Well explained article. It helped me to understand a lot on the local/in-house server setup environments (where I need to setup all the hardware/software environment, to have a website up and running on our office residing server commercially). Can any one assist me to solve my problem please.
I want to deploy a CMS application developed in React, Redux, Mongo DB. I am new so I am wondering how can I setup this. Any guidelines will be helpful. I have following questions in my mind:
What are pros and corn of having **Linux **or **Windows **based server. (also which versions are relevant)
How to setup an SSL on local hosting server. What are options.
What are the security precautions to be made.
An internet line with dedicated IP from ISP can be connected, but do need to have any security hardware in middle in the network?
How to setup/connect a purchased domain name (www.mydomain.com) to an internal hosting server.
How to have multiple IPs to an internal hosting server, so if one server fails or one network fails the other keeps working with the purchased domain name. Also how floating IP helps and how this can be setup.
How to log IP(visitors) access log in hardware level to keep server secure. How Ranchet is helpful and what is the purpose of setting up Ranchet. Is it not right to simply install NodeJS on the machine and run application on it (but as I’m new so I need some guidelines on this please).
Is it simple to start application just like I do in my local development environment and everything will be accessible on the DNS (if setup).
How to setup internal code version control system (using any local version control system and also GitHub), so if one deployment fails or creates any trouble; we can then restore to older code version.
How to setup a mailing server to send and receive emails and also how can we setup different emails on local hosting server.
Any application crash and monitoring tools I need to setup? How Nginx is helpful and any comparison with Ranchet?
What is the purpose of Containers and Dockers? and is it a feature or a service or what exactly it serves. As I’m new so I may ask: Is it ok to go for deployment without Containers and Docker :) Dont’ be angry please.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $200 of credit to try our products over 60 days!
I’ll do my best to give some basic information on the questions you’ve shared. Please feel free to follow up and ask about any areas where more detail would be helpful:
Without wading into personal preferences too much here is some information:
If the server has a local (192.168.., 10...*) address then your only viable option may be to create a self-signed certificate. This will cause a warning to be displayed in your browser but will function as you expect otherwise. You can not usually get a signed SSL certificate for a private IP address. At least not the same type you would use on a public server.
We’ve got a bunch of tutorials on security best practices. This will depend on the software you’ll be running and the operating system you’ll be running it on. In general this advise includes ensuring strong authentication methods and no weak passwords along with limiting the services listening publicly to fewer potential attack vectors.
While not absolutely necessary I would strongly recommend a hardware firewall which could be dedicated equipment or a re-purposed old PC (even a 10 year old PC would work great as a firewall). Ideally you’ll use this to block all ports except those absolutely needed.
While this guide is geared towards our control panel, the basic records needed are listed here. With what you’ve described you’ll most likely want to use the DNS service provided by your domain registrar for simplicity’s sake.
Floating IPs are a feature of DigitalOcean’s network and other cloud providers provide similar services. This would not be available to you on a self-hosted solution. In order to do what you’re talking about you would need to create a load balancer configured to fail-over if one IP loses connection. Installing something like HAProxy or NGINX on the machine you used as your firewall would be a way to get started with this.
IP addresses that reach your services are logged by default in the /var/log directory on Linux. I assume you’re asking about Rancher here and I’ll address that in the question about docker and containers where it is most relevant.
For the most part, yes this is the case.
I’d recommend looking at Gitlab if you want something self-hosted.
Rolling these two together.
Docker is a container system. There are others out there but Docker is currently most popular. You can think of a docker container as a virtual disk that is read only (data can not be written to it). By having your services running inside these it can provide some additional security, make it easy to separate services or upgrade them by simply replacing the old container with a new one. Containers can also make it much easier to deploy large services across many services while insuring that each instance is running identical code. Unless the software you are running only supports docker based deployments you should be fine doing a small scale deployment without using containers.
Rancher is a Linux operating system that uses docker extensively for pretty much everything. It includes some tools to make deploying containers easier.