This is Part 1 of a series called Hello, World: Blog. Throughout this series we’ll set up a live Jekyll blog from start to finish.
In this post, you’ll:
- Set up an Ubuntu server (on DigitalOcean or another web host)
- Log into the server using SSH
- Create a non-root user
- Install nginx as a basic http server
Choose Your Host Provider
In order to create a website, we need a server to store our site’s files. You can essentially “rent” server space online through companies known as web hosting providers or web hosts. There are lots of options to choose from, and they’ll cost you at least a few dollars per month depending on how much space you need.
For my personal blog (and this tutorial), I use DigitalOcean as my web host. It’s well documented, costs $5 per month for the smallest server size, and provides virtual servers in the form of “droplets” that can be created and destroyed through the user interface.
Using DigitalOcean as your web host is not a requirement for this series, but you will need a server running Ubuntu (a Linux operating system) in order to follow along. If you choose another web host, skip any section marked
[DigitalOcean] Create an Ubuntu Sever
Give the droplet these characteristics:
- Image: Ubuntu
- Size*: 1GPU memory / 1CPU / 25 GB SSD / 1 TB transfer - $5 per month
- Datacenter region: choose a region near you
- Hostname: anything you’d like (I used “blog”)
*For a simple blog, I recommend starting with the smallest and cheapest size. You can always increase a droplet’s size in the future, but you cannot decrease it.
After creating a droplet, you’ll receive an email from DigitalOcean containing some information about your server. It should look something like this:
Droplet Name: blog IP Address: <IP ADDRESS> Username: root Password: <PASSWORD>
This information will be used to connect to your server in the next section.
A Note About Environments
From this point forward, we’ll be working with two different terminal environments.
- local - The physical computer you are typing on.
- server - The server provided to you by your web host.
Throughout this tutorial we’ll need to execute terminal commands on both environments. The terminal code snippets will have different prompts to indicate where they’re being executed.
# local environment $ echo "Hello"
# server environment user@hostname:~$ echo "Hello"
In the server prompt:
userwill be replaced by the username of the account currently logged into the server
hostnamewill be the name of your server.
Server First-time Login
Now that we have a server with an IP address, we will use SSH (Secure Shell) to access it remotely.
Note: If you are using Windows, you won’t be able to use the commands below. Here are instructions for using PuTTY to connect to the server.
Open your local terminal and use the
ssh command to access the server. Note that
IP_ADDRESS should be replaced with your server’s IP address.
$ ssh root@IP_ADDRESS
If this is your first time connecting to the server, you’ll see this message.
The authenticity of host 'IP_ADDRESS' can't be established. ECDSA key fingerprint is SOME_LONG_SHA. Are you sure you want to continue connecting (yes/no)?
yes and press enter. This will add the host to your computer’s keychain.
Next, you’ll be prompted for a password:
Warning: Permanently added IP_ADDRESS' (ECDSA) to the list of known hosts. root@IP_ADDRESS's password:
Paste in your root password and press Enter (this was in your email if you created a droplet through DigitalOcean).
If all went well, you’ll see this:
You are required to change your password immediately (root enforced) Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-127-generic x86_64) ... Changing password for root. (current) UNIX password:
The password provided by DigitalOcean is temporary - it must be reset the first time it is used. Follow the prompts to create a new root password. Once you’ve done so, you’ll see the server’s terminal prompt:
root is the current user account, and
blog is my server’s host name.
Create a New User Account
In Ubuntu, logging in as the root user is not recommended. The root user has the power to do anything, which has a couple of associated risks: one, you can easily break your server by executing commands by mistake; two, if your root user is compromised an attacker gets full control. To help prevent this, we’ll create a different user account to administrate the server.
For the remainder of this tutorial, this user account will be referred to as the “non-root” user.
Make sure you’re still logged into the server as root. Then, create a new user.
Note: In the commands below, replace
bannmoore with your desired username.
root@blog:~# adduser bannmoore
You’ll be prompted to enter a password for the new user.
root@blog:~# adduser bannmoore Adding user `bannmoore' ... Adding new group `bannmoore' (1000) ... Adding new user `bannmoore' (1000) with group `bannmoore' ... Creating home directory `/home/bannmoore' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
Once that’s done, it will prompt you to add user information. This is entirely optional - you can press
enter to skip each line. At the end, type
Y and press enter to confirm.
Changing the user information for bannmoore Enter the new value, or press ENTER for the default Full Name : Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] Y
Next, we need to grant
sudo privileges to the non-root user.
sudo allows a user to execute single commands using root privileges.
root@blog:~# usermod -aG sudo bannmoore
Now that the non-root user has sudo privileges, we should use it instead of the root user. Use the
exit command to log out and disconnect from the server:
root@blog:~# exit logout Connection to 22.214.171.124 closed.
Reconnect to the server using
ssh - this time, provide the non-root username instead of
root. It should display
username@hostname as the prompt.
$ ssh bannmoore@IP_ADDRESS bannmoore@IP_ADDRESS's password: Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-127-generic x86_64) ... To run a command as administrator (user "root"), use "sudo <command>". See "man sudo_root" for details. bannmoore@blog:~$
Set up a Web Server using Nginx
At this point we’ve successfully created an Ubuntu server on a web host, accessed it via
ssh, and created a non-root user that can execute
sudo commands. But we still don’t have a website. If you enter the server’s IP address in a web browser, it will refuse to connect.
A web server requires two components:
- a computer or server that contains website files
- an http server to deliver content
The Ubuntu server we created satisfies the first requirement, but in order to serve content on the web we’ll need to install additional packages. We’ll be using nginx, which provides a basic HTTP server that is capable of serving static content.
Log into your server as the non-root user, and use these commands to install nginx.
bannmoore@blog:~$ sudo apt-get update bannmoore@blog:~$ sudo apt-get install nginx
Note: The first time you use
sudo, it will prompt you for your password.
Once the install completes, check the status of nginx using
$ systemctl status nginx ● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2018-06-01 18:47:47 UTC; 2min 10s ago Main PID: 12770 (nginx) CGroup: /system.slice/nginx.service ├─12770 nginx: master process /usr/sbin/nginx -g daemon on; master_process on └─12772 nginx: worker process
Once nginx is installed, type your server IP into a browser again. This time, it should display a generic page containing some information about nginx. Congratulations - you’ve created a website!
In the next post, we’ll set up a local development environment and generate our site code.