Ubuntu Server Setup

1. System Update

sudo apt update && sudo apt upgrade -y

2. Install Nginx

sudo apt install nginx -y

3. Install MongoDB

sudo apt-get install gnupg curl -fsSL https://pgp.mongodb.com/server-6.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg --dearmor echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list sudo apt update sudo apt install mongodb-org -y sudo systemctl start mongod sudo systemctl enable mongod

4. Install Certbot

sudo apt install certbot python3-certbot-nginx -y

5. Create Nginx Configuration

sudo nano /etc/nginx/sites-available/yourdomain.com

Paste this configuration:

server { listen 80; server_name yourdomain.com www.yourdomain.com;

location / {
    proxy_pass http://localhost:YOUR_APP_PORT;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
}

}

6. Enable Nginx Configuration

sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx

7. Setup SSL Certificate

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

8. Configure MongoDB Security

mongosh

In MongoDB shell:

use admin db.createUser({ user: "adminUser", pwd: "securePassword", roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] }) exit

Edit MongoDB config

sudo nano /etc/mongod.conf

Add these lines:

security: authorization: enabled

Restart MongoDB

sudo systemctl restart mongod

9. Configure Firewall

sudo ufw allow 'Nginx Full' sudo ufw allow OpenSSH sudo ufw enable

Cloudflare Setup Steps

1. Sign up for Cloudflare account

2. Add your domain to Cloudflare

3. Update nameservers at your domain registrar with Cloudflare nameservers

4. Create an A record pointing to your server IP

5. Set SSL/TLS encryption mode to "Full"

Verification Commands

Check Nginx status

systemctl status nginx

Check MongoDB status

systemctl status mongod

Check SSL certificate

sudo certbot certificates

Test MongoDB authentication

mongosh --auth

Maintenance Commands

System updates

sudo apt update && sudo apt upgrade

View Nginx logs

sudo tail -f /var/log/nginx/error.log

View MongoDB logs

sudo tail -f /var/log/mongodb/mongod.log

Security Checklist

• Replace 'yourdomain.com' with actual domain

• Set strong MongoDB passwords

• Enable automatic system updates

• Set up MongoDB backups

• Monitor server logs

• Configure fail2ban

• Set up log rotation

• Implement rate limiting

• Regular security audits

Best Practices

1. Regular System Updates

   • Run updates weekly

   • Monitor security announcements

   • Keep all software versions current

2. Backup Strategy

   • Daily MongoDB backups

   • Regular configuration backups

   • Test restore procedures

3. Monitoring

   • Check server resources

   • Monitor SSL certificate expiry

   • Watch error logs

   • Set up alerts

4. Security

   • Use SSH keys

   • Strong passwords

   • Regular security scans

   • Keep ports minimal

   • Update firewall rules

Troubleshooting

Common Issues:

1. Nginx 502 Bad Gateway

   • Check if application is running

   • Verify port numbers

   • Check logs

2. MongoDB Connection Issues

   • Verify authentication details

   • Check MongoDB service status

   • Review firewall rules

3. SSL Certificate Problems

   • Verify Cloudflare settings

   • Check certificate renewal status

   • Confirm DNS records

Useful Resources

• Nginx Documentation: https://nginx.org/en/docs/

• MongoDB Documentation: https://docs.mongodb.com/

• Certbot Instructions: https://certbot.eff.org/

• Cloudflare Documentation: https://developers.cloudflare.com/

Remember to replace all placeholder values (yourdomain.com, passwords, ports) with your actual values before using the commands.