Setting up a VPS for a Rails/React project

In order to run or deploy a Rails/React/PostgreSQL app on a VPS/VM with a standard Ubuntu (Debian) installation, here are the steps to follow:

1) SSH into your instance using the credentials given by your cloud/VPS provider.

  • If you are on a *nix system it will be something like this:

ssh root@192.168.0.1

You will get a warning about a new certificate the first time your run it. Type yes, then enter your password at the following prompt.

2) Update your system: sudo apt-get update && sudo apt-get upgrade -y

3) Create a new user

adduser <username> For example: e.g. adduser bob

Enter a secure password at the following password prompt, then confirm your password. You might get prompted for some other information e.g. fullname. You can fill-in that information or ignore it if you prefer.

4) Give your new user permission to perform administrative tasks:

usermod -aG sudo <username>   For example: usermod -aG sudo bob

5) Disable root login:

Edit your SSH file to disable root login via SSH:

vi /etc/ssh/sshd_config   (you can replace vi with your favorite editor such as nano)

Find the line with PermitRootLogin and change it to ‘no’, then save it.

6) Install dependencies for Ruby and Rails (see https://gorails.com/setup/ubuntu/16.04)

sudo apt-get install git-core curl zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libcurl4-openssl-dev python-software-properties libffi-dev

7) Installing Rails, Node & NPM (and Yarn) 

Install Rails with rbenv (see the link above for other installation options)

cd
git clone https://github.com/rbenv/rbenv.git ~/.rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec $SHELL


git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc
exec $SHELL

rbenv install 2.4.2
rbenv global 2.4.2
ruby -v

Then install bundler with:

gem install bundler

Then run:

rbenv rehash

You will need to install Node for Rails:

First, to get the latest version of Node, add the Node PPA (Note: the latest version of Node in Ubuntu's PPA's is deprecated, so you should do this step):

curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -
sudo apt-get install -y nodejs

To compile and install native addons from npm you may also need to install build tools:

sudo apt-get install -y build-essential

Then NPM:

sudo apt-get install npm

And while we’re at it, Yarn:

curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list

Then:

sudo apt-get update && sudo apt-get install yarn

Install the latest version of Rails:

gem install rails -v 5.1.4

Then run:

rbenv rehash

8) INSTALLING POSTGRESQL

sudo apt-get install postgresql postgresql-contrib - y

sudo -u postgres createuser --interactive

Enter the name your *nix user account at the next prompt, then ‘y’ for the user to be a superuser.

sudo -u postgres createdb <username>

This creates a database.

IMPORTANT: Use the name of your *nix account here or you will encounter issues later.

Run:

sudo apt-get install libpq-dev

Then Run:

gem install pg -v 0.21.0

Then from your app directory, run:

bundle install
 

 

Other things todo:

Enabling a firewall (here I'm using UFW, feel free to use any alternative such as iptables):

Run sudo ufw app list, you should see OpenSSH as an option.

Allow SSH through the firewall:

sudo ufw allow OpenSSH

Enable the firewall:

sudo ufw enable

Verify your firewall configuration with:

sudo ufw status

 

Other important steps:

Setup SSH private key authentication & disable password authentication.

Implement IDS/IPS to block malicious access attempts with e.g. fail2ban