samigabor/ipark-client

Create Ubuntu Droplet (use SSH)

adduser sami - sudo su sami, whoami, usermod -aG wheel sami(make user local admin) apt-get update apt-get upgrade apt-get dist-upgrade

apt install nodejs apt install npm

Add SSH for the new user(DO dit it authomatically):

sudo su sami
cd ~
mkdir .ssh
chmod 700 .ssh
touch .ssh/authorized_keys
vim .ssh/authorized_keys --> paste the key generated by DO on root user(from the same location)
chmod 600 .ssh/authorized_keys

Give new user admin privilages: usermod -aG sudo sami

Copy project onto server --> git clone, scp...

PM2

npm install -g pm2 (as root) pm2 start --name someprocessname simple-node-app/main.js

Authomatically restart pm2 on server reboot:

`pm2 startup systemd -u sami --hp /home/sami` - as root / pm2 unstartup systemd
`pm2 save` - as sami
`shutdown -r now` - as root

SELinux nginx setup

netstat -tln - view network connections getenforce - SELinux enforce mode - improves security: setengorce 1,setenforce 0, ls -l, ls -lZ, ps -auxZ | grep nginx setsebool -P httpd_can_network_connect on setsebool -P httpd_enable_homedirs on chcon -Rt httpd_sys_content_t /home/sami/myapp/public ls -lZ /home/sami/myapp/public

nginx

apt update apt install nginx ufw app list sudo ufw app list sudo ufw allow 'Nginx HTTP' sudo ufw status systemctl status nginx systemctl enable nginx - authomatically start nginx when server reboots

Edit nginx config: /etc/nginx/ - setup homne page without a port number

cd ~ cd /etc/nginx/conf.d/ vim samontech.eu.conf server { listen 80; listen [::]:80;

server_name samontech.eu;

# root /var/www/samontech.eu;

location / {
    proxy_pass "http://localhost:3000/";
}

}

To restrict the app from being accessible with the port number add the '127.0.0.1' as second param to app.listen(3000, '127.0.0.1', console.log('Linstening on port 3000.'))

Setting Up Server Blocks (as new user with privilages)

mkdir -p /var/www/samontech.eu/html sudo chown -R $USER:$USER /var/www/samontech.eu/html sudo chmod -R 755 /var/www sudo nano /var/www/samontech.eu/html/index.html sudo nano /etc/nginx/sites-available/samontech.eu server { listen 80; listen [::]:80;

    root /var/www/samontech.eu/html;
    index index.html index.htm index.nginx-debian.html;

    server_name samontech.eu www.samontech.eu;

    location / {
            try_files $uri $uri/ =404;
    }

} sudo ln -s /etc/nginx/sites-available/samontech.eu /etc/nginx/sites-enabled/ sudo nano /etc/nginx/nginx.conf and add: server_names_hash_bucket_size 64; sudo nginx -t sudo systemctl restart nginx

SSL with certbot (as new user with privilages)[https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04]

add-apt-repository ppa:certbot/certbot apt install python-certbot-nginx mkdir -p /var/www/samontech.eu/html sudo chown -R $USER:$USER /var/www/samontech.eu/html sudo chmod -R 755 /var/www/samontech.eu sudo nano /etc/nginx/sites-available/samontech.eu sudo nginx -t sudo systemctl reload nginx sudo ufw allow 'Nginx Full' sudo ufw delete allow 'Nginx HTTP' sudo certbot --nginx -d samontech.eu -d www.samontech.eu

Verifying Certbot Auto-Renewal: sudo certbot renew --dry-run

Change the port number nginx is forwarding to:

as root: nano /etc/nginx/conf.d/samontech.eu.conf --> change port number to 8080 for pm2 serve nginx -t systemctl restart nginx as sami: sudo su sami pm2 serve -s build

Pull app updates

    sudo su sami
    pm2 stop all
    cd ipark-client/
    git pull
    npm run build
    serve -s build
    pm2 start 1

Progressive Web App

What We Can Do I built a PWA and published it in 3 app stores. Here’s what I learned. Progressive Web Apps on iOS are here hnpwa Progressive Web App Checklist Icons Generator Introduction to Progressive Web Apps (Push Notifications) - Part 3