Last active
June 5, 2021 06:50
-
-
Save wildonion/9809326f32901bf8490cc09611f887cb to your computer and use it in GitHub Desktop.
VPS config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
.....[copy from local to vps using ssh] | |
sudo scp file_name user@ip:/home/$USER/ | |
.....[copy from vps to local using rsync excluding .git folder] | |
rsync -av -e ssh --exclude='.git' cds@cdsapply.com:/home/cds/cds2_cockpitBackend/ /home/wildonion/Documents/cds_backend_backup | |
.....[jekyll installation] | |
https://jekyllrb.com/docs/installation/ubuntu/ | |
.....[create new user uniXerr] | |
sudo useradd -s /bin/bash -d /home/uniXerr/ -m -G sudo uniXerr | |
sudo passwd uniXerr | |
.....[logout from currecnt user and login with new user to remove the old user] | |
sudo userdel ubuntu | |
.....[change host name from arvan host name to ubuntu by editing /etc/hosts and /etc/hostname files then restart vps from arvan panel] | |
.....[use key-pair authentication for ssh] | |
ssh-keygen -t ed25519 -C "uniXerr2017151997" >>>> generate private and public key in $HOME/.ssh on your local computer | |
ssh-copy-id -i $HOME/.ssh/uniXerr.pub uniXerr@ip_address >>>> copy generated public key from your local computer from $HOME/.ssh dir and paste it on $HOME/.ssh dir of vps | |
.....[update os to the latest version] | |
sudo apt update && sudo apt upgrade && sudo apt dist-upgrade && sudo apt install update-manager-core && sudo do-release-upgrade | |
YOU ARE READY TO GO AND INSTALL WHAT YOU WANT LIKE : nginx, anaconda(scientifics packages and jupyterhub), pm2 | |
CREATE CONDA ENV FOR YOUR PROJECTS LIKE : conda create --name uniXerr tensorflow && conda install tensorflow-gpu | |
REMEMBER TO ACTIVATE CONDA ENV WHERN YOU WANTO TO CODE : conda activate uniXerr | |
.....[gitlab installation] | |
sudo apt update && sudo apt upgrade | |
sudo apt install ca-certificates curl openssh-server postfix >>>>> you have to create a MX record for mail server | |
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash | |
sudo apt install gitlab-ce | |
sudo ufw allow http | |
sudo ufw allow https | |
sudo ufw allow OpenSSH | |
sudo nano /etc/gitlab/gitlab.rb >>>>> change your domain and enable letsencrypt for gitlab | |
sudo gitlab-ctl reconfigure >>>>> run it after every configuration | |
sudo gitlab-rake gitlab:backup:create >>>>> backup from gitlab | |
.....[gitea installation] | |
sudo apt update && sudo apt upgrade | |
sudo apt -y install nginx | |
sudo ufw enable | |
sudo ufw allow OpenSSH | |
sudo ufw allow 'Nginx Full' | |
sudo ufw allow 'Nginx HTTP' | |
sudo ufw allow htts | |
sudo ufw allow https | |
sudo apt -y install mariadb-server mariadb-client | |
sudo mysql_secure_installation | |
Enter current password for root (enter for none): Just press the Enter | |
Set root password? [Y/n]: Y | |
New password: Enter password | |
Re-enter new password: Repeat password | |
Remove anonymous users? [Y/n]: Y | |
Disallow root login remotely? [Y/n]: Y | |
Remove test database and access to it? [Y/n]: Y | |
Reload privilege tables now? [Y/n]: Y | |
sudo systemctl restart mariadb.service | |
sudo mysql -u root -p | |
CREATE DATABASE gitea; | |
CREATE USER 'gitea'@'localhost' IDENTIFIED BY 'new_password_here'; | |
GRANT ALL ON gitea.* TO 'giteauser'@'localhost' IDENTIFIED BY 'user_password_here' WITH GRANT OPTION; | |
FLUSH PRIVILEGES; | |
EXIT; | |
sudo adduser \ | |
--system \ | |
--shell /bin/bash \ | |
--gecos 'Git Version Control' \ | |
--group \ | |
--disabled-password \ | |
--home /home/git \ | |
git | |
sudo mkdir -p /var/lib/gitea/{custom,data,indexers,public,log} | |
sudo chown git:git /var/lib/gitea/{data,indexers,log} | |
sudo chmod 750 /var/lib/gitea/{data,indexers,log} | |
sudo mkdir /etc/gitea | |
sudo chown root:git /etc/gitea | |
sudo chmod 770 /etc/gitea | |
sudo wget -O gitea https://dl.gitea.io/gitea/*.*.*/gitea-*.*.*-linux-amd64 | |
sudo chmod +x gitea | |
sudo cp gitea /usr/local/bin/gitea | |
sudo nano /etc/systemd/system/gitea.service | |
[Unit] | |
Description=Gitea (Git with a cup of tea) | |
After=syslog.target | |
After=network.target | |
#After=mysqld.service | |
#After=postgresql.service | |
#After=memcached.service | |
#After=redis.service | |
[Service] | |
# Modify these two values and uncomment them if you have | |
# repos with lots of files and get an HTTP error 500 because | |
# of that | |
### | |
#LimitMEMLOCK=infinity | |
#LimitNOFILE=65535 | |
RestartSec=2s | |
Type=simple | |
User=git | |
Group=git | |
WorkingDirectory=/var/lib/gitea/ | |
ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini | |
Restart=always | |
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea | |
# If you want to bind Gitea to a port below 1024 uncomment | |
# the two values below | |
### | |
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE | |
#AmbientCapabilities=CAP_NET_BIND_SERVICE | |
[Install] | |
WantedBy=multi-user.target | |
sudo systemctl daemon-reload | |
sudo systemctl enable gitea | |
sudo systemctl start gitea | |
sudo nano /etc/nginx/sites-available/gitea | |
upstream gitea { | |
server 127.0.0.1:3000; | |
} | |
server { | |
listen 80 default_server; | |
listen [::]:80 default_server; | |
server_name gitea.unixerr.com; | |
root /var/lib/gitea/public; | |
access_log off; | |
error_log off; | |
location / { | |
try_files maintain.html $uri $uri/index.html @node; | |
} | |
location @node { | |
client_max_body_size 0; | |
proxy_pass http://localhost:3000; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_max_temp_file_size 0; | |
proxy_redirect off; | |
proxy_read_timeout 120; | |
} | |
} | |
sudo ln -s /etc/nginx/sites-available/gitea /etc/nginx/sites-enabled | |
sudo systemctl reload nginx.service | |
goto gitea.unixerr.com/install to setup gitea! | |
.....[enable https for nginx using letsencrypt] | |
sudo apt update | |
sudo apt install software-properties-common | |
sudo add-apt-repository universe | |
sudo add-apt-repository ppa:certbot/certbot | |
sudo apt update | |
sudo apt install certbot python3-certbot-nginx | |
sudo ufw allow OpenSSH | |
sudo ufw allow 'Nginx Full' | |
sudo ufw allow 'Nginx HTTP' | |
sudo certbot --nginx | |
.....[cockpit CMS installation] | |
sudo apt update && sudo apt upgrade | |
sudo apt install nginx | |
sudo apt install software-properties-common | |
sudo add-apt-repository ppa:ondrej/php && sudo apt update && sudo apt upgrade | |
sudo apt-cache show php | |
sudo apt install php7.4-cli php7.4-fpm php7.4-curl php7.4-gd php7.4-mysql php7.4-mbstring zip unzip | |
sudo apt install sqlite3 | |
sudo apt install php7.4sqlite3 | |
sudo apt autoremove && apt update | |
.....[nginx configuration for cockpit] | |
sudo micro /etc/nginx/sites-available/panel.unixerr.com | |
sudo ufw allow 36717 | |
++++create a CNAME record on arvan cloud panel with panel title under unixerr.com++++ | |
++++if you want add ssl to *.unixerr.com on different port just change 443 to your desired one++++ | |
server { | |
listen 36717; | |
listen [::]:36717; | |
root /home/uniXerr/sites/panel.unixerr.com/; | |
index index.php; | |
server_name panel.unixerr.com; | |
location ~ .sqlite$ { | |
deny all; | |
} | |
location ~ /\.ht { | |
deny all; | |
} | |
location / { | |
try_files $uri $uri/ /index.php$args; | |
} | |
location ~ \.php$ { | |
include snippets/fastcgi-php.conf; | |
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; | |
} | |
} | |
sudo ln -s /etc/nginx/sites-available/uniXerr.panel /etc/nginx/sites-enabled/uniXerr.panel | |
sudo nginx -t ......[ check if there was any error! ] | |
chmod -R a+w /home/uniXerr/sites/panel.unixerr.com | |
sudo systemctl restart nginx && sudo systemctl restart php7.4-fpm | |
[NAVIGATE TO unixerr.com:36717/install AND YOU ARE READY TO] | |
[MAKE SURE THE /storage/data FOLDER IS WRITABLE BY USING sudo chmod 777 storage/* COMMAND] | |
[CHECK nginx ERROR LOG FILES BY TYPING sudo cat /var/log/nginx/error.log] | |
[IF THERE WAS ANY FAILURE IN BINDING THE nginx PORT JUST TYPE sudo fuser -k <port>/tcp] | |
[AFTER EVERY CHANGE IN EACH server block JUST RESTART THE NGINX BY sudo systemctl restart nginx COMMAND] | |
[[[[[[[[[----LINKS----]]]]]]]]] | |
https://blog.devolutions.net/2017/3/what-is-reverse-ssh-port-forwarding | |
https://jerrington.me/posts/2019-01-29-self-hosted-ngrok.html | |
https://jekyll.github.io/jekyll-admin/self-hosting | |
svenbit.com/2014/09/run-ngrok-on-your-own-server/ | |
https://the-littlest-jupyterhub.readthedocs.io/en/latest/howto/admin/https.html#howto-admin-https | |
https://github.com/jupyterhub/jupyterhub/wiki/Installation-of-Jupyterhub-on-remote-server | |
https://medium.com/@jgefroh/a-guide-to-using-nginx-for-static-websites-d96a9d034940 | |
https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-with-http-2-support-on-ubuntu-18-04 | |
discourse.getcockpit.com/t/list-of-cockpit-addons/234 | |
digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-in-ubuntu-16-04 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment