Initial Server Setup Guide for Deploying Apps

Ajay Choudhury 04 Aug, 2021 5 mins
Initial Server Setup Guide for Deploying Apps

This guide walks you through some of the basic setups you should perform on your newly created Ubuntu server to adhere to the best practices and to increase the reliability, security and usability of your server. This guide is prepared on a DigitalOcean droplet with Ubuntu 20.04LTS but the steps remain the same on Ubuntu 18.04LTS as well.

There are basically 5 steps in total for setting up a new server initially. You can browse through them on the table of contents below.

Step 1: Launching a Server or Droplet (using DigitalOcean here)

Launching your own server or droplet in DigitalOcean is very simple and in a matter of a few clicks, you will be ready with a brand new server on the cloud. First of all, sign up on DigitalOcean with a valid credit or debit card (get $100 to try out DigitalOcean on sign up).

Next, you will be able to create your own projects. Projects are basically like folders inside which you can manage and organize your servers, storage and other services, also projects are free to create in DigitalOcean. Fill in the essential details and create your project.

Create your first project

Inside the project, you will be able to create a droplet with configurations of your choice. Click on 'Get Started with a Droplet'.

Create a new droplet

Select Ubuntu 20.04LTS as the operating system.

Select Ubuntu 20.04 as OS

We will select the basic droplet costing $6/month (1Gb memory and 1vCPU) for this tutorial.

Select a basic server for testing

Select the location of the server, the closer it is to your target audience, the better results it produces.

Select the location closest to the target audience

Select the free and optional services you need, and create a strong password if you have not created an SSH key already (you can create it later).

Create a strong password or use SSH key

Now, give a name to your server and hit the 'Create Droplet' button. You will need to wait for a few seconds until the server is ready to use.

Launch the droplet

Here, is the public IP of your server. You can now move on to the next step to set up your server for production uses.

Get the public IP of your server

Step 2: Log in as Root User

You need to log in to your server as the root user to operate further. To log in, you will need the server's public IP address and the root access password or SSH key (based on your server setup). You can log in to your server through the terminal/PowerShell by the following command. Replace server_ip with your server's IP address.

ssh root@server_ip

Step 3: Add a User

If you are using an SSH key then you won't be asked to enter the password and you will be able to log in directly into your server with root permissions. Now, I will add a user ajay as a non-root user, make sure you replace ajay with the username of your choice.

adduser ajay

Next, you will be asked for a password, provide a random and strong password (You can use this password generator) and then optionally, provide the rest of the information, they are not necessary and you can skip them by simply hitting the enter button.

Step 4: Grant Superuser Privileges

We will now grant our non-root user the administrator privileges i.e. root privileges. We might require to perform some administrative tasks at some point, then it is undesirable to log in separately as the root user and perform the task, rather we will grant our non-root user, the administrative privileges so we can run any administrative tasks by simply putting the tag sudo before the command. To grant your user superuser privileges run the following command for your username.

usermod -aG sudo ajay

Step 5: Enable UFW Firewall

Ubuntu servers can utilize the UFW firewall (Uncomplicated firewall) to make sure only connections to specific services are allowed. We will allow only SSH connections to our server currently and hence, we will first add OpenSSH to the allowed list using the command below.

ufw allow OpenSSH

We have added OpenSSH to the allowed list and next, we will enable the firewall which in result will allow connections to the allowed services only.

ufw enable

Press y followed by the enter key to proceed further. The firewall should be active and running now, you can check the status of the firewall with the help of the following command. (It should show active in status).

ufw status

We are done with our initial server set-up at this point if you are not using an SSH key to log in to the server. If you are not using an SSH key, you can happily log in with your non-root user in another terminal session and check if superuser privileges are granted properly for the new user by running any command with sudo tag (e.g. sudo apt-get update). If everything works correctly you can close your root session and continue with the non-root user.

Setting Up SSH Key Authentication for non-root User

If you are using SSH key authentication for the root user then, the non-root user won't be allowed automatically to use the same SSH key for entry. You will have to copy the public key from the root user's authorized keys to the non-root user's authorized keys. This can be done using the following command. Make sure you replace my username with yours.

rsync --archive --chown=ajay:ajay ~/.ssh /home/ajay

Now, you will be able to log in as a non-root user with administrative privileges and SSH key authentication. You can proceed with your deployment further from here. All the best! 👍

Was this Article Helpful?

Ajay Choudhury

Ajay Choudhury

A learner and a student of technlogy. He loves sharing experiences and learning with others through his projects and blog. Along with technology, he loves playing football and enjoys listening to music and podcasts.

0 Comments

Info

Contribute to make this site more awesome →