Skip to content

Instantly share code, notes, and snippets.

@tagrudev

tagrudev/ubuntu-server.textile

Created June 16, 2014 08:46
Show Gist options
  • Save tagrudev/2381f7dfc12172e3e0aa to your computer and use it in GitHub Desktop.
Save tagrudev/2381f7dfc12172e3e0aa to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ubuntu-server.textile

http://redcloth.org/

Setup Ubuntu Server

All commands need to be executed as root

sudo su

Server data architecture

.
|-- data
|   |-- apps
|   |   |-- example.com
|   |   `-- staging.example.com
|   |-- mongodb
|   |-- git
|   |   |-- gitosis
|   |   `-- repositories
|   |       `-- organization
|   |           `-- example.git
|   `-- mysql
|       |-- example_production
|       `-- example_staging
`-- etc
    `-- nginx
        |-- nginx.conf
        `-- vhosts
            |-- example.com.conf
            `-- staging.example.com.conf
mkdir -p /data

Check and set locale if it is necessary

root@server:~# locale
LANG=en_US.utf8
LC_CTYPE="en_US.utf8"
LC_NUMERIC="en_US.utf8"
LC_TIME="en_US.utf8"
LC_COLLATE="en_US.utf8"
LC_MONETARY="en_US.utf8"
LC_MESSAGES="en_US.utf8"
LC_PAPER="en_US.utf8"
LC_NAME="en_US.utf8"
LC_ADDRESS="en_US.utf8"
LC_TELEPHONE="en_US.utf8"
LC_MEASUREMENT="en_US.utf8"
LC_IDENTIFICATION="en_US.utf8"
LC_ALL=en_US.utf8
locale-gen en_US.UTF-8

Setup me

adduser alex
export EDITOR=vim
visudo
Gi alex    ALL=(ALL) ALL
:wq

Type Ctrl + D

ssh-copy-id -i ~/.ssh/id_rsa.pub alex@remote-host

Install needed stuff

apt-get install aptitude
aptitude upgrade
aptitude install curl git-core exuberant-ctags libxml2-dev libxslt-dev libcurl4-openssl-dev libpcre3-dev imagemagick

Install rvm & ruby-1.9.2

bash < <(curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer)
echo "if groups | grep -q rvm ; then
  source "/usr/local/rvm/scripts/rvm"
fi
" >> ~/.bashrc
adduser root rvm
aptitude install build-essential bison openssl libreadline6 libreadline6-dev curl git-core \
zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt-dev \
autoconf libc6-dev ncurses-dev
rvm install 1.9.2 && rvm use 1.9.2 --default

Copy .gemrc file to $HOME

cd ~ && wget --no-check-certificate http://github.com/drydevelopment/dotfiles/raw/master/.gemrc
gem install bundler wirble hirb hirb-unicode ripl ripltools ripl-rails
echo "require 'ripltools'" >> ~/.riplrc

Setup deployer

adduser deploy
adduser deploy rvm

Ctrl + D

ssh-copy-id -i ~/.ssh/deploy.pub deploy@remote-host

Add rvm source to .bashrc like in install rvm step

Setting up Passenger and Nginx

gem install passenger
cd /tmp && wget http://nginx.org/download/nginx-1.0.5.tar.gz
tar zxvf nginx-1.0.5.tar.gz && cd nginx-1.0.5
./configure \
--sbin-path=/usr/local/sbin \
--conf-path=/etc/nginx/nginx.conf \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--user=deploy --group=deploy \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_dav_module \
--with-http_flv_module \
--with-sha1=/usr/lib \
--add-module=`passenger-config --root`/ext/nginx
mkdir /var/lib/nginx
mkdir -p /data/apps && chown deploy:deploy /data/apps

Nginx init script

curl -L https://raw.github.com/gist/1121022/nginx > /etc/init.d/nginx
chmod +x /etc/init.d/nginx
update-rc.d nginx defaults
service nginx start

Install MySQL

aptitude install mysql-server mysql-client libmysqlclient16-dev
service mysql stop
mv /var/lib/mysql /data/mysql
ln -s /data/mysql /var/lib/mysql
vim /etc/mysql/my.cnf
[client]
default-character-set = utf8
[mysqld]
default-character-set = utf8
collation-server = utf8_unicode_ci
character-set-server = utf8
[mysql]
default-character-set   = utf8

Add staging user for all staging apps

service mysql start
mysql -uroot -p
GRANT ALL PRIVILEGES ON  `%\_staging` . * TO  'staging'@'localhost' IDENTIFIED BY  '***';
GRANT ALL PRIVILEGES ON  `%\_production` . * TO  'production'@'localhost' IDENTIFIED BY  '***';

Setting up gitosis

cd ~/sources
git clone git://eagain.net/gitosis.git
cd gitosis
aptitude install python-setuptools
python setup.py install
adduser \
--system \
--shell /bin/sh \
--gecos 'git version control' \
--group \
--disabled-password \
--home /data/git \
git
# @local-host
scp ~/.ssh/id_rsa.pub alex@remote-host:/tmp/alex.pub
sudo -H -u git gitosis-init < /tmp/alex.pub
chmod u+x /data/git/repositories/gitosis-admin.git/hooks/post-update

Disable root and tweak sshd

sudo su 
passwd -l root
vim /etc/ssh/sshd_config
 PermitRootLogin no
 PasswordAuthentication no
:wq
service ssh restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment