How do I run DietPi-Software and install optimised software items?
To install any of the DietPi optimised software items listed below run from the command line:
Choose Browse Software and select one or more items. Finally select
DietPi will do all the necessary steps to install and start these software items.
To see all the DietPi configurations options, review the DietPi Tools section.
Let’s Encrypt is a free SSL certificate provider. Certbot is the official client to apply Let’s Encrypt SSL certificates to your webserver. This will allow you to have
https:// (encrypted and authenticated) access to your websites.
To use Certbot you need:
- A working Apache2, Nginx or Lighttpd webserver
- A URL/domain (e.g.:
mysite.org). No-IP can be used for a URL/domain that points to your device.
- Ports 80 and 443 (TCP) need to be forwarded to your device. This is typically set within your router.
Keep port 80 open for Certbot renewal
Even when you use only HTTPS on port 443, Let’s Encrypt requires port 80 to stay opened for certificate renewals (in your router’s forwarding functionality).
Create and apply your cert¶
Once Certbot has been installed from
dietpi-letsencrypt to configure, create and apply your SSL certificate:
Simply enter the details and settings you require, then select
Let’s Encrypt is that simple!
Fail2Ban protects your system from brute-force attacks by banning the source IP address.
We have enabled detection for SSH servers (OpenSSH and Dropbear), however, Fail2Ban also supports additional software.
An IP address is by default ban triggered after 3 failed SSH login attempts. Fail2Ban will ban the source IP address for 10 minutes.
The status can be checked with these commands:
fail2ban-client status sshd fail2ban-client status dropbear
Fail2Ban supports brute-force protection for other software (e.g. Apache, ProFTPD etc).
You can enable/disable these features by modifying the /etc/fail2ban/jail.conf file, and setting
enable = true under the [software] name.