No description
- Shell 58%
- HCL 18.6%
- Dockerfile 15.7%
- Makefile 7.7%
| caddy | ||
| docs | ||
| etc/ssh | ||
| forgejo | ||
| immich | ||
| linkwarden | ||
| offline-notion@21326cd93a | ||
| openbao | ||
| outline | ||
| tofu-infra | ||
| vaultwarden | ||
| .env.example | ||
| .gitignore | ||
| ARCHITECTURE.md | ||
| ARCHITECTURE.puml | ||
| BACKUPS.md | ||
| docker-compose.yaml | ||
| Makefile | ||
| README.md | ||
| source.sh | ||
Hetzner Auction Ubuntu 24.04 Server
Config and helpers for a Hetzner auction server running Ubuntu 24.04.
See all the services @ ARCHITECTURE.md.
Set Up
1. SSH config: /etc/ssh/sshd_config
This is a hardened OpenSSH server config. It:
- Disables root SSH:
PermitRootLogin no - Key-only auth: password and keyboard-interactive are off; only
PubkeyAuthenticationis used - Restricts login:
AllowUsers server - Keeps PAM for account/session handling
- Disables X11 forwarding because I don't need it and ChatGPT suggested it
Services
From the Internet
| Service | Port | Subdomain |
|---|---|---|
| Vaultwarden | 2407 | pw.yongbeom.net |
| OpenBao | 2408 | bao.yongbeom.net |
| Immich | 2409 | photos.yongbeom.net |
| Forgejo | 2410 | git.yongbeom.net |
| Forgejo SSH | 222 | git@git.yongbeom.net (SSH) |
Mine
| Service | Port | Subdomain |
|---|---|---|
| Offline Notion (TODO) | 3404 | notion.yongbeom.net |
| Lobster | 3405 | lobster.yongbeom.net |
Senpailearn
| Service | Port | Subdomain |
|---|---|---|
| Hydragen (V2) (TODO) | 3504 | hydragen.senpailearn.com |
Service removal runbooks: