The first thing that is required is a Debian machine - this can be physical or virtual.
- Install the operating system via usual mechanism (e.g., netboot CD, ISO in VMware/VirtualBox or the DVD image.
- Choose the following server install options: "Debian desktop, SSH server, Standard system utilities”.
- Create/choose a secure root password and an initial system user account.
- Once installed, make sure you run an
apt-get update and
apt-get upgrade to ensure your system is fully up to date.
We would recommend using LVM when disk partitioning to allow easier partition/disk expansion on a live system.
After install, you will want to secure/lockdown the server as best practice dictates - for both the server and any extra software installed. This is beyond the remit of this guide but there are many guides available that provide information on securing your Debian servers and applications.
Next, there are a few Debian configuration options that need to be set in advance.
For production deployments, it is recommended that the machine be assigned a static IP address.
The following ports are required to be accessible from the outside world, both in the local firewall and in any external firewalls:
- 2083/tcp (for RadSec connections to other Moonshot entities)
- 12309/tcp (for Trust Router client connections - if using the Trust Router to broker trust relationships between entities)