-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathShinyServerNGINXSetup
124 lines (100 loc) · 4.23 KB
/
ShinyServerNGINXSetup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# NGINX Reverse Proxy Setup
-- <i>I set this up for my personal page as a subdomain to host shiny apps. So for all instances of subdomain.yoursite.com
you could use just yoursite.com if you wanted to skip a subdomain </i>
1. From your Google Cloud VM page, launch SSH command window
### Install NGINX and get a certificate for HTTPS
$ sudo apt-get update
$ sudo apt-get install nginx
### Get Certification -- used Certbot
https://certbot.eff.org/
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository universe
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get install certbot python-certbot-nginx
$ sudo certbot --nginx
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
-- Chose Redirect (2)
Check that it is running correctly
$ sudo certbot renew --dry-run
### Installing R and Shiny Server
$ sudo apt-get install r-base
$ sudo su - \-c "R -e \"install.packages('shiny', repos='https://cran.rstudio.com/')\""
For Latest versions: https://www.rstudio.com/products/shiny/download-server/
$ sudo apt-get install gdebi-core
$ wget https://download3.rstudio.org/ubuntu-14.04/x86_64/shiny-server-1.5.12.933-amd64.deb
Check https://rstudio.com/products/shiny/download-server/ for the latest versions
$ sudo gdebi shiny-server-1.5.12.933-amd64.de
### Check setup
Test that <Google Compute Engine IP>:3838 shows shiny server splash and ip shows nginx splash
Shiny server splash screen https://imgur.com/1s4SAJ4
### Setup NGINX
$ sudo ufw allow OpenSSH
$ sudo ufw allow 'Nginx Full'
$ sudo ufw allow 3838
$ sudo ufw enable
$ sudo ufw status
<b>Restart NGINX to start</b>
$ sudo systemctl restart nginx
### Test redirect
Should redirect <Google Compute Engine IP>:3838 to <Google Compute Engine IP>
###Review Certs
$ sudo certbot certificates
<i>You can do the following steps in WinSCP by changing the files directly</i>
<i>modify the nginx.conf in /etc/nginx/ and add a file <b>"subdomain.yourwebsite.com"</b> to /etc/nginx/sites-available/ </i>
$ sudo chmod 777 /etc/nginx/
$ sudo chmod 777 /etc/nginx/sites-available/
$ sudo nano /etc/nginx/nginx.conf
<b> in HTTP if using WinSCP</b>
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
$ sudo nano /etc/nginx/sites-available/<i>yoursite.com</i>
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name <i><subdomain.yoursite>.com</i>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name <i><subdomain.yoursite.com></i>;
ssl_certificate /etc/letsencrypt/live/<subdomain.yoursite>.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<i><subdomain.yoursite.com></i>.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
location / {
proxy_pass http://<i><Google Compute Engine IP></i>:3838;
proxy_redirect http://<i><Google Compute Engine IP></i>:3838/ https://$host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
}
}
### Confirm no error
$ sudo nginx -t
$ sudo ln -s /etc/nginx/sites-available/<i><subdomain.yoursite></i>.com /etc/nginx/sites-enabled/<i><subdomain.yoursite></i>.com
$ sudo rm -f /etc/nginx/sites-enabled/default
Test redirect
subdomain.yourwebsite.com should now be the Shiny splash screen with an https lead.
### Confirm no errors and restart to finish
$ sudo nginx -t
$ sudo systemctl restart nginx
## Additional Code if needed
### Look at ufw apps and reset/disable
$ sudo ufw app list
$ sudo ufw disable
$ sudo ufw reset
### Start, Stop, Restart, NGINX
# sudo systemctl start nginx
# sudo systemctl stop nginx
# sudo systemctl restart nginx
# sudo systemctl status nginx