In this guide, we are going to use the keyword for you to replace. There will be REPOSITORY
and DOMAIN_NAME
to replace.
For example:
- REPOSITORY: https://github.com/Sigmanificient/1l.is
- DOMAIN_NAME: 1l.is
We'll use Nginx to host the webservers, and CertBot to setup the SSL certificate (free) to access the website using HTTPS.
Setup
To install Nginx on Ubuntu, just follow this cool guide from Digital Ocean, Ubuntu they explain everything.
Then install CertBot to enable HTTPS certification.
Next don't forget to enable those ports on your firewall:
1sudo ufw enable
2sudo ufw allow 'Nginx HTTP'
3sudo ufw allow 'Nginx HTTPS'
4sudo ufw allow 'OpenSSH'
Clone the repo
First create the folder where all the webpages will live (this is just a convention, but you can place them wherever you want, just remember where).
1sudo mkdir -p /var/www
2sudo chown -R $USER /var/www
3sudo git clone REPOSITORY /var/www/DOMAIN_NAME
Create the systemd service
Note If you are serving a static website, this step is not needed.
The systemd service is a file that is going to generate the .sock file. This file is going to be the middle-man between your web server and Nginx.
Also, this is a Python web server, so maybe you want to change ExecStart
.
1sudo vi /etc/systemd/system/DOMAIN_NAME.service
1[Unit]
2Description=Gunicorn instance to serve DOMAIN_NAME
3
4[Service]
5User=nginx
6Group=www-data
7WorkingDirectory=/var/www/DOMAIN_NAME
8RuntimeDirectory=DOMAIN_NAME;
9Environment="PATH=/var/www/DOMAIN_NAME/venv/bin/"
10ExecStart=gunicorn --workers 3 --bind unix:/run/DOMAIN_NAME/DOMAIN_NAME.sock -m 007 wsgi:app
1sudo systemctl daemon-reload
And then you can start the service and see if it worked fine:
1sudo systemctl start DOMAIN_NAME
2sudo systemctl status DOMAIN_NAME
If like me, you are generating a socket file, you can check if this step already worked:
curl +X GET --unix-socket "/run/DOMAIN_NAME/DOMAIN_NAME.sock" http:/foo
Setup Nginx
Add to Nginx:
1sudo nano /etc/nginx/sites-available/DOMAIN_NAME
If it's a static site:
server {
listen 80;
listen [::]:80;
server_name DOMAIN_NAME;
root /var/www/DOMAIN_NAME/html;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
}
}
If it's a dynamic (here using a unix socket)
server {
listen 80;
listen [::]:80;
server_name DOMAIN_NAME;
location / {
include proxy_params;
proxy_pass http://unix:/run/DOMAIN_NAME/DOMAIN_NAME.sock;
}
}
Add to Nginx, verify, and restart
1sudo ln -s /etc/nginx/sites-available/DOMAIN_NAME /etc/nginx/sites-enabled/ # Enable the Nginx block
2sudo nginx -t # Check Nginx config
3sudo systemctl restart nginx # Restart Nginx
Add HTTPS :
1sudo certbot --nginx