29 lines
980 B
Bash
Executable File
29 lines
980 B
Bash
Executable File
#!/usr/bin/env bash
|
|
# One-time VPS prep for a Coolify-managed box (Ubuntu 24.04).
|
|
# Coolify installs Docker + its reverse proxy itself, so we keep this minimal:
|
|
# system update, firewall, base tools. Idempotent. Run as root.
|
|
set -euo pipefail
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
echo "### [1/4] needrestart -> automatic (no interactive prompts)"
|
|
if [ -f /etc/needrestart/needrestart.conf ]; then
|
|
sed -i "s/#\$nrconf{restart} = .*/\$nrconf{restart} = 'a';/" /etc/needrestart/needrestart.conf || true
|
|
fi
|
|
|
|
echo "### [2/4] apt update + upgrade"
|
|
apt-get update -y
|
|
apt-get upgrade -y
|
|
|
|
echo "### [3/4] base packages"
|
|
apt-get install -y curl ca-certificates gnupg lsb-release ufw jq
|
|
|
|
echo "### [4/4] firewall (ufw)"
|
|
ufw allow OpenSSH # 22 - keep our key login alive
|
|
ufw allow 80/tcp # http (Coolify proxy / ACME)
|
|
ufw allow 443/tcp # https (Coolify proxy)
|
|
ufw allow 8000/tcp # Coolify dashboard
|
|
ufw --force enable
|
|
ufw status verbose
|
|
|
|
echo "BOOTSTRAP_DONE"
|