Publish Node.js app to SSH server

steps.md

Docker setup

1. Install docker/docker-compose
2. Clone the repo
3. docker-compose up -d inside the app folder

Nginx setup

1. sudo apt install nginx
2. sudo unlink /etc/nginx/sites-enabled/default
3. cd /etc/nginx/sites-available and vim reverse-proxy.conf and paste the code in the first appendix
4. ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf
5. service nginx configtest to check if the Nginx config are fine

Firewall setup

1. ufw allow OpenSSH
2. ufw allow 'Nginx Full'
3. ufw enable

Certbot setup

1. apt install certbot python3-certbot-nginx
2. sudo certbot --nginx -d example.com -d www.example.com
3. systemctl status certbot.timer and certbot renew --dry-run to check if the certbot's auto-renew is working
4. Update your reverse-proxy.conf with the code in the second appendix

Appendix

server {

    listen 80;

    location / {

        proxy_pass http://127.0.0.1:3000;

    }

}

server {
    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    listen 80;


    location / {

        proxy_pass http://127.0.0.1:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

References

• https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-20-04
• https://www.hostinger.com.br/tutoriais/proxy-reverso-nginx
• https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04