Mike Street
4 min readNov 3, 2016

--

Set up a new Virtual Private Server (VPS)

Please note, these commands and steps have worked for me. I know a small bit about servers but not enough to take responsibility for anything in this post — enter the commands at your own risk!

I recently acquired a cheap VPS. The thing that is different with a VPS compared to a “hosting” package is that it is complete bare bones. You can choose to install Windows or Linux or anything on it. The problem with this is that it’s bare bones. It’s your responsibility to keep it up to date and safe!

The following commands are ones I run to set up a new Virtual Private Server with Debian. I have set up these servers for personal projects and repo hosting, so they are not getting hit by big amounts of traffic. If you’re expecting that, you should probably get someone proper to do this for you!

All the following commands assume you are logged in as the root user and you have command line experience

Table of contents #

Essentials

Optional Extras

Todo #

  • Investigate setting up a firewall
  • Disable root login completely and create a user to login with

Essentials #

Install Packages #

Before you start (once debian is fully installed), make sure all the base packages are up to date:

$ apt-get update && apt-get upgrade

Once updated, I like to install some basic (expected) components:

$ apt-get install apache2 apache2-doc apache2-utils php5-common libapache2-mod-php5 php5-cli php5-curl curl git ntp rsync

This list includes:

  • apache {& utils} (this is the web server fundamentals)
  • php {& utils}
  • curl (to get files)
  • git
  • ntp (to make sure your server us the right time)
  • rsync

Enable Bash Colours #

This is the most important bit — make things pretty. Edit the global bashrc file

$ vim /etc/bash.bashrc

And add the following lines

export LS_OPTIONS='--color=auto' eval "`discolora`" alias ls='ls $LS_OPTIONS'

Set the time #

dpkg-reconfigure tzdata

Updates and Upgrades #

You may wish to ensure your VPS is kept up to date (for security reasons). The following commands are quite brutish but seem to work quite well

First, install unattended-upgrades - this auto updates many packaes for you.

$ apt-get install unattended-upgrades apt-listchanges

I’ve stuck with the default config but if you wanted to change it, you can find it here:

$ vim /etc/apt/apt.conf.d/50unattended-upgrades

Next, put a cron to run once a day with the following command:

$ DEBIAN_FRONTEND=noninteractive apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y --force-yes -qq dist-upgrade && apt-get autoclean

If you don’t SSH in as root, you’ll want to add some sudo commands at the beginning and after every &&.

Optional extras #

Install Composer #

$ wget --no-check-certificate https://getcomposer.org/composer.phar $ mv composer.par /usr/local/bin/composer $ chmod +x /usr/local/bin/composer

Install Node & npm #

Double check the url on the node website

$ curl -sL https://deb.nodesource.com/setup_6.x | bash - $ apt-get install nodejs $ npm install npm -g

Disable root password #

The following disables the password login with the root username and instead relys on SSH keys. If you are not sure what an SSH key is or how to generate one, read the GitHub tutorial.

First, add your key to the authorized_keys file.

On your computer, run:

$ cat ~/.ssh/id_rsa.pub

Copy the output, now on your VPS:

$ mkdir ~/.ssh $ vim ~/.ssh/authorized_keys

Next, edit the ssh config:

$ vim /etc/ssh/sshd_config

Look for PermitRootLogin yes and change to

PermitRootLogin without-password

Restart the current ssh service but make sure you stay logged in - just in case it does't work

/etc/init.d/ssh restart

In a new tab, ssh into your VPS. If it doesn't ask for a password - assume it worked!

Serving up websites #

This bit is a bit more convoluted. To save you having to edit apache conf files every time you want a new website, the following code takes the domain name and looks for a folder in /var/vhosts/ and will server files found in a html folder.

E.g. mikestreety.co.uk would display /var/vhosts/mikestreety.co.uk/html/index.html

This allows you to do subdomains easily too.

First, install the vhost_alias module

$ a2enmod vhost_alias

Next, create a .conf file with the main domain name for your server (e.g. mikestreety.co.uk)

$ vim /etc/apache2/sites-available/mikestreety.co.uk.conf

Copy and paste the contents of example.conf (below) into your new conf file. Make sure you replace [[IP ADDRESS]] with the IP of the server you are on.

Disable the default site conf

$ a2dissite 000-default.conf

Enable, your new conf file

$ a2ensite mikestreety.co.uk.conf

Lastly, restart apache

$ service apache2 restart

Make your folder structure (e.g. /var/vhosts/mikestreety.co.uk/html/) and you should be away. As PHP was previously installed, you should be able to install Wordpress or any other CMS

example.conf

<VirtualHost [[IP ADDRESS]]:80>

DocumentRoot /var/www/vhosts/
VirtualDocumentRoot /var/www/vhosts/%0/html
ServerAdmin mikestreety@gmail.com

LogLevel error
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined

<Directory "/var/www/vhosts/*/html">

DirectoryIndex index.php index.html index.htm
AllowOverride All
Options -Indexes

</Directory>

</VirtualHost>

Originally published at www.mikestreety.co.uk.

--

--

Mike Street

CTO and Director of @liquidlightuk, cyclist, geek and amateur phone photographer. Holds extreme views on trivial things