To start you have to know how to run your service, regardless of the programming language used to produce it.
Assuming the linux machine has a debian based Operating System. For other distros, what changes is the package manager and configuration files directories.
Note: Create a production build for the service.
-
The box[virtual machine] to run the service in.
-
DNS settings pointing the domain(subdomain) Alias(A) to the ip address of the box.
Example test.yourdomain.com A 188.34.98.87
-
install nginx in the server, We will be using it as a reverse proxxy.
Do what you do to move the files to the production server.
TIP: You could use the scp to move file to remote server or just use git.
Showing an example on how to move files to remote server using scp asssuming you have the keys to access the machine.
After compressing the file to the build.zip file. Continue to move it to the remote server. Change the file and key loactions as per your environment.
scp -P 22 /Users/karage/Documents/build.zip -i "your-key-pair.pem" [email protected]:/home/ubuntu
Depending on the cpu resource you want the service to have, all those can be tweaked in the service file. I have provided a sample file for python projects and running binary files.
create a service in the folder /etc/systemd/system named according to your view and imaginations.
sudo touch /etc/systemd/system/nameoftheservice.service
Edit the service, using your editor of choice
sudo vi /etc/systemd/system/nameoftheservice.service
Sample of the servicves can be seen in the folder services
sudo systemctl start nameoftheservice
This starts the service when the server restarts after a crash or manually rebooting the server.
sudo systemctl enable nameoftheservice
After the service is running, hopely you know what port the services is running in.
Key things to note is the port the service is running in and the domain you want to associate the service with.
I will use a different conf for every service, to decouple the nginx conf with all service configuration files. This helps in uinderstanding the flow and debugging.
Create a file in the /etc/nginx/sites-enabled/ folder
Name it uniquely as you can and associative to the service.
sudo touch /etc/nginx/sites-enabled/yourservice
The templates for the service will be found over the folder nginx.
Edit the file as per the service requirements. Note to change the server_name and the port on the proxy_pass line.
After every change you do, to make sure that the nginx sntax is okay, you can run the command below. If it fails make sure you observe the cause of the error and solve it first.
sudo nginx -t
After all the changes are done and are okay, You can now restart the Nginx server
sudo service nginx -s reload
You can now test the unsecure endpoint that is running your service. Go to the browser and go to the link of the domain you set in the your DNS settings of your domain.
Example go to: http://test.yourdomain.com
We will use eff certs to secure communications between our server and client accessing it.
This tool will be used to install the certificates.
sudo apt update
sudo apt install snapd
sudo snap install --classic certbot
Ensure that cerbot command can be run
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Create certs for the serive and domain you created.
sudo certbot --nginx
Follow the procedures and answer the few questions follewd and we're done.