Skip to content
Brendan Ward edited this page Mar 25, 2020 · 5 revisions

Server setup

Server

sudo fallocate -l 2G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile

Add this to /etc/fstab: /swapfile none swap sw 0 0

TEMP

Next time allocate a larger disk.

Add a 4GB volume as described here: https://medium.com/@dharanviper/how-to-attach-and-permanent-mount-an-ebs-volume-to-ec2-linux-instance-dec32deba9f2

sudo mkfs -t ext4 /dev/nvme1n1
sudo mkdir /tiles
sudo mount /dev/nvme1n1 /tiles

Setup accounts and directories

Create user for the application

  • sudo adduser app --disabled-password

Install and build mbtileserver

  • Install go 1.12 according to the installation instructions on the Golang site: https://github.com/golang/go/wiki/Ubuntu
  • note: go get installs to ~/go` by default
  • sudo su app && cd ~
  • mkdir go
  • go get github.com/consbio/mbtileserver, this installs mbtilserver to ~/go/bin/mbtileserver

NOTE: you may have to add more swap space to compile.

As ubuntu user, grant mbtileserver ability to bind port 80:

  • sudo setcap CAP_NET_BIND_SERVICE=+eip /home/app/go/bin/mbtileserver

Copy the tiles to /tiles.

Verify that mbtileserver starts properly and is able to obtain certificates for HTTPS connections.
From /home/app directory, run /home/app/go/bin/mbtileserver -d /tiles -p 443 --domain <DOMAIN> --redirect --tls Note: update <DOMAIN> to proper domain for this server. Then make a connection to that URL to force server to obtain certificates from Let's Encrypt. In your browser: https://<DOMAIN>/services

You should see this on the server, and no errors:

INFO[0000] Found 116 mbtiles files in ./

--------------------------------------
Use Ctrl-C to exit the server
--------------------------------------
HTTPS server started on port 443
⇨ https server started on [::]:443
HTTP server with redirect started on port 80
⇨ http server started on [::]:80

Stop mbtileserver with CTRL-C.

Setup mbtileserver service:

Paste the following into /etc/systemd/system/mbtileserver.service, updating variables as needed:

[Unit]
Description=MBTileserver
Documentation=https://github.com/consbio/mbtileserver
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service

[Service]
Restart=on-abnormal
RestartSec=60
User=app

WorkingDirectory=/home/app
ExecStart=/home/app/go/bin/mbtileserver -d /tiles -p 8000
ExecReload=/bin/kill -USR1 $MAINPID

[Install]
WantedBy=multi-user.target

Verify that it starts correctly:

  • sudo service mbtileserver start
  • sudo service mbtileserver status should report no errors

Register the service to start on server reboot:

  • sudo systemctl daemon-reload
  • sudo systemctl enable mbtileserver

Install nginx

Basic instructions here: https://medium.com/@jgefroh/a-guide-to-using-nginx-for-static-websites-d96a9d034940 and here: https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-18-04

  • sudo apt-get update && sudo apt-get install -y nginx
  • update firewall to allow nginx: sudo ufw allow 'Nginx Full'
  • remove the default config file: sudo rm /etc/nginx/sites-enabled/default
  • copy /deploy/nginx.conf in the repo directory and rename to /etc/nginx/sites-available/pflcc
  • sudo ln -s /etc/nginx/sites-available/pflcc /etc/nginx/sites-enabled/
  • sudo systemctl restart nginx

On production server, using the main nginx.conf config file, setup SSL support according to the instructions here:

  • sudo add-apt-repository ppa:certbot/certbot
  • sudo apt install -y python-certbot-nginx
  • sudo certbot --nginx -d tiles.climateadaptationexplorer.org -d www.tiles.climateadaptationexplorer.org

Verify that auto-renewal works:

  • sudo certbot renew --dry-run

Uploading new tiles

Tiles are stored in /home/app/tiles.

  1. Upload new tiles to this directory (cd or mv may need to be done as sudo).
  2. restart the tileserver sudo service mbtileserver restart
  3. check the status to make sure it started correctly sudo service mbtileserver status