Setting up a CentOS Digital Ocean droplet with Nginx for beginners


Tim Kye

If you want to get to the meat of the post, jump down to the guide.


I recently made the move from WebFaction, which offers a shared/managed host with SSH access, to Digital Ocean, which offers virtual private servers with SSH access. They are both billed as being "for developers", but WebFaction does more work for you. The tradeoff is you don't get root/sudo access.

This wasn't a problem for me until I wanted to automate SSL key installation with Let's Encrypt. Even without sudo access you can obtain keys, but WebFaction required that I open a support ticket to get the certs installed. Since Let's Encrypt's certs only last 90 days, this was going to be an issue. Hence to the move.

Moving from a managed host to one that I had to fully manage meant learning a lot of sys admin stuff in a short period of time. To catalog this process for other developers who know how to build applications but not run servers, I am putting together a series on 1st time setup. Since I came from WebFaction I chose to stick with CentOS, which has made things slightly harder on me since most guides seem to be written for Ubuntu/Debian. Hopefully this helps you out.

The Guide

I'll assume you have already created your droplet, since it's pretty simple. I was able to find most of this information from Digital Ocean Community posts, but I wanted to centralize it. Searching for this is hard, and you can find a lot of bad information before you find the good stuff. I will cite the original guides where appropriate, since they contain great additional information.

I am breaking this guide into 2 parts, because it's going to be very large. OS Configuration, and Hosting Configuration. Each section will get its own post, but they will all be linked to from here so that there is a canonical source.

OS Configuration

  1. Setting up a remote user
  2. Configuring the firewall
  3. Configuring TimeZones and Network Time Protocol (NTP)
  4. Setup swap file
  5. Installing Fail2Ban

Hosting Configuration

  1. Installing Yum tools
  2. Installing Node
  3. Configuring Nginx as a Reverse Proxy
  4. Digital Ocean DNS Management
  5. Deploying Applications with Git and SSH
  6. Application Management and Crontab
  7. SSL Certs and Keys with Let's Encrypt (You can find Ubuntu instructions here, for now. CentOS "webroot" style guide coming soon)
  8. Setting up email with Mailgun and Gmail