What
This article provides a practical and minimal initial setup guide for AlmaLinux after a fresh installation, suitable for server environments.
Why
AlmaLinux requires essential system configuration after installation to ensure secure, manageable, and network-accessible operation. These steps establish a solid foundation before deploying any application.
How
Step 1: Change Hostname
hostnamectl set-hostname your-hostname
echo "127.0.0.1 localhost your-hostname" >> /etc/hosts
Step 2: Configure Network (Example: Static IP)
nmcli con mod "eth0" ipv4.addresses 192.168.1.100/24
nmcli con mod "eth0" ipv4.gateway 192.168.1.1
nmcli con mod "eth0" ipv4.dns 8.8.8.8
nmcli con mod "eth0" ipv4.method manual
nmcli con up "eth0"
Step 3: Set Proxy (If Required)
cat <<EOF > /etc/profile.d/proxy.sh
export http_proxy="http://proxy.example.com:8080"
export https_proxy="http://proxy.example.com:8080"
export no_proxy="localhost,127.0.0.1"
EOF
chmod +x /etc/profile.d/proxy.sh
source /etc/profile.d/proxy.sh
echo 'proxy=http://proxy.example.com:8080' >> /etc/dnf/dnf.conf
Step 4: Disable SELinux
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
setenforce 0
Step 5: Update System
dnf update -y
dnf upgrade -y
Step 6: Configure Firewall
systemctl enable --now firewalld
firewall-cmd --permanent --add-service=ssh
firewall-cmd --reload
Step 7: Set Timezone and NTP
timedatectl set-timezone Asia/Tokyo
systemctl enable --now chronyd
Step 8: Create Admin User with SSH Key
useradd adminuser
passwd adminuser
usermod -aG wheel adminuser
mkdir -p /home/adminuser/.ssh
chmod 700 /home/adminuser/.ssh
vi /home/adminuser/.ssh/authorized_keys # Paste public key
chmod 600 /home/adminuser/.ssh/authorized_keys
chown -R adminuser:adminuser /home/adminuser/.ssh
Step 9: Reboot to Apply SELinux Setting
reboot
Conclusion
This minimal setup prepares an AlmaLinux system for secure and reliable server use. It includes hostname configuration, network and proxy setup, system updates, essential tooling, SELinux disablement, and firewall and time settings.
