Leanpub Header

Skip to main content
Go to Leanpub.comLeanpub

DIY DevOps

Paul C

This tutorial is for anyone or team who needs to automate the deployment and maintenance of static website (html/css/javascript) on a Virtual Private Server instance at digitalocean.com. If you are capable of following tutorials to create a very basic HTML file, you should have no problem following this tutorial.

Minimum price

$7.99

$9.99

You pay

$9.99

Author earns

$7.99
$

...Or Buy With Credits!

You can get credits monthly with a Reader Membership
PDF
EPUB
WEB
About

About

About the Book

This tutorial is for anyone or team who needs to automate the deployment and maintenance of static websites (html/css/javascript) on a Virtual Private Server instance at digitalocean.com. If you are capable of following tutorials to create a very basic HTML file, you should have no problem following this tutorial.

We will set up websites on a digitalocean.com's droplet (aka Virtual Private Server). 

When I started self-hosting websites on VPS, I realized there was a lot of repetitive work involved in deploying content. Even fixing a small typo involved way too many manual steps. To fix a simple typo, I had to fix the typo on local computer > FTP or scp files up > ssh into web server > copy uploadeded .html file into place > reapply permission. Simply too many manual steps for fixing a typo. I wanted to automate the process so that all of the steps can be done with least amount of manual work. As I was teaching myself how to automate it, I had to turn to many different tutorials/videos/documentations. Unfortunately many tutorials did not exactly fit into my scenarios. I slowly taught myself how to setup/run/automate self-hosted website and slowly became a self-taught DIY DevOps engineer. Obviously a DevOps engineer has many roles, but one important role is automating website content deployment.

Here is a short list of tasks we will complete in this tutorial.

- Buy a domain name at namecheap.com.

- Create a SSH key pair on local macOS.

- Upload SSH public key to digitalocean.com.

- Start a new VPS at digitalocean. We will nickname the new VPS as dserver01.

- Rebuild the new VPS, dserver01.

- Install Apache webserver.

- Sign up with cloudflare.com.

- Transfer name server from namecheap.com to cloudflare.com.

- Configure dserver01 with a shell script.

- Disable ssh login by root user.

- Set up 3 websites on Apache.

- Install nginx.

- Configure nginx as a reverse proxy, sitting between internet and Apache web server.

- Install LetsEncrypt.

- Set up .well-known in nginx.

- Get SSL certificates

- Set up nginx to use SSL certificates. Our webserver now serves content encrypted by SSL.

- Configure Apache and nginx to log with real IP of visitors.

- Deploy sample HTML5 website using a HTML/CSS/JS template.

- Using shell script to automate code deployment.

- Using Git

Following topics will be covered in future updates.

- Using Jenkins

- Script to automate configuring apache/nginx to add new websites

Share this book

Categories

DevOps

Feedback

Email the Author

Author

About the Author

Paul C

DIY DevOps Engineer

Contents

Table of Contents

Chapter 1: Introduction

  1. Summary of tasks covered
  2. Tools used
  3. Low cost
  4. Website URLs
  5. 3 types of hosting platform

Chapter 2: Preparation

  1. CLI and SSH
  2. Terminal versus iTerm2
  3. Incremental changes
  4. Target audience
  5. cost for domain/VPS

Chapter 3: Buy domain name and VPS

  1. Get a domain name to play with - namecheap.com
  2. Check status of the domain name on icann.org
  3. Verify with ICANN
  4. Create a SSH key pair
  5. Digital Ocean
  6. Add ssh public key to Digital Ocean
  7. Start up a Digital Ocean droplet.
  8. Initial ssh into droplet: dserver01
  9. Danger with SSH and different computers involved
  10. Create a test file on dserver01
  11. Rebuild versus destroy a droplet
  12. Rebuild a droplet
  13. SSHing into a rebuilt droplet
  14. Log into rebuilt droplet (dserver01)
  15. Firewalld on droplet (dserver01)
  16. Browser choice
  17. Verify server IP on web page
  18. Firefox Private Window
  19. Test install Apache web server
  20. Status check
  21. Signing up with CloudFlare
  22. Transfer name server from namecheap.com to cloudflare.com
  23. Test browsing devopsdiy.xyz (use your domain)
  24. Cloudflare.com: change IP for A record of devopsdiy.xyz
  25. Cloudflare.com: CNAME for www.devopsdiy.xyz
  26. www versus non-www URL
  27. Cloudflare.com: add 2 more subdomains
  28. cloudflare.com and DNS changes
  29. CloudFlare: “Proxied” vs. “DNS only”
  30. SSH into dserver01 with hostname
  31. Status check

Chapter 4: Basic configuration of dserver01

  1. yum update
  2. Configure dserver01 server
  3. Quick primer on bash script
  4. First bash script
  5. cat, less
  6. bash script with functions
  7. bash script to set up CentOS 7
  8. usera and testuser1 plus ssh public key
  9. Update SSH public key in setup01-devopsdiy.sh
  10. Self deleting setup01-devopsdiy.sh
  11. firewalld and setup01-devopsdiy.sh
  12. SSH into dserver01.
  13. Check if screen is installed
  14. Run setup01-devopsdiy.sh
  15. Test logging in as usera with sudo privilege
  16. failed login attempts
  17. Verify screen is installed
  18. Self-delete of setup01-devopsdiy.sh
  19. Disable ssh login for root

Chapter 5: Install Apache

  1. Update httpd.conf
  2. Configure Apache for devopsdiy.xyz
  3. Add 2 more domains for dev and qa work

Chapter 6: Install nginx

  1. nginx
  2. screen - virtual session
  3. tmux
  4. openssl dhparam
  5. Prepare Apache to work with nginx
  6. Free up port 80
  7. Install nginx
  8. Configure nginx
  9. Server blocks in nginx
  10. devel, qatest and www
  11. systemctl enable
  12. Status

Chapter 7: LetsEncrypt

  1. LetsEncrypt
  2. Install LetsEncrypt
  3. .well-known
  4. Get ssl cert for all 3 domains
  5. LetsEncrypt renewal test
  6. Update nginx config files to use SSL
  7. ssl config for devopsdiy.xyz
  8. ssl and www to non-www redirect
  9. Update devel.devopsdiy.xyz.proxy.conf file to use SSL
  10. Update qatest.devopsdiy.xyz.proxy.conf file to use SSL
  11. Get A+ instead of B from https://www.ssllabs.com/ssltest/

Chapter 8: Logging

  1. Logging source IP into Apache log files
  2. tail -f in multiple iTerm2 panes
  3. Real IP
  4. access.log: logs before update
  5. access.log: logs we want to see after update
  6. error.log: logs before update
  7. Updating Apache Global configuration
  8. nginx Global configuration update
  9. update Virtual Host configuration
  10. Testing logging with Proxy turned off and on
  11. Logrotate
  12. Install brew and curl
  13. Generate logs for test
  14. bin folder
  15. Saving command output into a file
  16. Tools to use
  17. Update logrotate for httpd
  18. Logrotate for low volume production
  19. Logrotate for high volume production

Chapter 9: deploy content with rsync/script

  1. Get HTML5 template website
  2. Prep on macOS to upload files
  3. Uploading website content to dserver01
  4. Check uploaded files on dserver01
  5. Get deploy-html-runonserver.sh
  6. Initial run of deploy-html-runonserver.sh
  7. Deploying to devel, qatest and production
  8. Deploy to devel site
  9. Deploy to QAtest site
  10. Try deploy to Production site without -f y
  11. Deploy to Production site with -f y
  12. uptimerobot.com

Chapter 10: Git repository

  1. Set up Git repo
  2. Create a new repository
  3. Add SSH Public key on github
  4. Git clone the git repo
  5. Git checkin - initial
  6. Add one file to git repo
  7. Deploying content directly from git repo to web server

Chapter 11: Jenkins

  1. Jenkins and Git
  2. Setting up Jenkins server on CentOS 7
  3. VPS for jenkserv01
  4. Install git
  5. Install Jenkins
  6. Install nginx
  7. Static website by nginx
  8. Install LetsEncrypt
  9. openssl dhparam in screen
  10. .well-known folder for nginx
  11. Create SSL cert
  12. Reverse Proxy for Jenkins
  13. Block port 8080
  14. Initial log in into Jenkins
  15. Updating Jenkins
  16. SSH key pair for user jenkins on jenkserv01
  17. Prep dserver01 for Jenkins jobs
  18. Test sshing in from jenkserv01 to dserver01
  19. Github and Deploy key (SSH public key)
  20. Create zero-out-site.sh
  21. Create monitor-folder-size.sh
  22. Prep iTerm2 window for use in test
  23. Create a Jenkins job to use with Git repo
  24. Add SSH Servers in Jenkins
  25. Create a Jenkins job to use with rsynced up files
  26. Available deployment methods
  27. Jenkins Global Security setup
  28. Prepare Jenkins job to run with curl
  29. Verify Jenkins job devopsdiy.xyz-rsync for curl
  30. curl to run a Jenkins job
  31. Available deployment methods
  32. Issues with using curl deploy method
  33. Use deploy-html-jenkins.sh
  34. Testing deploy-html-jenkins.sh
  35. Using deploy-html-jenkins.sh

Source code

  1. add-user-jenkagent.sh
  2. apache-logrotate-test-tool.sh
  3. deploy-html-jenkins.sh
  4. deploy-html-runonserver.sh
  5. setup01-devopsdiy.sh
  6. zero-out-site.sh

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.

You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!

So, there's no reason not to click the Add to Cart button, is there?

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $14 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub