Login To Server

ssh root@ipaddress
enter password

Update packages

sudo apt update
sudo apt upgrade

Add ssh keys to server

mkdir -p ~/.ssh && chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys

On Local Machine

cat ~/.ssh/id_rsa.pub
nano ~/.ssh/authorized_keys
Paste content from 4 here and save

Create new user with sudo

adduser caleb
id caleb
usermod -aG sudo caleb
id caleb

We need to add the key to caleb .ssh on the server, log back in as root

ssh root@ipaddress
cd /home/caleb
mkdir .ssh
cd .ssh
touch authorized_keys
sudo nano authorized_keys (paste in the id_rsa_do.pub key, exit and log in as caleb)

Login as caleb

ssh caleb@doserver

Change owner of /home/caleb/* from root to caleb

sudo chown -R caleb:caleb /home/caleb

Give User permission

chmod 700 /home/caleb/.ssh

Disable root password login

sudo nano /etc/ssh/sshd_config
Set the following
PermitRootLogin no
PasswordAuthentication no
Reload sshd service
sudo systemctl reload sshd

Github (Deploy From Github)

Generate Github Key(On Server)

ssh-keygen -t rsa (id_rsa or whatever you want)

Add new key

ssh-add /home/caleb/.ssh/id_rsa

If you get a message about auth agent, run this and try again

eval ssh-agent -s

Clone repo

git clone [email protected]:your_git_repo

Install Node

Instal NVM

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash
export NVM_DIR="$([ -z "${XDG_CONFIG_HOME-}" ] && printf %s "${HOME}/.nvm" || printf %s "${XDG_CONFIG_HOME}/nvm")"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"

Use NVM to Install Node

nvm install node 12.x
nvm list (lists node versions installed)
nvm use 12.x (selects a particular node version to be used)
node -v or npm -v (displays node version and npm version)

Use PM2 To Keep App Running In The Background

sudo npm i pm2 -g
pm2 start app (or whatever your file name)

Other pm2 commands

Start and Daemonize any application:

pm2 start app.js
pm2 start npm --name "app name" -- start
pm2 start npm --name "dosh_ride" -- run start:prod => running custom script
pm2 serve build/ 3000 --name "react-build" --spa => serving a react build

Load Balance 4 instances of api.js:

pm2 start api.js -i 4
pm2 start npm --name "app name" -- start -i 4

Monitor in production:

pm2 monitor

Make pm2 auto-boot at server restart:

pm2 startup

Prevent pm2 from auto-boot when server restart:

pm2 unstartup

Other Commands:

pm2 show app
pm2 status
pm2 restart app
pm2 stop app
pm2 logs (Show log stream)
pm2 flush (Clear logs)

Setup UFW Firewall

sudo ufw enable
sudo ufw status
sudo ufw allow ssh (Port 22)
sudo ufw allow http (Port 80)
sudo ufw allow https (Port 443)

Install NGINX and configure

sudo apt install nginx
sudo nano /etc/nginx/sites-available/default

Add the following to the location part of the server block

server_name yourdomain.com www.yourdomain.com;

location / {
    proxy_pass http://localhost:5000; #whatever port your app runs on
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
}

Check NGINX config

sudo nginx -t

Restart NGINX

sudo service nginx restart

You should now be able to visit your IP with no port (port 80) and see your app. Now let's add a domain

Add domain in Digital Ocean

In Digital Ocean, go to networking and add a domain

Add an A record for @ and for www to your droplet

Register and/or setup domain from registrar
I prefer Namecheap for domains. Please use this affiliate link if you are going to use them
https://namecheap.pxf.io/c/1299552/386170/5618

Choose "Custom nameservers" and add these 3

ns1.digitalocean.com
ns2.digitalocean.com
ns3.digitalocean.com
It may take a bit to propogate

Add SSL with LetsEncrypt

sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt install certbot
sudo apt-get install python3-certbot-nginx
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Only valid for 90 days, test the renewal process with

sudo certbot renew --dry-run Now visit https://yourdomain.com and you should see your Node app

Caleb-Mantey/digital_ocean_setup.md Secret

Login To Server

Update packages

Add ssh keys to server

On Local Machine

Create new user with sudo

We need to add the key to caleb .ssh on the server, log back in as root

Login as caleb

Change owner of /home/caleb/* from root to caleb

Give User permission

Disable root password login

`Set the following`

`Reload sshd service`

Github (Deploy From Github)

Generate Github Key(On Server)

Add new key

If you get a message about auth agent, run this and try again

Clone repo

Install Node

Instal NVM

Use NVM to Install Node

Use PM2 To Keep App Running In The Background

Other pm2 commands

Start and Daemonize any application:

Load Balance 4 instances of api.js:

Monitor in production:

Make pm2 auto-boot at server restart:

Prevent pm2 from auto-boot when server restart:

Other Commands:

Setup UFW Firewall

Install NGINX and configure

Check NGINX config

Restart NGINX

Add domain in Digital Ocean

Add SSL with LetsEncrypt

Only valid for 90 days, test the renewal process with