Installing Lifeboat

When connecting to a server, Lifeboat will perform a check for the components it needs to manage the server. Lifeboat will request permission to install components on the server if necessary. This can sometimes happen after updating to a new Lifeboat version if new tools have been added.

Lifeboat will check privileges for the user account provided by the connection credentials. The user must be in the server sudoers file to install and manage software. Linux instances from major cloud service providers always have this pre-configured.

Installing Lifeboat components on the server for the first time may take several minutes.

Best Practice for Using Lifeboat

Lifeboat is intended to be the only server management software controlling the configuration. Other control software may interfere with the operation of Lifeboat, including pre-built software stacks from cloud providers.

During the installation process Lifeboat will stop and disable Apache and/or lighttpd if either is installed. These web servers prevent Lifeboat from starting up and operating nginx.

When trying out Lifeboat, please do not test on your existing web server. For best results use Lifeboat with a fresh VPS instance from one of the regularly tested service providers.

Security

Lifeboat installs firewall software named ufw (Uncomplicated Firewall). Initially, Lifeboat configures ports 80 and 443 open for inbound web requests and opens the currently active SSH port. All other inbound ports are closed. To protect the server from brute-force attacks, Fail2Ban intrusion prevention software is installed.

Lifeboat can also assist developers in disabling ssh password authentication to add an additional layer of security. This can be found in the Server Tools section under Security > Authentication.

Home Folder

Lifeboat sets up a base camp folder in the home folder for the user account provided to connect.

~/.com.strawberrysw.Lifeboat/

This folder is considered invisible on Unix systems. When using other software to access the server, it may be necessary to use "Show Invisibles" to see the Lifeboat folder.