Basic Ubuntu Server Installation

This is Part I (the boring part) of my Ubuntu Home Server install.

Other parts can be found at:

Home Server With Ubuntu

For anyone who’s installed Ubuntu Server before, there’s not much here for you. I’m putting this here for anyone starting out with Ubuntu and for the sake of completeness.

Also, my 1st warning: this is the setup I think will serve me best for my particular situation. It may not be the best for you, and, while it’s somewhat redundant, it certainly isn’t “enterprise-grade.” You were warned 😉

In the steps below, anytime you see something in brackets, replace it with the correct value for your system, without the brackets.
For example, if you see:
ssh [username]@[ip address]
You should really enter something like:
ssh me@192.168.1.1

Why Ubuntu?

All the major Linux distros are awesome. You really can’t go wrong! For servers, I’ve typically gone with Centos in the past (and on this Ubuntu server will be many Centos virtual machines). However, there is one reason I’ve decided to go with Ubuntu in this instance: ZFS. Ubuntu has ZFS baked in, whereas Centos and Fedora require recompilation of kernel modules after major OS upgrades. Since I want this box to be as turnkey as possible (if it goes down, my internet will go down as well), Ubuntu it is!

Installation

First, download the Ubuntu Server iso from Ubuntu. I’ll be using the 18.04 LTS release, since I prefer to stick to LTS releases for critical infrastructure.

https://ubuntu.com/download/server

Next, either burn the iso to a DVD or image it to a flash drive. If you use the flash drive method, I recommend Fedora Media Writer. It’s available for Windows, MacOS, and Linux, and will image pretty much any Linux distro to USB.

https://getfedora.org/en/workstation/download/

Once you’ve got a bootable DVD or flash drive, boot from it. Most servers and workstations will tell you which key to press on the keyboard to get to your BIOS/UEFI boot menu.

After booting, choose *Install Ubuntu Server.

Choose your language.

Choose your keyboard layout.

Choose Install Ubuntu.

I’m going to use DHCP for now and set static IP later when I configure the virtualization networks for KVM. If you need to configure a static IP, you can do so here.

If you use an internet proxy, set it here.

Choose the default Ubuntu mirror.

I prefer to use LVM in case I need to resize partitions in the future.

I’ll be using one SSD as a boot volume. Choose whichever drive you’ll be booting from. I’ll be using all of the rest of the drives for ZFS, so I’ll leave them as they are for now.

By default, Ubuntu will only use 4GB of your drive for the root partition. Since all of my other data will live my ZFS volumes, I’ll expand the volume to use the whole 1TB.

To change the size of the root volume, use the down arrow to chose “ubuntu-lv,” press Enter, then choose “Edit.”

Ubuntu will helpfully tell you the max size you can set the partition to. Enter that number and choose “Save.”

Choose “Done.”

Let Ubuntu know your name, your computer’s name, the username you’d like to use, and the password you’d like to use.

You now have the option of installing a secure shell server. This will allow you to log in remotely. I’ll be installing this.

You also have the option of installing some other services. You can always install these later. I’ll be skipping them and just choosing “Done.”

When the installation has finished, choose “Reboot Now.”

Remove the bootable DVD or flash drive and press Enter.

Log In

Once the server has rebooted, you can log in to the server itself or via SSH (if you installed SSH).

If you need to find out your server’s IP address for SSH, log in via the console and run the following:

ip address

Then on the computer you are using to SSH into the server run:

ssh [username]@[ip address]

Updates

Before anything else, let’s make sure everything is up-to-date.

sudo apt upgrade

Once that has completed, you may need to reboot.

sudo reboot

KDE On a Server?

Let’s get right to it: it’s not considered security-wise to install a GUI on a server. However, I’ll be using things like Handbrake and Virtual Machine Manager, so I’ll be putting on KDE. To add a bit of security and save memory, I’ll manually start KDE when I need it.

To install just the very minimum of KDE (you can always add the other bits later), run:

sudo apt install kubuntu-desktop --no-install-recommends

I’m also going to install a couple other KDE apps to make my life easier. KDE’s Konsole terminal and the dolphin file manager:

sudo apt install konsole dolphin

If you want all of KDE, and have it start be default, you can simply run this instead:

sudo apt install kubuntu-desktop

If GNOME is more your thing, you can install it with:

sudo apt install ubuntu-gnome-desktop

If you install just the minimum KDE, your server will still boot in console mode. To start KDE, simply log in and run:

startx

Since I’ll often want to use the UI remotely, I’m also going to install a package called xrdp. This will serve a desktop over the RDP protocol so I can get a desktop remotely:

sudo apt install xrdp

This will install xrdp, configure the service to start automatically, and start the service. Once it’s finished, you can connect to your server’s IP address via any remote desktop app and use the same username and password you use to log in locally.

4 thoughts on “Basic Ubuntu Server Installation”

  1. Greetings! Quick background to my experience level; been running Linux as my daily driver for years but always too busy and had other priorities to mess with a steady home server. Enthusiastically played with Linux in my teen years, but now i’ve been pretty out of touch technologically and haven’t tinkered with anything in years — I adopted a “set it and forget it” mentality with my Linux laptop installation, because just too busy. Case in point, I only just updated to 16.04 LTS in 2019 haha and that was due to needing updated packages. So please forgive me if I am a little clueless here and there.

    Now I’m super motivated to get a server going (cobbled together a franken-server and going with Ubuntu for ease of setup) because I really would like to host my own services rather than relying on providers with agendas and fine-print ToS’. FFS I can’t even find a good (and well priced) encrypted cloud storage provider that is trustworthy. Trying to get off of pCloud at the moment. Anyhow I have been contemplating my backup & storage choices between lvm, raid, jbod etc etc. Then I remembered seeing a post or article about ZFS gaining major traction on Ubuntu in 2019. Finally getting to my point now…

    My greatest concerns are stability, application/workload compatibility and robustness as far as the ZFS-Linux integration is concerned…I haven’t talked to anyone who has run a ZFS Linux server with a complex software and I/O load on top of it. For my case, in addition to being a standard file/media/print/web server, I’m also planning to host our own family cloud (Nextcloud), password manager (BitWarden) and a VM farm for educational/computational/playing-around purposes. Maybe even a minecraft server for my son and God only knows what else I will find to throw on there.

    Soooooo I’m expecting 70 – 90% of that to be encrypted and I guess that’s one of the things that makes me nervous. I’m also concerned about how much I/O happens with the various databases and VMs. Especially in light of the incredible awe-inspiring features of RAIDZ. I guess I’m incredulous that ZFS would be able to handle the intersection of all the potential edge-cases and still retain its integrity without dropping the ball. After all, OpenZFS on Linux is still considered “experimental” so I guess I’m a little scared something will go wrong and it will snowball into a giant meltdown of a situation that will require a lot of my time and attention.

    After over a year of running it, do you feel you can speak to any of my concerns? Are you running any of the services I plan to run? Are you utilizing one or more forms of encryption across your installation? If so, do you mind sharing your crypto setup? Have you tried running filesystem-level encryption (through ZFS itself) and also having other encrypted volumes running on top of that? Like I said I will do Nextcloud and I’ve considered having separate encrypted “vaults” (I hear Cryptomator is a handy quick tool) to compartmentalize certain private or sensitive information a la TrueCrypt “hidden volumes.” On that note I’ve also been meaning to check out VeraCrypt.

    Anyways!! I’m curious about your experience, about how performance holds up and if ZFS-on-Linux with RAIDZ can really maintain bit for bit integrity under these and more complicated scenarios. Feel free to shoot an e-mail instead if there are things you don’t want to post publicly such as your encryption scheme.

    Many thanks for reading and I sincerely apologize for dumping an essay in your comment section.

    Blessings

    Udi

    1. Hi Udi! Thanks for your reply. Always great to meet another Linux fan 🙂

      So far I’ve found ZFS on Linux to be remarkably stable. I haven’t run into any issues other than some performance tweaks I needed to make:

      zfs set xattr=sa [pool]/[filesystem]
      zfs set atime=off [pool]/[filesystem]
      zfs set compression=lz4

      (more info here: https://www.shernet.com/linux/zfs-on-ubuntu-server/)

      I’m currently running:
      Plex Media Server (recorded and live TV streaming)
      8 virtual machines (using KVM) including a web server, router, and some app servers
      Windows & NFS file sharing

      It’s a fairly good mix of random and sequential I/O and I get pretty decent speeds out it, especially with the SSD read and write caches. Based on the services you are looking to run, I don’t see any reason why ZFS wouldn’t be a great option, so long as you have sufficient hardware behind it! One thing to know about ZFS is that it’s very RAM intensive since all writes are cached in RAM before they are written to disk (even with a write cache).

      I haven’t used ZFS encryption yet, but my understanding is that is it working great on Ubuntu 20.04 (I’m still on 18.04). Instead, I’m just using LUKS encryption on the root partition of any sensitive virtual machines I’m running. I would suggest enabling encryption on the individual ZFS filesystems that need it, rather than on the whole pool.
      Something like this:
      zpool:
      data (unencrypted)
      |
      — filesystems:
      — data/media (unencrypted)
      — data/secretstuff (encrypted)

      Other than that I’m a big fan of cryfs (https://www.cryfs.org/) which can be used standalone or as part of Plasma Vaults for anything you are syncing to the cloud.

      I hope that helps! Please let me know if there’s anything else I can help with and how your install goes!

      -Adam

      1. Thanks for the reply Adam 😁 Oops I thought I made this comment on your ZFS post 😅😅 I did indeed scan through it

        Hmm I am a bit cramped on RAM…the MB I am running is from my old Core 2 Duo build from back in the day, and it limits me to 8 GB for now. I guess I will find out how much it bottlenecks me. I have a random assortment of 7200 rpm drives in there right now. My first priority is to assemble an external backup solution before I can upgrade those drives.

        I’m honestly not sure if I want to leave anything unencrypted but I do understand it will add overhead. I might do a test run with most stuff encrypted and see how it fares.

        I haven’t checked out cryfs so thanks for the heads up! I’m going to format and get something running this weekend so I can at least ditch the monitor and plug away at it via ssh as I have time

        I commend you for running a router on your server, that is a level of responsibility I’m not willing to shoulder for my household lol. I have been buying commercial routers and flashing them with the Tomato router firmware. I enjoy having the slick web interface personally for network setup and management. I’ve definitely thought about rolling my own setup though.

        Anyways thanks so much for the insights and sharing your experience

        Many blessings

        Udi

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.