Skip to content

Instantly share code, notes, and snippets.

@tejastank

tejastank/1. server_install.md

Created October 14, 2021 06:50
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save tejastank/388981f3c1e64d53c8e587d05abb4bbb to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save tejastank/388981f3c1e64d53c8e587d05abb4bbb to your computer and use it in GitHub Desktop.
Download ZIP
Ubuntu server installation
Raw
1. server_install.md

Rename the server

  • Edit file /etc/hostname
  • Edit file /etc/hosts and replace hostname following the address "127.0.1.1"
  • Reboot with sudo reboot

Create new user

  • Create a new user with adduser username
  • Add the user to the sudo group with usermod -aG sudo username
  • Put a random string as root password to avoid log in with root user with passwd (https://passwordsgenerator.net/)

Copy local SSH key to the server

  • Generate SSH key on your computer with ssh-keygen
  • Copy the SSH key to the remote server with ssh-copy-id -i ~/.ssh/mykey user@host
  • Disable SSH authentication with password in /etc/ssh/sshd_config by setting PasswordAuthentication no
  • Restart the SSH service with sudo service ssh restart

Set up the firewall

  • Execute this bash file (mind the interface name in the file)

Set up a swap file

  • Follow instructions here

Change the server locale

  • sudo locale-gen "en_US.UTF-8"
  • sudo dpkg-reconfigure locales
  • Check the server locale with locale

Install NodeJS

  • Follow instructions here

Install MongoDB

  • Download and install the official and latest version of MongoDB here
  • In the configuration file /etc/mongodb.conf, set the location of the database : storage.dbPath: "/var/lib/mongodb/"
  • Start the service : sudo service mongodb start
  • Using the CLI, create a new user for the database : db.createUser({user: "u", pwd: "p", roles: ["readWrite", "dbAdmin"]})
  • In the config file, enable the access by login only : security.authorization : enabled
  • Restart the service : sudo service mongodb restart
  • Restore the previous database content : mongorestore dump_folder

Documentation for MongoDB configuration file

Troubleshoot MongoDB

  • Check the status : sudo service mongodb status
  • The service command must be the following : /usr/bin/mongod --config /etc/mongod.conf
  • Check the logs : sudo tail /var/log/mongodb/mongod.log
  • Fix startup issue : sudo chown -R mongodb:mongodb /var/lib/mongodb/*

Clone a GitHub project

  • Install Git with sudo apt install git
  • Generate a new SSH key on the server and bind it to your GitHub account
  • Load this key at the server startup by adding these lines at the end of the ~/.bashrc file :
# start SSH client and add RSA keys
eval "$(ssh-agent -s)" &> /dev/null
ssh-add ~/.ssh/github_rsa &> /dev/null

Configure a mail sender for cron tasks

  • Add [email protected] to the cron tasks config file
  • sudo apt install ssmtp
  • sudo nano /etc/ssmtp/ssmtp.conf
#
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
root=postmaster

# The place where the mail goes. The actual machine name is required no 
# MX records are consulted. Commonly mailhosts are named mail.domain.com
mailhub=smtp_server.com:587

# Where will the mail seem to come from?
rewriteDomain=bond.com

# The full hostname
[email protected]

# Are users allowed to set their own From: address?
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
#FromLineOverride=YES


# Use SSL/TLS before starting negotiation
UseTLS=Yes
UseSTARTTLS=Yes

# Username/Password
AuthUser=james
AuthPass=secretagent
AuthMethod=LOGIN
  • sudo nano /etc/ssmtp/revaliases
# sSMTP aliases
# 
# Format:	local_account:outgoing_address:mailhub
#
# Example: root:[email protected]:mailhub.your.domain[:port]
# where [:port] is an optional port number that defaults to 25.

james:[email protected]:smtp_server.com:587
  • test the configuration by trying to send an email with echo "Subject: hello" | sendmail [email protected]

Apache configuration

  • Install Apache 2 : sudo apt install apache2
  • Enable proxy and rewrite module : sudo a2enmod proxy_http rewrite headers then restart Apache : sudo service apache2 restart
  • Create new config file in /etc/apache2/sites-available with following content :
<VirtualHost bond.com:80>
  ServerName bond.com
  ServerAdmin [email protected]

  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
  • Enable the virtual host : sudo a2ensite then sudo service apache2 reload
  • Install Certbot to enable HTTPS : sudo apt install certbot python-certbot-apache
  • Install or renew HTTPS certificates : sudo certbot
  • List all HTTPS certificates : sudo certbot certificates

Install Modoboa (tricky)

  • Follow this tutorial
  • Use this Apache configuration here
  • sudo apt install libapache2-mod-wsgi-py3 will be required
Raw
db_dump_and_ftp_backup.sh
today=$(date +'%m-%d-%y')
# dump the database
OUTPUT=`mongodump -d DB -u USER -p PASSWORD --out /var/backups/mongodb/$today 2>&1` || echo "$OUTPUT"
# create an archive of the last dump file
OUTPUT=`tar zcvf /var/backups/mongodb/$today.tar.gz /var/backups/mongodb/$today 2>&1` || echo "$OUTPUT"
rm -rf /var/backups/mongodb/$today
# delete the dump files older than 3 days
find /var/backups/mongodb/ -mtime +3 -exec rm -rf {} \; 2> /dev/null
# upload the dump files on the FTP server
OUTPUT=`lftp -e "set ssl:check-hostname no ; mirror --verbose --delete-first --reverse --no-perms /var/backups/mongodb/ / ; bye" -u LOGIN,PASSWORD HOST 2>&1` || echo "$OUTPUT"
Raw
disk_usage.sh
# https://www.linuxjournal.com/content/tech-tip-send-email-alert-when-your-disk-space-gets-low
#!/bin/bash
CURRENT=$(df / | grep / | awk '{ print $5}' | sed 's/%//g')
THRESHOLD=80
if [ "$CURRENT" -gt "$THRESHOLD" ] ; then
MESSAGE="Disk usage dangerously high : ${CURRENT}%"
echo $MESSAGE
fi
Raw
memory_usage.sh
# free -m | awk 'NR==2{printf "Memory Usage: %s/%sMB (%.2f%%)\n", $3,$2,$3*100/$2 }'
#!/bin/bash
CURRENT=$(free -m | grep Mem: | awk '{ printf "%.0f", $3*100/$2 }')
THRESHOLD=90
if [ "$CURRENT" -gt "$THRESHOLD" ] ; then
free -m | awk 'NR==2{ printf "Memory Usage: %s/%sMB (%.2f%%)\n", $3,$2,$3*100/$2 }'
fi
Raw
mongod.conf
# mongod.conf in /etc
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1
# how the process runs
processManagement:
timeZoneInfo: /usr/share/zoneinfo
security:
authorization: enabled
#operationProfiling:
#replication:
#sharding:
## Enterprise-Only Options:
#auditLog:
#snmp:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment