubuntu:latest

# Run a container
docker run -it ubuntu:latest bash

# Remove stopped containers
docker container prune

# Remove unused images
docker image prune

Docker Compose

Installed: Yes (v2 plugin)

Usage:

docker compose up -d
docker compose down
docker compose logs -f

Node.js Configuration

Version: Latest LTS (v20.x)
npm Version: Latest (bundled)

Basic Commands

Check versions:

node --version
npm --version

Install packages globally:

npm install -g [package-name]

Install packages locally:

npm install [package-name]

System Monitoring

Command Line Tools

System info:

# OS version
cat /etc/os-release

# Kernel version
uname -r

# System uptime
uptime

# Memory usage
free -h

# Disk usage
df -h

# CPU info
lscpu

# Network interfaces
ip a

# Active connections
ss -tulpn

Cockpit Dashboard

Access via https://64.50.188.128:9090 for graphical monitoring:

  • Real-time CPU/RAM/disk graphs
  • Network traffic monitoring
  • Service status
  • System logs

Common Maintenance Tasks

Update System Packages

apt update
apt upgrade -y
apt autoremove -y

Restart Services

# Restart Docker
systemctl restart docker

# Restart Cockpit
systemctl restart cockpit

# Restart UFW
ufw reload

Check Service Status

systemctl status docker
systemctl status cockpit.socket
systemctl status ufw

Clean Up Disk Space

# Remove old packages
apt autoremove -y
apt autoclean

# Remove Docker cruft
docker system prune -a

# Remove old logs
journalctl --vacuum-time=7d

Development Workflow Examples

Testing a Node.js Application

# Clone repo
git clone [repo-url]
cd [project]

# Install dependencies
npm install

# Run application
npm start

Testing with Docker

# Build custom image
docker build -t myapp:latest .

# Run container
docker run -d -p 8080:8080 myapp:latest

# View logs
docker logs -f [container-id]

# Stop container
docker stop [container-id]

Testing CI/CD Pipelines

# Clone Firefrost services repo
git clone https://[token]@git.firefrostgaming.com/firefrost-gaming/firefrost-services.git

# Test deployment script
cd firefrost-services
./deploy.sh --test

Troubleshooting

Cannot SSH to Server

Check firewall:

ufw status

Ensure SSH is allowed:

ufw allow 22/tcp

Check SSH service:

systemctl status ssh

Cockpit Not Accessible

Check service:

systemctl status cockpit.socket

Restart if needed:

systemctl restart cockpit

Check firewall:

ufw allow 9090/tcp

Docker Container Won't Start

Check logs:

docker logs [container-name]

Check Docker service:

systemctl status docker

Restart Docker:

systemctl restart docker

Out of Disk Space

Check usage:

df -h
du -sh /* | sort -h

Clean up:

apt autoremove -y
apt autoclean
docker system prune -a
journalctl --vacuum-time=7d

Future Enhancements

Phase 1 (Security Hardening)

  • Create sudo-enabled admin user (architect)
  • Install fail2ban
  • Disable root SSH login
  • SSH key-only authentication
  • Configure automatic security updates

Phase 2 (Development Tools)

  • Install Git
  • Install Python 3 and pip
  • Install Nginx (if needed)
  • Set up CI/CD runner (GitHub Actions or Gitea Actions)
  • Configure development database (PostgreSQL or MySQL)

Phase 3 (Monitoring)

  • Install Netdata for advanced monitoring
  • Configure log aggregation
  • Set up alerting (Discord webhooks)
  • Integrate with Uptime Kuma on Command Center

Cost and Resources

Monthly Cost: $10
Provider: Breezehost (locked-in pricing)
Commitment: Month-to-month (no contract)

Resource Allocation:

  • CPU: Light (development workloads)
  • RAM: Adequate for most dev tasks (4GB)
  • Storage: Sufficient for testing (80GB)
  • Network: Fast (1 Gbps)

Related Documentation

  • Infrastructure Manifest: docs/core/infrastructure-manifest.md
  • Command Center Setup: docs/deployment/command-center-setup.md
  • Docker Best Practices: docs/guides/docker-best-practices.md
  • Security Hardening Guide: docs/guides/server-security-hardening.md

Deployment Log

April 1, 2026 - Initial Setup:

  1. Ubuntu 24.04 LTS installed (Noble Numbat Minimal)
  2. System updated (apt update && upgrade)
  3. Root password set
  4. IPv6 disabled
  5. UFW firewall configured (ports 22, 9090)
  6. Node.js LTS installed
  7. Docker v29.3.1 installed
  8. Cockpit web terminal installed
  9. Root login to Cockpit enabled
  10. Server rebooted and tested

Status: OPERATIONAL - Ready for development work

Fire + Frost + Foundation = Where Love Builds Legacy 🔥❄️💙

Last Updated: April 1, 2026
Configured by: Chronicler #51
Next Steps: Security hardening (create admin user, fail2ban, SSH keys)

Reference in New Issue View Git Blame Copy Permalink