install.sh - Server Setup Script for Fedora, RHEL, Amazon Linux, CenOS

Skip the Tedious Server Setup

A bash script that handles the boring security setup so you can get to the actual work. SSH hardening, firewall, SSL automation, and Docker ready to go.

Run this on a fresh server:

curl -sSL https://raw.githubusercontent.com/ronniebasak/install-sh/refs/heads/main/install.sh | sudo bash

Paranoid? View the script first. It's readable bash.

by @HiSohan docs llms.txt

What You Get in 15 Minutes

A Secure Foundation

SSH hardening (custom port, key-only, fail2ban)
Firewall with sensible defaults (UFW)
Automatic security updates
Malware Scanning (ClamAV)

A Deployment-Ready Environment

Docker & Docker Compose
Portainer UI for Docker Management
Nginx Proxy Manager for SSL & Routing
Pre-configured Docker network for easy linking

The Point: This sets up the secure foundation. You still deploy your apps using Portainer, Docker Compose, or your preferred tools. This just removes the painful first step.

Getting Started in 3 Steps

Spin Up Your Server (5 mins)

Get a fresh server from DigitalOcean, Linode, Vultr, or Hetzner.

• Minimum: 2GB RAM, 25GB SSD
• OS: Rocky Linux 9, AlmaLinux 9, or Fedora 39+

Run the Script (10 mins)

SSH into your new server as root and run the command from the top of this page.

You'll be prompted for: SSH port, timezone, etc.

Deploy Your App

Access Portainer at https://your-server-ip:9443 to manage your Docker containers or use Nginx Proxy Manager at https://your-server-ip:81 to route domains.

Why Manual Server Setup Sucks

🔒 Security Checklist Hell

SSH hardening, firewall rules, fail2ban, SELinux. Every tutorial has different steps and half skip important parts.

📚 Documentation Archaeology

Five different guides. Half are outdated. Which SSL method actually works? Time to find out.

⏰ Weekend Time Sink

You wanted to deploy Saturday morning. It's Sunday night and you're still debugging iptables rules.

What Happens When You Skip Security Steps

Skip SSH Hardening

Default port 22, root login enabled...

Result: Bot attacks within hours, server compromised within days.

Skip Fail2ban

Unlimited login attempts...

Result: Brute force attacks succeed, logs flood.

Skip Firewall

All ports open to internet...

Result: Internal services exposed, attack surface maximized.

Skip SSL Automation

Manual certificate management...

Result: Certs expire at 3am, weekend spent fixing HTTPS.

Skip Security Updates

Manual patching, outdated packages...

Result: Known CVEs accumulate, eventual compromise guaranteed.

Skip Malware Scanning

No ongoing threat detection...

Result: Infected files persist, backdoors go undetected.

The Math: Each skipped component increases your attack surface exponentially. Skip a few and you're basically running an intentionally vulnerable honeypot.

Cost Reality Check

The "Enterprise" Way

Ansible Tower: $1,083/mo
AWS Load Balancer: $22/mo
CloudFlare Pro: $20/mo
DataDog monitoring: $15/mo
AWS Fargate: $73/mo

$1,213+/month

The Smart Bootstrap Way

DigitalOcean Droplet: $20/month
This script: $0
SSL certificates (Let's Encrypt): $0
Proxy/LB (NPM): $0
Container Management (Portainer): $0

$20/month

Save $14,316+/year

That's months of developer salary you can spend on features instead.

Who This Is For

Good Fit If You...

🏗️
Have Real Projects: Need databases, background jobs, or persistent storage.
💾
Own Servers Already: Have VPS instances sitting idle or want to use your own hardware.
⚡
Want Predictability: Tired of platform limits, cold starts, and surprise bills.
🎯
Value Independence: Want to run the same setup anywhere without vendor lock-in.

Not Right If You...

📱
Just Host Static Sites: Vercel, Netlify, or GitHub Pages are better for that.
😰
Avoid Terminals: If command lines make you uncomfortable, stick with managed platforms.
💼
Have Enterprise Needs: Need compliance certifications, SLAs, or dedicated support.
🏭
Operate at Massive Scale: Planning for millions of users? Use auto-scaling cloud services.

Help Make This Better

Found a bug? Have a suggestion? Want to see a specific feature? Submit feedback anonymously, or include your email for updates about improvements.

Your Feedback

Name (Optional)

Email (Optional, required for updates)

I'd like to receive occasional updates about install.sh improvements and related tools from @HiSohan. No spam, just useful updates. Unsubscribe anytime.

A Solid Foundation, Not Magic

This script handles the repetitive server security setup so you can focus on building your application. It's the secure foundation that makes deployment easier.