Server setup

Installation

SSH access

  • install SSH
sudo apt install openssh-server
sudo systemctl status ssh
sudo ufw allow ssh
  • add known public key
# cat ./.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc***************saH0M= zelva@notas-debian

.NET

Debian

wget https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
rm packages-microsoft-prod.deb

sudo apt-get update && sudo apt-get install -y dotnet-sdk-9.0

sudo apt-get update && sudo apt-get install -y aspnetcore-runtime-9.0

Ubuntu

  • install add-apt-repository
sudo apt update
sudo apt-get install software-properties-common
  • .NET repositories
sudo add-apt-repository ppa:dotnet/backports
  • install .NET SDK
sudo apt update
sudo apt-get install -y dotnet-sdk-9.0
sudo apt-get install -y aspnetcore-runtime-9.0
  • trust the development certificate
dotnet dev-certs https --trust

Update tools if needed

dotnet tool update --global dotnet-ef

New webapi project

dotnet new webapi -o projectapi
Packages
dotnet add package Microsoft.EntityFrameworkCore
dotnet add package Microsoft.EntityFrameworkCore.Tools

dotnet add package MySql.EntityFrameworkCore
dotnet add package MySql.Data

dotnet add package Microsoft.Extensions.Hosting
dotnet add package Microsoft.AspNetCore.HttpOverrides

dotnet add package Serilog.Extensions.Logging.File
dotnet add package SixLabors.ImageSharp
dotnet add package System.Net.Http.Json
Migrations
dotnet ef migrations add InitialCreate
dotnet ef migrations script > MigrationScripts/initial.sql

dotnet ef migrations add Products
dotnet ef migrations script previous_migration > MigrationScripts/products.sql

Supervisor

  • install
sudo apt install supervisor

Apache

  • install
sudo apt install apache2
  • setup firewall
sudo ufw app list
sudo ufw status
sudo ufw allow 'Apache'

sudo systemctl status apache2
  • enable localhost
sudo nano /etc/apache2/apache2.conf
add line after ServerRoot: ServerName localhost
  • restart
service apache2 restart
  • enable services
sudo a2enmod headers
a2enmod ssl
a2enmod rewrite
sudo a2enmod proxy_http
  • configure proxy
    • https://techexpert.tips/apache/enable-https-apache/
    • nano /etc/apache2/apache2.conf
    • add: AllowOverride All
    • add section
<Directory /var/www/>
	Options Indexes FollowSymLinks
	AllowOverride All
	Require all granted
</Directory>

Basic HTTP setup

<VirtualHost *:80>
  ServerAdmin admin@domain.cz
  ServerName domain.cz
  ServerAlias www.domain.cz
  DocumentRoot /var/www/domain.cz
  ErrorLog /var/www/domain.cz/domain-error.log
  CustomLog /var/www/domain.cz/domain-access.log combined
</VirtualHost>
  • enable site
a2ensite site_config

Let's Encrypt HTTPS certificate

  • install certbot
sudo apt-get install certbot
sudo apt-get install python3-certbot-apache
  • get certificate
sudo certbot certonly --apache

HTTPS setup

<VirtualHost *:80>
  ServerName domain.cz
  ServerAlias www.domain.cz
  RewriteEngine On
  RewriteCond %{HTTPS} !=on 
  RewriteCond %{HTTP_HOST} ^(www\.)?(.*)$ [NC]
  RewriteRule ^ https://%2%{REQUEST_URI} [R=301,L]
</VirtualHost>
<VirtualHost *:443>
  ServerAdmin admin@domain.cz
  ServerName domain.cz
  ServerAlias www.domain.cz

  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
  RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
  DocumentRoot /var/www/domain.cz
  ErrorLog /var/www/domain.cz/domain-error.log
  CustomLog /var/www/domain.cz/domain-access.log combined
  SSLEngine on
  SSLCertificateFile /etc/letsencrypt/live/domain.cz/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/domain.cz/privkey.pem

  ProxyPreserveHost On
  ProxyVia on
  ProxyRequests Off
  <Location "/api/">
    ProxyPass http://127.0.0.1:5001/
    ProxyPassReverse http://127.0.0.1:5001/
  </Location>
</VirtualHost>

MySQL

  • install
wget -c https://dev.mysql.com/get/mysql-apt-config_0.8.33-1_all.deb
sudo dpkg -i mysql-apt-config_0.8.33-1_all.deb
sudo apt-get update
sudo apt-get install mysql-server
#remove anonymous user and test database
sudo mysql_secure_installation
sudo service mysql restart
sudo mysql -u root -p
  • configuration
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
  • database creation
CREATE DATABASE IF NOT EXISTS `db_name` DEFAULT CHARACTER SET utf8mb4 DEFAULT ENCRYPTION='N' COLLATE utf8mb4_unicode_ci;
  • later update of schemas
ALTER DATABASE h1k CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci;
ALTER TABLE Images CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
  • backup DB
mysqldump -u root -p db_name > db_backup.sql
  • restore DB
mysql -u root -p < h1k_back.sql
  • database storage
/var/lib/mysql
  • user creation
SELECT user,plugin,host from mysql.user;

DROP USER 'username'@'localhost';
CREATE USER 'username'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'password';

GRANT ALL ON db_name.* to 'username'@'localhost';
FLUSH PRIVILEGES;
SHOW GRANTS FOR 'username'@'localhost';