Before undertaking any digital project, I make sure to understand what goes on under the hood. Did this by setting up a Nginx server running on Ubuntu 18.04 for personal blog and web projects on DigitalOcean's basic $5 droplet.
This post is written as a personal reference. Detailed guides are linked across this article.
Setting up a new server on DigitalOcean Droplet
I have always hosted multiple low-traffic websites through a single nginx server.
This post describes basic nginx server installation, configuration and notes; will help me in case I create a new DO droplet.
This guide has been created based on Digital Ocean: How To Install Nginx on Ubuntu 18.04
New non-root sudo user
Follow this guide to install a fresh Ubuntu installation. I did this because upgrading from 16.x was a hassle, plus the old installation didn't have much content.
After a fresh Ubuntu installation, create a non-root user:
Add this new user to the sudo group. This will help user run root commands.
usermod -aG sudo sammy
Note: -a is for “appending a new user”, -G is for “to the group, followed by group name”.
At the time of setting up the new droplet through DigitalOcean dashboard, I added my home laptop public keys to root.
To access the new user using SSH, we will copy our public keys to sammy using a simple command:
rsync --archive --chown=sammy:sammy ~/.ssh /home/sammy
Walls of fire
Before starting up the firewall, allow SSH acccess so you aren't kicked out:
ufw allow OpenSSH
Enable UFW firewall:
Check UFW status:
udo ufw status
The server, Nginx
sudo apt update
sudo apt install nginx
Allow Nginx communications through UWF firewall:
Check list of apps we can allow:
sudo ufw app list
Depending on your needs, allow both HTTP and HTTPS.
ufw allow Nginx Full
Done. Make sure Nginx service is running:
systemctl status nginx
You should see the below output (random example, values are incorrect):
● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/<removed>/<removed>/<removed>/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2018-12-29 21:49:56 UTC; 19h ago Docs: man:nginx(8) Process: 7361 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=2) Process: 7372 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 7363 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Main PID: 7374 (nginx) Tasks: 2 (limit: 1152) CGroup: /system.slice/nginx.service ├─7379 nginx: master process /usr/sbin/nginx -g daemon on; master_process on; └─7382 nginx: worker process
Check your Nginx default landing page: http://your_server_ip
And we are done with Nginx setup.
Some helpful nginx commands
Taken directly from DigitalOcean's Nginx guide.
To stop your web server, type:
sudo systemctl stop nginx
To start the web server when it is stopped, type:
sudo systemctl start nginx
To stop and then start the service again, type:
sudo systemctl restart nginx
If you are simply making configuration changes, Nginx can often reload without dropping connections. To do this, type:
sudo systemctl reload nginx
By default, Nginx is configured to start automatically when the server boots. If this is not what you want, you can disable this behavior by typing:
sudo systemctl disable nginx
To re-enable the service to start up at boot, you can type:
sudo systemctl enable nginx
Time to get our website(s) running. Next post in series.