set-up-openbsd-server.md (986B)
1 echo "https://ftp.openbsd.org/pub/OpenBSD" > /etc/installurl #Changed in 6.4? 2 syspatch 3 pkg_add vim 4 Add user with `adduser(8)` 5 Change root password 6 Edit /etc/ssh/sshd_config and set PermitRootLogin=no 7 Add mail aliases to /etc/mail/aliases 8 Read `man afterboot` 9 Read `man httpd` and `man httpd.conf`, they're very clearly written 10 Certbot says it doesn't work with OpenBSD, but it really totally does. 11 `pkg_add certbot` then `certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com` 12 (I prefer redirecting all www requests to the root domain) 13 block return 301 14 `rcctl enable httpd` 15 16 # Still to do 17 18 Document Switch to key based auth 19 Read `man mail` 20 Add tmux.conf 21 restart sshd 22 set up pf 23 configure doas 24 Look in /usr/local/share/doc/pkg-readmes for extra documentation. (nextcloud) 25 26 27 NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. (See ntp.org)