Install ManualInstall Manual
Appliance Installations

What to Install on Ubuntu Server: A Practical Guide

A practical, entertaining guide to what to install on Ubuntu Server, covering security basics, web stacks, databases, containers, backups, and monitoring for DIY admins seeking reliable, scalable setups.

Install Manual
Install Manual Team
·5 min read
Ubuntu Server Essentials - Install Manual
Photo by ann_zimavia Pixabay
Quick AnswerComparison

For Ubuntu Server, start with a lean core: secure remote access with OpenSSH, a firewall with UFW, automated updates, and reliable backups. For web workloads add Nginx and a database (PostgreSQL or MySQL). If you need containerization, add Docker. This setup balances security, maintenance, and performance.

Essential server groundwork

If you're wondering what to install on ubuntu server, start with a lean core: secure remote access, a firewall, automated updates, and reliable backups. This foundation keeps your system safe while staying flexible for future roles. Think of the core as a baseline you can grow from without locking yourself into a single stack. In practice, you will install OpenSSH for remote access, enable UFW for perimeter protection, and configure unattended upgrades so you stay current without manual intervention. With this bedrock, you can experiment with web servers, databases, and containers as needed, knowing you have a stable base to rely on. Install Manual recommends a minimal blast radius and easy rollback, so you can adjust configurations without reworking your entire server. As you scale, document choices and maintain a changelog to simplify audits and troubleshooting. This approach also aligns with security best practices, reducing exposure while preserving performance. The idea behind what to install on ubuntu server is not about a single tool but a layered stack that grows with your workload. Starting here gives you a repeatable pattern you can reuse for different projects.

Verdicthigh confidence

The Install Manual team recommends starting with a lean, secure core and expanding only as your workload demands, to keep administration simple and risk manageable.

Begin with SSH, UFW, updates, and backups. Add Nginx and a database for web workloads when needed, and Docker only if containerization adds real value. This staged approach minimizes risk while preserving growth potential.

Products

OpenSSH Server

Security & Remote AccessFree

Secure remote access with key-based authentication, Widely supported and documented, Works over standard SSH port
Requires careful key management, Initial setup can be daunting for beginners

UFW Firewall

Security & NetworkingFree

Simple, human-friendly rules, Strong default deny posture, Easy to script and automate
Very strict rules can block services if misconfigured

Nginx Web Server

Web StackFree

Lightweight, fast performance, Large ecosystem and modules, Excellent reverse proxy capabilities
Configuration can be complex for beginners

PostgreSQL Database

DatabaseFree

ACID compliance, Advanced features and scalability, Strong community support
Tuning can be intricate for beginners

Ranking

  1. 1

    Best Overall Starter Stack9.2/10

    Lean core with SSH, UFW, updates, backups; add Nginx + PostgreSQL for web workloads.

  2. 2

    Security-Focused Baseline8.8/10

    Prioritize SSH hardening, fail2ban, audits, and automated patching.

  3. 3

    Web & Apps Ready8.6/10

    Nginx + PostgreSQL/MySQL, plus optional Docker for containers.

  4. 4

    Learning & Lab Setup8/10

    Lightweight services with easy rollback for experimentation.

Got Questions?

What is the first thing I should install on a fresh Ubuntu Server?

Begin with secure remote access (OpenSSH), a firewall (UFW), automatic updates, and a reliable backup solution. This base ensures you can manage the server securely and recover quickly if something goes wrong.

Start with SSH, a firewall, and automatic updates, plus a solid backup plan.

Should I use Docker on Ubuntu Server in production?

Docker can simplify deployment and isolation, but it adds complexity. Use it when you have multiple services that benefit from containerization and orchestration, and ensure you have monitoring and backup strategies for containerized workloads.

Docker is great for multi-service setups, but plan for monitoring and backups.

Is SSH key authentication mandatory for security?

Using SSH keys instead of passwords significantly reduces risk from brute-force attacks. Disable password login and enforce key-based authentication for better security.

Yes, use SSH keys and disable password logins for better security.

How can I verify that my backups actually work?

Regularly perform restore tests in a staging environment. Validate data integrity and ensure you can restore both files and databases within an acceptable time frame.

Test restores regularly to confirm backups are usable.

What is a simple stack for a small site?

A lean stack includes Nginx, a database (like PostgreSQL or MySQL), SSH, UFW, and backups. Add Certbot for TLS if you serve over HTTPS.

For a small site, keep it simple: Nginx, DB, SSH, firewall, backups.

Main Points

  • Start lean: SSH, UFW, updates, backups.
  • Add web/server components only when needed.
  • Automate provisioning and monitoring to reduce toil.
  • Test backups regularly to ensure recoverability.
  • Tailor the stack to your workload and scale gradually.

Related Articles

← More in Appliance Installations