firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
e6d652e3d2223e68da96ba4ef78db4aae9c650ca
firefrost-operations-manual/docs/tasks/task-092-trinity-core/phase-1-ubuntu-setup.md
Claude 35c66099a5 docs(tasks): Create Task #92 - Trinity Core MCP Gateway 
Full task definition with 6 phases:
1. Ubuntu Server Setup (detailed checklist created)
2. SSH Infrastructure (claude_executor users)
3. Cloudflare Tunnel
4. MCP Server Development
5. Arbiter Integration (approval workflow)
6. Testing & Monitoring

Phase 1 checklist has copy-paste friendly commands for:
- Ubuntu install, Cockpit, UFW, fail2ban
- Lid switch ignore (shelf mode)
- Docker and Node.js

Architecture based on Gemini consultations from April 8-9.

Chronicler #73
2026-04-09 14:49:10 +00:00

288 lines
4.5 KiB
Markdown
Raw Blame History

# Task #92 Phase 1: Ubuntu Server Setup
**Status:** Ready to begin
**Hardware:** HP Laptop
**Target OS:** Ubuntu Server 24.04 LTS
---
## Step 1: Create Bootable USB
**On another computer:**
1. Download Ubuntu Server 24.04 LTS:
https://ubuntu.com/download/server
2. Download Rufus (Windows):
https://rufus.ie/
3. Flash the ISO to USB:
- Insert USB drive (8GB+)
- Open Rufus
- Select the USB drive
- Select the Ubuntu ISO
- Click Start
- Wait for completion
---
## Step 2: Install Ubuntu Server
**On the HP laptop:**
1. Insert USB drive
2. Power on, press F9 (or F12/ESC) for boot menu
3. Select USB drive
4. Follow installer:
| Screen | Selection |
|--------|-----------|
| Language | English |
| Keyboard | English (US) |
| Install type | Ubuntu Server |
| Network | Use DHCP (auto) |
| Proxy | Leave blank |
| Mirror | Default |
| Storage | Use entire disk |
| Your name | michael |
| Server name | trinity-core |
| Username | michael |
| Password | [your choice] |
| OpenSSH | ✅ Install OpenSSH server |
| Snaps | Skip (none needed) |
5. Wait for install to complete
6. Remove USB, reboot
---
## Step 3: First Boot — System Update
SSH in from your main PC, or use the laptop directly:
```bash
sudo apt update
```
```bash
sudo apt upgrade -y
```
```bash
sudo reboot
```
---
## Step 4: Install Cockpit (Web Management)
```bash
sudo apt install cockpit -y
```
```bash
sudo systemctl enable --now cockpit.socket
```
**Access:** https://[laptop-ip]:9090
**Login:** michael / [your password]
---
## Step 5: Configure UFW Firewall
```bash
sudo apt install ufw -y
```
```bash
sudo ufw default deny incoming
```
```bash
sudo ufw default allow outgoing
```
```bash
sudo ufw allow 22/tcp
```
```bash
sudo ufw allow 9090/tcp
```
```bash
sudo ufw enable
```
```bash
sudo ufw status
```
**Expected output:**
```
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
9090/tcp ALLOW Anywhere
```
---
## Step 6: Install fail2ban
```bash
sudo apt install fail2ban -y
```
```bash
sudo systemctl enable fail2ban
```
```bash
sudo systemctl start fail2ban
```
```bash
sudo fail2ban-client status
```
---
## Step 7: Configure Lid Switch (Shelf Mode)
Edit the config:
```bash
sudo nano /etc/systemd/logind.conf
```
Find and uncomment/change this line:
```
HandleLidSwitch=ignore
```
Save (Ctrl+O, Enter, Ctrl+X), then:
```bash
sudo systemctl restart systemd-logind
```
**Test:** Close the lid — laptop should stay on.
---
## Step 8: Install Docker
```bash
sudo apt install ca-certificates curl -y
```
```bash
sudo install -m 0755 -d /etc/apt/keyrings
```
```bash
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
```
```bash
sudo chmod a+r /etc/apt/keyrings/docker.asc
```
```bash
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
```
```bash
sudo apt update
```
```bash
sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
```
Add yourself to docker group (no sudo needed for docker commands):
```bash
sudo usermod -aG docker michael
```
**Log out and back in**, then test:
```bash
docker run hello-world
```
---
## Step 9: Install Node.js (for MCP development)
```bash
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
```
```bash
sudo apt install nodejs -y
```
```bash
node --version
```
```bash
npm --version
```
---
## Step 10: Verify Installation
Run these checks:
```bash
echo "=== System ===" && uname -a
```
```bash
echo "=== Cockpit ===" && systemctl status cockpit.socket --no-pager
```
```bash
echo "=== UFW ===" && sudo ufw status
```
```bash
echo "=== fail2ban ===" && sudo fail2ban-client status
```
```bash
echo "=== Docker ===" && docker --version
```
```bash
echo "=== Node ===" && node --version
```
---
## Phase 1 Complete Checklist
- [ ] Ubuntu Server 24.04 installed
- [ ] SSH working from main PC
- [ ] System updated
- [ ] Cockpit accessible at :9090
- [ ] UFW configured (22, 9090 only)
- [ ] fail2ban running
- [ ] Lid switch ignored (shelf mode)
- [ ] Docker installed and working
- [ ] Node.js 20.x installed
**Next:** Phase 2 — SSH Infrastructure
---
**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️
Reference in New Issue View Git Blame Copy Permalink