Chapter 1: Setup VPS & SSH Access
Di chapter ini kita akan setup VPS dan akses SSH untuk remote ke server.
Pilih VPS Provider
Beberapa provider yang recommended:
1. DigitalOcean (Recommended untuk pemula)
- ✅ UI/UX yang bagus
- ✅ Dokumentasi lengkap
- ✅ Starting $6/month
- Link: digitalocean.com
2. Linode
- ✅ Reliable dan fast
- ✅ Starting $5/month
- Link: linode.com
3. Vultr
- ✅ Banyak lokasi server
- ✅ Starting $6/month
- Link: vultr.com
4. AWS EC2
- ✅ Free tier available (12 bulan)
- ⚠️ Lebih kompleks setup-nya
- Link: aws.amazon.com/ec2
Create VPS Droplet/Instance
Saya akan pakai contoh DigitalOcean, tapi prosesnya mirip untuk provider lain.
Step 1: Create Droplet
- Login ke DigitalOcean dashboard
- Click “Create” → “Droplets”
Step 2: Choose Configuration
Image: Ubuntu 22.04 LTS x64
- Pilih LTS (Long Term Support) untuk stability
Plan:
- Basic
- Regular CPU
- $6/mo - 1GB RAM, 1 vCPU, 25GB SSD
- Cukup untuk static site dengan traffic moderate
Datacenter Region:
- Pilih yang paling dekat dengan target audience
- Singapore (untuk Indonesia/Asia)
- Frankfurt/London (untuk Europe)
- New York/San Francisco (untuk US)
Authentication:
- Pilih SSH Key (lebih secure) atau
- Password (lebih simple tapi kurang secure)
Step 3: Generate SSH Key (Recommended)
Di komputer lokal Anda:
Mac/Linux:
# Generate SSH key
ssh-keygen -t rsa -b 4096 -C "your-email@example.com"
# Default location: ~/.ssh/id_rsa
# Tekan Enter untuk accept default location
# Bisa set passphrase atau kosongkan
# Copy public key
cat ~/.ssh/id_rsa.pub
Windows (PowerShell):
# Generate SSH key
ssh-keygen -t rsa -b 4096 -C "your-email@example.com"
# Default location: C:\Users\YourName\.ssh\id_rsa
# Copy public key
type C:\Users\YourName\.ssh\id_rsa.pub
Copy output (dimulai dengan ssh-rsa ...) dan paste ke DigitalOcean SSH Key form.
Step 4: Finalize & Create
- Hostname: Kasih nama (e.g.,
portfolio-server) - Click “Create Droplet”
- Tunggu 1-2 menit
Connect via SSH
Setelah droplet created, Anda akan dapat IP Address (e.g., 139.59.123.45).
Connect to Server
Mac/Linux:
ssh root@YOUR_SERVER_IP
# Contoh:
ssh root@139.59.123.45
Windows (PowerShell atau CMD):
ssh root@YOUR_SERVER_IP
Atau pakai PuTTY (Windows):
- Download PuTTY
- Host Name:
root@YOUR_SERVER_IP - Port: 22
- Connection Type: SSH
- Click Open
First Login
Pertama kali login, akan muncul:
The authenticity of host '139.59.123.45' can't be established.
Are you sure you want to continue connecting (yes/no)?
Ketik: yes dan Enter.
Anda sekarang sudah masuk ke server! 🎉
root@portfolio-server:~#
Initial Server Setup
1. Update System
# Update package list
apt update
# Upgrade packages
apt upgrade -y
# Install essential tools
apt install -y curl wget git ufw
2. Create New User (Security Best Practice)
Jangan pakai root terus! Buat user baru:
# Create new user
adduser deploy
# Output:
# Enter password: [set password]
# Re-enter password: [confirm]
# Full Name: [Enter atau isi]
# ... [Enter untuk skip yang lain]
# Add user to sudo group
usermod -aG sudo deploy
# Switch to new user
su - deploy
# Test sudo access
sudo ls /root
# Enter password deploy user
3. Setup SSH for New User
# Still as deploy user
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# Copy SSH key dari root
sudo cp /root/.ssh/authorized_keys ~/.ssh/
sudo chown deploy:deploy ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
4. Test SSH dengan User Baru
Di terminal baru (jangan logout dari yang lama dulu):
ssh deploy@YOUR_SERVER_IP
Kalau berhasil login, logout dari terminal root:
# Di terminal root
exit
Sekarang selalu pakai user deploy untuk login!
Setup Firewall (UFW)
# Allow SSH (port 22)
sudo ufw allow OpenSSH
# Allow HTTP (port 80)
sudo ufw allow 'Nginx HTTP'
# Allow HTTPS (port 443)
sudo ufw allow 'Nginx HTTPS'
# Enable firewall
sudo ufw enable
# Check status
sudo ufw status
Output:
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
Nginx HTTPS ALLOW Anywhere
Verify Server Info
# Check OS version
lsb_release -a
# Check memory
free -h
# Check disk space
df -h
# Check CPU
lscpu
Troubleshooting
SSH Connection Refused
Problem: Connection refused atau timeout
Solusi:
- Pastikan IP address benar
- Check firewall rules di VPS provider dashboard
- Pastikan port 22 open
- Coba restart SSH service:
sudo systemctl restart ssh
Permission Denied (publickey)
Problem: Permission denied (publickey)
Solusi:
- Pastikan SSH key sudah di-add ke server
- Check permission:
chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys - Verify key:
cat ~/.ssh/authorized_keys
Forgot Root Password
Solusi:
- Pakai VPS provider console (DigitalOcean punya “Access” → “Console”)
- Atau rebuild droplet (data akan hilang!)
Security Best Practices
✅ Selalu gunakan SSH key, bukan password ✅ Jangan login sebagai root ✅ Enable UFW firewall ✅ Update system regularly ✅ Change default SSH port (optional tapi recommended)
Untuk change SSH port:
sudo nano /etc/ssh/sshd_config
# Ubah line:
# Port 22
# menjadi:
# Port 2222 (atau port lain 1024-65535)
# Save & restart SSH
sudo systemctl restart ssh
# Update UFW
sudo ufw allow 2222/tcp
sudo ufw delete allow OpenSSH
Kesimpulan
Sekarang Anda sudah punya:
✅ VPS server yang running ✅ SSH access yang secure ✅ User dengan sudo privileges ✅ Firewall yang configured ✅ Server yang updated
Di chapter selanjutnya, kita akan install dan configure Nginx!