Cước Thiên

Photo by Christina @ wocintechchat.com / Unsplash

A Beginner's Guide to Configuring VPS (EC2)

Code Oct 14, 2024
💡
In this tutorial, I'll walk you through the essential steps to configure an EC2 instance, including user management, file transfers, installing software, and configuring Nginx for your website.

1. Create a User Group and Add Users

Managing users in your EC2 instance starts with setting up user groups.
  • Add a group:
sudo addgroup <groupname>
  • Add a user:
sudo adduser <username>
  • Change the user password:
sudo passwd <username>
  • Add user to the group:
sudo adduser <username> <groupname>

2. Enable SSH with User Accounts

SSH access is crucial for managing your EC2 instance.
  • Edit the SSH configuration file:
sudo nano /etc/ssh/sshd_config
  • Change PasswordAuthentication to yes
  • Change ChallengeResponseAuthentication to no
  • Restart the SSH service:
sudo systemctl restart sshd

3. Set User and Group Permissions for Files/Folders

To set specific permissions for users or groups on files or directories, you need to install ACL.
  • Install ACL:
sudo apt install acl
  • Set permissions for a user:
setfacl -R -m u:<username>:<permissions> <file/folder>
  • Set permissions for a group:
setfacl -R -m g:<groupname>:<permissions> <file/folder>
  • Check permissions:
getfacl <file/folder>

4. Install and Configure Nginx

Nginx is one of the most popular web servers for serving websites.
  • Install Nginx:
sudo apt install nginx
  • Enable the Nginx service:
sudo ufw allow 'Nginx HTTP'
  • Create a custom Nginx server block:
sudo nano /etc/nginx/sites-available/<your_domain>
Add your server configuration here.

server {
    server_name profile.cuocthien.io.vn;
    location / {
        proxy_pass http://127.0.0.1:2368;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_headers_hash_max_size 512;
        proxy_headers_hash_bucket_size 128;
    }
}
example for server nginx configuration file
  • Link to sites-enabled:
sudo ln -s /etc/nginx/sites-available/<your_domain> /etc/nginx/sites-enabled/<your_domain>
  • Restart Nginx:
sudo systemctl restart nginx

5. Set Up SSL with Certbot

To secure your website, use SSL with Certbot.
  • Install Certbot:
sudo apt install certbot python3-certbot-nginx
  • Configure SSL:
sudo certbot --nginx -d yourdomain.com
  • Double check 
cat /etc/nginx/sites-available/<your_domain>
 The result should be:
server {
    server_name profile.cuocthien.io.vn;
    location / {
        proxy_pass http://127.0.0.1:2368;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_headers_hash_max_size 512;
        proxy_headers_hash_bucket_size 128;
    }



    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/profile.cuocthien.io.vn/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/profile.cuocthien.io.vn/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

6. Install PM2 to Manage Node.js Applications

PM2 is a process manager for Node.js apps.
  • Install Node.js:
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash

source ~/.bashrc

nvm install node
  • Install PM2:
PM2 - Quick Start
Advanced process manager for production Node.js applications. Load balancer, logs facility, startup script, micro service management, at a glance.
PM2 logo
npm install pm2 -g

7. Install Docker

Docker is essential for containerizing applications.
  • Install Docker:
sudo apt install apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"

sudo apt install docker-ce

sudo systemctl status docker
  • Install Docker Compose:
sudo apt-get install docker-compose
Get started
Get started with Docker
Docker Documentation

Helpful tools

a. Managing Zip and Unzip Files

If you need to work with compressed files, follow these commands:
  • Install Unzip:
sudo apt-get install unzip
  • Unzip a file:
unzip file.zip -d destination_folder
  • Install Zip:
sudo apt-get install zip
  • Zip a folder:
zip -r compressed_filename.zip foldername

b. Copying Files Between Local and Remote

Transferring files between your local machine and EC2 instance can be done with scp:

1. Upload from local to remote:

scp -r /path/from/local username@hostname:/path/to/remote

2. Download from remote to local:

scp -r username@hostname:/path/from/remote /path/to/local

3. For custom SSH ports:

scp -r -P xxxx username@hostname:/path/from/remote /path/to/local

🐼
Thank you for taking the time to read through this guide! I hope these steps help you successfully configure your EC2 instance and manage your projects with ease. Whether you're setting up users, transferring files, or deploying applications, this guide is designed to provide a solid foundation for your cloud journey. If you found this helpful or have any further questions, feel free to reach out. Happy coding, and best of luck with your EC2 setup!

Tags

Cước Thiên