Add firewall/nginx setup

setup.sh

@@ -15,7 +15,8 @@ echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/source
 
 # Apt installations.
 sudo apt-get update
-sudo apt-get -y install tmux htop nload nginx nodejs gcc g++ make yarn git
+sudo apt-get -y install ufw tmux ranger htop nload nginx certbot \
+  python-certbot-nginx nodejs gcc g++ make yarn git
 
 # Install pm2
 sudo npm i -g pm2
@@ -36,3 +37,22 @@ go version
 # Install Sia
 git clone https://gitlab.com/NebulousLabs/Sia
 cd Sia && git checkout viewnode && make
+
+# Setup nginx config
+sudo cp ./skynet-nginx.conf /etc/nginx/sites-available/skynet
+sudo nginx -t
+sudo systemctl reload nginx
+
+# Setup firewall
+sudo ufw enable
+sudo ufw allow 'Nginx Full'
+sudo ufw delete allow 'Nginx HTTP'
+
+sudo certbot --nginx -d siasky.net -d www.siasky.net
+sudo certbot renew --dry-run
+sudo ln -s /etc/nginx/sites-available/skynet /etc/nginx/sites-enabled/skynet
+
+
+git clone https://gitlab.com/NebulousLabs/siawebviewer
+git checkout logging
+yarn

skynet-nginx.conf

@@ -0,0 +1,31 @@
+server {
+        listen 443 ssl;
+        listen [::]:443 ssl;
+
+        server_name siasky.net www.siasky.net;
+
+        location / {
+                proxy_pass http://localhost:3000;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection 'upgrade';
+                proxy_set_header Host $host;
+                proxy_cache_bypass $http_upgrade;
+        }
+}
+
+server {
+        listen 80 default_server;
+        listen [::]:80 default_server ipv6only=on;
+
+        server_name siasky.net www.siasky.net;
+
+        location / {
+                proxy_pass http://localhost:3000;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection 'upgrade';
+                proxy_set_header Host $host;
+                proxy_cache_bypass $http_upgrade;
+        }
+}