How to deploy angular application in azure virtual machine

How to deploy angular application in azure virtual machine

NodeJs:-
https://tecadmin.net/install-latest-nodejs-npm-on-ubuntu/

Nginx:-
https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-16-04

Virtual Machine Configuration:-
https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-virtual-hosts-on-ubuntu-16-04

SSL using Let’s Encrypt:-
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

How to install Nginx:-

Installing the all updates in ubuntu debian version

$
sudo apt-get update

Installing the Nginx web server, please follow the below command


$ sudo apt-get install nginx

Adjust the Firewall


We can list the applications configurations that 
ufw knows how to work with by typing:

$ sudo ufw app list

Firewall should be enable,

$ sudo ufw status (sudo ufw enable/disable)

How To Set Up Nginx Server Blocks (Virtual Hosts) on Ubuntu 16.04

Set Up New Document Root Directories


$ sudo mkdir -p /var/www/
example.com/html

We can use the $USER
environmental variable to assign ownership to the account that we are currently signed in on (make sure you’re not logged in as root). This will allow us to easily create or edit the content in this directory:

$ sudo chown -R $USER:$USER /var/www/example.com/html

The permissions of our web roots should be correct already if you have not modified your umask
value, but we can make sure by typing:

sudo chmod -R 755 /var/www

Create Sample Pages for Each Site


Now that we have our directory structure set up, let’s create a default page for each of our sites so that we will have something to display.

Create an index.html
file in your first domain:

$ nano /var/www/example.com/html/index.html

<html>

    <head>         <title>Welcome to Example.com!</title>     </head>     <body>         <h1>Success!  The example.com server block is working!</h1>     </body> </html>

Save and close the file when you are finished.


Create the First Server Block File

As mentioned above, we will create our first server block config file by copying over the default file:
$ sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com

Now, open the new file you created in your text editor with sudo privileges:
$
sudo nano /etc/nginx/sites-available/example.com
Change the below,

listen
80 default_server;

        listen [::]:80 default_server;

to

listen
80;

        listen [::]:80;


and also set the root element,

root
/var/www/
example.com/html;


and set the server name too,
server_name
example.com
www.
example.com;

Enable your Server Blocks and Restart Nginx

Now that we have our server block files, we need to enable them. We can do this by creating symbolic links from these files to the sites-enabled directory, which Nginx reads from during startup.

We can create these links by typing:

$ sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
These files are now in the enabled directory. We now have three server blocks enabled, which are configured to respond based on their listen
directive and the server_name
(you can read more about how Nginx processes these directives here):

  • example.com: Will respond to requests for example.com
    and http://www.example.com
  • test.com: Will respond to requests for test.com
    and http://www.test.com
  • default: Will respond to any requests on port 80 that do not match the other two blocks.


$ sudo nano /etc/nginx/nginx.conf
Within the file, find the server_names_hash_bucket_size
directive. Remove the #
symbol to uncomment the line:

http
{

    . . .     server_names_hash_bucket_size 64;     . . . }

Next, test to make sure that there are no syntax errors in any of your Nginx files:

$ sudo nginx -t

If no problems were found, restart Nginx to enable your changes:

$ sudo systemctl restart nginx

Test your Results
Now that you are all set up, you should test that your server blocks are functioning correctly. You can do that by visiting the domains in your web browser:

http://example.com

You should see a page that looks like this:


How To Secure Nginx with Let’s Encrypt on Ubuntu 16.04

Installing Certbot

The first step to using Let’s Encrypt to obtain an SSL certificate is to install the certbot
software on your server. The Certbot developers maintain their own Ubuntu software repository with up-to-date versions of the software. Because Certbot is in such active development it’s worth using this repository to install a newer Certbot than provided by Ubuntu.

First, add the repository:

$ sudo add-apt-repository ppa:certbot/certbot

You’ll need to press ENTER
to accept. Afterwards, update the package list to pick up the new repository’s package information:
$ sudo apt-get update
And finally, install Certbot with apt-get:
$ sudo apt-get install python-certbot-nginx

Updating the Firewall

If you have the ufw
firewall enabled, as recommended by the prerequisite guides, you’ll need to adjust the settings to allow for HTTPS traffic. Luckily, Nginx registers a few profiles with ufw
upon installation.

You can see the current setting by typing:

$ sudo ufw status

To additionally let in HTTPS traffic, we can allow the “Nginx Full” profile and then delete the redundant “Nginx HTTP” profile allowance:

$ sudo ufw allow ‘Nginx Full’

$ sudo ufw delete allow ‘Nginx HTTP’

Your status should look like this now:

sudo ufw status (Status should be active)

Obtaining an SSL Certificate

Certbot provides a variety of ways to obtain SSL certificates, through various plugins. The Nginx plugin will take care of reconfiguring Nginx and reloading the config whenever necessary:
$ sudo certbot –nginx -d
example.com -d www.example.com

If you have no errors, reload Nginx:
$ sudo systemctl reload nginx

Setting Up Auto Renewal

$ sudo crontab -e

15
3 * * * /usr/bin/certbot renew --quiet

The 15
3 * * *

part of this line means “run the following command at 3:15 am, every day”. You may choose any time.

The renew
command for Certbot will check all certificates installed on the system and update any that are set to expire in less than thirty days. --quiet
tells Certbot not to output information or wait for user input.

Cron
will now run this command daily. All installed certificates will be automatically renewed and reloaded when they have thirty days or less before they expire.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s