BOB Docs

Deploy

In the GuideBook, you find a Production Checklist with all the necessary details to avoid security mistakes and how to secure a Linux-based VPS.

Learn more

Docker - Creating Images

When building Docker images, remember these three important points:

  1. File Selection: Carefully review which files are included in the build. Check the .dockerignore file to exclude unnecessary files. A smaller image is faster to load and manage.
  2. Target Platform: Ensure the image is built for the target platform. Docker builds images based on the platform you are running the build command on unless you specify a platform using --platform=linux/amd64. For instance, if you’re building on macOS, the image may not work on your Linux server without specifying the platform.
  3. Versioning: Always version your images properly using tags. This helps you easily revert to previous versions if needed.

Building

Ensure Docker is installed.

Navigate to the project directory (e.g., boilerplate-api) and run:

docker build . --progress=plain --platform=linux/amd64 -t bob-api:0.0.1

Explanation

  • docker build .: Instructs Docker to build an image using the Dockerfile in the current directory (.).
  • --progress=plain: Outputs the build progress in plain text to the console.
  • --platform=linux/amd64: Specifies the target platform (e.g., Linux with AMD64 architecture).
  • -t bob-api:0.0.1: Tags the image with a name (bob-api) and version (0.0.1).

To list all available images in your Docker system, use:

docker image ls

Saving Images

To save an image as a file for transfer (e.g., for self-hosting without using a Docker registry), export it as a .tar archive:

docker save bob-api:0.0.1 -o /path/to/output/bob_api_0_0_1.tar

Explanation

  • docker save: Saves the specified image (bob-api:0.0.1) to a file.
  • -o /path/to/output/bob_api_0_0_1.tar: Specifies the output path for the archive.

⚠️ Tip: Avoid using . as the save path, as you might accidentally overwrite an important file.

To load the image on another system, use:

docker load -i /path/to/image.tar

Configuring Domain Records

  1. Log in to Your Domain Registrar Access the control panel of your domain registrar (e.g., GoDaddy, Namecheap).

  2. Find DNS Settings Navigate to the DNS management or "Domain Settings" section.

  3. Add an A Record

  • Host: @ (or your desired subdomain, e.g., www).
  • Value: Your server's IPv4 address (e.g., 192.0.2.1).
  • TTL: Leave as default or set to a lower value for quicker propagation.
  1. Save Changes Save the A record, and the domain will start pointing to your server.

(Optional) Verify DNS Propagation Use tools like DNS Checker to confirm the A record updates.

Deploy Environment Variables

Properly configuring environment variables is critical to ensure security in deployment. Follow these guidelines:

  • Change Default Values: DO NOT use default passwords, keys, or tokens in production.
  • Use Secrets Management: Store sensitive variables in a secure, encrypted secrets manager or environment file.
  • Audit Regularly: Periodically review and update environment variables to maintain security and relevance.

Nginx on Server

To properly handle all requests and domains, we will use Nginx. It is a simple HTTP server that efficiently routes traffic and manages configurations for different applications.

Installation

Installing Nginx on a server is straightforward due to its popularity and extensive documentation online. For added functionality, we will use the nginx-extras package.

apt install nginx-extras

After installation, verify if Nginx is running:

netstat -plnt

Look for Nginx listening on port :80. You can also validate its functionality using curl:

curl http://localhost:80

You should receive an HTML response with a "Thank you for using Nginx" message.

Adding a Domain and Configuring Nginx

Nginx creates several directories during installation, but focus on these three:

  • /etc/nginx/sites-available: Stores configuration files for all available websites.
  • /etc/nginx/sites-enabled: Stores symlinks to configuration files for active websites.
  • /var/log/nginx: Stores Nginx logs for monitoring.

Step 1: Reconfigure Domain Records

Follow the steps outlined in [Configurating Domain Records] to set up your domain for use with the server.

Step 2: Prepare Configuration

In the boilerplate-deploy directory, locate the native_nginx.conf file. This file contains a sample configuration with comments to guide customization. Modify the file as needed for your deployment.

Enabling a Site

After configuring the file:

  1. Create a new file in /etc/nginx/sites-available/<your_domain> and paste your modified configuration.
  2. Test the Nginx configuration:
nginx -t
  1. Enable the site by creating a symlink from sites-available to sites-enabled:
cd /etc/nginx/sites-enabled
ln -s ../sites-available/<your_domain>
  1. Reload Nginx to apply the changes:
nginx -s reload

Your application should now be accessible under your domain.

SSL Configuration

To encrypt traffic, we will use Certbot to generate and manage SSL certificates.

Install Certbot

apt install certbot

Install the Certbot Nginx plugin to automate SSL configuration:

apt install python3-certbot-nginx

Generate and Apply SSL Certificates

Use Certbot to request a certificate for your domain and apply it to the Nginx configuration:

certbot --nginx -d <domain_name>

During the process, provide contact details if prompted. Certbot will automatically update the Nginx configuration to use SSL.

Testing and Finalizing

  1. Test the updated Nginx configuration:
nginx -t
  1. If successful, reload Nginx to apply changes:
nginx -s reload

Your website is now securely hosted on your domain using SSL.

Support Let's Encrypt

You are not required to send statistics to Let's Encrypt, but doing so helps improve their services. It’s a small way to contribute to the community!

Congratulations! Your website is live and secure.

Previous

Updating codebase

On this page