Setting up my new dedicated server at Hetzner

Mostly notes to self.

We're using Debian 12, because it's what I'm most comfortable with and, more importantly, it's boring and sta—

Very cool.

History

First thing we do is set eternal history:

# Eternal bash history.
# ---------------------
# Undocumented feature which sets the size to "unlimited".
# http://stackoverflow.com/questions/9457233/unlimited-bash-history
export HISTFILESIZE=
export HISTSIZE=
export HISTTIMEFORMAT="[%F %T] "
# Change the file location because certain bash sessions truncate .bash_history file upon close.
# http://superuser.com/questions/575479/bash-history-truncated-to-500-lines-on-each-login
export HISTFILE=~/.bash_eternal_history
# Force prompt to write history after every command.
# http://superuser.com/questions/20900/bash-history-loss
PROMPT_COMMAND="history -a; $PROMPT_COMMAND"

Log out, log in, off we go.

The basics

Set the hostname:

hostnamectl set-hostname big.bsky.sh
vi /etc/hosts
hostnamectl

There is only ever one timezone:

timedatectl set-timezone UTC

Enable backports (Debian only):

vi /etc/apt/sources.list

Various tweaks:

echo '* soft nofile 10000000' >> /etc/security/limits.conf
echo '* hard nofile 10000000' >> /etc/security/limits.conf
echo 'fs.file-max=10000000' >> /etc/sysctl.conf
echo 'vm.swappiness=10' >> /etc/sysctl.conf
echo 'kernel.panic=1' >> /etc/sysctl.conf

# Debian only
vi /etc/default/grub
GRUB_TIMEOUT=3
update-grub

Install the latest kernel (Debian only):

apt install -t bookworm-backports linux-image-amd64 linux-headers-amd64

Install all the packages:

apt -y install sudo git mosh btop tmux build-essential unzip vim ncdu less curl sqlite3 htop python3.11-dev python3.11-full gnupg apt-transport-https lsb-release wget postgresql-common
apt -y install sudo git mosh btop tmux build-essential unzip vim ncdu less curl sqlite3 htop python3.12-dev python3.12-full gnupg apt-transport-https lsb-release wget postgresql-common

Install Postgres:

/usr/share/postgresql-common/pgdg/apt.postgresql.org.sh
apt install postgresql-server-dev-16 libpq-dev postgresql-16 postgresql-client-16

Recreate the default DB cluster with sensible defaults:

systemctl stop postgresql
pg_dropcluster 16 main --stop
pg_createcluster 16 main --start -- -E UTF8 --no-locale -n
systemctl start postgresql.service

Install Timescale:

echo "deb https://packagecloud.io/timescale/timescaledb/ubuntu/ $(lsb_release -c -s) main" | sudo tee /etc/apt/sources.list.d/timescaledb.list
wget --quiet -O - https://packagecloud.io/timescale/timescaledb/gpgkey | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/timescaledb.gpg
apt update
apt install timescaledb-2-postgresql-16 timescaledb-tools
timescaledb-tune --quiet --yes
systemctl restart postgresql.service

Other useful tools:

# Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
. "$HOME/.cargo/env"
# fnm
curl -fsSL https://fnm.vercel.app/install | bash
source /root/.bashrc
fnm install --lts
# Bun
curl -fsSL https://bun.sh/install | bash
source /root/.bashrc
# uv
curl -LsSf https://astral.sh/uv/install.sh | sh

More tweaks:

systemctl set-default multi-user.target
systemctl mask graphical.target

systemctl edit postgresql@16-main.service

[Unit]
After=network.target

Check on the disks:

smartctl -a /dev/nvme0n1
smartctl -a /dev/nvme1n1
# ```