Minimal Debian Server Guide

server / linux

For a start, you can purchase minisforum gk41 or something similar if you don’t have a spare computer.

Download latest netiso.

For flashing use etcher.

1. Debian Installation

  • Perform a minimal installation without GUI
  • Skip tasksel options
  • Use default configuration

System initialization:

  1. Reboot
  2. Login as root

2. Essential Packages

Install the following packages:

# System Management and Security  
apt install unattended-upgrades apt-listchanges ufw

# Remote Access and Management  
apt install openssh-server cockpit tmux lf

# Network Utilities  
apt install curl wget dnsutils inetutils-traceroute

# Containerization and Orchestration  
apt install docker-compose

# File Synchronization  
apt install syncthing

# System Monitoring and Information  
apt install neofetch btop

# Data Processing  
apt install jq

# VPN and Secure Networking  
curl -fsSL [https://tailscale.com/install.sh](https://tailscale.com/install.sh) | sh

3. Autologin Configuration

Create the override configuration:

mkdir /etc/systemd/system/getty@tty1.service.d  
nano /etc/systemd/system/getty@tty1.service.d/override.conf

Add the following content (replace ‘username’ with your actual username):

[Service]  
ExecStart=  
ExecStart=-/sbin/agetty — autologin username — noclear %I $TERM

4. Disable Sleep

Edit the sleep configuration:

nano /etc/systemd/sleep.conf

Add the following lines:

[Sleep]  
AllowSuspend=no  
AllowHibernation=no  
AllowSuspendThenHibernate=no  
AllowHybridSleep=no

5. Sudoers Configuration

Add user to sudoers:

nano /etc/sudoers

Add the following line (replace ‘user1’ with your username):

user1 ALL=(ALL:ALL) ALL

6. GRUB Configuration

Edit GRUB settings:

nano /etc/default/grub

Modify the following lines:

GRUB_TIMEOUT=0  
GRUB_CMDLINE_LINUX_DEFAULT=”quiet consoleblank=0"

Update GRUB and reboot:

update-grub  
reboot

7. Network Configuration

7.1 Tailscale Setup

sudo tailscale up

7.2 Static IP Configuration

Edit network interfaces:

nano /etc/network/interfaces

Add the following configuration:

Figure out your gateway & network interface by typing ip a in terminal. Login into your router and check for DHCP settings. You should find DHCP mast range. Your static ip should be outside of DHCP range.

auto enp3s0  
iface enp3s0 inet static  
address 192.168.2.239  
netmask 255.255.255.0  
gateway 192.168.2.1  
dns-nameservers 1.1.1.1

7.3 Syncthing Configuration

You can run Syncthing either as a root or a normal user. It depends on your use-case. Change GUI listen address in Syncthing config:

nano /root/.config/syncthing/config.xml

Set GUI listen address to 0.0.0.0

7.4 DDNS — Cloudflare

Create a DDNS script:

nano /root/server/ddns.sh

Note: Refer to my Cloudflare DDNS Setup article.

7.5 SSH Configuration

Edit SSH config:

nano /etc/ssh/sshd_config

Change the default port (22) to a desired 4–5 digit number.

Restart SSH service:

systemctl restart sshd

8. Crontab Configuration

Again it depends on your use cases whether to setup crontab as a root or a nomal user.

Set up crontab for root:

su  
crontab -e

Add the following entries:

[@reboot](http://twitter.com/reboot) /usr/bin/syncthing -no-browser -no-restart -logflags=0  
*/5 * * * * /root/server/ddns.sh

9. Docker Setup

Install desired Docker containers. Some basic suggestions include:

  1. Primary Personal Stack:
  • Nextcloud
  • IT tool
  • MariaDB
  • Redis
  • SearXNG
  • Nginx Proxy Manager
  • Portainer

Note: Refer to my Basic Homeserver Docker Setup article.