New Ubuntu Server Setup Details and Packages for NGINX with SQLite Web Server and Certbot

This is the list of things that i install and commands that i run to setup a new linux VPS Server using Ubuntu, this is for version 18.x or 20.x of ubuntu, and the php-fpm version usually also changes, but with this setup its using php-fpm 7.4 so this will effect the nginx server configs. 

This is also in the order that i installed everything. I did add MySQL as well, but then removed it as none of my current sites use MySQL and only run on SQLite, which saves a ton of memory on the server. 

This will get you a VPS that runs nginx with sqlite or/and mysql with free SSL certs using certbot. Also i use gsync to allow backups and restorations via google drive, so even if the server blows up you still have backups. Always make backups! And automate where you can. 

If you are looking for a clean and fast VPS provider I use Racknerd for my servers, they are great value fast and have excellent prices. You can check out RackNerd Servers here. For my current server i have 2gig of memory and 2 CPU's for about $24USD per year! Such a good price for servers. If you get the same from google or even digital ocean you are looking at at least $5 per month or much more from google. I did used to have digital ocean servers before i found rack nerd as $5 seems quite good and also they are up scalable if you do need more resources where the rack nerd ones are fixed scale. 

Anyway on with the installation. 

Quick Links

• Add Sudo User
• Install NGINX, PHP, MySQL
• Install a Firewall and let stuff through it - UFW
• Allow normal user to SSH
• Install NGINX
• Install MySQL
• Install PHP
• Restart PHP FPM
• Flush DNS on MAC
• Configuring Nginx to Use the PHP Processor
• NGINX Server Block
• Install SFTP
• Install Certbot for free SSL Certificates
• RClone for Google Drive Backup and Restore
• zip up the sites-enabled
• RClone Copy backup to server
• RClone Copy Backup from Other Server
• Unzip everything - untar gz everything
• MySQL add a user
• MySQL add database and import backup database sql
• SQLite Install for PHP
• Error on Curl

Add Sudo User

First thing is first, login with your new VPS root login details and add a new user so you dont have to be logged into root ever! Also you should change the root password if its provided by the host. 

adduser kruxor
usermod -aG sudo kruxor
su - kruxor
#test the sudo command
sudo nano

Install NGINX, PHP, MySQL

I actually referred to this guide for this one. But i also have the individual commands for this one as well below. 

Install a Firewall and let stuff through it - UFW

This will install the UFW firewall and allow the listed applications through it. 

sudo apt install ufw
sudo ufw app list
sudo ufw allow OpenSSH
sudo ufw allow "Nginx Full"
sudo ufw allow "Nginx HTTP"
sudo ufw allow "Nginx HTTPS"
#check they are all allowed
sudo ufw app list
sudo ufw enable
sudo ufw status

Allow normal user to SSH

You will need to SSH into your server, so this needs to be the first thing you do after creating the new user. you should not do things logged in as root but use sudo instead. 

Its already enabled, just add your new username@hostip

ssh user@host

Install NGINX

This will install and start the nginx web server.

sudo apt update
sudo apt upgrade
sudo apt install nginx
sudo ufw app list

Install MYSQL

This will install MySQL Database server

sudo apt install mysql-server
#optional
sudo mysql_secure_installation
password root mysql: *generate a new password and save it*
sudo mysql 
sudo mysql_secure_installation

Install PHP

This will install PHP to allow NGINX to run a PHP enabled site. With the FPM and MySQL extentions.

sudo apt install php-fpm php-mysql

Restart PHP FPM

This is not required here, but in case your php fpm does crash this is how you can restart it. 

sudo service php7.4-fpm restart

Flush DNS on MAC

This is also not related to the server install but i added it here as i needed to flush dns on my mac while i added the new domain name to my server. 

sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

Configuring Nginx to Use the PHP Processor

Using PHP FPM and NGINX

#setup a site

sudo mkdir /var/www/your_domain

sudo mkdir /var/www/nerd2.kruxor.com

sudo chown -R $USER:$USER /var/www/nerd2.kruxor.com

sudo nano /etc/nginx/sites-available/nerd2.kruxor.com

#add the server block

sudo ln -s /etc/nginx/sites-available/nerd2.kruxor.com /etc/nginx/sites-enabled/

sudo unlink /etc/nginx/sites-enabled/default

#if you need to restore default config

sudo ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/

#test config

sudo nginx -t

sudo systemctl reload nginx

nano /var/www/nerd2.kruxor.com/index.php

NGINX Server Block

server {
    root /var/www/nerd2.kruxor.com;
    server_name nerd2.kruxor.com;
    location / {
        index index.php;
        try_files $uri $uri/ @core;
        expires max;
    }
    location @core {
        rewrite ^/(.*)$ /index.php?p=$1;
    }
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
    }
    location ~ /\.ht {
        deny all;
    }
}

Install SFTP

to connect via Filezilla or Atom or VSCode

you can just use the existing SSH login, as SFTP... easy. 

Install Certbot for free SSL Certificates

This will allow you free HTTPS domains with SSL certificates for free!

Also you will need to install the certbot nginx plugin and then the certbot installer can modify your server blocks to install the certificates and redirect traffic from the HTTP to the HTTPS domain. 

sudo apt install certbot
sudo apt install certbot python3-certbot-nginx
#error
The requested nginx plugin does not appear to be installed 
#add cert
sudo certbot --nginx -d nerd2.kruxor.com
sudo certbot --nginx -d api.kruxor.com
sudo certbot --nginx -d kruxor.com
sudo certbot --nginx -d www.kruxor.com

RClone for Google Drive Backup and Restore

Install rclone for google drive backup and restoration.

https://rclone.org/drive/

Some of this is just my testing to get the directory correct, if the path name is wrong it may give the following error about the rate limit. 

sudo apt install rclone
rclone config
Current remotes:
Name                 Type
====                 ====
remote               drive
test upload... 
rclone copy ~/backup/$1_sql.tar.gz gdrive:Backup/nerd.kruxor.com
rclone copy ~/text.txt remote:nerd2.kruxor.com
rclone copy ~/backup/$1_sql.tar.gz gdrive:Backup/nerd.kruxor.com 
rclone copy ~/test.txt gdrive:Backup/nerd2.kruxor.com –transfers=1
rclone copy -h
rclone copy ~/test.txt gdrive:
rclone copy ~/test.txt gdrive:Backup/nerd2.kruxor.com
This is caused by the wrong root directory it should be "My Drive"
#error
2022/01/08 09:16:30 Failed to create file system for "remote:Backup/nerd2.kruxor.com": couldn't find root directory ID: googleapi: Error 403: Rate Limit Exceeded, rateLimitExceeded
rsync couldn't find root directory ID: googleapi: Error 403: Rate Limit Exceeded, rateLimitExceeded

zip up the sites-enabled

zip up and copy to google drive the sites-enabled. incase you need it later.

cd /etc/nginx/sites-enabled
tar -czvf ~/sites-enabled.tar.gz /etc/nginx/sites-enabled
rclone copy ~/sites-enabled.tar.gz gdrive:Backup/nerd.kruxor.com

RClone Copy backup to server

Copy your zipped file to the google drive backup

rclone copy gdrive:Backup/nerd.kruxor.com ~/nerd.kruxor.com

RClone Copy Backup from Other Server

Restore a backup from the old server (if there is an old server or backup)

#copy kruxor.com to dev.kruxor.com on nerd not nerd2
#SSH to nerd.kruxor.com - take backup of current dev in case its needed
#renamed last backup to dev.kruxor.com_jan_22.tar.gz on g drive. 
ssh kruxor@nerd.kruxor.com
cd /var/www/html/dev.kruxor.com
rclone copy gdrive:Backup/nerd2.kruxor.com/kruxor.com.tar.gz ./

Unzip everything - untar gz everything

unzip to current directory and unzip / untar to target with -C

tar –xvzf file.tar.gz /var/www/html/
tar –xvzf api.kruxor.com.tar.gz –C /var/www/html/

MySQL add a user

add a new user to MySQL using the mysql command line

sudo mysql
CREATE USER 'kruxor'@'localhost' IDENTIFIED BY '@@new password here@@';
GRANT ALL PRIVILEGES ON * . * TO 'kruxor'@'localhost';
FLUSH PRIVILEGES;

MySQL add database and import backup database sql

This will add a new database and restore from a .sql backup file usually from mysqldump or another backup utility. 

mysql -u [user] -p [database_name] < [filename].sql
mysql -u sql_user -pPASSWORD dbname < backupfile.sql

SQLite Install for PHP

Install the sqlite extention for php fpm

sudo apt-get install php7.4-sqlite

Error on Curl

This error is caused when curl is not installed. Causing a Fatal error: Uncaught Error: Call to undefined function curl_init() 

Need to install curl and then restart nginx

sudo apt install curl
sudo apt install php-curl
sudo /etc/init.d/nginx restart
sudo service nginx restart

Conclusion

You should now have a working nginx server that has free SSL certificates, also running MySQL, SQLite and PHP. 

That was quite a bit of time to format all of that! More than i expected actually. 

Once again if you are looking for a great server provider, check out Rack Nerd! 

/the_end