Parts taken from:
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04
https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-16-04
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-ubuntu-16-04
https://www.digitalocean.com/community/tutorials/ufw-essentials-common-firewall-rules-and-commands
Create droplet in DigitalOcean dashboard
(do not add SSH key during setup)
local:
ssh root@ip_address
(default password in email)
server:
adduser brooke
usermod -aG sudo brooke
logout
local:
ssh-copy-id brooke@ip_address
ssh brooke@ip_address
server:
ssh-keygen
cat .ssh/id_rsa.pub
(copy result)
Go to: https://github.com/settings/keys
Click 'New SSH Key'
Enter title: 'Digital Ocean ...'
Paste in key
Click 'Add SSH key'
on server:
sudo apt install emacs24
sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get autoremove
sudo reboot
ssh brooke@ip_address
In .bashrc, uncomment line:
force_color_prompt=yes
sudo apt update
sudo apt install build-essential libssl-dev
sudo apt install ssh (to add 'OpenSSH' profile)
Updated command at: https://github.com/creationix/nvm/#install-script
curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.2/install.sh | bash
[logout and log back in]
nvm ls-remote
(pick version)
nvm install v8.1.4
sudo apt-get update
sudo apt-get install nginx
sudo ufw app list
(shows firewall options)
sudo ufw allow 'Nginx Full'
sudo ufw allow 'OpenSSH'
sudo ufw status
// Only to remove previously
sudo ufw delete allow 22
sudo ufw enable
sudo apt install ddclient
(intial setup walkthrough screens don't matter)
Edit /etc/ddclient.conf file to following
# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf
protocol=dyndns2
use=web
server=domains.google.com
ssl=yes
login=<username-in-ddns-settings>
password=<password-in-ddns-settings>
<subdomain-or-domain>.com
Then run:
sudo rm /var/cache/ddclient/ddclient.cache
sudo service ddclient restart
sudo ddclient
sudo systemctl start nginx
sudo systemctl stop nginx
sudo systemctl restart nginx
sudo systemctl reload nginx
sudo systemctl disable nginx (disable run on startup)
sudo systemctl enable nginx (enable run on startup)
sudo nginx -t (test configuration)
curl icanhazip.com
(type ip result into browser and you should see "Welcome to Nginx" page)
Access nginx logs: /var/log/nginx/access.log Access nginx errors: /var/log/nginx/error.log
npm install -g pm2
pm2 startup systemd
(then run the command returned at bottom)
cd
mkdir apps
cd apps/
git clone <repo_url>
npm install --production
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot
certbot --version
Add an 'A record' for the domain that points to the droplet (ttl to 300) After 5 minutes...
sudo systemctl stop nginx
sudo certbot certonly
Pick option: 1: Spin up a temporary webserver (standalone) Fill out rest of info...
Check files exist:
sudo ls -l /etc/letsencrypt/live/domain_name_here
sudo emacs /etc/nginx/snippets/ssl-effortlessreviews.com.conf
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
sudo emacs /etc/nginx/snippets/ssl-params.conf
Add files like modified default file and effortlessreviews.com to /etc/nginx/sites-available/
Make symlinks to those (.com) files in /etc/nginx/sites-enabled/
cd /etc/nginx/sites-enabled/
sudo ln -s ../sites-available/effortlessreviews.com
Create keys.json file if required
Allow droplet ip access to database
pm2 start src/app.js --name 'name_of_app'
pm2 list
pm2 save