installation server manual

2025-03-19 07:27:36 +02:00
parent 610676cc0a
commit e0ed063a39
2 changed files with 154 additions and 3 deletions
@@ -1,5 +1,9 @@
-# ProNature Server and Application Installation
-## Services to install
+# ProNature Server and Application Installation Manual
+
+## Prerequisites 
+Ubuntu 24 Headless Server minimal installation is required.
+
+## Installing services
 ### [Mongo DB Community 8+ ](https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/)  
 > sudo apt-get install gnupg curl  
 > curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \
@@ -19,6 +23,29 @@
 > node -v # should print `v22.11.0`  
 > npm -v # should print `10.9.0`  

+### Image processing using Sharp needs a specific memory manager for NodeJS:  
+> sudo apt install git-all  
+> sudo apt install gcc  
+> sudo apt-get install build-essential  
+> sudo apt-get -y install autoconf libxslt-dev xsltproc docbook-xsl  
+> git clone https://github.com/jemalloc/jemalloc.git  
+> cd jemalloc  
+> autoconf  
+> ./configure  
+> make dist  
+> sudo make install  
+
+Add this line to /etc/enviroment  
+`LD_PRELOAD=/usr/local/lib/libjemalloc.so.2`
+
+Then 
+
+> export LD_PRELOAD=/usr/local/lib/libjemalloc.so.2  
+
+or  
+
+> reboot  
+
 ### PM2
 > npm install pm2 -g  
 > pm2 startup  
@@ -41,3 +68,127 @@
    - Linux Dash using this [instruction](https://github.com/afaqurk/linux-dash). You can run it using `pm2 start ecosystem.config.js` (on https://your.server.name/host-monitor/) OR  
    <!-- - Netdata (`app install netdata`) and https://your.server.name/netdata/ -->
    - [Netdata](https://learn.netdata.cloud/docs/installing/one-line-installer-for-all-linux-systems) - `wget -O /tmp/netdata-kickstart.sh https://my-netdata.io/kickstart.sh && sh /tmp/netdata-kickstart.sh --stable-channel`
+
+## Set up SSH Reverse Tunel
+
+```bash
+#/etc/systemd/system/autossh-remote-tunnel.service
+[Unit]
+Description=AutoSSH tunnel service for SSH
+After=network.target
+
+[Service]
+Environment="AUTOSSH_GATETIME=0"
+ExecStart=/usr/bin/autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -N -R 9922:localhost:22 -R 9980:localhost:9980 -R localhost:9951:192.168.200.2:5001 -R localhost:9971:192.168.200.2:7001 remote-user@remote-machine
+User=pronature
+
+[Install]
+WantedBy=multi-user.target
+```
+
+Reload systemd:
+> sudo systemctl daemon-reload  
+
+Start the Autossh service:
+> sudo systemctl start autossh-remote-tunnel.service
+
+Enable at boot:
+> sudo systemctl enable autossh-remote-tunnel.service
+
+Check status with:
+> sudo systemctl status autossh-remote-tunnel
+
+### SSHD config on remote server (/etc/ssh/sshd_config):  
+
+> ClientAliveInterval 600  
+> ClientAliveCountMax 12
+
+## Issue certificates
+> certbot certonly --nginx -d pronature-disk.bg73.net  
+> certbot certonly --nginx -d pronature-v1.bg73.net 
+
+## NGINX server config
+### Configure storage endpoint
+```nginx
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    ssl_certificate /etc/letsencrypt/live/pronature-disk.bg73.net/fullchain.pem; # managed by Certbot
+    ssl_trusted_certificate /etc/letsencrypt/live/pronature-disk.bg73.net/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/pronature-disk.bg73.net/privkey.pem; # managed by Certbot
+
+    server_name  pronature-disk.bg73.net;
+    location / {
+        proxy_set_header   X-Forwarded-For $remote_addr;
+        proxy_set_header   Host $http_host;
+        proxy_set_header   X-Forwarded-Host $host;
+        proxy_set_header   X-Forwarded-Proto $scheme;
+        proxy_pass         https://127.0.0.1:9971/;
+    }
+    client_max_body_size 500M;
+}
+```
+
+### Configure dev application
+```nginx
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    ssl_certificate /etc/letsencrypt/live/pronature-v1.bg73.net/fullchain.pem; # managed by Certbot
+    ssl_trusted_certificate /etc/letsencrypt/live/pronature-v1.bg73.net/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/pronature-v1.bg73.net/privkey.pem; # managed by Certbot
+
+    server_name  pronature-v1.bg73.net;
+    location / {
+        proxy_set_header   X-Forwarded-For $remote_addr;
+        proxy_set_header   Host $http_host;
+        proxy_set_header   X-Forwarded-Host $host;
+        proxy_set_header   X-Forwarded-Proto $scheme;
+        proxy_pass         http://127.0.0.1:9980/;
+        auth_basic         "ProNature Demo Site requires auth";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+    }
+    client_max_body_size 500M;
+}
+```
+
+## Firewall, enable services:
+
+SSH Access:
+> sudo ufw allow 22  
+
+HTTP:
+> sudo ufw allow 80  
+
+HTTP over SSL:
+> sudo ufw allow 443  
+
+Start the FW:
+> sudo ufw enable  
+
+## Set up the application
+
+> git clone https://github.com/mld-bas/pronature-platform.git  
+> cd pronature-platform  
+> npm run build  
+> ./deploy.sh  
+> cd /var/node/pronature/  
+> npm install  
+
+Create the ecosystem file `ecosystem.config.cjs`:
+```js
+module.exports = {
+    apps : [{
+      name   : "pronature",
+      script : "/var/node/pronature/backend/main.js",
+      cwd : "/var/node/pronature/",
+      instances : 2,
+      exec_mode : "cluster"
+    }]
+}
+```
+
+> pm2 start ecosystem.config.cjs  
+> pm2 save