# Using public IPv4
ssh -i ~/.ssh/my-key.pem ubuntu@3.xxx.xxx.xxx
# Using domain
ssh -i ~/.ssh/my-key.pem ubuntu@site.com# Change host name to domain name
sudo hostnamectl set-hostname site.com
# View hostname
hostnamectl
# Edit hosts file
sudo editor /etc/hosts
# Add domain to first line
127.0.0.1 localhost site.com# Set timezone to match server instance
sudo timedatectl set-timezone America/New_York
# View datetime info
timedatectlThis step is in preparation for routing all Internet traffic through WireGuard.
# Edit this file
sudo editor /etc/sysctl.d/99-sysctl.conf
# Uncomment these lines
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
# Apply changes
sudo sysctl -p
# Output
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1# Update package list
sudo apt update
# Apply updates
# IMPORTANT: At the OpenSSH prompt, select 'Keep local version'
sudo apt upgrade -y
# Remove unneeded packages if prompted
sudo apt autoremove
# Reboot
sudo reboot# Network utility
sudo apt -y install net-tools
# Unbound
sudo apt install dns-root-data
sudo apt autoremove
# WG QR codes as PNG
# Already installed on Ubuntu
sudo apt install qrencodeNO ACTION - The Lightsail-configured defaults are correct. This is here as reference.
# Install
sudo apt install unattended-upgrades
# Edit this file
sudo editor /etc/apt/apt.conf.d/50unattended-upgrades
# Add these rules
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}";
"${distro_id}:${distro_codename}-security";
// "${distro_id}:${distro_codename}-updates";
// "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports";
};