====== Setup ======
===== Server Setup =====
  * Login to the server via SSH as root
  * Install sudo, create the main user, and add him to the sudoers group<code># apt install sudo
# adduser <user>
# vi /etc/group (add <user> to line "sudo:x:27:<user>")</code>
  * (VPS) change the machine name:<code>sudo edit /etc/hostname
sudo edit /etc/hosts</code>
  * enable //force_color_prompt=yes// in file ''~/.bashrc''
  * copy ''/home/user/.bashrc'' to ''/root'' and modify PS1 prompt color (//32m// --> //31m//)

===== Security =====
  * Configure [[deb9:ssh|SSH Access]]
  * Install [[deb9:ufw|UFW Firewall]]
  * Disable root login by changing file ''/etc/passwd'' from line 1 to line 2<code>root:x:0:0:root:/root:/bin/bash
root:x:0:0:root:/root:/sbin/nologin</code>

===== Install and configure packages =====
  * Additional packages<code>$ sudo apt update
$ sudo apt install vim
$ sudo apt install zip
$ sudo apt install rename
$ sudo apt install rsync
$ sudo apt install openjdk-17-jre openjdk-17-jdk</code>
  * Change visudo editor<code>$ sudo update-alternatives --config editor</code>

===== System Startup =====
Debian 11 uses Systemd, not SysV, that's why your commands in ''/etc/rc.local'' file would not run at system boot time. This guide explains how to enable ''/etc/rc.local'' script to run on system startup.
  - Create a rc.local unit file, follow [[deb10:rclocal|Services - rc.local]]
  - Create file rc.local in /etc with the following content:<code>vim /etc/rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
exit 0</code>
  - Add execute permissions and start daemon:<code>chmod +x /etc/rc.local
systemctl daemon-reload
systemctl start rc-local
systemctl status rc-local

● rc-local.service - /etc/rc.local Compatibility
   Loaded: loaded (/lib/systemd/system/rc-local.service; static; vendor preset: 
  Drop-In: /lib/systemd/system/rc-local.service.d
           └─debian.conf
   Active: active (exited) since Sun 2019-05-05 10:55:29 +07; 11min ago
  Process: 1443 ExecStart=/etc/rc.local start (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 4915)
   CGroup: /system.slice/rc-local.service
</code>

  * [[https://www.linuxbabe.com/linux-server/how-to-enable-etcrc-local-with-systemd|How to Enable /etc/rc.local with Systemd]]
  * [[https://stackoverflow.com/questions/44797694/where-is-rc-local-in-debian-9-debian-stretch|Where is rc.local in Debian 9 (Debian Stretch)]]

===== System Shutdown =====
  - Put a symbolic link to the script to be run at shutdown into /lib/systemd/system-shutdown

  * [[https://unix.stackexchange.com/questions/347306/how-to-execute-scripts-in-usr-lib-systemd-system-shutdown-at-reboot-or-shutdow|How to execute scripts in /usr/lib/systemd/system-shutdown/ at reboot or shutdown?]]
  * [[https://opensource.com/life/16/11/running-commands-shutdown-linux|How to run commands at shutdown on Linux]]