Server management commands

Service Management

Server management commands

Firewall

1. To enable firewall:
   sudo ufw enable

2. Before logging out, immediately run this command
   sudo ufw allow 22
   This is a command that is used to add any port in firewall. For example, if you want to use postgresql and access it from outside, you need to allow 5432 port i.e.
   sudo ufw allow 5432

3. Add rule to be allowed from specific ip pool
   sudo ufw allow from 110.93.0.0/16 to any port [PORT]

4. To check list of allowed ports through firewall
   sudo ufw status numbered

5. To delete a port from firewall, copy id of the port from above listing command. When receive id, then execute:
   sudo ufw delete [id]

Postgresql Remote Connections

To adding new ip to postgres remote connections

1. cd /etc/postgresql/16/main (Version can be changed from 16)
2. sudo nano pg_hba.conf
3. Add a new row at the end of file: host all all 110.93.0.0/16 md5

• Above command will add ip pool starting from 110.93
  -To add absolute ip address, replace with actual ip address

4. Restart PostgreSQL service by executing:
   sudo systemctl restart PostgreSQL

NGINX Configuration for Nodejs API

1. To deploy a nodejs api, go to /etc/nginx/sites-available, and create a new file. Add following contents to it:

upstream mynodeapp {
    server 127.0.0.1:3003;
}
server {
    #server_name _; #Uncomment this if you want to keep it on ip
    #server_name domain.com www.domain.com; #Uncomment this if you want to deploy on a domain
    location / {
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   Host      $http_host;
        proxy_pass         http://mynodeapp;
    }
}

• Make sure that the port you provide is the one you want to host your application on. In this case, port is 3003

• This application will host directly on ip with port, and not on any subdomain
  -To host this application on a domain, instructions are given in the above snippet

• After setting the site file, enable it by:
  sudo ln -s /etc/nginx/sites-available/[filename] /etc/nginx/sites-enabled/

• Test nginx configuration:
  sudo nginx -t
  If there is an error, this command will show the error

• Restart nginx:
  sudo systemctl restart nginx

NGINX Configuration for Web Portal

1. To deploy a web portal, go to /etc/nginx/sites-available, and create a new file. Add following contents to it:

server {
    listen 81;

    #server_name _; #Uncomment this if you want to keep it on ip
    #server_name domain.com www.domain.com; #Uncomment this if you want to deploy on a domain

    root /var/www/stg.admin/build; #Path of the webportal
    index index.html;
    location / {
       try_files $uri $uri/ /index.html;
    }

}

If you DO NOT provide a port number, it will host on port 80 and if there is already a website hosted on same port, nginx will present error

• Make sure that the port you provide is the one you want to host your application on. In this case, port is 81

• This application will host directly on ip with port, and not on any subdomain
  -To host this application on a domain, instructions are given in the above snippet

• After setting the site file, enable it by:
  sudo ln -s /etc/nginx/sites-available/[filename] /etc/nginx/sites-enabled/

• Test nginx configuration:
  sudo nginx -t
  If there is an error, this command will show the error

• Restart nginx:
  sudo systemctl restart nginx

Set folder permissions

sudo chown -R www-data:www-data /var/www/path;
sudo chmod 600 /var/www/path/.env;