Skip to content

Instantly share code, notes, and snippets.

@melsoriano

melsoriano/devOps-digital-ocean.md

Forked from taesup/DO-deployment-for-devleague.md
Created March 8, 2018 20:58
Show Gist options
  • Save melsoriano/f2b436d60de676a42b0446b3b7ace03e to your computer and use it in GitHub Desktop.
Save melsoriano/f2b436d60de676a42b0446b3b7ace03e to your computer and use it in GitHub Desktop.
Download ZIP
DevOPS: Setting up a node server (basic)
Raw
devOps-digital-ocean.md

DevOps

{username} = your username
{ip} = your DO droplet ip address
{repo} = your repo address
{email} = your email

DIGITAL OCEAN

Go to DigitalOcean.com
Sign up for an account
Generate an SSH key for your laptop (if does not exists yet)
Upload SSH key to DO
Create a new droplet and choose your ssh key you just uploaded
Get IP of new Droplet

GETTING ON YOUR SERVER

ssh root@{ip}
Enter yes to prompt

CREATE USER

adduser {username} and follow prompts

SET SSH KEY FOR NEW USER

mkdir /home/{username}/.ssh
cd /home/{username}/.ssh
touch authorized_keys
vi authorized_keys
Paste your .ssh/id_rsa.pub key from your laptop into this file
:wq to leave vim
cd .. to leave .ssh folder
chown -R {username}:{username} .ssh
exit

SMOKE TEST NEW ACCOUNT

ssh {username}@{ip}
exit

MAKE NEW ACCOUNT A SUDOER

usermod -aG sudo {username} su - {username}// switch to new account sudo ls -lah /root` // smoke test sudo capabilities

RE-ENTER AS NEW ACCOUNT

exit
exit
`ssh {username}@{ip}

INSTALL NVM (https://github.com/creationix/nvm)

curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.8/install.sh | bashsource .bashrc // restart terminal
nvm install —lts // install latest LTS node version
node —version // smoke test node

INSTALL REDIS, NGINX

sudo apt install redis-server
redi-cli // smoke test reds
sudo apt install nginx
nginx -v // smoke test nginx

INSTALL PG

sudo apt install postgresql
sudo apt install postgresql-contrib
sudo -u postgres createuser --interactive
createdb {username}
psql

// GENERATE SSH KEY
ssh-keygen -t rsa -b 4096 -C “{email}” // just stick with defaults
cat /home/{username}/.ssh/id_rsa.pub // smoke test new key

GRAB PROJECT FROM GITHUB

Go to github.com
Go to your repo
Click on Settings -> Deploy Keys -> Add Deploy Key
Give this deploy key a name (should relate to the server)
Copy paste the id_rsa.pub from above into the field
Make sure ‘Write Access’ is unchecked
Click Add

cd ..
mkdir projects
cd projects
git clone {repo}

CONFIGRE PROJECT AND DB

Configure the config file and db database and tables as needed
Running nodemon server.js should bring up a working server on port X
Still won’t be able to hit the server until nginx is running smoothly

NGINX

cd /etc/nginx/sites-available
sudo touch {name}
sudo vi {name}

Paste in this:

server {
  listen 80;

  server_name {ip};

  location / {
      proxy_pass http://localhost:8080;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection 'upgrade';
      proxy_set_header Host $host;
      proxy_cache_bypass $http_upgrade;
  }
}

sudo cp {name} ../sites-enabled/
sudo nginx -t // smoke test the new config file we made
sudo service nginx reload
Smoke test by going to your {ip}

ADVANCED DEVOPS

  • Add user to posters db that isn’t based on system user
  • PM2
  • Let’s Encrypt
  • Let’s Encrypt cron job
  • Lockdown sshd_config file
  • UFW only allow posts {80, 443, 2222}
  • Setup a ssh config (on server and on laptop)
  • Setup automatic updates
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment