Configure .NET App for deployments (Manual + NGNIX)

A self reminder notes to configure new application (currently .NET) and using NGNIX for the reverse proxy.

NGINX

usually, the ngnix config is located at:

# default one i guess?
/etc/nginx/nginx.conf
# another one that I have encountered
/etc/nginx/sites-available/default.conf

steps to deploy:

  1. make sure you already have an app running in localhost:<port>
  2. go to the nginx config directory and edit
  3. after editing, ensure no syntax error sudo nginx -t, you will see a log: nginx: configuration file /etc/nginx/nginx.conf test is successful
  4. do nginx reload: sudo systemctl reload nginx
  5. see the status: sudo systemctl status nginx
  6. if encountered issues, see: sudo tail -f /var/log/nginx/error.log
nginx.conf examples:
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
	listen 80;
	listen [::]:80 ;
	server_name another.something.com;

location / {
		proxy_pass http://localhost:3300;
		proxy_http_version 1.1;
        proxy_set_header    Upgrade $http_upgrade;
        proxy_set_header    Connection keep-alive;
        proxy_set_header    Host $host;
        proxy_cache_bypass  $http_upgrade;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto $scheme;
        proxy_hide_header   X-Powered-By;

   		access_log /var/log/nginx/<something>.app.log;
    	error_log /var/log/nginx/<something>error.log;
    }
}
server {
	listen 80 default_server;
	listen [::]:80 default_server;

	# SSL configuration
	#
	# listen 443 ssl default_server;
	# listen [::]:443 ssl default_server;
	#
	# Note: You should disable gzip for SSL traffic.
	# See: https://bugs.debian.org/773332
	#
	# Read up on ssl_ciphers to ensure a secure configuration.
	# See: https://bugs.debian.org/765782
	#
	# Self signed certs generated by the ssl-cert package
	# Don't use them in a production server!
	#
	# include snippets/snakeoil.conf;

	#root /var/www/html;

	# Add index.php to the list if you are using PHP
	#index index.html index.htm index.nginx-debian.html;

	server_name something.someone.com;

	#location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		#try_files $uri $uri/ =404;
	#}
	location / {
			proxy_pass http://localhost:8889;
			proxy_http_version 1.1;
	        proxy_set_header    Upgrade $http_upgrade;
	        proxy_set_header    Connection keep-alive;
	        proxy_set_header    Host $host;
	        proxy_cache_bypass  $http_upgrade;
	        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
	        proxy_set_header    X-Forwarded-Proto $scheme;
	        proxy_hide_header   X-Powered-By;
	
	   		access_log /var/log/nginx/<something>.app.log;
	    	error_log /var/log/nginx/<something>.log;
	}
	location /something-api/ {
			proxy_pass http://localhost:2100/;
			proxy_http_version 1.1;
	        proxy_set_header    Upgrade $http_upgrade;
	        proxy_set_header    Connection keep-alive;
	        proxy_set_header    Host $host;
	        proxy_cache_bypass  $http_upgrade;
	        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
	        proxy_set_header    X-Forwarded-Proto $scheme;
	        proxy_hide_header   X-Powered-By;
	
	   		access_log /var/log/nginx/<something>.app.log;
	    	error_log /var/log/nginx/<something>.app.log;
	}
	location /enkripdekrip/ {
			proxy_pass http://localhost:8895;
			proxy_http_version 1.1;
	        proxy_set_header    Upgrade $http_upgrade;
	        proxy_set_header    Connection keep-alive;
	        proxy_set_header    Host $host;
	        proxy_cache_bypass  $http_upgrade;
	        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
	        proxy_set_header    X-Forwarded-Proto $scheme;
	        proxy_hide_header   X-Powered-By;
	
	   		access_log /var/log/nginx/enkripdekrip.app.log;
	    	error_log /var/log/nginx/enkripdekrip.log;
	}
	location /web-someone/ {
			proxy_pass http://localhost:8896;
			proxy_http_version 1.1;
	        proxy_set_header    Upgrade $http_upgrade;
	        proxy_set_header    Connection keep-alive;
	        proxy_set_header    Host $host;
	        proxy_cache_bypass  $http_upgrade;
	        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
	        proxy_set_header    X-Forwarded-Proto $scheme;
	        proxy_hide_header   X-Powered-By;
	
	   		access_log /var/log/nginx/<something>.app.log;
	    	error_log /var/log/nginx/<something>.log;
	}
	location /web-something/ {
			proxy_pass http://localhost:8889;
			proxy_http_version 1.1;
	        proxy_set_header    Upgrade $http_upgrade;
	        proxy_set_header    Connection keep-alive;
	        proxy_set_header    Host $host;
	        proxy_cache_bypass  $http_upgrade;
	        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
	        proxy_set_header    X-Forwarded-Proto $scheme;
	        proxy_hide_header   X-Powered-By;
	
	   		access_log /var/log/nginx/<something>.app.log;
	    	error_log /var/log/nginx/<something>.log;
	}
	location /email_notif/ {
		proxy_pass http://localhost:3400;
		proxy_http_version 1.1;
        proxy_set_header    Upgrade $http_upgrade;
        proxy_set_header    Connection keep-alive;
        proxy_set_header    Host $host;
        proxy_cache_bypass  $http_upgrade;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto $scheme;
        proxy_hide_header   X-Powered-By;

   		access_log /var/log/nginx/email_notif.app.log;
    	error_log /var/log/nginx/email_notif.log;
    }
	# pass PHP scripts to FastCGI server
	#
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#
	#	# With php-fpm (or other unix sockets):
	#	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
	#	# With php-cgi (or other tcp sockets):
	#	fastcgi_pass 127.0.0.1:9000;
	#}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	#	deny all;
	#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#	listen 80;
#	listen [::]:80;
#
#	server_name example.com;
#
#	root /var/www/example.com;
#	index index.html;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}

.NET Steps to deploy

I usually use docker for these kinds of stuff. But incase I wanna do it "the hard way", here are the steps:

  1. Develop the app as usual
  2. Finished? Publish the app
  3. Go to the published directory output (from no. 2)
  4. Export all of em (well it depends on your needs)

    for example if you already have appsettings.json in the server, and it's differ from your local one, you better not include or overwrite the file, since it contains credentials.

  5. Put it all into the server (via webmin → file manager, git, or anything that u r comfortable with)
  6. Create a new service in /etc/systemd/system/<servicename>.service (for example content of the file, see below)
  7. Restart the systemd-daemon service via sudo systemctl daemon-reload
  8. Check new created service via:
	sudo systemctl start <servicename> # starting
	sudo systemctl status <servicename> # checking
	sudo systemctl enable <servicename> # auto-start on boot
	
	# for restart
	sudo systemctl restart <servicename>
  1. Bind your running app in nginx config
Example nginx.conf
server {
    listen 80;
    server_name your_domain_or_ip;

    location / {
        proxy_pass http://localhost:<your_app_port>;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}
Example something.service
[Unit]
Description=WEB IFS
[Service]
WorkingDirectory=/var/www/webifs # the app location
ExecStart=/usr/bin/dotnet /var/www/webifs/webifs.dll # the app location (.dll or .exe)
Restart=always
RestartSec=10
SyslogIdentifier=webifs # matching
User=www-data
Environment=ASPNETCORE_ENVIRONMENT=Development # if production, set to Production
[Install]
WantedBy=multi-user.target