Objectives

This is Part 1 of a series called Hello, World: Blog. Throughout this series we’ll set up a live Jekyll blog from start to finish.

In this post, you’ll:

  • Set up an Ubuntu server (on DigitalOcean or another web host)
  • Log into the server using SSH
  • Create a non-root user
  • Install nginx as a basic http server

Choose Your Host Provider

In order to create a website, we need a server to store our site’s files. You can essentially “rent” server space online through companies known as web hosting providers or web hosts. There are lots of options to choose from, and they’ll cost you at least a few dollars per month depending on how much space you need.

For my personal blog (and this tutorial), I use DigitalOcean as my web host. It’s well documented, costs $5 per month for the smallest server size, and provides virtual servers in the form of “droplets” that can be created and destroyed through the user interface.

Using DigitalOcean as your web host is not a requirement for this series, but you will need a server running Ubuntu (a Linux operating system) in order to follow along. If you choose another web host, skip any section marked [DigitalOcean].

[DigitalOcean] Create an Ubuntu Sever

If DigitalOcean is your web host, you’ll need to create an account and then create a new droplet.

Give the droplet these characteristics:

  • Image: Ubuntu
  • Size*: 1GPU memory / 1CPU / 25 GB SSD / 1 TB transfer - $5 per month
  • Datacenter region: choose a region near you
  • Hostname: anything you’d like (I used “blog”)

*For a simple blog, I recommend starting with the smallest and cheapest size. You can always increase a droplet’s size in the future, but you cannot decrease it.

After creating a droplet, you’ll receive an email from DigitalOcean containing some information about your server. It should look something like this:

Droplet Name: blog
IP Address: <IP ADDRESS>
Username: root
Password: <PASSWORD>

This information will be used to connect to your server in the next section.

A Note About Environments

From this point forward, we’ll be working with two different terminal environments.

  • local - The physical computer you are typing on.
  • server - The server provided to you by your web host.

Throughout this tutorial we’ll need to execute terminal commands on both environments. The terminal code snippets will have different prompts to indicate where they’re being executed.

# local environment
$ echo "Hello"
# server environment
user@hostname:~$ echo "Hello"

In the server prompt:

  • user will be replaced by the username of the account currently logged into the server
  • hostname will be the name of your server.

Server First-time Login

Now that we have a server with an IP address, we will use SSH (Secure Shell) to access it remotely.

Note: If you are using Windows, you won’t be able to use the commands below. Here are instructions for using PuTTY to connect to the server.

Open your local terminal and use the ssh command to access the server. Note that IP_ADDRESS should be replaced with your server’s IP address.

$ ssh root@IP_ADDRESS

If this is your first time connecting to the server, you’ll see this message.

The authenticity of host 'IP_ADDRESS' can't be established.
ECDSA key fingerprint is SOME_LONG_SHA.
Are you sure you want to continue connecting (yes/no)? 

Type yes and press enter. This will add the host to your computer’s keychain.

Next, you’ll be prompted for a password:

Warning: Permanently added IP_ADDRESS' (ECDSA) to the list of known hosts.
root@IP_ADDRESS's password: 

Paste in your root password and press Enter (this was in your email if you created a droplet through DigitalOcean).

If all went well, you’ll see this:

You are required to change your password immediately (root enforced)
Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-127-generic x86_64)

...

Changing password for root.
(current) UNIX password: 

The password provided by DigitalOcean is temporary - it must be reset the first time it is used. Follow the prompts to create a new root password. Once you’ve done so, you’ll see the server’s terminal prompt:

root@blog:~#

root is the current user account, and blog is my server’s host name.

Create a New User Account

In Ubuntu, logging in as the root user is not recommended. The root user has the power to do anything, which has a couple of associated risks: one, you can easily break your server by executing commands by mistake; two, if your root user is compromised an attacker gets full control. To help prevent this, we’ll create a different user account to administrate the server.

For the remainder of this tutorial, this user account will be referred to as the “non-root” user.

Make sure you’re still logged into the server as root. Then, create a new user.

Note: In the commands below, replace bannmoore with your desired username.

root@blog:~# adduser bannmoore

You’ll be prompted to enter a password for the new user.

root@blog:~# adduser bannmoore
Adding user `bannmoore' ...
Adding new group `bannmoore' (1000) ...
Adding new user `bannmoore' (1000) with group `bannmoore' ...
Creating home directory `/home/bannmoore' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password: 
passwd: password updated successfully

Once that’s done, it will prompt you to add user information. This is entirely optional - you can press enter to skip each line. At the end, type Y and press enter to confirm.

Changing the user information for bannmoore
Enter the new value, or press ENTER for the default
	Full Name []: 
	Room Number []: 
	Work Phone []: 
	Home Phone []: 
	Other []: 
Is the information correct? [Y/n] Y

Next, we need to grant sudo privileges to the non-root user. sudo allows a user to execute single commands using root privileges.

root@blog:~# usermod -aG sudo bannmoore

Now that the non-root user has sudo privileges, we should use it instead of the root user. Use the exit command to log out and disconnect from the server:

root@blog:~# exit
logout
Connection to 67.205.157.148 closed.

Reconnect to the server using ssh - this time, provide the non-root username instead of root. It should display username@hostname as the prompt.

$ ssh bannmoore@IP_ADDRESS
bannmoore@IP_ADDRESS's password: 
Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-127-generic x86_64)

...

To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

bannmoore@blog:~$ 

Set up a Web Server using Nginx

At this point we’ve successfully created an Ubuntu server on a web host, accessed it via ssh, and created a non-root user that can execute sudo commands. But we still don’t have a website. If you enter the server’s IP address in a web browser, it will refuse to connect.

A web server requires two components:

  • a computer or server that contains website files
  • an http server to deliver content

The Ubuntu server we created satisfies the first requirement, but in order to serve content on the web we’ll need to install additional packages. We’ll be using nginx, which provides a basic HTTP server that is capable of serving static content.

Log into your server as the non-root user, and use these commands to install nginx.

bannmoore@blog:~$ sudo apt-get update
bannmoore@blog:~$ sudo apt-get install nginx

Note: The first time you use sudo, it will prompt you for your password.

Once the install completes, check the status of nginx using systemctl:

$ systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2018-06-01 18:47:47 UTC; 2min 10s ago
 Main PID: 12770 (nginx)
   CGroup: /system.slice/nginx.service
           ├─12770 nginx: master process /usr/sbin/nginx -g daemon on; master_process on
           └─12772 nginx: worker process

Once nginx is installed, type your server IP into a browser again. This time, it should display a generic page containing some information about nginx. Congratulations - you’ve created a website!

In the next post, we’ll set up a local development environment and generate our site code.