https://github.com/google/codeworld
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-18-04
https://www.serverlab.ca/tutorials/linux/web-servers-linux/how-to-configure-nginx-for-websockets/
upstream codeworld { | |
server 127.0.0.1:8080; | |
} | |
upstream gameserver { | |
ip_hash; | |
server 0.0.0.0:9160; | |
} | |
server { | |
root /var/www/haskellturkiye.com/html; | |
index index.html index.htm index.nginx-debian.html; | |
server_name haskellturkiye.com www.haskellturkiye.com codeworld.haskellturkiye.com; | |
# Define where Nginx should write its logs | |
access_log /var/log/nginx/haskellturkiye.com/access.log; | |
error_log /var/log/nginx/haskellturkiye.com/error.log; | |
location / { | |
try_files $uri @codeworld; | |
} | |
location @codeworld { | |
proxy_set_header Host $http_host; | |
proxy_set_header CLIENT_IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_read_timeout 300; | |
proxy_pass http://codeworld; | |
gzip on; | |
gzip_types text/plain text/xml text/css image/svg+xml application/javas$ | |
gzip_proxied any; | |
} | |
location /gameserver { | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header Host $host; | |
proxy_pass http://gameserver; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "upgrade"; | |
} | |
listen 443 ssl; # managed by Certbot | |
ssl_certificate /etc/letsencrypt/live/haskellturkiye.com/fullchain.pem; # managed by Certbot | |
ssl_certificate_key /etc/letsencrypt/live/haskellturkiye.com/privkey.pem; # managed by Certbot | |
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | |
} | |
server { | |
if ($host = www.haskellturkiye.com) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
if ($host = haskellturkiye.com) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
if ($host = codeworld.haskellturkiye.com) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
server_name haskellturkiye.com www.haskellturkiye.com; | |
listen 80; | |
return 404; # managed by Certbot | |
} |
git clone https://github.com/google/codeworld.git | |
cd codeworld/ | |
./install.sh | |
./run.sh | |
sudo apt-get install fail2ban nginx certbot python3-certbot-nginx | |
# Firewall | |
sudo ufw default deny incoming | |
sudo ufw default allow outgoing | |
sudo ufw allow ssh | |
sudo ufw allow "Nginx Full" | |
sudo ufw enable | |
# Set up nginx for haskellturkiye.com | |
sudo nano /etc/nginx/nginx.conf # Uncomment server_names_hash_bucket_size | |
sudo nano /etc/nginx/sites-available/haskellturkiye.com | |
sudo ln -s /etc/nginx/sites-available/haskellturkiye.com /etc/nginx/sites-enabled/ | |
sudo mkdir -p /var/log/nginx/haskellturkiye.com | |
sudo chown www-data:www-data /var/log/nginx/haskellturkiye.com/ | |
sudo mkdir -p /var/www/haskellturkiye.com/html | |
sudo chown -R $USER:$USER /var/www/your_domain/html | |
sudo chown -R $USER:$USER /var/www/haskellturkiye.com/html | |
sudo chmod -R 755 /var/www/haskellturkiye.com/html | |
sudo nginx -t | |
sudo service nginx reload | |
# Set up the letsencrypt certificates and renewal automation | |
sudo certbot --nginx -d haskellturkiye.com -d www.haskellturkiye.com -d codeworld.haskellturkiye.com | |
nano /var/www/your_domain/html/index.html | |
nano /var/www/haskellturkiye.com/html/index.html |