Scaleway setup differences with bare metal (C2) vs VPS (VC1)

I have been testing various setups in Scaleway and thought I’d mention something I found regarding ufw in case it helps save someone similar frustration and time.

Specifically, I was trying to get MIAB running on their bare metal x86 64bit option, currently called C2. MIAB setup was hanging at the “Initializing system random number generator…” step, but in fact that finished okay but the Firewall step was what was really hanging. The very helpful post (referenced at the bottom of my post here) helped diagnose the problem and reveal the workaround needed.

  1. After the fresh install of the instance, as soon as you SSH in, install ufw with:

apt-get install ufw

  1. Edit /etc/default/ufw and set these 2 options:


  1. Edit /etc/ufw/after.rules and add a line before COMMIT:

-A ufw-reject-input -j DROP

  1. Then issue these 3 commands:

ufw logging off ufw allow ssh ufw enable

  1. Finally you are able to run the MIAB installation:

curl -s | sudo bash

Note I was able to get MIAB running without any modifications from instance creation on their VC1 server type. The above was only required for the bare metal option.

Reference: Post on Scaleway Community Forum


I’m already using a couple of them as VC1S & VC1L both VPS options…

I think you forgot to mention those important points:

  1. At 'Security tab, create your custom Security group with BLOCK SMTP = NO
  2. Asign the new Security group to your MiaB server.
  3. Right after 2) it is IMPORTANT to hard-reboot the server through your SCALEWAY admin panel to get the 1) settings booked (soft-reboot through SSH is not enough)

hope this helps, too

1 Like

I found that the default policy isn’t required. Also the drop isn’t. Just the IPv6. Make sure you don’t assign a public IPv6 address or you are not protected.

The default accept is actually defeating the purpose of having the firewall. Because miab doesn’t set any deny rules. Just allow.

1 Like

Thanks for pointing that!