# Initial Network Server Setup Digital Ocean
## Redirect your DNS
* Go to your DNS Provider
* Change your nameserver (NS) to:
```
ns1.digitalocean.com
ns2.digitalocean.com
ns3.digitalocean.com
```
## Config DNS
Go to your droplet
`https://cloud.digitalocean.com/droplets`
Adding your server to networking
`Choose your server`
Click on `More`
Click on `Add a Domain`
Add the following routes
```
A www YOUR_IPV4_ADRESS
AAA @ YOUR_IPV6_ADRESS
AAA www YOUR_IPV6_ADRESS
```
## Install SSL Certificate with Certbot
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
https://certbot.eff.org/lets-encrypt/ubuntuxenial-nginx
* Run the following commands to install certbot on your Server
```
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
```
### Setting up Nginx
Access you Nginx default file
`sudo nano /etc/nginx/sites-available/default`
Change the default configuration to your domain name
`server_name YOUR_DOMAIN_NAME.COM www.YOUR_DOMAIN_NAME.COM;`
Check the sintax
`sudo nginx -t`
Reload Nginx
`sudo systemctl reload nginx`
## Install Certbot
Run the install command for certbot
`sudo certbot --nginx`
Configure Auto-Renewal
`sudo certbot renew --dry-run`
## Add CAA
Add the CAA adress to your DNS Records
`@ letsencrypt.org issue`
# Initial Firewall Server Setup Digital Ocean
Check your firewall status
`sudo ufw status`
Check your current Config
`sudo ufw app list`
You will need to enable the following services
* Allow Nginx
```
sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'
```
* Allow SSH
`sudo ufw allow OpenSSH`
# Extra
https://www.digitalocean.com/community/tutorials/ufw-essentials-common-firewall-rules-and-commands
https://pentest-tools.com/network-vulnerability-scanning/tcp-port-scanner-online-nmap
https://www.ssllabs.com/index.html
https://www.htbridge.com/ssl/