Server Setup

Server Setup

Server Setup

⚠️

This article provides you step by step server setup instructions for Ubuntu 18.04 or higher version.

  1. SSH into your Ubuntu user using “root” credentials.
  2. apt update
  3. Install core packages including Docker:
  4. apt install -y software-properties-common sharutils apt-utils iputils-ping telnet git unzip zip openssl vim wget debconf-utils cron supervisor mysql-client docker.io ufw
  5. As described on https://docs.docker.com/compose/install/, install Docker Composer. Download the latest stable version of Docker Composer by running this command:
  6. sudo curl -L "https://github.com/docker/compose/releases/download/1.25.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
    chmod +x /usr/local/bin/docker-compose
    
  7. Make sure that you have Docker Compose v1.25 or higher version installed:
  8. docker-compose --version
  9. Make sure that your server timezone is UTC:
  10. timedatectl set-ntp FALSE
    timedatectl set-ntp TRUE
    timedatectl set-timezone UTC
    timedatectl set-local-rtc 0
    timedatectl status
  11. cd /opt/
  12. mkdir oempro
  13. Move the Oempro ZIP file to the Oempro direcotry:
  14. mv oemprovXXX.zip /opt/oempro/
    ℹ️

    XXX in the Oempro ZIP file name represents the version of the Oempro package. Example: oempro500.zip

The server setup is completed. The next step is to prepare Oempro directory, execute the install utility and make the system up and running.

Securing The Server

Oempro is a Docker containerized software that runs on your server and it has own private network. It includes many components including MySQL database server, Elasticsearch, Kibana, Redis, RabbitMQ, etc.

We strongly recommend you to secure your server by placing it behind a firewall or simply activating UFW (Ubuntu Firewall) on the server.

If you are running your server on Google Cloud, Amazon SES or similar services, you can enable Firewall and enable public access to the following ports:

  • Port 80
  • Port 443
  • Port 25
  • Port 587
  • Port 2465
  • Port 2525

If you don’t have a Firewall, you can enable Ubuntu’s UFW to restrict public access to your server. Follow these steps:

  1. SSH to the server with root credentials
  2. Download the following ufw-docker tool:
  3. wget -O /usr/local/bin/ufw-docker https://github.com/octeth/ufw-docker/raw/master/ufw-docker
  4. Make it executable:
  5. chmod +x /usr/local/bin/ufw-docker
  6. Run following commands to setup public access:
  7. ufw-docker delete allow oempro_haproxy 80
    ufw-docker delete allow oempro_haproxy 81
    ufw-docker delete allow oempro_mysql 3306
    ufw-docker delete allow oempro_haproxy 2465
    ufw-docker delete allow oempro_haproxy 2525
    ufw-docker delete allow oempro_haproxy 2587
    ufw-docker delete allow oempro_haproxy 5601
    ufw-docker delete allow oempro_haproxy 11111
    ufw-docker delete allow oempro_haproxy 8025
    ufw-docker delete allow oempro_haproxy 15672
    ufw-docker delete allow oempro_haproxy 2465
    
    ufw-docker allow oempro_haproxy 25
    ufw-docker allow oempro_haproxy 587
    ufw-docker allow oempro_haproxy 80
    ufw-docker allow oempro_haproxy 443
    
    ufw route allow proto tcp from xxx.xxx.xxx.xxx to any # xxx.xxx.xxx.xxx is your static VPN IP address for full access (optional)
    ufw route allow proto tcp from 192.168.99.0/24 to any
    ufw allow out from any to any port 123 # timesync
    
    ufw allow from xxx.xxx.xxx.xxx to any # xxx.xxx.xxx.xxx is your static VPN IP address for full access (optional)
    
    ufw enable
    ⚠️

    WARNING: Please be careful when setting up firewall rules. You may lose your connection to the server due to incorrect firewall rules.

  8. Test your public ports using the following tool → https://www.yougetsignal.com/tools/open-ports/

Next →

Oempro Installation
Oempro Installation
💠

image

Footer Social Icons

©Copyright Octeth, Inc. All rights reserved.