Skip to content

Configuring nginx so that your Meteor app can be found via a web URI

bartwr edited this page Apr 15, 2017 · 1 revision

In this post you'll find information about setting up nginx on your server, in this example for publishing up a SSL secured web app: CommonBike.

Install nginx

apt-get install nginx-full

Install webmin

Now install install webmin for making future configuration easy.

Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more. Webmin removes the need to manually edit Unix configuration files like /etc/passwd, and lets you manage a system from the console or remotely. See the standard modules page for a list of all the functions built into Webmin.

wget http://prdownloads.sourceforge.net/webadmin/webmin_1.831_all.deb
dpkg -i webmin_1.831_all.deb
apt -f install -y
rm webmin_1.831_all.deb

Setup firewall (ubuntu firewall)

First, accept connections from port 22

ufw allow 22

**Enable firewall

ufw enable

Say yes if you know for sure that you allowed access to port 22 first.

Now accept http(s) requests

ufw allow 80
ufw allow 443

Run webmin

Set a root password

passwd root

Run webmin

Now that a lot of ports are disabled, port 10000 (webmin) is also blocked. Though, you can easily access webmin on your local computer like this:

ssh root@IP -C -L 10000:localhost:10000

Now can go to localhost:10000 to access webmin. Login with root and your root password.

img

Configure webmin

Install webmin nginx

Navigate to:

  • Webmin
  • Webmin Configuration
  • Webmin Modules

img

Now we can install webmin nginx. See this page for the URL -> paste it:

https://www.justindhoffman.com/sites/justindhoffman.com/files/nginx-0.10.wbm_.gz

img

Click on the blue link: NginX webserver.

(If it gives an error like Error - Perl execution failed, do this:

apt install libhtml-parser-perl

)

You now have access to webmin.

img

Now setup some virtual hosts

In webmin, go to:

  • Servers -> NginX webserver
  • Global Configuration
  • Existing Virtual Hosts
  • Create Virtual Host

Create a virtual host. Like this file, for example.

Now, Let's Encrypt

Ok. Almost finished.

Make sure you have a webroot

mkdir -p /var/www/your-app-htdocs

Install letsencrypt

  1. Go to https://certbot.eff.org
  2. Choose "nginx + xenial" (latest LTE Ubuntu version)

Or install directly:

sudo apt-get install letsencrypt 

Now, create a SSL certificate

letsencrypt certonly --webroot -w /var/www/commonbike-htdocs -d example.bit -d www.example.bit

Configure the SSL cert now by filling in an email address.

The SSL certs should be in this folder:

ls /etc/letsencrypt/keys/live

Check if the container is running

docker ps

If it's not running. Run the git hook first. See: Deploying the CommonBike app by using the git hook -> RESULT (bottom of post)

Check your app!

Go to your URL. E.g. common.bike. The app should work now.

Renew your SSL cert automatically

By default, SSL certs created by letsencrypt are only valid for 90 days. Renew it automatically:

Setup cron

  1. crontab -e
  2. 30 2 * * 1 /usr/bin/letsencrypt renew >> /var/log/le-renew.log
  3. Save

Test if renewing works

letsenencrypt renew --dry-run --agree-tos

RESULT

The Meteor-app-with-auto-reload-on-git-commit CommonBike app online!