Set up a Nginx server on a DigitalOcean Droplet
Author: Josh Mantei
Published: December 27, 2024
Configure your own web server on a virtual machine powered by DigitalOcean.
Prerequisites
You will need a DigitalOcean account and if you are on windows you will also need to have git installed to use git-bash as your command line. Additionally you can also have a registered domain name to connect to your server.
Steps
1. Set up a DigitalOcean Droplet
2. Set up an SSH key
3. Create the Droplet
4. Connecting to the Droplet
5. Install Nginx
6. Additional Steps
1. Set up a DigitalOcean Droplet
Navigate to the Droplets section in your DigitalOcean account and select "Create Droplet":
- Choose the region closest to you or your users
- Choose an image (LTS version of Ubuntu)
- Choose desired size
2. Set up an SSH key
Select "Add SSH" if you do not already have one set up.
Navigate to your ssh directory:
cd ~/.ssh
Generate keys:
ssh-keygen
Enter the name and passphrase for your new key.
Copy and paste the content of your new keys .pub file to the "SSH key content" field.
Add a name (the name of your device) to the "Name" field.
Select "Add SSH Key" and make sure it is checked as the authentication method after it is added.
3. Create the Droplet
Select the number of droplets you want to create and give them each a hostname.
Add any relevant tags and select a project to create the droplet for.
Select "Create Droplet".
4. Connecting to the Droplet
Use the droplet's IP address to connect to the droplet using your SSH key:
ssh -i ./nameofkey root@<DROPLET_IP>
5. Install Nginx
Update packages on the droplet:
sudo apt update && sudo apt upgrade -y
Select the default option when prompted with a config screen.
Install new packages:
sudo apt install -y nodejs npm nginx
Check status of Nginx (you should see "loaded" and "active"):
service nginx status
You should now be able to view the default Nginx page when you type the droplet IP address into your browser.
Too view the html on the server:
cd ./var/www/html
cat index.nginx-debian.html
6. Additional Steps
Add domain to DigitalOcean
Go to the "Networking" section in the control panel and under the "Domains" tab you can type in and add your own domain. Don't forget to update the nameservers with your domain registrar.
DigitalOcean name server addresses:
- ns1.digitalocean.com
- ns2.digitalocean.com
- ns3.digitalocean.com
Add www subdomain redirect to Nginx server
Add an A record to the DigitalOcean DNS records for the desired subdomain. Your subdomain should be pointing to the same IP address as the root domain.
Then create a new configuration file for the new subdomain:
sudo nano /etc/nginx/sites-available/www.my-website.com.conf
And add the following configuration to redirect the domain:
server {
listen 80;
server_name www.my-website.com
return 301 $scheme://my-website.com$request_uri;
}
If you only have the one domain then port 80 will be the default. If your site is on another port than you need to specify the value for the listen directive.
Create symbolic link to the sites-enabled configuration file:
sudo ln -s /etc/nginx/sites-available/www.my-website.com.conf /etc/nginx/sites-enabled/
Check for errors and restart the server:
sudo nginx -t
sudo service nginx restart
Test redirect:
curl -IL http://www.my-website.com
You should see both the 301 redirect and then the 200 OK response.
Set up server blocks to encapsulate configurations for each domain
By default, the server will serve documents out of the /var/www/html directory.
Create new directories for each site:
sudo mkdir -p /var/www/example.com/html
And add the index.html file to the directory:
nano /var/www/example.com/html/index.html
Creating the first server block file by copying the default:
sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com.conf
Now you can open the config file:
sudo nano /etc/nginx/sites-available/example.com.conf
Update the port, root file, and domain in the config file:
server {
listen 80;
listen [::]:80;
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ =404;
}
}
We can now use this server block as the basis for any additional server blocks (just change the "example.com" to the other domain).
Make sure to link these new files to the sites enabled directories:
sudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/
Adjust the hash bucket size to avoid memory problems:
sudo nano /etc/nginx/nginx.conf
Within the file, find the server_names_hash_bucket_size directive. Remove the # symbol to uncomment the line.
Finally, you can test and restart the server:
sudo nginx -t
sudo systemctl restart nginx
Secure Nginx with Let's Encrypt
Install Certbot with Snap
sudo snap install core; sudo snap refresh core
sudo apt remove certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Obtain SSL Certificate for a domain (or multiple domains):
sudo certbot --nginx -d example.com -d www.example.com
Enter email address on which you want to be notified about alerts refarding your ssl certificate(s).
Status for Auto-renewal for certificates:
sudo systemctl status snap.certbot.renew.service
Test Auto-renewal for certificates:
sudo certbot renew --dry-run