admin/bodyshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
54820fe3c8211fc11eb052d7ad8adc5a5ec3300a
bodyshop/_reference/Documents/dropletSetup.md
Dave Richer eeb8d8d26f release/2024-10-25 - Clean up referenceDocuments 
Signed-off-by: Dave Richer <dave@imexsystems.ca>
2024-10-25 11:21:10 -07:00

80 lines
3.1 KiB
Markdown
Raw Blame History

**Create an SSH key for local computer**
ssh-keygen -t rsa -C "your_email@example.com"
Copy the new key to clipboard:
- Windows: clip < id_rsa.pub
- Linux: sudo apt-get install xclip
xclip -sel clip < ~/.ssh/id_rsa.pub
- Mac: pbcopy < ~/.ssh/id_rsa.pub
- Manual Copy: cat ~/.ssh/id_rsa.pub
Add the SSH key to the drop creation screen.
1. Create a new user to replace root user
1. # adduser imex
2. # usermod -aG sudo imex
3. # su - imex
4. $ mkdir ~/.ssh
5. $ chmod 700 ~/.ssh
6. $ nano ~/.ssh/authorized_keys
7. Add the copied SSH key and save.
8. $ chmod 600 ~/.ssh/authorized_keys #Restrict access to authorized keys.
2. Setup the Firewall
1. $ sudo ufw allow OpenSSH.
2. $ sudo ufw enable
3. Add Nginx & Configure
1. $ sudo apt-get update
2. $ sudo apt-get install nginx
3. $ sudo ufw allow 'Nginx Full'
4. $ sudo ufw app list
1. Nginx Full: Opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic)
2. Nginx Http: Opens only port 80 (normal, unencrypted web traffic)
3. Nginx Https: Opens only port 443 (TLS/SSL encrypted traffic)
5. Should now be able to go to IP and see nginx responding with a blank page.
4. Install NodeJs
1. $ curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
2. $ sudo apt install nodejs
3. $ node --version
5. Clone Source Code
1. $ git clone git@bitbucket.org:snaptsoft/bodyshop.git //Requires SSH setup.
2. $ cd bodyshop && npm install //Install all server dependencies.
6. Setup PM2
1. $ npm install pm2 -g //Had to be run as root.
2. $ pm2 start ecosystem.config.js
3. $ pm2 startup ubuntu //Ensure it starts when server does.
7. Alter Nginx config
1. sudo nano /etc/nginx/sites-available/default
2. //Add Appropriate server names to the file. www. and non-www.
3. Add the following inside the location of the server block: (Remove the 404 bit.)
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
8. Install Certbot
9. $ sudo add-apt-repository ppa:certbot/certbot //Potential issue on ubuntu 20.04
10. $ sudo apt-get update
11. $ sudo apt install python-certbot-nginx
12. $ sudo nano /etc/nginx/sites-available/default
13. Find the existing server_name line and replace the underscore with your domain name:
...
server_name example.com www.example.com;
...
14. $ sudo nginx -t //Verify syntax.
15. $ sudo systemctl reload nginx
##AWS INSTRUCTIONS
$ sudo snap install core; sudo snap refresh core
$ sudo snap install --classic certbot
$ sudo ln -s /snap/bin/certbot /usr/bin/certbot
16. Generate Certificate
17. $ sudo certbot --nginx -d example.com -d www.example.com //Follow prompts.
18. $ sudo certbot renew --dry-run //Dry run to test auto renewal.
ADding Yarn
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update && sudo apt-get install yarn
Reference in New Issue View Git Blame Copy Permalink