Create An Internet Web Server (DigitalOcean / Ubuntu 21.04)

Tutorial

An internet server is a server that can be accessed from the internet. And internet server is used for:

  • a production server

  • a test server

Each Colby website should have instances on at least four web servers. The development process is a continual repetition of the following process:

  1. Changes are made on a local network development server and after testing are eventually pushed to your git repository with a new version number.

  2. Changes are installed on a local network test server and tests are run.

  3. Changes are installed on an internet test server and tests are run.

  4. Changes are installed on an internet production server and tests are run.

So you will have at least two internet servers, potentially more.

Create A Server

Create a Digital Ocean droplet using Ubuntu 21.04 x64

Digital Ocean Recommended Initial Droplet Configuration

Don't create a Cloud Firewall, we will set up UFW on the server to match what we do with local servers.

Create A Domain

Create a unique once in a lifetime domain name for this web server. This is just the domain name for the web server, not any website. In my case this will be something like it8.mtfs.us (test) or ip8.mtfs.us (production).

Create a DNS A record pointing to the IPv4 address that DigitalOcean assigned to this droplet.

SSH To Your Server

Using terminal app on your workstation, ssh into your server.

$ ssh <username>@<server_domain>

$ sudo apt update

$ sudo apt upgrade

Install Software

$ sudo apt install ack apache2 certbot libapache2-mod-php mysql-server php php-curl php-imagick php-mysql php-gd php-mbstring python3-certbot-apache

Setup Firewall

From: https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-20-04

  • $ sudo ufw allow OpenSSH

  • $ sudo ufw enable

  • $ sudo ufw status

Setup Apache

From: https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04

  • $ sudo ufw allow in "Apache Full"

  • $ sudo a2enmod ssl

  • $ sudo a2enmod rewrite

  • $ sudo vi /etc/apache2/envvars

    We are going to place the document roots for all the websites in your home directory and the only user with websites on this machine is you.

    Change:

    export APACHE_RUN_USER=www-data

    to:

    export APACHE_RUN_USER=mattcalkins

    :wq

  • $ sudo vi /etc/apache2/conf-available/servername.conf

    This file should have a single line:

    ServerName <server_domain>

    :wq

  • $ sudo a2enconf servername

  • Fix issue that makes Apache stop

    Note: Appears to be related to using SSL on Ubuntu. More information not available. Update if more is discovered.

    Reference: https://stackoverflow.com/questions/50652808/apache-shutdown-couldnt-grab-mutex

    • $ sudo vi /etc/apache2/conf-available/mutex-file.conf

    • This file should contain a single line:

      Mutex file:${APACHE_LOCK_DIR} default

    • $ sudo a2enconf mutex-file

  • $ sudo apache2ctl configtest

  • $ sudo systemctl restart apache2

  • Go to http://<server_domain> to make sure apache is working.

Setup MySQL

  • $ sudo mysql_secure_installation

    Basically answer yes to everything.