Personal Website Guide 1: Fresh Droplet on DigitalOcean

Before undertaking any digital project, I make sure to understand what goes on under the hood. Did this by setting up a Nginx server running on Ubuntu 18.04 for personal blog and web projects on DigitalOcean's basic $5 droplet.

This post is written as a personal reference. Detailed guides are linked across this article.

Setting up a new server on DigitalOcean Droplet

I have always hosted multiple low-traffic websites through a single nginx server.

This post describes basic nginx server installation, configuration and notes; will help me in case I create a new DO droplet.

This guide has been created based on Digital Ocean: How To Install Nginx on Ubuntu 18.04

New non-root sudo user

Follow this guide to install a fresh Ubuntu installation. I did this because upgrading from 16.x was a hassle, plus the old installation didn't have much content.

After a fresh Ubuntu installation, create a non-root user:
adduser sammy

Add this new user to the sudo group. This will help user run root commands.
usermod -aG sudo sammy
Note: -a is for “appending a new user”, -G is for “to the group, followed by group name”.

At the time of setting up the new droplet through DigitalOcean dashboard, I added my home laptop public keys to root.

To access the new user using SSH, we will copy our public keys to sammy using a simple command:
rsync --archive --chown=sammy:sammy ~/.ssh /home/sammy

Walls of fire

Setting up a simple UFW firewall (aptly named Uncomplicated Firewall). Feel free to use DigitalOcean’s Cloud Firewalls.

Before starting up the firewall, allow SSH acccess so you aren't kicked out:
ufw allow OpenSSH

Enable UFW firewall:
ufw enable

Check UFW status:
udo ufw status

The server, Nginx

Guide taken from here. Make sure correct OS is selected. Read more about Nginx here.

Install nginx:
sudo apt update
sudo apt install nginx

Allow Nginx communications through UWF firewall:

Check list of apps we can allow:
sudo ufw app list

Depending on your needs, allow both HTTP and HTTPS.
ufw allow Nginx Full

Done. Make sure Nginx service is running:
systemctl status nginx

You should see the below output (random example, values are incorrect):

● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/<removed>/<removed>/<removed>/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2018-12-29 21:49:56 UTC; 19h ago
     Docs: man:nginx(8)
  Process: 7361 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=2)
  Process: 7372 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
  Process: 7363 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
 Main PID: 7374 (nginx)
    Tasks: 2 (limit: 1152)
   CGroup: /system.slice/nginx.service
           ├─7379 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           └─7382 nginx: worker process

Check your Nginx default landing page: http://your_server_ip

And we are done with Nginx setup.


Some helpful nginx commands

Taken directly from DigitalOcean's Nginx guide.
To stop your web server, type:
sudo systemctl stop nginx

To start the web server when it is stopped, type:
sudo systemctl start nginx

To stop and then start the service again, type:
sudo systemctl restart nginx

If you are simply making configuration changes, Nginx can often reload without dropping connections. To do this, type:
sudo systemctl reload nginx

By default, Nginx is configured to start automatically when the server boots. If this is not what you want, you can disable this behavior by typing:
sudo systemctl disable nginx

To re-enable the service to start up at boot, you can type:
sudo systemctl enable nginx

Time to get our website(s) running. Next post in series.