Use Tencent Cloud to configure small program server development environment

I recently made the configuration of the applet server. This article is a record of the server configuration, which is convenient for future installation and configuration.

Buy server

The reason for choosing Tencent Cloud is very simple, that is, it is cheap, 选用成都区and the minimum configuration is only 29 yuan per month.
In Tencent cloud registration visit the official website you can buy the server.
The server system I chose is ubuntu.

server configuration

Use the new user after starting the service (this step is not necessary).

New user

First confirm that the root user is used to log in. If not, use the following command to switch

sudo su

Use addusercommand to create user

adduser username # username替换为你自己的用户名

The next steps will let you enter your password and personal information, just set it yourself.

Use usermodcommand to add new users to the sudogroup.

usermod -aG sudo username

Close ssh password login use key to login

Install openssh

Because it is a new system, first run apt-get update

sudo apt-get update
sudo apt-get install openssh-server

Start ssh service

You can temporarily switch to root authority through the sudo su command (not all accounts can be switched to root authority, only users who meet the rules in the / etc / sudoers file can switch to root identity)

sudo su
/etc/init.d/ssh start

Login with key

• The server generates a key pair:

cd /home/gs # 打开新建的用户目录
mkdir .ssh
cd .ssh
ssh-keygen -b 2048 -t rsa

The basic usage of ssh-keygen:

After -b is to specify the length of the encrypted string. After
-t is to specify the encryption algorithm. Common encryption algorithms are rsa, dsa, etc

The files generated by default are as follows:

id_rsa.pub  # 公钥文件
id_rsa      # 私钥文件

• New authorized_keys file

Copy the contents of the id_rsa.pub file of the local machine to the authorized_keys file

• Test if you can log in using the public key

ssh name@host  # name 是机器的用户名 host 是机器的地址

Close ssh password login

After confirming that you can log in with the private key, close the ssh password to log in.

sudo su
vim /etc/ssh/sshd_config

Change PasswordAuthentication yes to PasswordAuthentication no

Restart the system

sudo su
reboot

Build a development environment

Install zsh

Enter the following command in the terminal to install:

sudo apt-get install zsh

Enter the following command to replace zsh with your default shell:

chsh -s /bin/zsh

Restart the terminal and use zsh

Install oh-my-zsh

• Install via curl

curl -L https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh | sh

• Install via wget

wget https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O - | sh

Install pip

sudo apt-get install python-pip  # 安装 pip
pip install --upgrade pip
sudo apt-get install python3-pip  # 安装 pip3
pip3 install --upgrade pip

Install virtualenv

Because I use python3 as the development environment, so use here pip3

sudo pip3 install virtualenv
sudo pip3 install virtualenvwrapper

Add the following in .zshrc

export VIRTUALENVWRAPPER_PYTHON=/usr/bin/python3
export WORKON_HOME=$HOME/.virtualenvs
source /usr/local/bin/virtualenvwrapper.sh

Then execute the command:

source .zshrc

You can now enter workontest whether virtualenvwrapper has been successfully installed.

Create a virtual environment

mkvirtualenv py3 -p python3  # -p 参数指定 python 版本

Test the virtual environment

workon py3

Install ipython

First enter the py3 virtual environment

workon py3

Install ipython using pip

pip install ipython # 安装 ipython 

Configure vim

Python vim configuration uses py-vim

Need to install ctags and cmake

sudo apt-get install ctags
sudo apt-get install cmake

Then clone py-vim to the server

git clone https://github.com/gusibi/py-vim
cd py-vim
sh setup.sh 

Configure https with Caddy

Caddy is a new web server, written by go, which uses the https protocol by default. caddy is simple to configure and easy to use.

Install caddy binaries

The Caddy project provides an installation script that can retrieve and install the binary files of the Caddy server. You can execute the following command to install directly:

curl -s https://getcaddy.com | bash

During the installation process, the script will use sudo to gain administrative privileges to place Caddy files in a system-wide directory, so you may be prompted to enter a password.

Configure caddy necessary directories

Caddy's automatic TLS support and unit files require specific directories and file permissions. We will create them in this step.

First, create a directory that will hold the main configuration file Caddyfile.

# 创建一个目录，该目录将容纳主要的配置文件Caddyfile
sudo mkdir /etc/caddy
# 将此目录的所有者更改为root用户及其组到www-data ，以便Caddy可以读取它
sudo chown -R root:www-data /etc/caddy
# 创建一个空的Caddyfile
sudo touch /etc/caddy/Caddyfile
# 在/etc/ssl创建另一个目录用来存储自动获得的SSL私钥和证书
sudo mkdir /etc/ssl/caddy
# 将此目录的所有者更改为root用户及其组到www-data
sudo chown -R www-data:root /etc/ssl/caddy
# 确保没有人可以通过删除其他人的所有访问权限来读取这些文件。
sudo chmod 0770 /etc/ssl/caddy
# 创建的最终目录是网站的发布目录
sudo mkdir /var/www
# 该目录应由www-data完全拥有。
sudo chown www-data:www-data /var/www
# 创建日志目录
sudo mkdir /var/log/caddy
# 将此目录的所有者更改为root用户及其组到www-data
sudo chown -R www-data:root /var/log/caddy

Configure caddy as a system service

Download the file from the official Caddy repository. The additional -o parameter of the curl command will save the file in the / etc / systemd / system / directory and make it visible to systemd.

sudo curl -s https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service -o /etc/systemd/system/caddy.service

reload system service

sudo systemctl daemon-reload

Set caddy to boot

sudo systemctl enable caddy.service

Check if the caddy service is officially loaded

sudo systemctl status caddy.service

Allow HTTP and HTTPS connections

Caddy uses HTTP and HTTPS protocols to provide websites, so we need to allow access to the corresponding ports so that the network can be obtained from the network

sudo ufw allow http
sudo ufw allow https

Now modify the caddy configuration / etc / caddy / Caddyfile

https://your.domain {  # 启用 https
    gzip
    log /var/log/caddy/access.log  # 指定日志目录
    proxy / http://127.0.0.1:8888 {
        header_upstream Host {host}
        header_upstream X-Real-IP {remote}
        header_upstream X-Forwarded-For {remote}
        header_upstream X-Forwarded-Proto {scheme}
    }
}

Save the file and start caddy

sudo systemctl start caddy    # 启动 caddy
sudo systemctl restart caddy  # 重启 caddy
sudo systemctl stop caddy     # 关闭 caddy

Now start the service, access https://your.domainshould be able to see the data.
Log files in /var/log/caddy/the directory.

to sum up

The development of small programs requires https, and here we use caddy as the web server. After the server is configured, it can be directly stored as a mirror, and the service can be started directly from the mirror in the future, so there is no need to configure the environment.

Reference link

• How To Create a Sudo User on Ubuntu
• zsh installation and configuration
• virtualenvwrapper
• py-vim
• Install MongoDB Community Edition on Ubuntu
• Use Caddy instead of Nginx, upgrade the entire site https, configuration is simpler
• how-to-host-a-website-with-caddy-on-ubuntu-16-04

---

Finally, thank you girlfriend for your support.

Welcome to follow (April_Louisa)	Invite me to drink Fanta