Dockers & Devops
- Installation of Nginx on Ubuntu
- Nginx with Let's Encrypt
- Flask Docker Image
- Reverse Proxy For Window Server
- Jenkins
- Jenkins-Adding Ubuntu Agent
Installation of Nginx on Ubuntu
Introduction
Nginx is one of the most popular web servers in the world and is responsible for hosting some of
the largest and highest-traffic sites on the internet. It is more resource-friendly than Apache in
most cases and can be used as a web server or reverse proxy.
In this guide, we’ll explain how to install Nginx on your Ubuntu 18.04 server and use that as a reverse proxy for microservices created in flask and other applications.
Prerequisites
Before you begin this guide, you should have the following:
An Ubuntu 18.04 server and a regular, non-root user with sudo privileges. Additionally, you
will need to enable a basic firewall to block non-essential ports. You can learn how to
configure a regular user account and set up a firewall by following our initial server setup
guide for Ubuntu 18.04.
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-18-04
Step 1 – Installing Nginx
You can install it using the apt packaging system.
Update your local package index:
sudo apt updatesudo apt install nginxStep 2 – Adjusting the Firewall
sudo ufw app listOutput
Available applications:
Nginx Full
Nginx HTTP
Nginx HTTPS
OpenSSHpermitting traffic on port 80 :
sudo ufw allow 'Nginx HTTP'Verify the change:
Output
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)Step 3 – Checking your Web Server
systemctl status nginxFinally access your website using your localIP address.
http://your_server_ipYou should see the default Nginx landing page:
Conclusion
Now you have installed Ngix server on your Ubuntu. Now you can do the following steps.
- Server Blocking which I will explain in other chapter.
- Install Letsencrypt for Https Access.
- Use this as reverse proxy for your existing webservice such as flask etc..
- Host your website in Ngix.
Nginx with Let's Encrypt
Introduction
In this tutorial we will discuss about installing certbot on ubuntu to install Let's Encrypt SSL on to your ubuntu server.
Prerequisites
Before we start you need to make sure you have followings:
- Your own domain for example ( www.example.com)
- DNS management credentials.
- Update A records in DNS, your A records should look like below.
- A --- > www.example.com ---> 103.x.x.x (your public IP)
- A --- > example.com ---> 103.x.x.x (your public IP)
Let's Encrypt can be installed for the subdomain to. I have personally tried that and it was working fine.
In case you want to do it for subdomain your A records should look like below.
-
- A ---> subdomain.example.com --- > 103.x.x.x (your public IP)
Step 1 — Installing Certbot
We will be using Certbot to install Let's Encrypt, Lets start by adding the repository.
First, add the repository:
sudo add-apt-repository ppa:certbot/certbotInstall Certbot’s Nginx package with apt:
sudo apt install python-certbot-nginxNow Certbot is ready, before we proceed we need to do some configuration on Nginx server default file.
Open the Nginx default website file.
sudo nano /etc/nginx/sites-available/defaultFlask Docker Image
Introduction
Please note use lowercase for all the folder names. In my case I have created a folder "DOCKER" on my folder where all my docker images will be created.
Go to /home/snk/dockers/
Create a directory with the application name for example allclaims
Place *.py , Dockerfile and Requirement.txt
Step 1 - Stop Docker Container (If Any)
docker container psTake the correct container id and stop it
docker container stop Name_of_the_containerRemove the container
docker container rm Name_of_the_containerBuild the container using container build command
docker build -t name_of_the_image:latest .Run the container & expose port to use it in the Nginx reverse proxy.
docker run -it -d -p 5000:5000 name_of_the_imageStep 2 - Proxy pass in Nginx server
Use the default site file, in case if you don't use the server blocking, else use the respective server file in Nginx server.
sudo nano /etc/nginx/sites-available/defaultAdd the location with application name and its corresponding dockers port and path as shown bellow.
location /allclaims/ {
proxy_pass http://103.4.6.220:5000/;
}Restart the Nginx server to changes to reflect.
sudo systemctl reload nginxInformation
Most of the time when you run docker images inside the proxy you might end up with improper CSS or site load, in that case always use environment variable of APP_URL, check each application for more information on the same
Example while running the docker use the following command along with run statement.
" -e APP_URL=https://docker2.auto-boxe.com/book "
Reverse Proxy For Window Server
To do reserve proxy for window server we need to do the following steps.
Create a website, in our case it is STAGE, with in the stage we created Application called Jaya-stage.
Please note that this application name is very important we need to create reverse proxy with the same name in Nginx server in ubuntu.
Next step to create a reverse proxy configuration on Nginx server as shown below.
## ALLCLAIMS STAGElocation /jaya-stage/ {
proxy_pass "http://192.168.204.18:9000/jaya-stage/";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";c
lient_max_body_size 2m;client_body_timeout 120s; # Default is 60, May need to be increased for very large uploads
}https://docker2.auto-boxe.com/jaya-stage/
Jenkins
Introduction
On this method we have created a Node on the stage or production server where we need our code to get deployed (Windows). This is basically to avoid using FTP or SFTP for code deployment as it might take more time and also we need credentials and FTP servers for the deployment
Step 1 - Create a Freestyle project ( Please refer Jenkins for creating different project type )
Step 2 - SVN or GIT connection as per your requirement.
You got to install Visual Studio Build on the respective Node Server for us to create the Build Step. Use Visual Studio community version.
Step 3 - Build.
Step 4 - ROBOCOPY or Deploy the code to the IIS.
set SOURCE=D:\jenkins\workspace\COLS365_Web_Application\Branch\DskyWebPortal\
set DESTINATION=C:\Hostingdata\DEVL\ColsWebPortal
set EXCLUDEFOLDER="D:\jenkins\workspace\COLS365_Web_Application\Branch\DskyWebPortal\fileupload"
robocopy /XO /E /Z /ZB /R:5 /W:5 /TBD /NP /MT:64 %SOURCE% %DESTINATION% /XD %EXCLUDEFOLDER% *. /XA:SH /XF *.CONFIG *.config *.svn-base
@echo robocopy exit code: %ERRORLEVEL%
@if %ERRORLEVEL% GTR 3 ( echo robocopy ERROR )
@if %ERRORLEVEL% GTR 3 ( exit %ERRORLEVEL% )
@set ERRORLEVEL=0Jenkins-Adding Ubuntu Agent
sudo mkdir -p /usr/local/jenkin-servicesudo chown admin /usr/local/jenkin-servicecd /usr/local/jenkin-serviceExecute the curl command from the Jenkins -- below is the example only
curl -sO https://jenkins.issentialsolutions.com/jnlpJars/agent.jar
nano start-agent.sh#1/bin/bash
cd /usr/local/jenkin-service
curl -sO https://jenkins.issentialsolutions.com/jnlpJars/agent.jar
java -jar agent.jar -url https://jenkins.issentialsolutions.com/ -secret 23569a2d25d3cf47de3950ea382db7f448d3f15e417cbf10562a1abf91f72453 -name "IS-IVH1-Ubuntu" -webSocket -workDir "/home/jenkins"
exit 0chmod +x start-agent.shCreate an another file jenkin-agent.service
nano /etc/systemd/system/jenkin-agent.service[unit]
Description=Jenkin Agent
[Service]
User=admin
WorkingDirectory=/home/jenkins
ExecStart=/bin/bash /usr/local/jenkin-service/start-agent.sh
Restart=alwalys
[Install]
WantedBy=multi-user.targetsudo systemctl enable jenkin-agent.serviceBefore Enabling the agent, Install the Java
sudo apt install software-properties-common apt-transport-https -y
sudo add-apt-repository ppa:openjdk-r/ppa -y
sudo apt install openjdk-22-jdk -y