Connecting to a server using ssh and Server IP
Download an SSH key and save it /somewhere/key.pem
chmod 400 <path-to-key-file>
ssh -i <path-to-key-file> ubuntu@<domain name>
Or
ssh root@<IPAdress>
enter password
See if any updates are available
Setup NGINX
sudo apt update
sudo apt install nginx
check if NGINX is running:
systemctl status nginx
exit dialogue: qw
restarting:
sudo service nginx restart
Find out where anything NGINX related is
usually there are folders:
cd /etc/nginx
if this was successful nginx has files and is configured in some way. These folders are usually hidden and
cannot be found with ls -al
$ nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
$ nginx -V
nginx version: nginx/1.11.1
built by gcc 4.9.2 (Debian 4.9.2-10)
built with OpenSSL 1.0.1k 8 Jan 2015
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modulespath=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf ...
if there are any tests failed, this measn nginx is not configured properly. You might still find a running instance even though faulty setup.
See running NGINX processes
ps aux | grep nginx
Fire up NGINX at system start
sudo systemctl enable nginx
sudo systemctl reload nginx
Serve Static react website
server{
listen 80 default_server;
root /KaiserFranzBlog/client/build;
index index.html index.htm;
server_name _;
location / {
try_files $uri $uri/ =404;
}
Debugging Nginx
Seing where errors are in the NGINX build
sudo nginx -t
should be successful to deploy
Standart NGINX default
under /etc/nginx/sites-available/default
##
## You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# proxy_pass http://localhost:8080;
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection 'upgrade';
# proxy_set_header Host $host;
# proxy_cache_bypass $http_upgrade;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
# fastcgi_pass unix:/run/php/php7.0-fpm.sock;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#
Mern Stack
server {
listen 80 default_server;
server_name _;
# react app & front-end files
location / {
root /KaiserFranzBlog/client/build;
try_files $uri /index.html;
}
# node api reverse proxy
location /api/ {
proxy_pass http://localhost:4000/;
}
}
Solving: Curl localhost displays html but no site in browser
- copy the url it is supposed to be hosted at and use “http” and “https”
- maybe it is hosted with http and not https
- Enable https for this server
sudo ufw status
-> Status: inactive // firewall is inactive
HTTPS with NGINX
only do it when you have an http served at the final url
generate a certificate
sudo mkdir /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout
/etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
- openssl: Tool um Zertifikate und Schlüssel zu verwalten und generieren.
- req: Beschreibt ein X.509 certificate signing request für das Public Key Verfahren.
- x509: Gibt an, statt eines CSR gleich ein selbstsigniertes Zertifikat auszustellen.
- nodes: Zertifikat wird nicht über ein Kennwort geschützt. Damit kann nginx ohne weitere Aktion
- (Eingabe des Kennworts) gestartet werden.
- days 365: Beschreibt die Gültigkeit des Zertifikates für 365 Tage
- newkey rsa:2048: Generiert das Zertifikat und einen 2048-bit langen RSA Schlüssel.
- keyout: Gibt die Ausgabepfad und -datei für den Schlüssel an.
- out: Gibt die Ausgabepfad und -datei des Zertifikates an.