Provision an Ubuntu VPS and Create a Deploy User

Ahnii! This is part 1 of the Production Linux series . It covers the first steps after creating a new VPS. This post walks you through provisioning a fresh DigitalOcean droplet — from your first root SSH connection to a locked-down baseline with a non-root deploy user, a UFW firewall, and automatic security patches. This covers Ubuntu 24.04 LTS only; the commands assume a clean droplet with no prior configuration. Prerequisites A DigitalOcean account (or any VPS provider running Ubuntu 24.04) An SSH key pair on your local machine ( ~/.ssh/id_ed25519 and ~/.ssh/id_ed25519.pub ) Create the Droplet The fastest path is doctl , the DigitalOcean CLI: doctl compute droplet create my-server \ --image ubuntu-24-04-x64 \ --size s-1vcpu-1gb \ --region tor1 \ --ssh-keys $( doctl compute ssh-key list --format ID --no-header ) \ --wait This creates a 1 vCPU / 1 GB droplet in Toronto using all SSH keys in your account. Swap tor1 for your nearest region ( nyc3 , sfo3 , ams3 , etc.). The --wait flag bl