https://github.com/askmike/new-webserver

scripts to quickly setup a webserver
https://github.com/askmike/new-webserver

Last synced: 12 months ago
JSON representation

scripts to quickly setup a webserver

• Host: GitHub
• URL: https://github.com/askmike/new-webserver
• Owner: askmike
• License: mit
• Created: 2018-02-25T04:08:26.000Z (over 8 years ago)
• Default Branch: master
• Last Pushed: 2025-02-24T05:08:30.000Z (over 1 year ago)
• Last Synced: 2025-03-05T14:48:03.861Z (over 1 year ago)
• Size: 31.3 KB
• Stars: 16
• Watchers: 4
• Forks: 9
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# New webserver

Scripts and config files to quickly start a new webserver that has:

- ufw

- letsenscrypt ssl cert

- Diffie-Hellman parameters

- nginx with ssl properly configured

- docker

- postgres via docker

Assumes you are logged in as root.

# nodejs

    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash

    export NVM_DIR="$HOME/.nvm"

    [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm

    [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # This loads nvm bash_completion

    nvm install 22.9.0

# UFW

    ufw default deny incoming

    ufw default allow outgoing

    ufw allow 22  # ssh

    ufw allow 443 # https

    ufw allow 80  # http

    # allow port from specific IP

    # ufw allow from 1.1.1.1 to any port 22

    # allow port from specific interface

    # ufw allow in on eth0 to any port 80

    ufw enable

# Nginx

    apt-get install nginx # todo: nginx official repo

    openssl dhparam -out /etc/nginx/dhparam.pem 2048 # Diffie-Hellman parameters

    cd /etc/nginx/conf.d

    wget https://raw.githubusercontent.com/askmike/new-webserver/master/site.conf

    # edit nginx conf with your site and api

    service nginx configtest

    service nginx restart

# Nginx /w certbot

    sudo apt-get update

    sudo apt-get install -y nginx certbot python3-certbot-nginx

    sudo openssl dhparam -out /etc/nginx/dhparam.pem 2048 # Diffie-Hellman parameters

    cd /etc/nginx/conf.d

    sudo wget https://raw.githubusercontent.com/askmike/new-webserver/master/csite.conf

    # edit nginx conf with your domain

    sudo service nginx configtest

    sudo service nginx restart

    sudo certbot --nginx -d domain

    [email]

    y

    n

    wget https://raw.githubusercontent.com/askmike/new-webserver/master/csite2.conf

    sudo rm csite.conf

    sudo mv csite2.conf site.conf

    # edit nginx conf with your site and api

    sudo service nginx configtest

    sudo service nginx restart

    sudo crontab -e

    # add txt:

    0 12 * * * /usr/bin/certbot renew --quiet

# Build tools

    apt-get install python python3 make build-essential

# docker

    apt-get update

    apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common

    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

    # apt-key fingerprint 0EBFCD88

    add-apt-repository    "deb [arch=amd64] https://download.docker.com/linux/ubuntu \

       $(lsb_release -cs) \

       stable"

    apt-get update

    apt-get install docker-ce docker-ce-cli containerd.io

## docker postgres

    cd ~

    mkdir postgresdata

    docker run --rm   --name pg-docker -e POSTGRES_PASSWORD=YOUR-PW -d -p 5432:5432 -v $HOME/postgresdata:/var/lib/postgresql/data  postgres

    docker ps