timbyte! Setting up my first VPS

Updated June 18, 2011

The control panel

Only having one VPS I didn't see the need to pay for a third-party control panel license.  Maybe if I ever control many servers I'll want something "more".

DirectSpace's control panel allows me to

• easily see how much disk space, memory and bandwidth has been used.
• boot, shutdown, and reboot.
• reinstall the OS, change root password, login via a console, change the hostname
• view/change IP addresses
• view logs, stats
• manage backups

Note: I wasn't initially able to login via the console ("failed to read messages" error).  I had assumed I needed to use my root user or another user, rather than the console username they provide.  I then went into "Console Settings" and updated the password, and tried again using the provided username.  Logged in no problem.

DNS

I pointed my godaddy's DNS entry to the IP address DirectSpace provided, was able to ping it and ssh to it seconds later.

My OS environment

• I added my public key to root's account.
• I created a user, logged in remotely and added my public key
• In this case my user could not log in using the key.  I haven't looked into why yet.
• This is intended to be a production server so there are no compilers.

nginx

My website will be static, at least for the first several months, so I want the lightest/fastest server.  This makes sense if only to be a good VPS citizen and use as few resources as possible.

nginx requires EPEL.  I couldn't find EPEL for CentOS 5.3, but 5.4 seems to work alright:

rpm -Uvh \
http://download.fedora.redhat.com/pub/epel/5Server/x86_64/epel-release-5-4.noarch.rpm

Next comes nginx:

yum install nginx

Say "y" to import the GPG key.

Now, if you're following along on your own fresh new VPS and you were to type "nginx" right now you'd see this:

[emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use)

Turns out the Apache web server is already installed on these "unmanaged" VPS's, which I found out by doing a little netstat magic:

netstat -pant | grep 80

So I killed it and then removed it from the rc dirs:

rm /etc/rc.d/rc?.d/???httpd

I created a directory in /home/nmt (the name is not important, "nmt" happens to be the abbreviation of my new website), put an index.html file in there, and edited /etc/nginx/nginx.conf to have the / Location point to it.  Then type "nginx" and away we go.  No need to worry about firewalls or such - since it was already configured for Apache httpd, port 80 is already opened up.

Update: Noticed a few days later my website was down. The server had been rebooted twice and nginx didn't come up because the default nginx rpm installs it as K15nginx for each runlevel. I updated the chkconfig settings in /etc/rc.d/init.d/nginx to start on 3 and 5, removed the current symlinks in the rc dirs, and ran chkconfig.

# chkconfig:   35 85 15

Open Questions

There's still a lot I don't know about this machine, some questions great, some small.

• Why can I use key authentication logging in as root but not as another other user?
• How is traffic getting to port 80?  iptables is run on start up but I don't see any configuration for it.
• Can I run a port scanner against my VPS or will my provider object?
• Given it's CentOS 5.3 I'm having trouble finding rpm's for it already.  What are my options for security patches?
• Are there additional OS's available?  I haven't see anything else made available yet.
• Are there any decent wiki/faq/help pages from DirectSpace about their VPS's?

Update: I've put in a support ticket to see what other OS's are available and to find out why the server was rebooted twice today and to see if there are any rpm's I need to keep on the server (I want to remove several of the extraneous ones like the talk and finger servers, httpd, xorg).

Update: Also found I was getting an error from sudo every time I ran it:

audit_log_user_command(): Connection refused

But a simple "yum upgrade sudo" fixed that.