La página personal de Juan Gabriel Covas

Herramientas de usuario

Herramientas del sitio


Juanga's Setup scripts for Enterprise Rocky Linux 9

  • Disable SELINUX
    • Permissive mode is OK, but disabling SElinux can boost performance by 5%
  • Setup datetime sync
  • Setup nano text editor
  • Setup SSH login hardening
  • Setup banner for SSH login
  • Setup CSF firewall (with iptables instead of firewalld)
    • Features LFD (Login Failure Daemon)
  • Setup lighttpd web server
    • Build from sources
    • With unix-sockets for PHP (localhost only)
    • With HTTP/2 and gzip/brotli compression
  • Setup PHP 8 with PHP-FPM
  • Setup Redis
    • With unix-sockets (localhost only)
  • Setup MariaDB 10.6 (the current Long Term Support version)
  • Setup HAProxy 2.6
    • Build from sources
    • As SSL offloading
    • As micro-cache
    • With unix-sockets for lighttpd
    • As envelope for Basic auth
  • Setup certbot for getting SSL through Let's Encrypt
  • Setup sysctl tweaks
  • Setup Limits
  • Setup BEANSTALKD jobqueue
  • Setup ReaR (Relax and Recover)
  • Setup rsnapshot for backups
  • Setup lsyncd for mirroring (almost real-time)
    • Build from sources the latest lsyncd version
linux/enterprise-linux-rocky-9.txt · Última modificación: 27/11/2022 23:24 por Juanga Covas