Add firewall/nginx setup

This commit is contained in:
Marcin Jachymiak 2020-01-29 16:41:20 -05:00
parent aec7f6eff7
commit bb01f95812
2 changed files with 52 additions and 1 deletions

View File

@ -15,7 +15,8 @@ echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/source
# Apt installations. # Apt installations.
sudo apt-get update sudo apt-get update
sudo apt-get -y install tmux htop nload nginx nodejs gcc g++ make yarn git sudo apt-get -y install ufw tmux ranger htop nload nginx certbot \
python-certbot-nginx nodejs gcc g++ make yarn git
# Install pm2 # Install pm2
sudo npm i -g pm2 sudo npm i -g pm2
@ -36,3 +37,22 @@ go version
# Install Sia # Install Sia
git clone https://gitlab.com/NebulousLabs/Sia git clone https://gitlab.com/NebulousLabs/Sia
cd Sia && git checkout viewnode && make cd Sia && git checkout viewnode && make
# Setup nginx config
sudo cp ./skynet-nginx.conf /etc/nginx/sites-available/skynet
sudo nginx -t
sudo systemctl reload nginx
# Setup firewall
sudo ufw enable
sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'
sudo certbot --nginx -d siasky.net -d www.siasky.net
sudo certbot renew --dry-run
sudo ln -s /etc/nginx/sites-available/skynet /etc/nginx/sites-enabled/skynet
git clone https://gitlab.com/NebulousLabs/siawebviewer
git checkout logging
yarn

31
skynet-nginx.conf Normal file
View File

@ -0,0 +1,31 @@
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name siasky.net www.siasky.net;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name siasky.net www.siasky.net;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}