Last active
November 2, 2020 18:12
-
-
Save tamzidoronno/787106299385defd9604d8688ca5bdf8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
**New User Create** | |
adduser romoni_deployer | |
usermod -aG sudo romoni_deployer | |
su - romoni_deployer | |
**Initial Server Setup** | |
ufw allow OpenSSH | |
ufw enable | |
ufw status | |
**Registering SSH Keys** | |
ssh-keygen | |
sudo nano ~/.ssh/authorized_keys | |
Added user public keys to this file | |
Give ownership of .ssh directory to new user: | |
chown -R sammy:sammy ~/.ssh | |
**Nginx Setup** | |
sudo apt update | |
sudo apt install nginx | |
sudo ufw allow 'Nginx HTTP' | |
sudo ufw status | |
**MySQL Setup** | |
sudo apt install mysql-server | |
sudo mysql_secure_installation | |
sudo mysql | |
mysql> SELECT user,authentication_string,plugin,host FROM mysql.user; | |
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password'; | |
mysql> FLUSH PRIVILEGES; | |
mysql> SELECT user,authentication_string,plugin,host FROM mysql.user; | |
mysql -u root -p | |
Create new user and grant privileges : | |
CREATE USER 'newuser'@'%' IDENTIFIED BY 'password'; | |
GRANT ALL PRIVILEGES ON * . * TO 'newuser'@'localhost'; | |
FLUSH PRIVILEGES; | |
sudo add-apt-repository universe | |
sudo apt install php-fpm php-mysql | |
sudo nano /etc/nginx/sites-available/romoni.com.bd | |
Added admin,partner,user portal & backend project server blocks | |
sudo ln -s /etc/nginx/sites-available/example.com.bd /etc/nginx/sites-enabled/ | |
sudo unlink /etc/nginx/sites-enabled/default | |
sudo nginx -t | |
sudo systemctl reload nginx | |
**Disable Root Login** | |
sudo nano ~/.ssh/sshd_config | |
To disable root login => PermitRootLogin no | |
service ssh restart | |
**Change SSH Port** | |
Add your public key to ~/.ssh/authorized_keys file in server | |
To change SSH settings in server edit the file /etc/ssh/sshd_config | |
To set port 41234 => Port 41234 | |
To disable password authentication for any user => PasswordAuthentication no | |
Restart ssh => sudo service ssh restart | |
To login to remote run the following command: ssh user@host_ip_address -p 41234 | |
**Change MySQL port** | |
sudo systemctl stop mysql.service | |
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf | |
port = what port you want (Ex: 3307 ) | |
sudo systemctl restart mysql.service | |
**Grant remote access to mysql** | |
mysql> GRANT ALL ON *.* TO fooUser@'1.2.3.4' IDENTIFIED BY 'my_password'; FLUSH PRIVILEGES; | |
Open the /etc/mysql/mysql.conf.d/mysqld.cnf file and comment the following line: | |
#bind-address = 127.0.0.1 | |
Allow mysql port from admin portal/ufw | |
**Gitlab config multiple accounts** | |
Added a config file in ~/.ssh/config file which looks like | |
User git | |
Hostname gitlab.com | |
IdentityFile ~/.ssh/id_rsa | |
TCPKeepAlive yes | |
IdentitiesOnly yes | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment