Installation instructions
1. Launch amazon ubuntu server in aws + Attach Elastic IP to the new instance
2. ssh to ubuntu to install packages
ssh -i <key.pem> ubuntu@<ip-address> -v
3. Update and Upgrade linux machine and install node and nvm
sudo apt update
sudo apt upgrade
sudo apt install -y git htop wget
3.1 install node
To install or update nvm, you should run the [install script][2]. To do that, you may either download and run the script manually, or use the following cURL or Wget command:
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
Or
wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
Running either of the above commands downloads a script and runs it. The script clones the nvm repository to ~/.nvm
, and attempts to add the source lines from the snippet below to the correct profile file (~/.bash_profile
, ~/.zshrc
, ~/.profile
, or ~/.bashrc
).
3.2 Copy & Past (each line separately)
export NVM_DIR="$HOME/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm
[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" # This loads nvm bash_completion
3.3 Verify that nvm has been installed
nvm --version
3.4 Install node
nvm install --lts # Latest stable node js server version
3.5 Check nodejs installed
node --version
3.6 Check npm installed
npm -v
4. Clone nodejs-ssl-server repository
cd /home/ubuntu
git clone https://github.com/saasscaleup/nodejs-ssl-server.git
5. Run node app.js (Make sure everything working)
cd nodejs-ssl-server
npm install
node app.js
6. Install pm2
npm install -g pm2 # may require sudo
7. Starting the app with pm2 (Run nodejs in background and when server restart)
pm2 start app.js --name=nodejs-ssl-server
pm2 save # saves the running processes
# if not saved, pm2 will forget
# the running apps on next boot
7.1 IMPORTANT: If you want pm2 to start on system boot
pm2 startup # starts pm2 on computer boot
8. FREE SSL - Install Nginx web server
sudo apt install nginx
sudo nano /etc/nginx/sites-available/default
Add the following to the location part of the server block
server_name yourdomain.com www.yourdomain.com;
location / {
proxy_pass http://localhost:5000; #whatever port your app runs on
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
Check NGINX config
sudo nginx -t
Restart NGINX
sudo service nginx restart
You should now be able to visit your IP with no port (port 80) and see your app. Now let's add a domain
9 Add domain in goDaddy.com
If you have domain, you can add A record to your EC2 instance IP with a new subdomain as I'm going to show you next
9.1 Check that Port 80 redirect to Nodejs server
10 Installing Free SSL
10.1 Installing Certbot
sudo snap install core; sudo snap refresh core
sudo apt remove certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
10.2 Confirming Nginx’s Configuration
sudo nano /etc/nginx/sites-available/default
let edit this line:
...
server_name example.com www.example.com;
...
sudo nginx -t
sudo systemctl reload nginx
10.3 Obtaining an FREE SSL Certificate
sudo certbot --nginx -d app.example.com
Output:
IMPORTANT NOTES:
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/your_domain/fullchain.pem
Key is saved at: /etc/letsencrypt/live/your_domain/privkey.pem
This certificate expires on 2022-06-01.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
10.4 Verifying Certbot Auto-Renewal
sudo systemctl status snap.certbot.renew.service
Output:
○ snap.certbot.renew.service - Service for snap application certbot.renew
Loaded: loaded (/etc/systemd/system/snap.certbot.renew.service; static)
Active: inactive (dead)
TriggeredBy: ● snap.certbot.renew.timer
To test the renewal process, you can do a dry run with certbot:
sudo certbot renew --dry-run
11. Visit your website
Enjoy Your free Nodejs server with Free SSL :)