Last active
April 24, 2025 21:18
-
-
Save ericandrewlewis/80bf56e83b838767ba6cbd1203fcb03c to your computer and use it in GitHub Desktop.
Revisions
-
ericandrewlewis revised this gist
Oct 14, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ # All the steps and code snippets from my tutorial series [Set up an Ubuntu Web Server on an Intel NUC](https://www.youtube.com/playlist?list=PLjwDNSlPlIIunYlhIRuftmmPmMZlze6WJ) ## Get an image -
Oct 14, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ # All the steps and code snippets from my tutorial series [Set up an Ubuntu Web Server on an Intel Nuc](https://www.youtube.com/playlist?list=PLjwDNSlPlIIunYlhIRuftmmPmMZlze6WJ) ## Get an image -
Oct 14, 2018 . 1 changed file with 28 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -129,12 +129,35 @@ sudo docker run \ nginx ``` ## Running Docker-based apps Edit the NGINX configuration at `~/apps/nginx-app-router/nginx.conf` to add a server block for the app, specifying the subdomain, port, and the NUC's static IP address: ``` server { listen 443 ssl; server_name next-subways.curious-directory.com; location / { proxy_pass http://192.168.1.100:8002; } } ``` Build a Docker image: ```bash sudo docker build --tag next-subways . ``` Run the image: ```bash sudo docker run \ --detach \ --publish 8002:8080 \ --env NODE_ENV='production' \ --env MTA_API_KEY=$API_KEY \ --restart always \ next-subways ``` -
Oct 14, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -136,5 +136,5 @@ edit the nginx configuration to specify the subdomains your apps will live on an Build an image ```bash sudo docker build --tag next-subway . ``` -
Oct 14, 2018 . 1 changed file with 6 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -131,4 +131,10 @@ sudo docker run \ edit the nginx configuration to specify the subdomains your apps will live on and what local port they can be found on. ## Running Docker-based apps Build an image ```bash docker build --tag next-subway . ``` -
Oct 14, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -120,7 +120,7 @@ and then I ran ```bash sudo docker run \ --volume /home/eric/apps/nginx-app-router/nginx.conf:/etc/nginx/nginx.conf:ro \ --volume /etc/letsencrypt:/etc/letsencrypt \ --publish 80:80 \ --publish 443:443 \ -
Oct 14, 2018 . No changes.There are no files selected for viewing
-
Oct 14, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,134 @@ This is a rundown of all the steps and code snippets from my tutorial series [Set up an Ubuntu Web Server on an Intel Nuc](https://www.youtube.com/playlist?list=PLjwDNSlPlIIunYlhIRuftmmPmMZlze6WJ) ## Get an image [Get an Ubuntu image for your NUC](https://www.ubuntu.com/download/iot/intel-nuc-desktop) ## Update the apt repositories ```bash apt update -y & apt upgrade -y ``` ## Don't let the computer sleep at the login screen, so it's always up. ```bash sudo su su lightdm -s /bin/bash dbus-launch gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-timeout 0 exit exit ``` ## Setup a static IP address 1. Go to `Network > Choose your Network > IPv4 Settings` 1. Set "Method" to "Manual" 1. Add a static IP address, I picked `192.168.1.100` 1. Set the netmask. You can find the netmask by running `ifconfig` 1. Set the gateway. You can find the gateway by running `ip route show` 1. Set DNS servers, I used Google's `8.8.8.8, 8.8.4.4` ## Port Forwarding Log in to your router's admin and configure port forwarding for `80`, `443`, and `22222` (or whatever port you pick for ssh) ## Configure SSH Install open ssh server ```bash sudo apt install -y openssh-server ``` Edit `/etc/sshd_config` and change the Port to your preferred port Create a keypair on your computer, and send it to the server: ```bash ssh-copy-id -i ~/.ssh/keyfilenamehere user@host -p 22222 ``` Add this config to the bottom of `/etc/sshd_config` to disable password login: ``` ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no ``` ## Fail2ban Install fail2ban ```bash sudo apt install -y fail2ban ``` Copy the fail2ban default configuration to a file we can safely edit ``` sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local ``` Edit the `/etc/fail2ban/jail.local` file, and scroll to the `[ssh]` jail section, add: ``` enabled = true ``` Change the port to the port ssh is running on (22222 for me) Restart fail2ban to apply configuration changes: ``` sudo systemctl restart fail2ban ``` ## Dynamic DNS I use [no-ip](https://www.noip.com/)... get a wilcard domain name that comes with Dynamic DNS. Set up their dynamic updater so the Dynamic DNS part works. ## Certbot Install Certbot ```bash sudo apt-get update -y sudo apt-get install -y software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update -y sudo apt-get install -y certbot ``` Get an HTTPS certificate and private key: ```bash sudo certbot certonly --standalone -d example.com -d www.example.com ``` ## Install Docker Install [Docker for Ubuntu](https://docs.docker.com/install/linux/docker-ce/ubuntu/) ## Setup an NGINX application router I added [this nginx config](https://gist.github.com/ericandrewlewis/b64f86423dcdd7789914e55606a33494) into ~/apps/nginx-app-router/nginx.conf and then I ran ```bash sudo docker run \ --volume /home/eric/apps/virtual-host-proxy/nginx.conf:/etc/nginx/nginx.conf:ro \ --volume /etc/letsencrypt:/etc/letsencrypt \ --publish 80:80 \ --publish 443:443 \ --detach \ --restart always \ nginx ``` edit the nginx configuration to specify the subdomains your apps will live on and what local port they can be found on.