Ubuntu VPS setup at digitalocean

warning

This post is more than 5 years old. While math doesn't age, code and operating systems do. Please use the code/ideas with caution and expect some issues due to the age of the content. I am keeping these posts up for archival purposes because I still find them useful for reference, even when they are out of date!

This blog is hosted on an Ubuntu 14.04 VPS at digitalocean . This post is mainly a reminder for me of the tutorials I used to set things up, however you might find it a helpful guide as well.

Initial server setup

As you might expect, initial server setup is the place to start after you've created a droplet and received a password from digitalocean .

ssh key setup

Next up is ssh key setup . I used a unique ssh port (call it XXXX) and a non-default identity file identity.pub. My command to copy my key to the server was then of the form:

$ ssh-copy-id -i ~/.ssh/identity.pub -p XXXX username@xxx.xxx.xxx.xx

Once setup, the ssh command is:

$ ssh -i ~/.ssh/identity.pub -p XXXX username@xxx.xxx.xxx.xx

To save myself from typing this every time, I added this identity to my ~/.ssh/config file with an entry for the server:

Host           christrelioff.ws 
HostName xxx.xxx.xxx.xx
Port XXXX
IdentityFile ~/.ssh/identity
User username

This allows me to ssh with the simple command (tab auto-complete works too):

$ ssh chrisstrelioff.ws

and the correct port, identity file, etc are used.

Setup a firewall

Next, I setup a firewall using ufw . The install is simple:

$ sudo apt-get install ufw

Once installed, the status can be seen using the command:

$ sudo ufw status

At this point there should be nothing to see-- simply a notification that the status is inactive. So, let's set some default policies:

$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing

This denies everything incoming and allows all outgoing by default. Next, we must allow incoming ssh. By default ssh uses port 22 and the command to allow incoming ssh is

$ sudo ufw allow ssh

However, if you've setup ssh on a different port (as I have) -- say port XXXX -- the command becomes:

$ sudo ufw allow XXXX/tcp

We'll also allow www traffic:

$ sudo ufw allow www

Finally, enable the firewall using, but, be sure that you've setup your ssh access before doing this!:

$ sudo ufw enable

Now trying the $ sudo ufw status command should reflect the ports we allowed above and indicate the firewall is active. Finally, to disable or reset ufw the commands are

$ sudo ufw disable

and

$ sudo ufw reset

For more information on ufw try: ufw or setup a firewall .

Install nginx on Ubuntu 14.04

Next, I will install nginx on ubuntu 14.04 , also see nginx for serving web content. The install is exactly as you'd expect:

$ sudo apt-get install nginx

nginx is active by default when installed. So, open a browser and go to the IP/url for your VPS to see the default nginx welcome page.

To stop, start or restart nginx try:

$ sudo service nginx stop
$ sudo service nginx start
$ sudo service nginx restart

Finally, for the initial setup, let's make sure that nginx starts when the server is rebooted:

$ sudo update-rc.d nginx defaults

This command should say that stop/start links for nginx already existed. The next step is set up for the actual content-- try how to setup nginx server blocks on ubuntu 14.04 .

Updating the server

The server will need to updated at times and this has to be done via the terminal. Fortunately updates are pretty simple. For typical (minor) updates of installed software the following will get things done:

$ sudo apt-get update
$ sudo apt-get upgrade

For major updates (like a kernel upgrade) more has to be done:

$ sudo apt-get update
$ sudo apt-get dist-upgrade

Typically this is followed by a reboot of the server:

$ sudo reboot

That's it for all the basic updating needs.