New Server Checklist

Written By: Jake Bauer | Posted: 2020-07-12 | Last Updated: 2020-07-12

Setting up a new server is a really simple and straightforward process for me. As of right now, I pretty much exclusively use Debian servers for their stability, readily-available support, and package availability and this is what I do to set up a new server:


sudo apt update && sudo apt -y upgrade && sudo apt install \
    tmux htop vim postfix qemu-guest-agent unattended-upgrades nftables \
    && sudo apt --purge autoremove vim-tiny nano iptables

Static IP Example

allow-hotplug <interface>
iface <interface> inet static
    address 10.0.0.{2..254}

Base nftables Configuration

#!/usr/sbin/nft -f

flush ruleset

table inet filter {
    chain INPUT {
        type filter hook input priority 0; policy drop;
        ct state { established, related } accept
        ct state invalid drop
        iif "lo" accept
        tcp dport {56022} accept
        ip protocol icmp limit rate 1/second accept
        counter packets 0 bytes 0 drop
    chain OUTPUT {
        type filter hook output priority 0; policy accept;
        counter packets 0 bytes 0 accept
    chain FORWARD {
        type filter hook forward priority 0; policy drop;
        counter packets 0 bytes 0 drop

This is my sixty-eighth post for the #100DaysToOffload challenge. You can learn more about this challenge over at