my stupid web server talk
matt hammerly
free stuff
this talk: http://mhammerly.com/talks/webservers/�
DigitalOcean referral link: https://www.digitalocean.com/?refcode=820ac2481799�
GitHub student pack: https://education.github.com/pack
creating your droplet
Important decisions
Important decisions
Important decisions
Important decisions
Important decisions
Important decisions
Important decisions
the hardest problem in computer science
there are two hard things in computer science: cache invalidation, naming things, and off-by-one errors.� - variation on a quote by Phil Karlton
the hardest problem in computer science
there are two hard things in computer science: cache invalidation, naming things, and off-by-one errors.� - variation on a quote by Phil Karlton
action packed
connecting via ssh
check your email. you should have received this email from DigitalOcean:
we want to connect to that IP address via ssh�Mac and Linux: $ ssh root@<your IP address>
PuTTY: msu’s abomination:�type your IP address and click Open http://www.cse.msu.edu/Facility/Services/SSH_Docs.php�at the bottom. that’s it. log in with your host name will be your IP address�the username and password given in�the DigitalOcean email.
now for the fun stuff
$ ssh root@104.131.162.25
root@104.131.162.25's password:
You are required to change your password immediately (root enforced)
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sat Sep 19 14:30:47 2015 from c-73-191-184-43.hsd1.mi.comcast.net
Changing password for root.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
root@webservertalk:~#
adding a user account
root@webservertalk:~# adduser matt # choose your password, and enter anything you want in the rest of the fields
adding a user account
root@webservertalk:~# adduser matt # choose your password, and enter anything you want in the rest of the fields
root@webservertalk:~# visudo
visudo (except actually it’s nano)
towards the bottom of the file we see the following:
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
�this shows that for our user account to use sudo, we need to add it to the sudo group. hit control+x to exit and return to our shell.
root@webservertalk:~#
visudo (except actually it’s nano)
towards the bottom of the file we see the following:
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
�this shows that for our user account to use sudo, we need to add it to the sudo group. hit control+x to exit and return to our shell.
root@webservertalk:~# usermod -aG sudo matt
root@webservertalk:~#
visudo (except actually it’s nano)
towards the bottom of the file we see the following:�
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL��for our user account to use sudo, we need to add it to the sudo group�hit control+x to exit and return to our shell
root@webservertalk:~# usermod -aG sudo matt
root@webservertalk:~# su matt
matt@webservertalk:/root$�
rad okay i feel a lot safer
it’s simple -- we kill the root user
�matt@webservertalk:~$ sudo nano /etc/ssh/sshd_config�
�matt@webservertalk:~$ sudo service sshd restart
installing our webserver package
matt@webservertalk:/root$ cd ~ # cd is change directory, so this takes us home
matt@webservertalk:~$
installing our webserver package
matt@webservertalk:/root$ cd ~ # cd is change directory, so this takes us home
matt@webservertalk:~$ sudo apt-get update # this will update our package lists
...
matt@webservertalk:~$
installing our webserver package
matt@webservertalk:/root$ cd ~ # cd is change directory, so this takes us home
matt@webservertalk:~$ sudo apt-get update # this will update our package lists
...
matt@webservertalk:~$ sudo apt-get upgrade # upgrade all our outdated packages
...
matt@webservertalk:~$
installing our webserver package
matt@webservertalk:/root$ cd ~ # cd is change directory, so this takes us home
matt@webservertalk:~$ sudo apt-get update # this will update our package lists
...
matt@webservertalk:~$ sudo apt-get upgrade # upgrade all our outdated packages
...
matt@webservertalk:~$ sudo apt-get install nginx # pronounced “engine X” -- another popular choice is apache
...
matt@webservertalk:~$
baby’s first webpage
make sure the nginx daemon is running
matt@webservertalk:~$ sudo service nginx start�matt@webservertalk:~$
groovy. now let’s check it out:
domain names
domain names
making your DNS records
DNS is a trip
elevator music plays
that “Welcome to nginx!” page is kinda dumb
let’s make a better one
matt@webservertalk:~$ mkdir -p ~/webpages/test/htdocs
matt@webservertalk:~$
elevator music plays
that “Welcome to nginx!” page is kinda dumb
let’s make a better one
matt@webservertalk:~$ mkdir -p ~/webpages/test/htdocs
matt@webservertalk:~$ cd ~/webpages/test/htdocs
matt@webservertalk:~/webpages/test/htdocs$
elevator music plays
that “Welcome to nginx!” page is kinda dumb
let’s make a better one
matt@webservertalk:~$ mkdir -p ~/webpages/test/htdocs
matt@webservertalk:~$ cd ~/webpages/test/htdocs
matt@webservertalk:~/webpages/test/htdocs$ nano index.html
elevator music plays
that “Welcome to nginx!” page is kinda dumb
let’s make a better one
matt@webservertalk:~$ mkdir -p ~/webpages/test/htdocs
matt@webservertalk:~$ cd ~/webpages/test/htdocs
matt@webservertalk:~/webpages/test/htdocs$ nano index.html
copypaste the contents of the file from the link below
https://github.com/mhammerly/webservertalk/blob/master/index.html
or if you’re feeling bold, skip nano and use wget:
wget https://raw.githubusercontent.com/mhammerly/webservertalk/master/index.html
making nginx show us our webpage
matt@webservertalk:~$ cd /etc/nginx
matt@webservertalk:/etc/nginx$ ls
conf.d fastcgi_params koi-utf koi-win mime.types naxsi.rules naxsi_core.rules nginx.conf proxy_params scgi_params sites-available sites-enabled uwsgi_params win-utf
stuff that didn’t fit on the last slide
kill the default nginx configuration
matt@webservertalk:/etc/nginx$ sudo rm sites-enabled/default
create our own
matt@webservertalk:/etc/nginx$ sudo nano sites-available/testsite
(you can copypaste from here: https://github.com/mhammerly/webservertalk/blob/master/webservertalk.conf)
(can also skip nano and wget https://raw.githubusercontent.com/mhammerly/webservertalk/master/webservertalk.conf)
/etc/nginx/sites-available/testsite
server {
}
/etc/nginx/sites-available/testsite
server {
listen 80 default_server;
}
/etc/nginx/sites-available/testsite
server {
listen 80 default_server;
root /home/matt/webpages/test/htdocs;
}
/etc/nginx/sites-available/testsite
server {
listen 80 default_server;
root /home/matt/webpages/test/htdocs;
index index.html index.htm;
}
/etc/nginx/sites-available/testsite
server {
listen 80 default_server;
root /home/matt/webpages/test/htdocs;
index index.html index.htm;
server_name mhammerly.tk www.mhammerly.tk;
}
/etc/nginx/sites-available/testsite
server {
listen 80 default_server;
root /home/matt/webpages/test/htdocs;
index index.html index.htm;
server_name mhammerly.tk www.mhammerly.tk;
location / {
}
}
/etc/nginx/sites-available/testsite
server {
listen 80 default_server;
root /home/matt/webpages/test/htdocs;
index index.html index.htm;
server_name mhammerly.tk www.mhammerly.tk;
location / {
try_files $uri $uri/ /index.html;
}
}
create the symlink
matt@webservertalk:/etc/nginx$ sudo ln -s /etc/nginx/sites-available/testsite /etc/nginx/sites-enabled/testsite
nginx should be good to go
restart the service so our configuration changes take effect
matt@acmtesttalk:/etc/nginx$ sudo service nginx restart
gonna frown really hard if there are any error messages at this point
navigate to your server by typing your IP address into your web browser’s address bar again and you should see your site!!!
try the domain name
type your domain name into your web browser and see if it does anything
it’s been a pleasure
go forth and make more websites