# Ubuntu 20.04 Web Server Setup Instructions 

> !!! **Work in progress, use at your own risk.** !!!

- nginx 
- certbot
- iptables

## Adding a new user

Add a new user for the purposes of logging in and doing administrative work.

> The *root* user has permissions to change every aspect of your server. This is good for the sake of administration, but regularly logging in and navigating your VPS as root isn’t great for security.

```shell
adduser username
```

You will be prompted with:

```shell
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
```

Add the new user to the sudo group.

```shell
usermod -aG sudo remote-user
```
After logging out, and back in as the new user, make sure your sudo access is working. One way of doing this is by listing the /root/ directory, which is only possible with sudo access. You’ll be asked for your user’s password to authenticate.

```shell
sudo ls -la /root
[sudo] password for username:
```

## Install nginx

```shell
$ sudo apt install nginx -y;
$ sudo systemctl enable --now nginx;
```

## Configure nginx

First two variables to tune are **worker_processes** and **worker_connections**.

**worker_processess** - how many workers should be spawn
**worker_connections** - how many clients can be simultaneously connection

Configure worker connections to be the number of cores available. Run the following to display the cores available:

```shell
grep processor /proc/cpuinfo | wc -l
````

Check the core’s limitations by issuing a ulimit command:

```shell
ulimit -n
```

Update the config with the new values.

```shell
sudo nano /etc/nginx/nginx.conf

worker_processes 1;
worker_connections 1024;
```

## Create a simple static site vhost "server" block

Create the website directory in `/var/www`:

```shell
$ sudo mkdir -p /var/www/www.mywebsite.com
$ cd /var/www/www.mywebsite.com
$ nano index.html
```

Paste the following into nano editor:

```html
<!DOCTYPE html>
<html>
<head>
    <title>Nginx Static Website</title>
</head>
<body>
    <h1>Hello world</h1>
</body>
</html>
```

Next add a server configuration block. Instead of going through site-available folders and then creating symlinks, just write the server block in there conf.d folder. It will work on all platforms and it is simpler to manage:

```shell
$ nano /etc/nginx/conf.d/www.mywebsite.com.conf
server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/www.mywebsite.com;
    index index.html index.htm;
    server_name _;

    location / {
        try_files $uri $uri/ =404;
    }
}
```

Remove the default configuration and reload nginx:

```shell
$ sudo rm /etc/sites-enabled/default
$ sudo systemctl reload nginx
```