Personal Website Guide 1: Fresh Droplet on DigitalOcean
Before undertaking any digital project, I make sure to understand what goes on under the hood. Did this by setting up a Nginx server running on Ubuntu 18.04 for personal blog and web projects on DigitalOcean's basic $5 droplet.
This post is written as a personal reference. Detailed guides are linked across this article.
Setting up a new server on DigitalOcean Droplet
I have always hosted multiple low-traffic websites through a single nginx server.
This post describes basic nginx server installation, configuration and notes; will help me in case I create a new DO droplet.
This guide has been created based on Digital Ocean: How To Install Nginx on Ubuntu 18.04
New non-root sudo user
Follow this guide to install a fresh Ubuntu installation. I did this because upgrading from 16.x was a hassle, plus the old installation didn't have much content.
After a fresh Ubuntu installation, create a non-root user:
adduser sammy
Add this new user to the sudo group. This will help user run root commands.
usermod -aG sudo sammy
Note: -a is for “appending a new user”, -G is for “to the group, followed by group name”.
At the time of setting up the new droplet through DigitalOcean dashboard, I added my home laptop public keys to root.
To access the new user using SSH, we will copy our public keys to sammy using a simple command:
rsync --archive --chown=sammy:sammy ~/.ssh /home/sammy
Walls of fire
Setting up a simple UFW firewall (aptly named Uncomplicated Firewall). Feel free to use DigitalOcean’s Cloud Firewalls.
Before starting up the firewall, allow SSH acccess so you aren't kicked out:
ufw allow OpenSSH
Enable UFW firewall:
ufw enable
Check UFW status:
udo ufw status
The server, Nginx
Guide taken from here. Make sure correct OS is selected. Read more about Nginx here.
Install nginx:
sudo apt update
sudo apt install nginx
Allow Nginx communications through UWF firewall:
Check list of apps we can allow:
sudo ufw app list
Depending on your needs, allow both HTTP and HTTPS.
ufw allow Nginx Full
Done. Make sure Nginx service is running:
systemctl status nginx
You should see the below output (random example, values are incorrect):
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/<removed>/<removed>/<removed>/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2018-12-29 21:49:56 UTC; 19h ago
Docs: man:nginx(8)
Process: 7361 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=2)
Process: 7372 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 7363 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 7374 (nginx)
Tasks: 2 (limit: 1152)
CGroup: /system.slice/nginx.service
├─7379 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─7382 nginx: worker process
Check your Nginx default landing page: http://your_server_ip
And we are done with Nginx setup.
Some helpful nginx commands
Taken directly from DigitalOcean's Nginx guide.
To stop your web server, type:
sudo systemctl stop nginx
To start the web server when it is stopped, type:
sudo systemctl start nginx
To stop and then start the service again, type:
sudo systemctl restart nginx
If you are simply making configuration changes, Nginx can often reload without dropping connections. To do this, type:
sudo systemctl reload nginx
By default, Nginx is configured to start automatically when the server boots. If this is not what you want, you can disable this behavior by typing:
sudo systemctl disable nginx
To re-enable the service to start up at boot, you can type:
sudo systemctl enable nginx
Time to get our website(s) running. Next post in series.