Edgaras profile
Edgaras Benediktavičius
Product designer and web developer

Deploy simple Node.js website or app on VPS (Hetzner)

The article is a work in progress 🚧

1. Generate SSH keys

Generating SSH key is recommended and it will be used to log in to your VPS automatically without password.

  1. Open Terminal (PowerShell on Windows).
  2. Type ssh-keygen -t ed25519 and press ENTER.
  3. It will say, “Enter file in which to save the key (/Users/yourname/.ssh/id_ed25519):”, press ENTER.
  4. When it says Enter passphrase (empty for no passphrase): press ENTER.
  5. When it says, Enter same passphrase again: press ENTER.
  6. You will need this file when creating VPS server: Your public key has been saved in ... id_ed25519.pub.
  7. The file named id_ed25519 without .pub is your private key and should be always kept private!

2. Get a VPS server

  1. Sign up Hetzner account.
  2. Log in to Hetzner Cloud.
  3. Click + New Project, give it a name and go to this new project.
  4. Click Add Server.
  5. Choose Location (the closest will be default).
  6. Choose Ubuntu image.
  7. Choose cheapest Shared vCPU for now.
  8. In Networking section, keep Public IPv4, but deselect Public IPv6.
  9. In SSH Keys section upload your public SSH key, the id_ed25519.pub file from previous step.
  10. Create volume (e.g. 10GB, least possible).
  11. Click Create & Buy now to launch your cloud server.

Log in to server

  1. Copy Public IP, this is your server address.
  2. Open your command line interface, I use Terminal on Mac.
  3. Type ssh root@PUBLIC_IP. Instead of PUBLIC_IP, paste the IP address.
  4. You might see a message saying something similar to:
The authenticity of host '12.524.412.245 (12.524.412.245)' can't be established.
ED25519 key fingerprint is SHA256:ANlLAjSsImPBhBIZA1+R28PcBzA/ufgy67rf8og.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])?

type yes and press ENTER.

Initial setup

  1. Update and upgrade system, type sudo apt update && sudo apt upgrade -y
  2. Install Nginx server type sudo apt install nginx
  3. Start and enable Nginx, type: sudo systemctl start nginx && sudo systemctl enable nginx
  4. Check Nginx status: sudo systemctl status nginx
  5. Allow firewall traffic sudo ufw allow 'Nginx Full'

Configure domain name

  1. Create a new configuration file for your domain: sudo nano /etc/nginx/sites-available/mydomain.com
  2. Add the following configuration
server {
    listen 80;
    server_name mydomain.com www.mydomain.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}
  1. Enable the configuration by creating a symlink:
sudo ln -s /etc/nginx/sites-available/mydomain.com /etc/nginx/sites-enabled/

  1. Test Nginx for syntax errors: sudo nginx -t

  2. If successful, reload Nginx: sudo systemctl reload nginx

Obtain an SSL (HTTPS) Certificate

To secure your domain with HTTPS, you can use Certbot to get a free SSL certificate:

  1. Install Certbot: sudo apt install certbot python3-certbot-nginx
  2. Obtain and configure the SSL certificate for your domain: sudo certbot --nginx -d mydomain.com -d www.mydomain.com
  3. Restart everything: sudo systemctl restart nginx