February 24, 2020

N.A.M.S. { Nginx, Angular, MySQL, Spring }

Head first dive into front-end, back-end development and deployment.

N.A.M.S. { Nginx, Angular, MySQL, Spring }

Introduction

You just received the brand-new code base but don’t know how to install it on your server. Have no fear, we wrote this document to help you with the installation. First this document will cover some basic concepts and tools that you will need to get started. After that we will discuss how to download and install the proper software tools. There will be a section on how to properly configure the software application for your environment. Followed up by a section on how to properly deploy all of it. And we will end it with a discussion on what are some tools and features need to be taken into consideration during deployment, what tools can add value to this platform and where next to invest time and attention to further build out the features of this platform into a fully fledged product.

All of the code can be found at the following location:

This document will only take into consideration how to install and deploy the Fitzeria application in the cloud, and not locally on your machine. For a local installation (as long as you are on a Linux system) similar steps can be taken to make it work, however the step for SSL encryption can be omitted and the SSL config in the application.properties can also be omitted.

The Server

At the moment we have decided to use the most common server OS available. Which is Ubuntu. Which can be rented by the hour at all Cloud providers such as Amazon Web Services, Google Cloud, Microsoft Azure. But we are using the cheapest VPS (virtual private server) at Digital Ocean.

So as was alluded to in the introduction, to deploy the web application in a way that it is accessible to everybody with a web browser and an Internet connection is by hosting it on a server, in the cloud, like all the other cool kids. These services are called PaaS: platform as a service. Where companies provide IT infrastructure to their clients for all of their computing needs. The biggest players in this market are Amazon Web Services, Google cloud, Microsoft Azure at the moment. They offer a full range of different computing services ranging from databases, cloud computing, load balancers, hosting, etc.

But seeing as Fitzeria is currently running its infrastructure on Hostnet, we will stick with them. Hostnet also provides basic services that the aforementioned players have. The service that we will be focusing on is the VPS  service that they provide. VPS stands for Virtual Private Server. If you have ever used a virtual machine on your computer to run Linux in it, or another OS, that’s what it is. There is one physical computer somewhere in the world, and on that computer multiple virtual computers are hosted and leased out to customers. So, when you lease a VPS it’s as if you are leasing a physical server, but you wouldn’t know the difference. The point is, it’s a cheap way and efficient way of hosting the web application.

Minimum system requirements

Currently, our development server has 2 virtual CPUs, 3 GB of Ram, an SSD of 256 GB. It’s been working fine with this set up. The problem is we have no idea how this server will handle under load. We have no idea how many concurrent connections the server can take before it starts slowing down. A quick note: less storage is not an issue, the storage is only for the images and the code base (which currently is 1 GB so 256 GB of storage might be a bit much).

Anyway, we think for this first run of production, a server of 3 virtual CPU, 5 GB of ram and 256 GB of storage is more than enough.

The biggest bottleneck will probably be the back-end server. But it’s written in Java. So, it’s relatively fast, and it should be able to handle a relatively big load. Even though ideally we would need to re-factor the code to make sure we’re not wasting CPU cycles. But the important thing right now is that it works.

A VPS on Hostnet costs around 30 Euros per month.

Almost forgot to mention something about Linux. So, Linux is an Operating System, just like Windows, macOS. Started out as a project by someone called Linus Torvald during his college years. Because he decided to open source his project and the license he used for his OS, the gnu license? Apache? It was an open-source license, other people and companies could freely copy his work, use it on their terms, or send back versions of the source code. This spiraled into the most widely used operating system on servers. Because companies didn’t need to pay licensing fees to companies to use it, and with all the open-source tools that was being developed for the OS, it just became more and more popular for developers to use.

Ubuntu is one flavor of Linux, which during writing is the most popular one. It’s the one with the broadest applicability for uses. And we will host the web application with it.

SSH

After you’ve gotten your VPS, you might be wondering, how does one use it? Well let me introduce you to the magical black box, that is the terminal. Just as how you use the terminal to interact with your computer in a text based way, instead of using the GUI to interact with it. You can use the terminal to interact with your VPS.

Later we will also discuss how to use an FTP client to interact with your VPS as well. But we do need SSH access to it because we need the issue commands to update and install packages.

After creating your VPS with Hostnet, you should have gotten an email with login details.  Open up your terminal and input the following command ssh root@<yourProvidedIPAdress>:

// The IP addres of the current server is the following
$ ssh root@167.172.44.34

Or you after you have purchased your domain and rerouted your name servers to your server you can ssh into your box (slang for server) by using the following command:

$ ssh root@fitzeria.online

Note on how to read this.

So throughout this document we will be using text boxes with commands that are supposed to be issued verbatim most of the time. Text boxes that contain an $ in the front of the command are not to be issued with the command, but is mostly a lingo that is used to indicate to others that this is a command that needs to be issued in a command line. A primer on how to use a command line can be found here.

But let’s break down the command here above to understand the gist of it. ssh is the name of the command, it’s an application just like the application that you are using right now, but it is made for the command line, so the way you interact with it is textually. You pass it arguments in the format that is specified for that particular command line application. So in this case, root@fitzeria.online the argument being passed. If you type $ man ssh in your terminal (remember the $ is not needed) you get a brief overview of what it does, and how to use it. in this case it looks like this:

image-20191218183333206

So let’s get back to it.

So as we can see in the image above, we pass the user of the OS we want to log in to, and the location where the Server is hosted. The location in this case is the IP address of that you we’re given when you created the server. The IP address is interchangeable with the URL that you bought after everything is properly linked together and the DNS has propagated (which can take up to a day!). You can find more information here about DNS propagation.

Links on how to use a terminal with your system.

After you’ve SSH’ed into your box (another name for you server) you can start issuing commands that actually affect the Server.

Find the terminal emulator for your computer:

Create a new user

So to separate concerns on the server. So now that you are logged in, and you have created a new password for your root user. That you have written down. We can go on to creating a new user.

Now that you are logged into the server, the first thing that we want to do is create a new user. The first user that is created is called root. The root user as all administrative privileges on the server to change whatever it wants. So to properly separate concerns on the server and to make sure that the application is executed by a user with fewer privileges, we need to create a user with fewer privileges. It’s just good practice to only give the privileges to the user that they need and not more.

So let’s do that. Replace  with a user name of your choice.

$ useradd <userName>

And let’s quickly update the password for that user while were at it. Replace user name with the user you created.

$ passwd <userName>

So now you can also ssh into the box by using:

$ ssh yourUserName@yourIp/yourUrl

Can we start by installing our dependencies now? Or do we still need to be logged in as root to do so? I think it’s a good moment to do so, and anything that does require sudo privileges we just note that.

So now that you’ve SSH’ed back into your box with your new user, we need to introduce an important concept before we can continue. Some following commands that we will be issuing require root access. If you try installing MySQL right now, by issuing: $ apt-get install mysql-server, you’ll notice that you get an error. This is what we want, we want to have a user on the box that does not have many privileges. But we want to install software on the machine and that requires root privileges. The way that we can get root access while logged in as user that does not have root privileges is by using the command/keyword sudo before every other command.

MySQL

Now that we have access to our server it’s time to set up MySQL. MySQL is an open-source database that is used to store all the data for Fitzeria. Here we will see how to install it on your Ubuntu server.

So now we can finally start with the business of actually installing the software tools we need, the dependencies we need to deploy the Fitzeria application. We will start with MySQL. MySQL is the second most popular open source relational databas management system out there. It’s easy to install and use. And for an application of this size, it fits our needs very well.

Install MySQL

Using Ubuntu’s package manager, apt-get we will install MySQL:

Note on Ubuntu’s package manager. Almost all Linux distributions come with a package manager. You can think of it as an app store for Linux. You use it to install, update, uninstall software applications and tools on your system.

Let’s get started, the first command is to update the registry, and then we install MySQL.

$ sudo apt-get update
$ sudo apt-get install mysql-server

If everything goes correctly input:

$ sudo mysql_secure_installation utility

Systemctl service

After the installation is complete, you can start the database service by running the following command. If the service is already started, a message informs you that the service is already running:

$ sudo systemctl start mysql

Launch at reboot

To ensure that the database server launches after a reboot, run the following command:

$ sudo systemctl enable mysql

Using MySQL

Now we can finally move on to actually using the database. What do we need? We need a new user for it and a database where we can put our schema’s, tables and such. First let’s deal with the database privileges.

Starting the shell and setting a password

So if everything went well you should be able to start the MySQL shell from your shell now. Let’s start right away as the root. -u Specifies the user, -p specifies that you’re inputting a password. Input the password that you used when you entered the sudo mysql_secure_installation utility command.

mysql -u root -p

Otherwise, if you did not set a password, do the following:

Set the root password/

If you logged in by entering a blank password, or if you want to change the root password that you set, you can create or change the password.

Enter the following command in the mysql shell, replace password with your new password:

mysql> UPDATE mysql.user SET authentication_string = PASSWORD('password') WHERE User = 'root';

To make the change take effect, reload the stored user information with the following command:

mysql> FLUSH PRIVILEGES;

Create a new MySQL user named ‘Fitzeria’

Our app will be using its own user called fitzeria, that way it’ll only have the privileges that it needs to have instead of root privileges which is a bad idea for a publicly facing database. In the MySQL Shell input the following:

Just as how we created a new user for the OS, we will create a new user for the database as well.

Create a Fitzeria user for local-host.

mysql> GRANT ALL PRIVILEGES ON *.* TO 'fitzeria'@'167.172.44.34' IDENTIFIED BY 'tonijnavocadosalade' WITH GRANT OPTION;

Here we create a fitzeria user with the password tonijnavocadosalade.

Check to see if it was created:

mysql> SELECT User, Host, authentication_string FROM mysql.user;

Login to user MySQL

mysql -u fitzeria -p
# Enter password on prompt

Create new database with Fitzeria user

mysql> create database dbname;

# start using it
mysql> use dbname;    

Get access to the database from another computer:

There will come a time when you want to have access to all the data that is stored on the database from another source. Maybe you want the marketing department to quickly download all the emails so that they can start an email campaign. So, we will give them access by doing the following:

Open your MySQL server Terminal;

$ mysql -u root -p

Run the following queries:

mysql> USE mysql;
mysql> SELECT user,host FROM user;

Once it's verified that the root user only has permission to connect in local-host, run the following query with db_username being the database user you created above and my_ip_ being the IP-address of the computer you want to give access to:

GRANT ALL PRIVILEGES ON *.* TO 'db_username'@'my_ip' IDENTIFIED BY 'root_password' WITH GRANT OPTION;

Recover MySQL password

And if God forbid you ever lose your password you can reset it by doing the following: In your terminal issue the following commands

$ sudo service mysql stop
$ sudo mysqld_safe --skip-grant-tables --skip-networking &scored-railcar-kitten
$ mysql -u root

In the MySQL command line issue the following commands:

mysql> use mysql;
mysql> update user set authentication_string=password('NEWPASSWORD') where user='root';
mysql> flush privileges;
mysql> quit

MySQL conclusion

So, this has been a relatively complete primer on how to get started using MySQL, it would be handy as well to give an indication on how to gain access to this database from a database client such as MySQL workbench.

To be sure the database is where all the data is stored. Give some indication on how to make sure that the data is never lost. How to have a server that automatically backup the database somewhere else. This is a good topic for the suggestions chapter.

Finally, one way to also get access to your database is by using a database client. Such as MySQL workbench.  Download MySQL workbench here. Using such a database client you can take a glance at all the data saved in the database. You can visualize it as rows and columns, almost as if it was a spreadsheet.

Das Back-end

The back-end, in this case refers to the layer of the whole stack where the Java application resides. The back-end is the service that the intermediary between the database, the client side, and 3rd party end points such as Mollie. The back-end is written in Java, which makes it very portable, most operating systems can run Java. Java is relatively fast, and is the industry standard for enterprise applications. The main application itself is written using the spring boot framework. But before we get there let’s get a better understanding of what the back-end does. The set up of the database is running on the VPS with the back-end, the database can be somewhere else. This helps with the separation of concerns we keep talking about.

Java

First step is make sure that Java is already installed on our system, we are using the open-source version of Java at the moment. As you can see below we are installing two packages. The second package, javac is used to compile the Java source code in to Java byte code. Which can be executed with the java command.

$ sudo apt-get install default-jre
$ java --version

# Install the jdk for convience sake. not sure if this is applicable.
$ sudo apt-get install default-jdk
$ javac --version

SDKman

The Java ecosystem has a couple of package managers, just like how Ubuntu has a package manager. We need a package manager to install a Java dependency. In this case we are using SDKman to install maven. Which also handles dependencies for our application. Layers upon layers.

What other information can I add here? What does SDK stand for? —> this is dumb, of-course it stands for Software Development Kit What makes it different from apt-get and maven? I’m still not sure what its position is within the tech stack. These unknowns can make an interesting paragraph.

Before we can start installing SDKman, we need to make sure to install zip and unzip. That way we can use the super cool URL to install SDKman quickly and efficiently so that we can use it only once.

$ sudo apt-get install zip unzip

# Then we use curl to get sdkman
$ curl -s "https://get.sdkman.io" | bash

# Check to see if it's installed
$ sdk version

Spring

Spring boot is a collection of different components that makes it easy to develop a back-end application. With it comes a server, the ability to almost magically link up your API with the database. With it, we create endpoints where we can do HTTP requests to and get JSON objects back. Which we can easily use to dynamically load data into our frontend. But let’s start by installing it.

$ sdk install springboot
$ spring --version

Maven

Finally, we still need a couple of dependencies for our spring application. Such as third-party libraries for interfacing with Mollie, or for sending emails and such.

$ sudo apt update
$ sudo apt install maven
$ mvn --version

This should have been all the steps to get the back-end working, though we still need to configure a couple of files, compile it and install the application. We will get to that soon enough, but first we will install the front end dependencies before we get to the point where we start configuring and installing.

Le’ frontend

The front end is the easiest bit to explain because it’s the part that most people have experience with. It’s the part of the website that everybody interacts with. So, we’ll not spend too much time here explaining it. But it does have its set of dependencies that we need to install so that we can start using it.

NodeJS & NPM

NodeJS, is a popular server-side JavaScript runtime environment. Because of it, there have been a myriad of tools made developed for developers by developers. It’s almost become indispensable in the developers tool belt. Especially when it comes to front end development. So let’s start by downloading the latest long-term support version of NodeJS, and another fucking package manager. Because god knows we need one more. But don’t worry about installing the package manager, it comes with it.

Download the LTS version of NodeJS. At the time of writing that is NodeJS v12.x

# Using Ubuntu
$ curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
$ sudo apt-get install -y nodejs

Angular

Angular is the front end framework we are using to develop the interface users will be interacting with in their browsers. It’s developed and maintained by Google. It’s also open source as most of the tools we’ve been using up to now. If you haven’t picked up yet on that theme. With it we build single-page applications. So whenever you are using a single-page application, it might seem like you are browsing to different page every time you navigate to a new page in the web app. But using JavaScript the view is dynamically loaded. It’s based follows the battle tested Model View Controller architecture which helps with developing extendable, maintainable, testable web applications. Which means you have a framework that helps you reuse parts of your application, and makes sure that it is robust for production. One more beautiful feature of using angular is, or better said, most modern JavaScript front end frameworks these days, let you compile all of your source code for all of the major browsers.

So let’s install it:

Update this command to install the correct version that we are using

$ npm install -g @angular/cli

Now we can start building our application. But before we get there we need to talk about a couple of useful tools that will make the process a bit more easy to get started.

Quick stop - useful tools

The first of these tools is useful command line text editor. You have nano, but micro is more feature rich, and more what you are used to from your standard text editor.

Micro

We will be using a popular easy to use text editor called micro. Useful key-binding to know are:

$ curl https://getmic.ro | bash

# Also usefull is to install xclip while you're at it. (clipboard support)
$ sudo apt-get install xclip

You can use it by using it as follows::

$ micro file_that_you_want_to_edit.txt

Here are some useful key-bindings:

Key-bindingActionctrl s, cmd sSavectrl c, cmd cCopyctr v, cmd vPastectrl q, cmd qquit

SFTP/FTP application

Otherwise just get an SFTP client for your operating system. With which you can explore the folder structure of your server with your file browser and get to the folders that need to be edited. You can easily edit them with your text editor of choice. Recommended clients are:

SFTP should be available on the Ubuntu server and you should be able to easily use these tools. So, when you connect to the server using your SFTP client of choice you will be able to edit the files using a text editor.

Now we can finally move on to actually downloading the source code.

Install through Git clone

Git is a version control system, it helps you keep a track of changes that happen to your code base and so much more that is outside the scope of this document for the moment. We only need to quickly do the following:

Right now the project is hosted on HvA’s GitLab. So clone it from the git repo. From your home folder (~).
Quick note, you need to have access to the git to use this, otherwise use the install through FTP steps

$ git clone git@gitlab.fdmci.hva.nl:backsp/ewa-fitziria-3-.git

So now the whole app has been downloaded to the home folder in to a folder named ewa-fitzeria-3. Now the only thing that is missing is installing it. Let’s get onto that. Continue tot the Further installation chapter

install through FTP

To install without using Git, connect tot the server using an FTP client, create a directory in the home directory with the following name ewa-fitzeria-3. After creating the directory, copy the content of the provided zip file into the newly created directory.
It may take some time to copy all the files, so take your time. After this is done, connect to the server using SSH and continue to the next installation step.

Further installation

Cd into the folder, which should be named ewa-fitzeria-3 go all the way to the front end. Which is one more folder away:

$ cd ~/ewa-fitziria-3-/front-end

Run $ npm i from this folder to install all the node dependencies:

$ npm install

So if everything went well, you can actually run the front end now. The front end can run by itself without actually talking to the server, try it, it’s good fun. Change directory to the front end and run it.

$ cd front-end
$ ng build --prod
$ sudo mkdir /var/www/fitzeria.online/html
$ cp -R /fitzeria/* /var/www/fitzeria.online/html

With these commands up above a production version of the front end app is made. These files are static and thus now we can start setting up a Nginx server so that we can encrypt the traffic passing through. One thing to note here, is that if you want to target more browsers that can be accomplished by editing the browserlist file found in the front end folder.

Encrypt all the things

We will be using let’s encrypt to secure the connections of the front end with the server, better known as HTTPS. This is done by using the SSL and TLS protocols. It’s the same kind of encryption used by banks and most major websites to secure their applications. Ideally you would look into getting a proper certificate from a certificate authority such as: Sectigo. But that’ll come later, it costs money and for now, we will use a free alternative.

So let’s start by issuing the following command to install let’s encrypt.

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository universe
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install certbot python-certbot-apache
$ sudo certbot certonly --webroot /root/ewa-fitziria-3-/front-end/dist/fitzeria -d fitzeria.online

How to install Nginx

$ sudo apt update
$ sudo apt install nginx

Getting your IP:

$ ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'
$ sudo systemctl stop nginx

Reload Nginx without dropping connections:

$ sudo systemctl reload nginxq

Configuration files: nginx.conf

open the file using this command

$ nano /etc/nginx/nginx.conf

input the following data:

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/;

events {
	worker_connections 768;
	# multi_accept on;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}

To configure the url of the site to work create a file in the following directory with the following commands

$ cd /etc/nginx/sites-enabled
$ nano site_url

insert the following data

upstream springboot {
	location http://localhost:8080;
}

server {
        listen 80;
        listen [::]:80;

        root /var/www/fitzeria.online/html;
        index index.html index.htm index.nginx-debian.html;

        server_name fitzeria.online www.fitzeria.online;
        
        # use this location directive to direct to the spring boot app
        # Don't forget to add `/api/` path to the production environment in angular.
        location /api/ {
        	proxy_pass springboot;
        }
        
		# use this location directive to direct to the angular app.
        location / {
            try_files $uri $uri/ =404;
        }
}

and save the document

$ sudo ln -s /etc/nginx/sites-available/fitzeria.online /etc/nginx/sites-enabled/

Remove default symlink

$ sudo rm /etc/nginx/sites-enabled/default

Create a new directory where the production build of angular will be.

$ sudo mkdir -p /var/www/fitzeria.online/html

Next, assign ownership of the directory with the $USER environment variable:

$ sudo chown -R $USER:$USER /var/www/fitzeria.online/html

The permissions of your web roots should be correct if you haven’t modified your unmask value, but you can make sure by typing:

$ sudo chmod -R 755 /var/www/fitzeria.online

Test the server settings

Make sure that everything is working properly before you go on to building and loading the site.

$ sudo nginx -t

If that works fine, then you can move on to restarting the service.

$ sudo systemctl retart nginx

Handling the back-end.

So now that the front end is properly encrypted, we need to move on to encrypting the back-end. If the angular app is making HTTPS calls the back-end API needs to return HTTPS calls as well. Modern web browsers do not allow the mixing of protocols. To maintain consistency and avoid cross site scripting attacks.

There might be away to configure Nginx to handle our requests, to use Nginx as a proxy and insert statements into the HTTP headers to simulate the HTTP request to be encrypted.

But the solution that we have chosen is to encrypt the requests directly in Spring boot itself.
We will be using the same key we generated before. But spring boot does not support the format that is provided by the cert-bot. So, we need to make our own.

So, we need to follow this article to get what we want.
https://dzone.com/articles/spring-boot-secured-by-lets-encrypt

So let's start by going to the directory that contains our SSL certificates and running the openssl command to convert our keys to the right format that can be consumed by our spring boot application.

$ cd /etc/letsencrypt/live/fitzeria.online
$ openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -name tomcat -CAfile chain.pem -caname root

So now that we’ve used the SSL certificate that we created for the website

Application.properties file in spring boot root.

When using SSL you need to update the Spring boot application.properties file, do this by opening the file using

$ nano ~/ewa-fitziria-3-/back-end/src/main/resources/application.properties

At the bottom of the file, add the following data and save the file.

server.port: 8080
security.require-ssl=true
server.ssl.key-store:/etc/letsencrypt/live/fitzeria.online/keystore.p12
server.ssl.key-store-password: tonijnavocadosalade
server.ssl.keyStoreType: PKCS12
server.ssl.keyAlias: tomcat

Configuration Front end

We need to start configuration the application now, with our API keys and configuration files.

The first configuration that we will do is integrating the Google Maps API. Head on to cloud.google.com. Create an account if you don’t already have an account with them

  • go to cloud.google.com
  • Register or sign in with the provided credentials.
  • Add your payment details in the form of a credit card
  • Create a project
  • get the API key
  • Go to APIs & Services > Credentials > Create Credentials > API Key
  • Copy the created API key
  • Paste the api key into the configuration file which can be found in ewa-fitzeria-3/frontend/src/enviroments/enviroment.prod.ts in the correct attribute.

Configure the back-end: {Mail, MySQL, Mollie}

At this moment we need to start thinking about editing files in the shell. We will be using the command line and micro to do this, but remember you can also use your FTP client of choice to do these actions.

Copy the examples

From here we need to first properly initialize a couple of variables to make sure that everything is working properly. We need to configure the back end to use the provided email address, and we need to configure the back end to use MySQL with the proper credentials. So go to the folder which contains these configuration files named: {database.example.properties,  mail.example.properties, mollie.example.properties, upload.example.properties}.

$ cd ~/ewa-fitziria-3-/back-end/src/main/resources
$ cp database.example.properties database.properties
$ cp mail.example.properties mail.properties
$ cp mollie.example.properties mollie.properties
$ cp upload.example.properties upload.properties

Mail.properties

Open the files one by one and edit them.

$ micro mail.properties

Edit the file so that like is displayed below, or with your configuration variables. So in our case the user name is fitzeria.dev@gmail.com, and the password for the email is: <yourPassword>. Which also happens to be the email address for login in to the account in mail.google.com. You can use your email address and its respective password. Or you can use this email address as well, as it was also part of the product we handed in.

# Make a copy of this file and rename it to "mail.properties"

host=smtp.gmail.com
port=587

# The username of the mail user
username=fitzeria.dev@gmail.com

# The password of the mail user
password=YOURPASSWORD

MySQL.properties

Now open the database.properties and edit the file.

$ micro database.properties

Here we define the databaseName, user-name and the password that we used all the way at the top of this document. Input them in their respective fields.

# Make a copy of this file and rename it to "database.properties"

# The url to the database server, the name after the / is the database itself
url=jdbc:mysql://127.0.0.1/YOURDATABASENAME

# The username of the database user
username=YOURDATABASEUSERNAME

# The password of the database user
password=YOURPASSWORD

Mollie.properties

We also need to pass in the authentication key we got from Mollie. But you should have gotten a couple of AP keys with your account. You should be able to navigate the same folder as mail.properties and database.properties to edit a file named mollie.properties to input your API key.

# Make a copy of this file and rename it to "mollie.properties"
API_KEY=test_RKrguJpHWcB27zF7yxfCF7dFJtPqaV

Upload.properties

To allow for uploading of files we need to configure where the images will be stored on the server. To configure this, open the upload.properties and set the value to what you want it to be. (you can also follow the below example as the configuration).

$ mkdir /root/uploadedimages
$ micro upload.properties

Insert the following data

# Make a copy of this file and rename it to "upload.properties"

# The absolute path to the directory where images will be uploaded and stored. Create this directory, and give it all the $
dir_location =/root/uploadedimages

Application properties

Finally, application properties file, we will be encrypting the back-end server with the key that we used to encrypt the front end server. We’ve already done this in the previous chapter, so we can continue.

If everything went well, we can start compiling now.

Compile / Build Spring Boot Project with Maven

To be able to run your Spring Boot app you will need to first build  it. To build and package a Spring Boot app into a single executable Jar  file with a Maven, use the below command. You will need to run it from  the project folder which contains the pom.xml file.

$ cd ~/ewa-fitziria-3-/back-end
$ mvn install

Run it

So, when you run mvn install it’ll start running it right away. Otherwise, if you are just changing the configuration file you can run it by doing the following:

$ java -jar target/Fitzeria-backend-0.0.1-SNAPSHOT.jar 

Service it

So, the Java back-end application can be run as is. But if something ever happens with the server we would need to SSH back in to the server and actually run the java -jar Fitzera.jar command so that the application will run again. So, the proper way to do it is by running the application as a service. You can follow the following guide to set that up. Run your application as a service Ubuntu.

Recommendations

Now you should have a working server with the project installed on it. But there are a couple of considerations that need to be considered for further development of the platform. We will mention a couple of them here. Server hardening, as it stands the server is relatively unprotected against attackers. Server hardening is the process in which the attack surface of the server is limited as much as possible to maintain functionality of the platform while locking everything else down so that it is not exposed to the public internet. Second: tracking the demographics of the users can easily be done by integrating with Google Analytics. Third: as mentioned above acquiring a proper certificate from an SSL authority might be useful, but for now, it is not needed, most people won’t notice that their website is encrypted by Let’s encrypt. Testing the server load is also highly recommended to gauge how big the server needs to be for when traffic increases. Tools like Jmeter can be used to load test the server.

Conclusion

So if everything went well, the site should be available at the domain name you bought and you can now visit the site.

If at any stage you did not follow, or need help to get the server installed, please contact us at the usual support email.