Ubuntu VPS setup at digitalocean
Jun 27, 2014
warning
This post is more than 5 years old. While math doesn't age, code and operating systems do. Please use the code/ideas with caution and expect some issues due to the age of the content. I am keeping these posts up for archival purposes because I still find them useful for reference, even when they are out of date!
This blog is hosted on an Ubuntu 14.04 VPS at digitalocean . This post is mainly a reminder for me of the tutorials I used to set things up, however you might find it a helpful guide as well.
Initial server setup
As you might expect, initial server setup is the place to start after you've created a droplet and received a password from digitalocean .
ssh key setup
Next up is
ssh key setup
.
I used a unique ssh port
(call it XXXX) and a non-default identity
file identity.pub. My command to copy my
key to the server was then of the form:
$ ssh-copy-id -i ~/.ssh/identity.pub -p XXXX username@xxx.xxx.xxx.xxOnce setup, the ssh command is:
$ ssh -i ~/.ssh/identity.pub -p XXXX username@xxx.xxx.xxx.xx
To save myself from typing this every time, I added this identity to my
~/.ssh/config file with an entry for the
server:
Host christrelioff.ws
HostName xxx.xxx.xxx.xx
Port XXXX
IdentityFile ~/.ssh/identity
User usernameThis allows me to ssh with the simple command (tab auto-complete works too):
$ ssh chrisstrelioff.wsand the correct port, identity file, etc are used.
Setup a firewall
Next, I setup a firewall using ufw . The install is simple:
$ sudo apt-get install ufwOnce installed, the status can be seen using the command:
$ sudo ufw statusAt this point there should be nothing to see-- simply a notification that the status is inactive. So, let's set some default policies:
$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing
This denies everything incoming and allows all outgoing by default. Next, we
must allow incoming ssh. By default
ssh
uses port 22 and the command to allow incoming ssh is
$ sudo ufw allow ssh
However, if you've setup ssh on a
different port (as I have) -- say port XXXX
-- the command becomes:
$ sudo ufw allow XXXX/tcp
We'll also allow www traffic:
$ sudo ufw allow wwwFinally, enable the firewall using ( be sure that you've setup your ssh access before doing this! ) :
$ sudo ufw enable
Now trying the $ sudo ufw status command
should reflect the ports we allowed above and indicate the firewall is
active. Finally, to disable or reset ufw the commands are
$ sudo ufw disableand
$ sudo ufw reset
For more information on ufw try:
ufw
or
setup a firewall
.
Install nginx on Ubuntu 14.04
Next, I will install nginx on ubuntu 14.04 , also see nginx for serving web content. The install is exactly as you'd expect:
$ sudo apt-get install nginxnginx is active by default when installed. So, open a browser and go to the IP/url for your VPS to see the default nginx welcome page.
To stop, start or restart nginx try:
$ sudo service nginx stop
$ sudo service nginx start
$ sudo service nginx restartFinally, for the initial setup, let's make sure that nginx starts when the server is rebooted:
$ sudo update-rc.d nginx defaultsThis command should say that stop/start links for nginx already existed. The next step is set up for the actual content-- try how to setup nginx server blocks on ubuntu 14.04 .
Updating the server
The server will need to updated at times and this has to be done via the terminal. Fortunately updates are pretty simple. For typical (minor) updates of installed software the following will get things done:
$ sudo apt-get update
$ sudo apt-get upgradeFor major updates (like a kernel upgrade) more has to be done:
$ sudo apt-get update
$ sudo apt-get dist-upgradeTypically this is followed by a reboot of the server:
$ sudo rebootThat's it for all the basic updating needs.