Debian 12 Server Setup

1. System Update

apt update && apt upgrade -y

2. Install Required Tools

apt install curl gnupg2 software-properties-common apt-transport-https ca-certificates lsb-release debian-archive-keyring -y

3. Install Nginx

apt install nginx -y

4. Install MongoDB

curl -fsSL https://pgp.mongodb.com/server-6.0.asc | gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg --dearmor echo "deb [ signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg ] http://repo.mongodb.org/apt/debian $(lsb_release -cs)/mongodb-org/6.0 main" | tee /etc/apt/sources.list.d/mongodb-org-6.0.list apt update apt install mongodb-org -y systemctl start mongod systemctl enable mongod

5. Install Certbot

apt install certbot python3-certbot-nginx -y

6. Create Nginx Configuration

nano /etc/nginx/sites-available/yourdomain.com

Paste this configuration:

server { listen 80; server_name yourdomain.com www.yourdomain.com;

location / {
    proxy_pass http://localhost:YOUR_APP_PORT;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
}

}

7. Enable Nginx Configuration

ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/ nginx -t systemctl reload nginx

8. Setup SSL Certificate

certbot --nginx -d yourdomain.com -d www.yourdomain.com

9. Configure MongoDB Security

mongosh

In MongoDB shell:

use admin db.createUser({ user: "adminUser", pwd: "securePassword", roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] }) exit

Edit MongoDB config

nano /etc/mongod.conf

Add these lines:

security: authorization: enabled

Restart MongoDB

systemctl restart mongod

10. Install and Configure UFW Firewall

apt install ufw -y ufw default deny incoming ufw default allow outgoing ufw allow ssh ufw allow 'Nginx Full' ufw enable

Cloudflare Setup Steps

Create Cloudflare account
Add domain to Cloudflare
Update nameservers at domain registrar with Cloudflare nameservers
Add A record pointing to server IP
Set SSL/TLS encryption mode to "Full"

Verification Commands

Check Nginx status

systemctl status nginx

Check MongoDB status

systemctl status mongod

Check SSL certificate

certbot certificates

Test MongoDB authentication

mongosh --auth

Maintenance Commands

System updates

apt update && apt upgrade

View Nginx logs

tail -f /var/log/nginx/error.log

View MongoDB logs

tail -f /var/log/mongodb/mongod.log

Security Checklist

Best Practices

Regular System Updates
- Run updates weekly
- Monitor security announcements
- Keep all software versions current
Backup Strategy
- Daily MongoDB backups
- Regular configuration backups
- Test restore procedures
Monitoring
- Check server resources
- Monitor SSL certificate expiry
- Watch error logs
- Set up alerts
Security
- Use SSH keys
- Strong passwords
- Regular security scans
- Keep ports minimal
- Update firewall rules

Additional Debian 12 Specific Security

Install fail2ban

apt install fail2ban -y

Configure automatic updates

apt install unattended-upgrades apt-listchanges -y dpkg-reconfigure -plow unattended-upgrades

Secure shared memory

echo "tmpfs /run/shm tmpfs defaults,noexec,nosuid 0 0" >> /etc/fstab

Enable automatic security updates

nano /etc/apt/apt.conf.d/50unattended-upgrades

Troubleshooting

Common Issues:

Nginx 502 Bad Gateway
- Check if application is running
- Verify port numbers
- Check logs
MongoDB Connection Issues
- Verify authentication details
- Check MongoDB service status
- Review firewall rules
SSL Certificate Problems
- Verify Cloudflare settings
- Check certificate renewal status
- Confirm DNS records

Useful Resources

Nginx Documentation: https://nginx.org/en/docs/
MongoDB Documentation: https://docs.mongodb.com/
Certbot Instructions: https://certbot.eff.org/
Cloudflare Documentation: https://developers.cloudflare.com/
Debian Security Guide: https://www.debian.org/doc/manuals/securing-debian-manual/

Remember to replace all placeholder values (yourdomain.com, passwords, ports) with your actual values before using the commands.

PreviousUbuntu Server Setup NextWindows Server Setup

Last updated 1 year ago

hashtag1. System Update

hashtag2. Install Required Tools

hashtag3. Install Nginx

hashtag4. Install MongoDB

hashtag5. Install Certbot

hashtag6. Create Nginx Configuration

hashtagPaste this configuration:

hashtag7. Enable Nginx Configuration

hashtag8. Setup SSL Certificate

hashtag9. Configure MongoDB Security

hashtagIn MongoDB shell:

hashtagEdit MongoDB config

hashtagAdd these lines:

hashtagRestart MongoDB

hashtag10. Install and Configure UFW Firewall

hashtagCloudflare Setup Steps

hashtagVerification Commands

hashtagCheck Nginx status

hashtagCheck MongoDB status

hashtagCheck SSL certificate

hashtagTest MongoDB authentication

hashtagMaintenance Commands

hashtagSystem updates

hashtagView Nginx logs

hashtagView MongoDB logs

hashtagSecurity Checklist

hashtagBest Practices

hashtagAdditional Debian 12 Specific Security

hashtagInstall fail2ban

hashtagConfigure automatic updates

hashtagSecure shared memory

hashtagEnable automatic security updates

hashtagTroubleshooting

hashtagUseful Resources