🖥️

Guide to Setting Up a Production VPS

Oct 2, 2024

Lecture on Setting Up a Production-Ready VPS

Introduction

  • Discussion on deploying applications to the cloud using different platforms (PaaS vs. VPS).
  • PaaS has limitations for long-running tasks and high data transfer.
  • VPS offers consistent billing and mitigates some PaaS issues.

Setting Up a Production-Ready VPS

  • Challenge to set up a production-ready VPS from scratch.
  • Requirements:
    • DNS record pointing to the server.
    • Application up and running.
    • Secure communication over TLS.
    • Additional security measures (SSH hardening, firewall).
    • High availability and good user experience.
    • Automated deployments.
    • Monitoring for downtime alerts.

Choosing a VPS

  • Hostinger as a sponsor, providing a VPS instance.
  • Selected instance: KVM 2 with 2 vCPUs, 8 GB RAM, affordable pricing.

Initial Setup

  • Operating system: Ubuntu 20.04 LTS.
  • Configurations:
    • Disabled unnecessary services.
    • Set up SSH with public key authentication.
    • Created non-root user with sudo permissions.

DNS Configuration

  • Purchased a domain "zen.cloud".
  • Configured DNS records to point to VPS.

Security Enhancements

  • Hardened SSH configuration:
    • Disabled password authentication.
    • Disabled root login.
    • Optional: Change SSH port, though considered more of security by obscurity.

Application Deployment

  • Simple guestbook web app written in Go.
  • Initially deployed directly on VPS.
  • Preferred method: Containerization using Docker.
    • Docker compose to manage services.

Setting up a Firewall

  • Used ufw (uncomplicated firewall) for security.
  • Enabled ports for SSH, HTTP, and HTTPS.
  • Issue: Docker overwriting ufw IP table rules.
  • Solution: Use reverse proxy to control exposure.

Reverse Proxy with Traefik

  • Traefik chosen over Nginx for reverse proxy.
  • Configured to handle traffic and enable TLS.
  • Provided load balancing with minimal configuration.

Automated Deployments

  • Used Watchtower for automated updates of Docker containers.
  • Configured for rolling updates to maintain uptime.

Monitoring

  • Uptime Robot for monitoring service availability.
  • Sends notifications if the website becomes unavailable.

Conclusion

  • Successfully set up a production-ready VPS using simple tools.
  • Tools like Traefik and Watchtower made the setup easier.
  • Emphasized VPS advantages over PaaS for certain use-cases.
  • Recommended Hostinger for VPS hosting with a discount code "dreamsofcodes".

These notes provide a comprehensive overview of setting up a production-ready VPS, covering key steps from initial setup to security, deployment, and monitoring.

Full transcript