HACKER Q&A
📣 eigenvalue

Share your new devbox setup process. My own setup is included here


I recently spent quite a long time figuring out how to automatically set up a freshly provisioned cloud server running Ubuntu 22 to replicate my preferred setup for a new dev box. I ultimately decided on using Ansible, which was fairly easy to learn and which has made everything a lot easier. I've also learned over the last couple years of programming which particular tools and customizations I like the most, and all of that knowledge is encapsulated in this setup process.

I thought I'd share this with the HN community. You can find detailed instructions that assume little knowledge other than basic linux commands here: https://pastebin.com/097HtFuq . The instructions include links to the playbook itself ( https://pastebin.com/pQxd8Lbp ) and my custom zsh (replacement for bash) config file ( https://pastebin.com/DiJGwfae ).

My purpose in sharing is twofold:

1) I think it would be helpful for people who are doing dev work that involves remote machines but who haven't taken the time to customize their setups and don't want to spend days digging into this stuff, and

2) I was hoping that others in the community could share their own setup scripts for new dev boxes (obviously stripped of any identifying details or secrets) and we could swap tips and tricks. Obviously, all of this stuff comes down to individual preference, and I don't want to rehash ancient flamewars about what is the best shell or the like, but I think it could be really handy to hear what other people have done, particularly those with decades of experience compared to my own modest few years of Linux use.

  👤 adrinux Accepted Answer ✓
I find the fundamental problem with this sort of server setup script/config management is that they inevitably get quite personal. Nobody really wants to use another devs and when you try to allow for a lot of customisation they tend get byzantine and complex.

That said I still think it's worth sharing. If nothing else we can all usually cherry pick nice ideas from each other.

I had an entirely private set of Ansible roles I'd cobbled together that I started to put in a more shareable state a couple of years ago. It has little overlap with what you're putting together, but I do think you might find the way it separates personal Ansible config and the main project roles into separate directories (and thus different git repos) useful.

I really need to dust off my project and get it to a releasable state this year [momod](https://github.com/adrinux/momod).

I assume you've come across the many similar projects like [Sovereign](https://github.com/sovereign/sovereign), [Mistborn](https://gitlab.com/cyber5k/mistborn) and [HomelabOS](https://gitlab.com/NickBusey/HomelabOS) to name 3.

👤 eigenvalue
To add to the above, I also found a great "two liner" that sets up a docker container that spawns a security system called SLIPS that automatically detects and blocks suspicious network traffic in real time, without too much resource usage:

``` mkdir /home/ubuntu/dataset docker run -it --rm --net=host -v $(pwd)/dataset:/StratosphereLinuxIPS/dataset --cap-add=NET_ADMIN --name slips stratosphereips/slips:latest ./slips.py -c config/slips.conf -i eth0 -p ```