What do you want to see in a minimal template (OpenVZ 7)

2»

Comments

  • DanielDaniel OG
    edited December 2019

    I don't actually like SSH being pre-installed as I'm never sure if the template correctly generates an SSH host key or if every single person that uses the template gets the same key (which would open you up to MitM attacks). Also hard to confirm that the installed OpenSSH version is legit (which is why I always install from ISO on KVM). First thing I do with a template that has OpenSSH installed is purge it then reinstall so I know for sure the key is randomly generated.

    If the minimal image isn't going to be extremely minimal, also add ca-certificates and apt-transport-https please.

    Thanked by (2)notty uptime
  • InceptionHostingInceptionHosting Hosting ProviderOG

    Daniel said: I don't actually like SSH being pre-installed as I'm never sure if the template correctly generates an SSH host key

    There are hooks within (within solusvm anyway) to take care of that, i do however appreciate the comment, it is a valid one that has been an issue in the past, the problem is though that no ssh would baffle and confuse 80% of customers.

    Thanked by (3)jureve uptime vimalware

    https://inceptionhosting.com
    Please do not use the PM system here for Inception Hosting support issues.

  • I'm also a fan of rsync, I would put it on every minimal distro...

  • havochavoc OGContent Writer

    Haven't tried OVZ frankly...sticking to KVM because that's what I know/understand. From that list I'd probably miss:

    tree
    ufw
    htop

  • Maybe what is important is also to have a list of what your minimal templates include so that people know what packages they need when they deploy? You can't satisfy everyone, but at least people can know what they need to install on top of the minimal with a glance.

    Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow

  • Starting with Debian (the only one I really need and know):

    • apt (nothing can be done without)
    • openssh-server (You need to talk to it)
    • nano (default Editor)
    • bash (default command shell)

    If I am not wrong, anything else can then be installed

  • edited December 2019

    @AnthonySmith the Debian 9 install I got from you the other day is awesomely minimal, and I'm very thankful for that. Keeps things clean and simple, plus everything else that might be missing is an apt install away.

    Locales and tmux, easy fix. Run: sudo dpkg-reconfigure locales

    Side effect is the lack of "dialog" being installed was interesting, it was neat to see an unexpectedly minimal screen while apt was setting things up and asking questions. Never came across it before and I learned something new!

    Someone mentioned ssh, that would probably have confused the absolute shit out of me if that was missing! :-P

    Tl;dr: keep it as it is, minimal means minimal. Everything is an apt install away.

    Get the best deal on your next VPS or Shared/Reseller hosting from RacknerdTracker.com - The original aff garden.

  • Yes, Provider should probably add 'sudo, dialog, nano, locales'
    Those are the ones that trip me up when setting up manually on a minimal image.

    I do ssh key regen everytime I spin-up from a template. No point in leaving out openssh-server from minimal.
    Terminal-first UX beats the VNC, then terminal UX.

  • I think debian leaves out sudo by default, I've always had to install sudo if I needed it.

    I love nano, but like curl it's not always available by default.

    I have basically memorized a one liner for apt that I run the first time I hit the terminal.

    Get the best deal on your next VPS or Shared/Reseller hosting from RacknerdTracker.com - The original aff garden.

  • dahartigan said: I love nano, but like curl it's not always available by default.
    I have basically memorized a one liner for apt that I run the first time I hit the terminal.

    Editor flame war? ;) I actually remove nano, doing something like
    apt-get install vim nano-
    (The minus/dash doing a remove)

    (I find it confusing that "vim-tiny" does not provide vim, but just vi ... So, if using vim-tiny or other systems with just vi, I need an alias, as vim is to hard imprinted in my muscle memory by now.) :)

    Thanked by (1)dahartigan
  • DanielDaniel OG
    edited December 2019

    @dahartigan said: I think debian leaves out sudo by default, I've always had to install sudo if I needed it.

    It depends on what you do during setup.

    If you enter a root password, it does not install sudo. However, if you do not enter a root password (just leave the password field blank), it locks the root user, installs sudo, and adds the user account you created during installation to the sudoers group. The latter is my preferred approach - the root user is locked down on all my systems.

    Thanked by (3)flips dahartigan vimalware
Sign In or Register to comment.