A complete, production-ready setup guide for Ubuntu 24.04 LTS with security-first architecture, Python data science environment, and web-based development tools.
This guide sets up a secure Ubuntu server with:
- 🔒 Security: Tailscale VPN + nftables firewall + fail2ban
- 💻 Development: VS Code Server + JupyterLab
- 📊 Data Science: Python 3 + NumPy, Pandas, scikit-learn, PyTorch
- 🖥️ Management: Cockpit web interface
- 📁 File Sharing: Samba (Windows/Mac/Linux)
- 💾 Backups: Automated hourly backups (15-day retention)
All services accessible only via Tailscale VPN - Zero public exposure!
| Service | Port | Access |
|---|---|---|
| VS Code Server | 8080 | Browser-based IDE |
| JupyterLab | 8888 | Interactive notebooks |
| Cockpit | 9090 | Server management UI |
| Samba | 445 | File sharing |
# 1. Fresh Ubuntu 24.04 LTS installation
# 2. Follow **Linux Server Full Config.txt** step-by-step
# 3. Access your services via Tailscale VPNInstallation time: ~30 minutes
- Linux_Server_Configuration.txt - Full server setup documentation (Complete step-by-step guide)
- All commands are copy-paste ready
- Includes troubleshooting section
- Security hardening recommendations
✅ Tailscale zero-trust VPN (WireGuard encryption)
✅ nftables firewall (blocks all public internet traffic)
✅ fail2ban intrusion prevention
✅ No public SSH access
✅ Automated backups
✅ Automatic security updates
Important: Enable 2FA on your Tailscale account!
- Ubuntu 24.04 LTS (fresh install recommended)
- Root or sudo access
- Tailscale account (free at tailscale.com)
- Basic Linux command line knowledge
Security: Tailscale, nftables, fail2ban
Development: VS Code Server, JupyterLab, Python 3
Management: Cockpit, Cockpit Navigator, Cockpit Files
File Sharing: Samba
Backups: Timeshift with automated scripts
Data Science: NumPy, Pandas, Matplotlib, Seaborn, scikit-learn, PyTorch
- Personal data science workstation
- Remote development environment
- Home lab server
- Secure research environment
- Private cloud storage
- Machine learning projects
- Change all default passwords before use
- Enable 2FA on your Tailscale account (critical!)
- Test in non-production environment first
- Review security recommendations in INSTALLATION.txt
Found an issue or have improvements?
- Open an issue on GitHub
- Submit a pull request
- Share your feedback
MIT License - Free to use, modify, and distribute.
See LICENSE file for full license text.
Built with open-source tools:
- Tailscale - Zero-trust VPN
- code-server - VS Code in browser
- JupyterLab - Interactive computing
- Cockpit - Server management
- Check Linux Server Full Config.txt troubleshooting section
- Review security recommendations
- Open GitHub issue for bugs/questions
# Check all services status
systemctl is-active nftables tailscaled cockpit.socket smbd jupyter code-server@$USER fail2ban
# View your Tailscale IP
tailscale ip -4
# Monitor firewall
sudo journalctl -kf | grep "nft-drop"
# Check backups
sudo timeshift --list
# View fail2ban status
sudo fail2ban-client statusMade with ❤️ for secure, private development environments