today I'm writng simple how-to start with your rackspace cloud server. I'll try to put things together as much as possible, I consider this setup is simple, beacuse it is involve only one server for all your needs, advanced setup involve multiple servers working as a team. You may know that cloud server comes with minimal operating system installled, so no webserver no database and no php, this is how awsome is cloud server giving you full control of what you need to install, ok basically we'll do the followng:
NOTE: whereever you see xxx.xxx.xxx.xxx replace it with your cloud server ip address
NOTICE: You need SSH client, terminal in linux and mac, putty in windows
- Signing up with rackspace cloud(if not yet)
- Create a cloud server(256 Mb RAM = smallest, you may choose bigger one if you like)
- Basic configuration and security
- Install webserver(nginx)
- Install database(postgresql)
- install php5 cgi, related extensions
- Install exim4(mail transfer agent) and configure it
Signing up with rackspace cloud:
signing up is easy and you may get your server up and running in less than 15 minute.
Create a cloud server:
There is no hard rule for choosing your server distribution, rackspace cloud servers are available in many operating systems, as long you don't choose windows your are in safe side :) . please choose the distribution you are the most familiar with, if you know arch linux go for arch, if you are ubuntu guy go for ubuntu.. and so on. I don't suggest any distribution
All distribution are goods, so you better choose what you know, and there is not too much difference between them, however if you are really newbie , then I've a warning for you: don't choose GENTOO, its for advanced linux users, I recommend you install any of the others on your computer, read online tutorials..and manuals if available. to know your server more.
For this tutorial I'll choose debian 6 sequeeze and 256 MB RAM server, which comes with 10 Gb disk space
Available server sizes:
Tip: when you need a software you are advised firstly to search your operating system repository if it containes the software you want, and ONLY compile a software if its not found there and no other alternatives doing its job, if you choosed Ubuntu the following commands are almost similar in your system and they may work, if you choosed Centos or redhat you need to use yum command rather than apt-get, you cannot most of the time know the full name of the software you want to know, for a reason repositories usually add version number to the name of your software, for example postgresql is named in debian repositories as postgresql-8.4, postgreslq-9.1 so do search 1st to locate your software, then install,
Basic configuration and security
1st thing you need to login to your cloud server:
then enter your root password
you need to change hostname of the server to match your website domain, for example if you bought a domain example.com you need to set the hostname of the server to example.com so run the following:
then edit the entry to hosts file:
add example.com after localhost in the same line, so it should look like:
save and quit hosts file
now reboot your machine, run the following command
you need to wait some seconds before trying to login again.
and enter your password
next you need to change the root password(optional, recommended)
enter your new password
add new user to use it instead of root accout(optional, recommended)
then enter user password
then add user naoar to sudoers so can gain root privilage when needed to do so run the folowing command:
inside the file add:
in its own line and just after:
then close the file CTRL+X
for more info about suders format run man sudoers
next we need to update the system software, so run the following:
------------
ok now you get your system updated.. lets enhance server security a bit :
run the followng command to see who is currently connected to your server
it should be only you,
we'll disable root login via ssh so go and edit sshd_config
save and exit
next add a firewall :)
here we'll open the needed port, and close everything else :)
we'll open the following ports:
80 :WWW
443: SSL
25: Mail
22: ssh
53: dns
and close others
so run the following for ipv4:
create a firewall file with all rules inside it
and paste the following inside it
save and exit CTRL+x
now create a firewall for ipv6
and paste the following in it:
now testing our rules:
if you don't loose connection to your server then its likely to be ok.
try pining your server from your local computer/labtop:
if you didn't get any resonse, then firewall is working so we need to keep these rules even after rebooting your cloud server:
now firewall rules can be persist after reboot
these are basic steps to secure your cloud server ,probably you want to harden your server security more..
Install webserver(nginx)
to install nginx run the following command
decide where you'd like to put your web application(drupal for example), lets make directory:
and tell nginx to look there for requested pages, so open nginx.conf
and mak sure any root word look like:
and php block like this
NOTE: I suggest you install signed ssl certificate on your server and only use https when you perform an adminstrative tasks on your website.
Install database server(postgresql)
to install postgresql run the following command
if you would like to install latest stable postgresql 9.1
you need to add backports source to your sources.list, so run the following
if you got some unsolved dependecies try aptitude, it'll try to help you solve unmet dependencies
next we need to create new database
you're now logged as postgres user, so we want to create database named mydb:
create a naoar user and the password 123456
grant all privilege to naoar
ok database is ready now
install php5 cgi, related extensions
to install php5 and some recommended extensions:
this will install php 5.3.x, postgreql extension to connect to your postgresql server, image library gd and xcache
you may find that php5-cgi binary crashes frequently, this is not nice when your website is up and running, your users may get 502 Bad gateway error, in order to prevent that we need to restart php5-cgi whenever it crashes, so run the following:
Install exim4(mail transfer agent)
to install exim4 run the following
this will install light binary, suffeciant for sending emails from your cloud server
you can reconfigure exim4 at anytime just run
test if sending email is working
if you didn't get errors, and you recieved the email, then things seems ok
this email setup will let you send emails from your cloud to your website members, please note that recieving emails will you require you setup spamassin and many other stuff, defintlly you can accept incoming mails with changing the settings of exim4, but I would not recommend it, better you use other free services which can act as mail server for your incoming emails and will let you access your email from any email client imap or pop3, for this you may try google ad-supported for business or try ads-free email hosting from rackspace which is for only 2$/month
ok now reboot your cloud server
and that was the last time you login as root :), from now on you need to connect using your new username 'naoar' and raise your privilage WHEN NEEDED using sudo
so to login again
enter your password
for exaample you want to see listeneing tcp and udp servers
enter naoar password not root passwd
------------------------------------------
ok so far your server is
-capable of sending emails
-ready to serve static files, html and php (via php5-cgi), through port 80
-ready to install postgresql-driven php web applications :)
NOTE: you need to login to your dns provider and change the Address record commonly named A record (Host) to point to your cloud server ip address so that from now on you can access your cloud server using your domain
so whats next?: install web application, for example mybb forum script click here to know how
------------
cheers
No comments:
Post a Comment