ScriptCode: julio 2020

jueves, 9 de julio de 2020

Backup MongoDB

======================================

# Habilitar images

sudo cp -r <ruta_del_backend/avatars> <ruta_path_del_servidor/nombre_del_directorio>

======================================

# vps

sudo cp -r /home/dev/Desktop/code/nutribo_backend/avatars /root/img_nutribo_db3

# local

sudo cp -r /home/dev/Desktop/code/nutribo_backend/avatars /home/dev/img_dev_nutribo_db3

======================================

=====================================

# Backup a base de datos

mongorestore --drop -d <nombre-base-datos> <dirección-donde-está-el-respaldo>

===================================

# Crear backup del Servidor VPS

mongodump --db nutribo_db3 --out /var/www/root/api/nutribo_backend/db

# Restaurar backup al Servidor Local

mongorestore --drop -d dev_nutribo_db3 /home/dev/Desktop/code/nutribo_backend/db/nutribo_db3

===

# Crear backup del Servidor LOCAL

mongodump --db dev_nutribo_db3 --out /home/dev/Desktop/code/nutribo_backend/db

# Restaurar backup al Local

mongorestore --drop -d nutribo_db3 /var/www/root/api/nutribo_backend/db/dev_nutribo_db3

# https://sebmaldo.com/2015/07/24/restaurar-una-base-mongodb/

# https://parzibyte.me/blog/2018/03/07/respaldar-base-datos-mongodb/

En caso de que no este por comando mongo si no por ejecutable hacer esto:

Para restaurar bd

> </c/'programs files'/mongo/serv/bin/mongorestore> --drop -d dev_nutribo_db3 /home/dev/Desktop/code/nutribo_backend/db/nutribo_db3

Domain + SSL - Ya con servidor

============ HABILITAR DOMINIO BASICO (SIN SSL)

--- Config del servidor web

> cd /etc/nginx/sites-available/

> sudo cp default ecommerce.snew-app.com

> sudo nano ecommerce.snew-app.com

< cambiar el root: del directorio del proyecto

añadir el server_name: dominio.com >

> Ctrl+O + Enter + Ctrl+X ---gurardar

> cd /var/www/

NOTA: SE DEBE CREAR LA CARPETA DE LA WEB CON EL MISMO NOMBRE DEL DOMINIO PARA NO TENER PROBLEMAS EN RENOVAR CERTIFICADO

> sudo mkdir ecommerce.snew-app.com

> sudo nano ecommerce.snew-app.com/index.html

< Hello world !!! >

> Ctrl+O + Enter + Ctrl+X ---gurardar

> sudo nginx -t

> sudo ln -s /etc/nginx/sites-available/ecommerce.snew-app.com /etc/nginx/sites-enabled/

> sudo nginx -t

> sudo systemctl reload nginx.service

============== Agregar dominios y subdominios al VPS

seccion(s1-s3) min:35

6. agregar dominios al VPS

a. ir a networking >> add domain

b. Create new record de tipo A

HOSTNAME = @

WILL DIRECT TO = seleccionar tu droplet

TTL (SECONDS) = 3600

y create record

6.1 crear subdominios al vps

(api,blog,assets)

a. Create new record de tipo CNAME

HOSTNAME = api (nombre subdominio)

IS AN ALIAS OF = @

TTL (SECONDS) = 3600

y create record

6.2 configurar los DNS de los dominios

en namecheap ir a Custom DNS

ns1.digitalocean.com

ns2.digitalocean.com

ns3.digitalocean.com

ns4.digitalocean.com

========================== Let'sEncrypt SSL

"SOLO REEMPLAZAR EL DOMINIO, en este caso: ecommerce.snew-app.com"

el path:/var/www/ecommerce.snew-app.com/www/ <- debe ser donde esta el index.html (caso ionic)

sudo acme.sh --issue -d ecommerce.snew-app.com -w /var/www/ecommerce.snew-app.com/ --force

sudo mkdir /etc/nginx/certs/ecommerce.snew-app.com

sudo acme.sh --install-cert -d ecommerce.snew-app.com --key-file /etc/nginx/certs/ecommerce.snew-app.com/key.pem --fullchain-file /etc/nginx/certs/ecommerce.snew-app.com/fullchain.pem --ca-file /etc/nginx/certs/ecommerce.snew-app.com/ca.pem --reloadcmd "systemctl force-reload nginx.service" --force

======================== CONFIGURACION SITES-AVAILABLED DE NGINX

"SOLO REEMPLAZAR EL DOMINIO, en este caso: ecommerce.snew-app.com"

contrl + k : para borrar una linea en la terminal

server {

listen 80;

listen [::]:80;

server_name ecommerce.snew-app.com;

return 301 https://ecommerce.snew-app.com$request_uri;

# return 404;

}

server {

listen 443 ssl http2;

listen [::]:443 ssl http2;

ssl_certificate /etc/nginx/certs/ecommerce.snew-app.com/fullchain.pem;

ssl_certificate_key /etc/nginx/certs/ecommerce.snew-app.com/key.pem;

ssl_session_timeout 1d;

ssl_session_cache shared:MozSSL:10m; # about 40000 sessions

ssl_session_tickets off;

# modern configuration

ssl_protocols TLSv1.3;

ssl_prefer_server_ciphers off;

# Security setting

# Avoiding iFrames from other origins

add_header X-Frame-Options SAMEORIGIN;

# Avoiding MIME type sniffing

add_header X-Content-Type-Options nosniff;

# Avoiding XSS attacks

add_header X-XSS-Protection "1;mode=block";

# HSTS (ngx_http_headers_module is required) (63072000 seconds)

add_header Strict-Transport-Security "max-age=63072000" always;

# OCSP stapling

ssl_stapling on;

ssl_stapling_verify on;

# verify chain of trust of OCSP response using Root CA and Intermediate certs

ssl_trusted_certificate /etc/nginx/certs/ecommerce.snew-app.com/ca.pem;

# SSL configuration

# listen 443 ssl default_server;

# listen [::]:443 ssl default_server;

# Note: You should disable gzip for SSL traffic.

# See: https://bugs.debian.org/773332

# Self signed certs generated by the ssl-cert package

# Don't use them in a production server!

# include snippets/snakeoil.conf;

root /var/www/ecommerce.snew-app.com;

# Add index.php to the list if you are using PHP

index index.php index.html;

server_name ecommerce.snew-app.com;

location / {

# First attempt to serve request as file, then

# as directory, then fall back to displaying a 404.

try_files $uri $uri/ /index.html;

# try_files $uri $uri/ /index.php?$query_string; (para php)

}

# pass PHP scripts to FastCGI server

location ~ \.php$ {

include snippets/fastcgi-php.conf;

# With php-fpm (or other unix sockets):

fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;

}

# deny access to .htaccess files, if Apache's document root

# concurs with nginx's one

location ~ /\.ht {

deny all;

}

# deny access to .git files

location ~ /\.git {

deny all;

}

========== OK - REINICIAR SERVIDOR WEB

> sudo nginx -t

> sudo systemctl reload nginx.service

NOTA: SE DEBE CREAR LA CARPETA DE LA WEB CON EL MISMO NOMBRE DEL DOMINIO PARA NO TENER PROBLEMAS EN RENOVAR CERTIFICADO

sudo ln -s ~/code/fullpizzas_com/* /var/www/fullpizzas.sandwichescriollos.com

CMD - LINUX

-------- Agregar o eliminar un usario

> sudo adduser prueba

> sudo deluser prueba --remove-home --remove-all-file

-- Agregar usuario al grupo de administradores

> adduser snewapp sudo

--- Dar permiso a una carpeta

> sudo chown -R prueba:<grupoOpcional> blog.snew-app.com/

--- Eliminar todos los archivos de una carpeta

> sudo rm *

> sudo rm -r vendor/ -- Eliminar carpeta

> sudo mkdir nmCarpeta --crear carpeta

miércoles, 8 de julio de 2020

CMD FIREWAL - UFW

INSTALACIÓN:

--- Firewall para desactivar los puertos

> permitir conexiones ssh

> ssh snewapp_snew_vps

> sudo ufw status

> sudo ufw app list

> sudo ufw allow "OpenSSH"

> sudo ufw enable

> sudo ufw status verbose

> sudo ufw --help

habilitar puertos:

> sudo ufw allow 27017/tcp (mongodb)

> sudo ufw allow 3306/tcp (mysql)

> sudo ufw allow 9000:9999/tcp (rango)

> sudo ufw status verbose

viernes, 3 de julio de 2020

CSS - Centrar contenido

#container {

  text-align: center;

  position: absolute;

  left: 0;

  right: 0;

  top: 50%;

  transform: translateY(-50%);

}

#container strong {

  font-size: 34px;

  line-height: 60px;

}

#container p {

  font-size: 20px;

  line-height: 35px;

  color: #8c8c8c;

  margin: 0;

}

#container a {

  text-decoration: none;

}

--------------------------------------

  <div id="container">

    <strong>Project</strong>

    <p>1. <a target="_blank" rel="noopener noreferrer" 

   href="https://nutribol.snew-app.com">Nutriboliva.com</a> Ionic 5 </p>   

  </div>