How to Set Up a Web Server on Ubuntu 20.04 with CapRover โ The Easy Way!๐
Overview ๐
In this guide, weโll walk you through setting up a web server on Ubuntu 20.04, installing CapRover, and deploying WordPress with a custom domain setup. CapRover makes it easy to deploy applications, and WordPress will be installed as a test application with One domain for demonstration.
What You Need ๐ ๏ธ
Before we begin, hereโs what youโll need:
โ
A computer or VPS (Minimum specs: 1 vCPU, 1GB RAM, 10GB storage)
โ
Ubuntu 24.04.1 LTS (Server linux) โ Download it here
โ
A USB drive (8GB or more) to create a bootable Ubuntu installer
โ
Rufus (for Windows users) to create the bootable USB โ Get it here
โ
A stable internet connection
โ
One domain to link to our WordPress site
Step 1: Install Ubuntu 24.04.1 on Your Server ๐ฟ
Create a Bootable USB (Windows Users)
- Download Ubuntu 24.04.1 LTS from the official website.
- Download and install Rufus from rufus.ie.
- Plug in your USB drive (at least 8GB).
- Open Rufus and select:
- Device: Your USB drive
- Boot selection: Ubuntu ISO file you downloaded
- Partition scheme: GPT (for UEFI) or MBR (for older BIOS)
- Click Start and wait for the process to finish.
Install Ubuntu (Enable SSH During Installation)
- Insert the USB into your server and boot from the USB.
- Choose “Install Ubuntu” and follow the installation steps.
- Select “Minimal installation” (recommended).
- Enable SSH during installation:
- In the “Software Selection” screen, check the “OpenSSH Server” option.
- This ensures SSH is installed automatically, allowing remote access.
- Set up your username and password.
- Complete the installation and restart your server.
Step 2: Open Required Ports & Access Your Server via SSH ๐
1. Open Ports on Your Router ๐
Before accessing your server remotely, you must open the following ports on your router/modem:
| Port | Protocol | Purpose |
|---|---|---|
| 22 | TCP | SSH (for remote access) |
| 80 | TCP | HTTP (for websites without SSL) |
| 443 | TCP | HTTPS (for secure connections) |
๐ง How to Open Ports:
- Log in to your router/modem settings (usually at
192.168.1.1or192.168.178.1). - Look for Port Forwarding or NAT settings.
- Add rules to forward TCP traffic for ports 22, 80, and 443 to your Ubuntu serverโs local IP address.
- Save the changes and restart the router if necessary.
2. Find Your Serverโs Local & Public IP Address
Local IP Address (Within Your Network):
Run the following command on your ubuntu server: ip a
Look for an address like 192.168.x.x or 10.x.x.x. This is your local IP.
3. Connect to Your Server via SSH
From another computer, connect to your server using SSH: ssh your-username@your-public-ip
For access within your local network: ssh your-username@your-local-ip
or create a file on your computer with anyname.bat and paste:
@echo off
echo Connecting to SSHโฆ
ssh [email protected] -p 22
Step 3: Update DNS Configuration for Your Domain
Once you’ve completed the server and Cloudflare setup, it’s time to configure the DNS settings for your domain. This will allow your domain to point to your server’s IP address and be properly managed via Cloudflare.
Updated DNS Configuration Example
A Record for the root domain example.com:
- Type: A
- Host/Name:
@ - Value (IP Address):
203.0.113.10(Public IP address for example) - TTL: Auto
- Proxied: Yes
A Record for the wildcard * subdomain:
- Type: A
- Host/Name:
* - Value (IP Address):
203.0.113.10(Public IP address for example) - TTL: Auto
- Proxied: DNS only
CNAME Record for the www subdomain:
- Type: CNAME
- Host/Name:
www - Value:
example.com - TTL: Auto
- Proxied: Yes
DNS Records in Table Format:
| Type | Host/Name | Value (IP Address/Domain Name) | TTL | Proxied |
|---|---|---|---|---|
| A | @ | 203.0.113.10 | Auto | Yes |
| A | * | 203.0.113.10 | Auto | No |
| CNAME | www | example.com | Auto | Yes |
How to Implement the DNS Records:
- If Your Domain is Registered with Another Provider:
- First, set up Cloudflare for your domain: Cloudflare will act as a proxy service to protect your server, offer caching, and provide other benefits.
- Log in to your domain registrar (e.g., GoDaddy, Namecheap, etc.) and change your domain’s nameservers to Cloudflare’s nameservers. You can find these nameservers in your Cloudflare dashboard.
- Once the nameservers are updated and propagated (this may take up to 24 hours), you can proceed with configuring the DNS records in Cloudflare.
- If Your Domain is Already on Cloudflare:
- Go to the DNS management section in your Cloudflare dashboard.
- Add the A records for:
- The root domain (
example.com) pointing to203.0.113.10, with proxying enabled. - The wildcard subdomain (
*) pointing to203.0.113.10, with proxying disabled.
- The root domain (
- Add the CNAME record for
wwwto point toexample.com, with proxying enabled. - Save the changes.
Explanation:
- Proxied = Yes: Cloudflare will handle traffic for that record, helping secure and optimize the connection to your server by hiding the server’s real IP address.
- Proxied = No: The traffic will go directly to your serverโs IP address without Cloudflare’s protection.
Once Cloudflare is active and the DNS records are set, your domain example.com will be secured and cached by Cloudflare, while www.example.com will automatically redirect to example.com, and wildcard subdomains will resolve directly to the same IP address without proxying.
Absolutely! Itโs important to ensure that SSL/TLS encryption is set up correctly to prevent SSL-related issues with your websites. Here’s the updated information for Step 3:
SSL/TLS Configuration for Your Websites
After setting up Cloudflare and configuring the DNS records, it’s crucial to check and configure the SSL/TLS settings to ensure that your website is properly secured.
SSL/TLS Encryption Mode: Full (Strict)
To prevent SSL-related issues, ensure that all websites use the following Cloudflare SSL/TLS settings:
- Log in to your Cloudflare dashboard.
- Go to the SSL/TLS settings section for your domain.
- Set the SSL/TLS encryption mode to “Full (strict)”.
- Full (strict) mode ensures that Cloudflare establishes a secure connection between the user and Cloudflare, as well as between Cloudflare and your server. This is the most secure option as it requires a valid SSL certificate on your server (issued by a trusted certificate authority).
Why Full (Strict) is Important:
- Prevents SSL Errors: By using “Full (strict)”, Cloudflare will only connect to your server if it has a valid SSL certificate. This prevents any insecure or broken SSL connections.
- Provides End-to-End Encryption: Both the connection between the user and Cloudflare, as well as the connection from Cloudflare to your server, will be fully encrypted.
- Security: “Full (strict)” ensures that Cloudflare only connects to servers with a valid SSL certificate, minimizing the risk of man-in-the-middle attacks or unencrypted traffic.
SSL/TLS Settings Example for Cloudflare:
| Setting | Value |
|---|---|
| Encryption Mode | Full (strict) |
| Always Use HTTPS | Enabled |
| Automatic HTTPS Rewrites | Enabled |
By using Full (strict) encryption mode, your websites will be properly secured, avoiding any SSL errors and ensuring that your visitors’ data is encrypted during transit.
Step 4: Install Docker and Set Up CapRover
In this step, we’ll update the server, install Docker, and set up CapRover.
- Update the package list:
sudo apt update - Upgrade all the installed packages:
sudo apt upgrade - Update the package list again:
sudo apt-get update - Install Docker:
sudo apt install docker.io - Enable Docker to start on boot:
sudo systemctl enable docker - Check Docker status (it should be active):
sudo systemctl status docker - Enable and configure UFW (Uncomplicated Firewall):
sudo ufw enable sudo ufw allow 80,443,3000,996,7946,4789,2377/tcp; sudo ufw allow 7946,4789,2377/udp; sudo ufw allow 22/tcp sudo ufw status - Check Docker version to confirm installation:
docker version | grep API - Run the CapRover Docker container:
sudo docker run -p 80:80 -p 443:443 -p 3000:3000 -e ACCEPTED_TERMS=true -v /var/run/docker.sock:/var/run/docker.sock -v /captain:/captain caprover/caprover - Install npm (Node Package Manager):
apt install npm - Install CapRover globally via npm:
sudo npm install -g caprover - Run CapRover server setup:
caprover serversetup - Verify the CapRover container is running:
docker ps | grep caprover/caprover - Enter the CapRover container shell:
docker exec -it (Container id past it here) /bin/sh - Create the required directory for CapRover configuration:
mkdir -p /captain/data/ - Create the configuration override file:
echo "{\"skipVerifyingDomains\":\"true\"}" > /captain/data/config-override.json - Verify the contents of the configuration file:
cat /captain/data/config-override.json
By following these commands, you will set up Docker, install CapRover, and configure it for your server. This ensures that CapRover is running and ready for use to deploy your applications.
