izorwebid · January 12, 2022 15:07 · Jan 12, 2022 · Jan 12, 2022 · Oct 2, 2019 · Sep 25, 2019
diff --git a/node_nginx_ssl.md b/node_nginx_ssl.md
@@ -167,3 +167,14 @@ sudo certbot certonly --nginx
 ```
 
 Now visit https://yourdomain.com and you should see your Node app
+
+## 11. Test automatic renewal
+The Certbot packages on your system come with a cron job or systemd timer that will renew your certificates automatically before they expire. You will not need to run Certbot again, unless you change your configuration. You can test automatic renewal for your certificates by running this command:
+```
+sudo certbot renew --dry-run
+```
+
+The command to renew certbot is installed in one of the following locations:
+* /etc/crontab/
+* /etc/cron.*/*
+* systemctl list-timers
diff --git a/node_nginx_ssl.md b/node_nginx_ssl.md
@@ -24,7 +24,7 @@ There are a few ways to get your files on to the server, I would suggest using G
 git clone yourproject.git
 ```
 
-### 5. Install dependencies and test app
+## 5. Install dependencies and test app
 ```
 cd yourproject
 npm install
@@ -106,7 +106,7 @@ Choose "Custom nameservers" and add these 3
 
 It may take a bit to propogate
 
-10. Add SSL with LetsEncrypt
+## 10. Add SSL with LetsEncrypt
 ```
 sudo add-apt-repository ppa:certbot/certbot
 sudo apt-get update
@@ -117,4 +117,53 @@ sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
 certbot renew --dry-run
 ```
 
+### Install Certbot in Ubuntu with PIP
+```
+sudo apt install python3 python3-venv libaugeas0
+sudo python3 -m venv /opt/certbot/
+sudo /opt/certbot/bin/pip install --upgrade pip
+```
+- for apache
+```
+sudo /opt/certbot/bin/pip install certbot certbot-apache
+```
+- for nginx
+```
+sudo /opt/certbot/bin/pip install certbot certbot-nginx
+```
+- Create a symlink to ensure Certbot runs:
+```
+sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
+```
+
+### Install Certbot in Ubuntu with snapd
+```
+sudo apt install snapd
+sudo snap install core; sudo snap refresh core
+sudo snap install --classic certbot
+sudo ln -s /snap/bin/certbot /usr/bin/certbot
+```
+
+### Create an SSL Certificate with Certbot
+
+- for apache
+```
+sudo certbot --apache
+```
+- for nginx
+```
+sudo certbot --nginx
+```
+
+- Create SSL certs for a specified domain (recommended for using your system hostname):
+```
+sudo certbot --apache -d example.com -d www.example.com
+```
+
+- only install ssl
+```
+sudo certbot certonly --apache
+sudo certbot certonly --nginx
+```
+
 Now visit https://yourdomain.com and you should see your Node app
diff --git a/node_nginx_ssl.md b/node_nginx_ssl.md
@@ -54,9 +54,9 @@ pm2 startup ubuntu
 ```
 sudo ufw enable
 sudo ufw status
-sudo ufw enable ssh (Port 22)
-sudo ufw enable http (Port 80)
-sudo ufw enable https (Port 443)
+sudo ufw allow ssh (Port 22)
+sudo ufw allow http (Port 80)
+sudo ufw allow https (Port 443)
 ```
 
 ## 8. Install NGINX and configure

diff --git a/node_nginx_ssl.md b/node_nginx_ssl.md
@@ -1,6 +1,6 @@
 # Node.js Deployment
 
-> Steps to deploy a Node.js app to Digital Ocean using PM2, NGINX as a reverse proxy and an SSL from LetsEncrypt
+> Steps to deploy a Node.js app to DigitalOcean using PM2, NGINX as a reverse proxy and an SSL from LetsEncrypt
 
 ## 1. Sign up for Digital Ocean
 If you use the referal link below, you get $10 free (1 or 2 months)

diff --git a/node_nginx_ssl.md b/node_nginx_ssl.md
@@ -83,7 +83,7 @@ Add the following to the location part of the server block
 sudo nginx -t
 
 # Restart NGINX
-sudo service restart nginx
+sudo service nginx restart
 ```
 
 ### You should now be able to visit your IP with no port (port 80) and see your app. Now let's add a domain

diff --git a/node_nginx_ssl.md b/node_nginx_ssl.md
@@ -0,0 +1,120 @@
+# Node.js Deployment
+
+> Steps to deploy a Node.js app to Digital Ocean using PM2, NGINX as a reverse proxy and an SSL from LetsEncrypt
+
+## 1. Sign up for Digital Ocean
+If you use the referal link below, you get $10 free (1 or 2 months)
+https://m.do.co/c/5424d440c63a
+
+## 2. Create a droplet and log in via ssh
+ I will be using the root user, but would suggest creating a new user
+
+## 3. Install Node/NPM
+```
+curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
+
+sudo apt install nodejs
+
+node --version
+```
+
+## 4. Clone your project from Github
+There are a few ways to get your files on to the server, I would suggest using Git
+```
+git clone yourproject.git
+```
+
+### 5. Install dependencies and test app
+```
+cd yourproject
+npm install
+npm start (or whatever your start command)
+# stop app
+ctrl+C
+```
+## 6. Setup PM2 process manager to keep your app running
+```
+sudo npm i pm2 -g
+pm2 start app (or whatever your file name)
+
+# Other pm2 commands
+pm2 show app
+pm2 status
+pm2 restart app
+pm2 stop app
+pm2 logs (Show log stream)
+pm2 flush (Clear logs)
+
+# To make sure app starts when reboot
+pm2 startup ubuntu
+```
+### You should now be able to access your app using your IP and port. Now we want to setup a firewall blocking that port and setup NGINX as a reverse proxy so we can access it directly using port 80 (http)
+
+## 7. Setup ufw firewall
+```
+sudo ufw enable
+sudo ufw status
+sudo ufw enable ssh (Port 22)
+sudo ufw enable http (Port 80)
+sudo ufw enable https (Port 443)
+```
+
+## 8. Install NGINX and configure
+```
+sudo apt install nginx
+
+sudo nano /etc/nginx/sites-available/default
+```
+Add the following to the location part of the server block
+```
+    server_name yourdomain.com www.yourdomain.com;
+
+    location / {
+        proxy_pass http://localhost:5000; #whatever port your app runs on
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+    }
+```
+```
+# Check NGINX config
+sudo nginx -t
+
+# Restart NGINX
+sudo service restart nginx
+```
+
+### You should now be able to visit your IP with no port (port 80) and see your app. Now let's add a domain
+
+## 9. Add domain in Digital Ocean
+In Digital Ocean, go to networking and add a domain
+
+Add an A record for @ and for www to your droplet
+
+
+## Register and/or setup domain from registrar
+I prefer Namecheap for domains. Please use this affiliate link if you are going to use them
+https://namecheap.pxf.io/c/1299552/386170/5618
+
+Choose "Custom nameservers" and add these 3
+
+* ns1.digitalocean.com
+* ns2.digitalocean.com
+* ns3.digitalocean.com
+
+It may take a bit to propogate
+
+10. Add SSL with LetsEncrypt
+```
+sudo add-apt-repository ppa:certbot/certbot
+sudo apt-get update
+sudo apt-get install python-certbot-nginx
+sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
+
+# Only valid for 90 days, test the renewal process with
+certbot renew --dry-run
+```
+
+Now visit https://yourdomain.com and you should see your Node app
No results found