Skip to content

Instantly share code, notes, and snippets.

@ttp

ttp/server_configuration.md

Created April 5, 2015 06:13
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save ttp/9b06c327b0918277d46b to your computer and use it in GitHub Desktop.
Save ttp/9b06c327b0918277d46b to your computer and use it in GitHub Desktop.
Download ZIP
New Ubuntu server configuration nginx, ruby, passenger, postgresql, php, wordpress, mysql
Raw
server_configuration.md

Locale fix

sudo vim /etc/default/locale

LANGUAGE=en_US.UTF-8
LANG=en_US.UTF-8
LC_TYPE=en_US.UTF-8
LC_ALL=en_US.UTF-8

reconfigure locales

sudo locale-gen en_US en_US.UTF-8
sudo dpkg-reconfigure locales
sudo reboot

Install mysql

Enter mysql root password: root_password

sudo apt-get install mysql-server libmysqlclient-dev
mysql -u root -p
mysql> CREATE DATABASE site_wordpress DEFAULT CHARACTER SET utf8;
mysql> GRANT ALL PRIVILEGES ON site_wordpress.* TO mysql_dev_user IDENTIFIED BY 'wordpress_password';

Intstall nginx and php5

  sudo apt-get install nginx php5-cli php5-fpm php5-mcrypt php5-mysql php5-gd

Add config value cgi.fix_pathinfo=0 to /etc/php5/fpm/php.ini

Generate nginx ssl keys

Enter pass phrase: ssl_password

  sudo mkdir /etc/nginx/ssl
  cd /etc/nginx/ssl
  sudo openssl genrsa -des3 -out server.key 2048
  sudo openssl req -new -key server.key -out server.csr
  sudo cp server.key server.key.org
  sudo openssl rsa -in server.key.org -out server.key
  sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Nginx wordpress site config

mkdir -p ~/www/wordpress
sudo rm /etc/nginx/sites-enabled/default
sudo touch /etc/nginx/sites-available/site_wordpress
sudo ln -s /etc/nginx/sites-available/site_wordpress /etc/nginx/sites-enabled/
sudo vim /etc/nginx/sites-available/site_wordpress

Virtual host config:

server {
    listen 80;
    server_name wordpress-example.com;
    
    root /home/user/www/wordpress;
    index index.php index.html index.htm;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }
}

server {
    listen 443;
    server_name wordpress-example.com;
    
    root /home/user/www/wordpress;
    index index.php index.html index.htm;

    ssl on;
    ssl_certificate /etc/nginx/ssl/server.crt;
    ssl_certificate_key /etc/nginx/ssl/server.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
    ssl_prefer_server_ciphers on;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }
}

Restart nginx

sudo service nginx restart

Install postgresql-9.4

sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ trusty-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | \
  sudo apt-key add -
sudo apt-get update
sudo apt-get install postgresql-9.4 libpq-dev
sudo pg_createcluster 9.4 main --start

Allow connections

sudo vim /etc/postgresql/9.4/main/postgresql.conf

and uncomment

listen_addresses = 'localhost'

Allow md5 authentication

sudo vim /etc/postgresql/9.4/main/pg_hba.conf

change peer to md5 for

local   all             all                     peer

restart postgresql

sudo service postgresql restart

Add postresql user and create db

sudo -u postgres psql
postgres> CREATE DATABASE site_db;
postgres> CREATE ROLE pg_dev_user WITH CREATEDB LOGIN PASSWORD 'password';

Install rvm & ruby

sudo apt-get install curl git-core build-essential zlib1g-dev libssl-dev libreadline-dev libyaml-dev libcurl4-openssl-dev libxml2-dev libxslt1-dev python-software-properties

gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
\curl -sSL https://get.rvm.io | bash -s stable
source /home/user/.rvm/scripts/rvm
rvm install ruby-2.1.5
rvm use 2.1.5 --default
gem install bundler

Install required deb packages

sudo apt-get install imagemagick nodejs

Install Phusion Passenger

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 561F9B9CAC40B2F7
sudo apt-get install apt-transport-https ca-certificates
sudo sh -c 'echo "deb https://oss-binaries.phusionpassenger.com/apt/passenger trusty main" >> /etc/apt/sources.list.d/passenger.list'
sudo apt-get update
sudo apt-get install nginx-full passenger

Set passenger config under http block

sudo vim /etc/nginx/nginx.conf

passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
passenger_ruby /home/user/.rvm/wrappers/ruby-2.1.5@site/ruby;

Add nginx site configuration

sudo touch /etc/nginx/sites-available/site_ruby
sudo ln -s /etc/nginx/sites-available/site_ruby /etc/nginx/sites-enabled/
sudo vim /etc/nginx/sites-available/site_ruby

Add virtual host config

server {
  listen 80;
  server_name ruby-example.com;
  root /home/user/www/site-ruby/current/public/;
  passenger_enabled on;
  rails_env production;
}

server {
  listen 443;

  server_name ruby-example.com;
  root /home/user/www/site-ruby/current/public/;
  passenger_enabled on;
  rails_env production;

  ssl on;
  ssl_certificate /etc/nginx/ssl/server.crt;
  ssl_certificate_key /etc/nginx/ssl/server.key;

  ssl_session_timeout 5m;

  ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
  ssl_prefer_server_ciphers on;
}

sudo service nginx restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment