Home » Blogs

How to Correctly Set Up Your VPS?

296

September 20, 2023 · Vineet Agarwal

How to Correctly Set Up Your VPS?
Content & Prerequisites

Prerequisites

  • A VPS (Virtual Private Server) already set up.
  • Basic understanding of Linux commands and terminal usage.
  • A domain name pointed to your VPS IP address (for SSL certification).
  • SSH access to your VPS with a non-root user.

Content Overview


What is a VPS?

A VPS (Virtual Private Server) is a type of hosting service that provides a virtualized server environment. It acts like a dedicated physical server but is actually a virtual machine created by partitioning a physical server into multiple virtual servers. Each VPS runs its own operating system and has dedicated resources, such as CPU, RAM, and storage, which are isolated from other VPS instances on the same physical server.

Setting up VPS

Before starting, ensure your VPS is ready. Let’s get started!

  • Update Your Server

    Once you've logged into your VPS via SSH, the first step is to update your package lists to ensure you're working with the latest versions.

    sudo apt update && sudo apt upgrade -y

  • Setup user account

    Whenever you log in to a new VPS, always set up a user account. It's not a good idea to work as the root user.

    sudo adduser vineet # replace with your username
sudo usermod -aG sudo vineet # grant sudo privileges to your user
su - vineet # switch to your new user

  • SSH using new user

    Now that we've set up the new user, we should configure SSH login for that user.

    # follow these steps after completing the previous one
mkdir -p ~/.ssh # create the .ssh directory
chmod 700 ~/.ssh # set permissions for the directory
sudo cp /home/ec2-user/.ssh/authorized_keys /home/new-user/.ssh/ # copy SSH keys to the new user's .ssh folder
sudo chown new-user:new-user /home/new-user/.ssh/authorized_keys # change ownership of the keys
chmod 600 /home/new-user/.ssh/authorized_keys

    Now, log out and try logging back in as new-user@your-ip-address.

Installing necessary softwares

To host your web applications on a VPS, you'll need some essential software. We'll cover how to install Node.js, PM2, Nginx, and Certbot. These tools will help you deploy, manage, and secure your applications. For this demonstration, we'll deploy a Next.js project, but you should install software based on your specific application's needs.

  • Installing Nodejs

    Since we're deploying a Next.js project, we need Node.js. However, feel free to install the runtime environment that suits your project (such as Python, Ruby, etc.).

    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash 
source ~/.bashrc # activate your nvm 
nvm intall --lts # install the latest LTS version of node

  • Installing PM2

PM2 is a production process manager for Node.js applications. It helps keep your app running, even after a server reboot.

 npm install -g pm2

  • Installing NGINX

    Nginx is a high-performance web server that you can use as a reverse proxy to serve your application. 
     snap install nginx
 systemctl start nginx
 systemctl enable nginx

  • Configuring NGINX

    Now we need to configure our reverse proxy to allow Nginx to forward incoming requests directed to the "server_name" to the local port where your application is running, as specified in the Nginx configuration. 
    sudo nano /etc/nginx/sites-available/default
    Edit the file as follows 
     server{ 
          
 listen 80;
 server_name blog.vineet.tech;
          
 location / { 
       proxy_pass http://localhost:3000; # Change 3000 to the port your app is running on
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection 'upgrade';
       proxy_set_header Host $host;
       proxy_cache_bypass $http_upgrade;
      }
  }
    After making these changes, check for any syntax errors and restart Nginx: 
      nginx -t # checks for errors 
  systemctl restart nginx

  • Installing Git

     apt-get install git

  • Configuring git login through ssh

    We need to log in to our GitHub account on the VPS to access private repositories (if any) via SSH. 
    cd ~/.ssh # go to your .ssh folder
ssh-keygen -o -t rsa -C "email@example.com" # use the kye-gen command to generate the key pairs
cat id_rsa.pub # Run `cat id_rsa.pub` and add the displayed key to your GitHub account under SSH keys.

Starting your app

For now, I'm starting the blog app that you're currently reading, and I'll be using PM2 to manage the process and handle restarts. Since I'm using PM2, I’ll create an ecosystem.config.js file to simplify starting and stopping processes.

# root_of_your_project/ecosystem.config.js

module.exports = {
  apps: [
    {
      name: "blog",
      exec_mode: "fork",
      instances: "1",
      script: "./node_modules/next/dist/bin/next",
      args: "start",
      exp_backoff_restart_delay: 100,
      watch: true,
      max_memory_restart: "400M",
    },
  ],
};

After the above file is saved, run pm2 start

  pm2 start ecosystem.config.js # to start your app 
  pm2 save # saves the current PM2 process list to a file so that PM2 can automatically restore these processes after a reboot or restart.

Please ensure that the port your app is running on is correctly configured in the Nginx configuration. Additionally, verify that your domain is properly pointed to the VPS IP address

My blog app is now hosted and available, but it isn't accessible over HTTPS due to the absence of an SSL certificate

image image

SSL certification

Our blog app is now hosted and accessible, but it's currently not available over HTTPS due to the absence of an SSL certificate. To enable HTTPS, we will use Certbot, a free, open-source tool that automates the process of obtaining and renewing SSL certificates via Let's Encrypt.

Why Certbot?

Certbot makes it easy to secure your website with an SSL certificate. It automatically fetches and renews certificates and configures Nginx (or other web servers) to use them, enabling HTTPS for your domain

Let's get started.

 sudo apt-get remove certbot # remove the pre existing certbot
 sudo snap install --classic certbot # install certbot 
 sudo ln -s /snap/bin/certbot /usr/bin/certbot # prepare the certbot command 
 sudo certbot --nginx # answer all the prompts

Once you've correctly answered all the prompts during the Certbot setup, you will be prompted to select the domain(s) for which you want to enable SSL. Choose your preferred domain(s), and Certbot will proceed to generate and install the SSL certificate. Once complete, your website will be fully secured over HTTPS

image

Conclusion

By following the steps in this guide, you've successfully set up your VPS, configured essential software, deployed your blog application using PM2, and secured it with an SSL certificate via Certbot. You can now run your applications efficiently and securely on your VPS.

Keep this setup in mind for future VPS-based projects and adjust the software stack based on the application requirements.

Vineet Agarwal