Skip to content

Instantly share code, notes, and snippets.

@codinginflow
Last active January 14, 2024 13:01
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save codinginflow/4ed9bb9762b4bd8586b6ee7d1fb9431b to your computer and use it in GitHub Desktop.
Save codinginflow/4ed9bb9762b4bd8586b6ee7d1fb9431b to your computer and use it in GitHub Desktop.
Deploy & Secure Your MERN App

Tutorial:

https://www.youtube.com/watch?v=svEs1TafR7E

Note: You need to follow the tutorial in order to understand when and how to use the commands below

Commands used in the tutorial:

  • First login: ssh root@<your-server-ip>

  • Update Linux packages: apt update & apt upgrade

  • Create user and add to sudo group: adduser <username> & usermod -aG sudo <username>

  • Logout from server: logout

  • Login as user: ssh <username>@<your-server-ip>

  • Check if sudo works: sudo -v

  • Create SSH key folder: mkdir ~/.ssh && chmod 700 ~/.ssh

  • Generate SSH keys (run on your local machine): ssh-keygen -b 4096

  • Send SSH keys to server:

    • Windows: scp $env:USERPROFILE/.ssh/id_rsa.pub <username>@<your-server-ip>:~/.ssh/authorized_keys
    • Mac: scp ~/.ssh/id_rsa.pub <username>@<your-server-ip>:~/.ssh/authorized_keys
    • Linux: ssh-copy-id <username>@<your-server-ip>
  • Open SSH configuration: sudo nano /etc/ssh/sshd_config

  • List of reserved ports you should avoid for SSH: https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml

  • Restart SSH: sudo systemctl restart sshd

  • Login as user with your new SSH port: ssh <username>@<your-server-ip> -p <ssh-port-number>

  • Install Firewall: sudo apt install ufw

  • Show Firewall status: sudo ufw status

  • Allow ports in Firewall: sudo ufw allow + <ssh-port-number> / http / https

  • Enable Firewall: sudo ufw enable

  • Modify Firewall rules: sudo nano /etc/ufw/before.rules

    • Disable pings: -A ufw-before-input -p icmp --icmp-type echo-request -j DROP
  • Reboot server: sudo reboot

  • NodeJS installation commands: https://github.com/nodesource/distributions#installation-instructions

  • Check Node + NPM version: node --version, npm --version

  • Install Git & check version: sudo apt install git, git --version

  • Create an apps folder: mkdir apps

  • Clone your repository: git clone <your-repo-url>

  • See files inside a folder: ls (+ -a to show hidden files)

  • Change directory: cd + <folder-name> / .. (go back)

  • Open/modify files in Nano: nano <filename>

  • Install packages (inside folders with a package.json): npm install

  • Build React code (frontend folder): npm run build

  • Install TypeScript: sudo npm install -g typescript

  • Compile TypeScript (backend folder): tsc

  • PM2 docs (with commands): https://pm2.keymetrics.io/

    • Note: You need to prepend sudo when installing PM2 globally
  • Start server with PM2 (after compiling TypeScript): pm2 start dist/server.js

  • Install NGINX: sudo apt install nginx

  • Modify NGINX configuration: sudo nano /etc/nginx/sites-available/default

    • NGINX config changes (pay attention to the comments):
    root /home/florian/apps/MERN-course/frontend/build; # Use your own username & code path
    
    server_name codinginflow-sample.com www.codinginflow-sample.com; # Use your own domain
    
    location / {
        	try_files $uri /index.html;
    }
    
    location /api/ {
        proxy_pass http://localhost:5000; # Use your own port
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
    
  • Check if NGINX config is valid: sudo nginx -t

  • Restart NGINX: sudo service nginx restart

  • Certbot instructions (SSL): https://certbot.eff.org/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment