DEV Community

Cover image for Deploy Strapi on VPS with Ubuntu, MySQL
Ravgeet Dhillon
Ravgeet Dhillon

Posted on • Originally published at ravsam.in on

Deploy Strapi on VPS with Ubuntu, MySQL

Learn how to set up a Strapi app on VPS, DigitalOcean, Linode with Ubuntu, MySQL.

This blog was originally published on RavSam’s blog. We publish our articles on Medium after a week.

So you have built your Strapi project and the next thing you need to do is to deploy it on a production server. In this blog, we will learn about how to set up a Virtual Private Server(VPS) and then deploy our Strapi application. We can apply this guide to any kind of servers like Linode, DigitalOcean and many more.

Contents

  • 1. Create a non-root user
  • 2. Create a Public-Private key pair
  • 3. SSH as a new user
  • 4. Add SSH key to authorized keys
  • 5. Configure Firewall
  • 6. Remove Apache and Install Nginx
  • 7. Install Node using NVM
  • 8. Install PM2
  • 9. Install Database (MariaDB/MySQL)
  • 10. Create Nginx Server Blocks
  • 11. Setup DNS
  • 12. Install SSL
  • 13. Run the app

Steps

We will be using Hostinger VPS Plan 1 with Ubuntu 20.04. Make sure to follow step by step.

Replace all the values in <> with your own values.

1. Create a non-root user

It is a good idea to create a non-root user with sudo privileges. All the commands will be run through this user. The first step is to log in as the root user.

ssh root@<VPSIPADDRESS>
Enter fullscreen mode Exit fullscreen mode

The first thing to do on a new machine is to update the packages and remove all the older ones.

sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove -y
Enter fullscreen mode Exit fullscreen mode

Now our machine is up to date and we need to create a new user and log out of the session.

adduser <NEWUSER>
usermod -aG sudo <NEWUSER>
exit
Enter fullscreen mode Exit fullscreen mode

2. Create a Public-Private key pair

It is great to use Public-Private key pair to SSH into a remote server. We can create a new one using

ssh-keygen
Enter fullscreen mode Exit fullscreen mode

or

copy the existing one’s public key onto our clipboard

xclip -selection clipboard -in ~/.ssh/hostinger_rsa.pub
Enter fullscreen mode Exit fullscreen mode

3. SSH as a new user

Let us now SSH as a new user using password authentication.

ssh <NEWUSER>@<VPSIPADDRESS>
Enter fullscreen mode Exit fullscreen mode

Once we are logged in, we need to create a directory for the new user identified by its name.

mkdir -p <NEWUSER>
cd <NEWUSER>
Enter fullscreen mode Exit fullscreen mode

4. Add SSH key to authorized keys

Let us register our public key by adding it to our authorized keys so that we can log in using a private key.

mkdir -p ~/.ssh/
sudo echo "<COPIED_PUBLIC_KEY>" >> ~/.ssh/authorized_keys
Enter fullscreen mode Exit fullscreen mode

5. Configure Firewall

Now is the time to set up a firewall. A firewall is essential while setting up VPS to restrict unwanted traffic going out or into your VPS. Let us install ufw and configure a firewall to allow SSH operations.

sudo apt install ufw -y
sudo ufw allow OpenSSH
sudo ufw enable -y
sudo ufw status
Enter fullscreen mode Exit fullscreen mode

6. Remove Apache and Install Nginx

Nginx is a much better server than Apache. It is lightweight, easy to set up and allow us to set up proxies. Before installing Nginx, we need to remove Apache which is available by default in Ubuntu 20.04.

sudo systemctl stop apache2 && sudo systemctl disable apache2
sudo apt remove apache2 -y && sudo rm /var/www/html/index.html
sudo apt autoremove -y
Enter fullscreen mode Exit fullscreen mode

Let us now install Nginx.

sudo apt install nginx -y
sudo systemctl start nginx
sudo systemctl status nginx
Enter fullscreen mode Exit fullscreen mode

Let us configure the firewall to allow HTTP and HTTPS traffic to pass through it.

sudo ufw allow 'Nginx Full'
sudo ufw enable -y
sudo ufw status
Enter fullscreen mode Exit fullscreen mode

We can also allow either HTTPS or HTTP by using

sudo ufw allow 'Nginx HTTP'
# or 
sudo ufw allow 'Nginx HTTPS'
Enter fullscreen mode Exit fullscreen mode

To verify Nginx installation, visit the IP address of the VPS.

You can find IP address by curl -4 icanhazip.com.

7. Install Node using NVM

Let us install NodeJs using NVM. The following code helps us find the current nvm version.

nvmversion=$(curl --silent "https://api.github.com/repos/nvm-sh/nvm/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
curl -o- "https://raw.githubusercontent.com/nvm-sh/nvm/$nvmversion/install.sh" | bash
Enter fullscreen mode Exit fullscreen mode

Some NPM packages require to refer to numerous packages needed for building software in general. So we will install build-essential for the same.

sudo apt install build-essential -y
Enter fullscreen mode Exit fullscreen mode

8. Install PM2

PM2 is a Process Manager built for production-level applications. It can help us run our Strapi application when the server restarts. It can watch for file changes and restart the server automatically for us.

npm i -g pm2@latest
cd ~
pm2 startup systemd
Enter fullscreen mode Exit fullscreen mode

Follow the rest of the instructions as specified on the terminal and then do pm2 save.

9. Install Database (MariaDB/MySQL)

MariaDB is a fork of MySQL with lots of performance gains. Let us install our database sever by doing

sudo apt install mariadb-server -y
sudo mysql_secure_installation
Enter fullscreen mode Exit fullscreen mode

Follow all the instructions and complete the setup.

Once our database server is installed, we need to create a non-root user with root privileges for database operations.

sudo mariadb
GRANT ALL ON *.* TO '<NEWUSER>'@'localhost' IDENTIFIED BY '<PASSWORD>`' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;
Enter fullscreen mode Exit fullscreen mode

Once this is done, we need to restart our database server.

sudo systemctl restart mariadb
Enter fullscreen mode Exit fullscreen mode

10. Create Nginx Server Blocks

It is always a good idea to server blocks rather than to change the default Nginx configuration. This helps us when we decide to host multiple websites on the same server. To create a server block, we need to do

sudo nano /etc/nginx/sites-available/<YOUR_DOMAIN>
Enter fullscreen mode Exit fullscreen mode

Add the following config

upstream <YOUR_DOMAIN> {
  server 127.0.0.1:1337;
  keepalive 64;
}

server {
  server_name <YOUR_DOMAIN>;
  access_log /var/log/nginx/<YOUR_DOMAIN>-access.log;
  error_log /var/log/nginx/<YOUR_DOMAIN>-error.log;
  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://<YOUR_DOMAIN>;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_cache_bypass $http_upgrade;
  }
}

server {
  listen 80;
  server_name <YOUR_DOMAIN>;
}
Enter fullscreen mode Exit fullscreen mode

This configuration assumes that our Strapi application will be run 127.0.0.1:1337.

Once our configuration is set up, we need to enable our website by creating a symbolic link for our configuration file.

sudo ln -s /etc/nginx/sites-available/<YOUR_DOMAIN> /etc/nginx/sites-enabled/
Enter fullscreen mode Exit fullscreen mode

This is optional but if we are serving multiple domains or subdomains from our server, we need to edit our nginx.conf by uncommenting this line server_names_hash_bucket_size 64; using

sudo nano /etc/nginx/nginx.conf
Enter fullscreen mode Exit fullscreen mode

Lets us quickly check that our configurations are error-free by doing

sudo nginx -t
Enter fullscreen mode Exit fullscreen mode

The output will tell us whether an error exists. If any error comes up, we need to resolve it and then finally restart the server.

sudo systemctl restart nginx
Enter fullscreen mode Exit fullscreen mode

11. Setup DNS

In our domain provider, we need to add an A record to point our subdomain to the VPS as follows:

+------+-----------+----------------+------+
| Type | Name | Content | TTL |
+------+-----------+----------------+------+
| A | subdomain | «VPSIPADDRESS» | 3600 |
+------+-----------+----------------+------+
Enter fullscreen mode Exit fullscreen mode

The DNS propagation can take upto 24 hours. You can use this handy tool to verify your DNS propagation.

12. Install SSL

The final step is to issue an SSL certificate for our Strapi application. We can automate the process of issuing certificates to our domain using certbot. Running the following commands will help us issue a Let’s Encrypt SSL certificate for our domain.

sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d <YOUR_DOMAIN>
Enter fullscreen mode Exit fullscreen mode

Follow all the instructions. Use the Redirect option to redirect HTTP traffic to HTTPS.

The advantage of the above commands is that the certbot process runs twice a day to check if any certificates will expire within a month. It automatically renews the certificates so we don’t have to worry about certificate expiration. We can verify this by running:

sudo systemctl status certbot.timer
Enter fullscreen mode Exit fullscreen mode

13. Run the app

Now our setup is complete and it is the time that we all have been waiting for. Let us run our Strapi application using PM2.

cd ~
cd api
pm2 start ecosystem.config.js
Enter fullscreen mode Exit fullscreen mode

We can visit our domain and check our Strapi application is running.

Follow me for upcoming articles.

Connect with Me

I love writing for the community while working on my freelance and open source projects. Connect with me through TwitterLinkedInGithubEmail.

About RavSam Web Solutions

We are helping startups and companies set up content management systems to manage their content delivery to customers across various products. Reach out to us to know more about our services, or anything else. We are always looking forward to work on great ideas. If you are looking for an application development company, you are most welcome to get in touch with us.

You might also enjoy reading


Discussion (0)