One place for hosting & domains

      How To Install and Configure Drone on Ubuntu 20.04


      The author selected the Free and Open Source Fund to receive a donation as part of the Write for DOnations program.

      Introduction

      Drone is an open-source container-native CI/CD platform written in [Go](golang.org). It works with configuration files written in YAML, JSON, JSONNet, or Starlark, which define multiple build pipelines consisting of a number of steps.

      Drone integrates with multiple source code managers. Currently, three different SCMs are supported: GitHub (cloud/enterprise), BitBucket (cloud/server), and Gitea. In general, each provider supports all Drone functionality.

      Drone also supports different runners for executing jobs. These runners are not interchangeable (except with the simplest pipelines), because their configuration formats, features, and execution environments differ. Here is a brief summary of your options:

      • First, there are the two container-based runners:
      • Second, there are two runners that run commands directly without isolation between builds or repositories:
        • The Exec runner executes commands directly on the host. This runner does not provide isolation between builds, and should only be used with trusted repositories that are not suitable for running within Docker (note that you may want to consider using privileged Docker containers before resorting to this option).
        • The SSH runner is similar to Exec, but it runs commands over SSH on a host separate from the one running the runner.
      • Third, there are two runners that execute build steps in a cloud-based virtual machine. These are suitable for workloads that need to run directly on a host, but are still isolated from each other:
        • The DigitalOcean runner creates a new Droplet for each build and runs commands within it. Note that if you only need the scaling features, you can still use the Docker runner but with the autoscaler enabled (more on this later).
        • The MacStadium runner allows you to execute builds on macOS machines in the cloud. This option is only useful for specialized workloads.

      In this tutorial, you will set up a Drone CI/CD server for source code on GitHub, add a Docker runner, use Let’s Encrypt to secure your instance, and then create a YAML pipeline. You will also encounter options to scale your runner using Drone Autoscaler and to store your logs on an S3-compatible server, such as DigitalOcean Spaces.

      Prerequisites

      Before you start this tutorial, you will need:

      Note: This tutorial will optionally configure Drone to use its Autoscaler feature with DigitalOcean, which will automatically scale your number of Droplets on an as-needed basis. If you choose this route, ensure that your account will remain within your limit. On DigitalOcean, the default limit for most users is 5 Droplets, but you can contact support and request an increase. To do so, visit your account’s Cloud Dashboard and find ACCOUNT in the left-hand menu. A sub-menu will appear; click Settings. A page will open that displays your account username and your Member since date. Beneath this date you will see a line like Droplet Limit:5 Increase. Click Increase to submit a request for more Droplets.

      Moreover, the Autoscaler path described in this tutorial will require a Personal Access Token from DigitalOcean. If you do choose to install Autoscaler, you can follow this tutorial to retrieve a token from your DigitalOcean Control Panel. Copy this key down before leaving the page; it will disappear once you leave or refresh the page and you will need to input it during Step 6.

      Lastly, if you choose not to install Drone’s Autoscaler feature, you will need at least another 2GB of RAM and 10GB of free disk space to ensure that you can run pipelines.

      • A domain (or subdomain) with an available A record pointed at your server’s IP. If you are managing your DNS on DigitalOcean then you can follow this guide to associate your IP with your domain. This tutorial will use drone.your_domain.
      • Docker set up on your server. For instructions, you can follow this tutorial on how to install and use Docker on Ubuntu 20.04.
      • You will encounter an option to store your logs on DigitalOcean Spaces. To follow this step, you will need to add a DigitalOcean Space to your account, and you will also need to generate a Spaces Access Key. Copy down your Access Key and Secret somewhere safe. Your Secret will disappear once you leave or refresh this page, and you will need to input both values wherever you see your_s3_access_key and your_s3_secret_key. Alternately, you can use a different S3-compatible service, or skip this step—Step 3—entirely. Note that skipping this step is only advisable if you are trying out Drone or if you know that your build volume will be quite low.
      • A [GitHub](github.com) account.

      Step 1 — Creating the GitHub Application

      To access code, authenticate users, and add webhooks to receive events, Drone requires an OAuth application for GitHub. For other providers, you can read Drone’s official documentation here.

      To set up an OAuth application for GitHub, log in to your GitHub account and then click on your user menu in the top-right. Click Settings, then find the Developer Settings category in the menu on the left, and then click OAuth Applications. Alternatively, you can navigate directly to Github’s Developer Settings page.

      Next, create a new application. Click on the New OAuth App button in the upper-right corner and a blank form will appear.

      Example Form

      Use Drone for your application name. Replace drone.your_domain with your own domain, add a brief explanation of your app, and then add drone.your_domain/login for your Authorization callback URL.

      Click Register application and you will see a dashboard containing information about your application. Included here are your app’s Client ID and Client Secret. Copy these two values somewhere safe; you will need to use them in the following steps wherever you see your_github_client_id and your_github_client_secret.

      With your app now registered on GitHub, you are ready to configure Drone.

      Step 2 — Creating the Drone Configuration

      Now start preparing your Docker configurations, which will build your Drone server. First, generate a shared secret to authenticate runners with the main Drone instance. Create one using the openssl command:

      openssl will generate a random 16-bit hexadecimal number. It will produce an output like this:

      Output

      918...46c74b143a1719594d010ad24

      Copy your own output to your clipboard. You will add it into the next command, where it will replace your_rpc_secret.

      Now create your Drone configuration file. Rather than continually opening and closing this configuration file, we will leverage the tee command, which will split your command’s output to your console while also appending it to Drone’s configuration file. An explanation will follow every command block in this tutorial, but you can find a detailed description of all available Drone options in their official documentation.

      Now begin building your Drone server’s configuration. Copy the following command to your terminal. Be sure to replace drone.your_domain with your domain. Also replace your_github_client_id and your_github_client_secret with your GitHub OAuth credentials, and then replace your_rpc_secret with the output from your openssl command. Lastly, replace sammy_the_shark with your GitHub username. This will grant you administrative privileges:

      • cat << 'EOF' | sudo tee /etc/drone
      • DRONE_SERVER_HOST=drone.your_domain
      • DRONE_SERVER_PROTO=https
      • DRONE_GITHUB_CLIENT_ID=your_github_client_id
      • DRONE_GITHUB_CLIENT_SECRET=your_github_client_secret
      • DRONE_RPC_SECRET=your_rpc_secret
      • DRONE_USER_CREATE=username:sammy_the_shark,admin:true
      • EOF

      This command makes use of a heredoc. A heredoc uses the << redirection operator followed by an arbitrary word, where EOF is conventionally used to represent end-of-file. It allows the user to write a multiline input, ending with the EOF or whatever word the user has chosen. The quotes around the end-of-file affect how the text is parsed with regards to variable substitution, in a similar way to how they work around literals. It is a very useful tool, which in this case you are using to create a file and then add lines to it. Here you are adding your first Drone configurations and ending them with EOF. This input is then redirected to the cat command, and the output of the cat command is then piped to the tee command via the | pipe operator. Heredocs are a great way to quickly create or append text to a file.

      Next, in order to prevent arbitrary users from logging in to your Drone server and having access to your runners, limit registration to specified usernames or organizations. If you need to add users at this time, run the following command, replacing users with a comma-separated list of GitHub usernames or organization names:

      • echo 'DRONE_USER_FILTER=users' | sudo tee -a /etc/drone

      If you are not using an external load balancer or SSL proxy, you will also need to enable Let’s Encrypt for HTTPS:

      • echo 'DRONE_TLS_AUTOCERT=true' | sudo tee -a /etc/drone

      You will note that your tee command now includes the -a switch, which instructs tee to append, and not overwrite, this output to your Drone configuration file. Let’s now set up your log storage system.

      Step 3 — Storing Build Logs Externally (Optional)

      For heavily used installations, the volume of build logs can increase quite quickly to multiple gigabytes. By default, these logs are stored in the server’s database, but for performance, scalability, and stability, consider setting up external storage for your build logs. In this step, you’ll use DigitalOcean Spaces to do just that. You are welcome to modify these steps and use another S3-compatible storage service, or none at all if you are still prototyping your CI/CD workflow, or if you know that your build volume will be very low. In those cases you may continue to Step 4 now.

      To store your logs on DigitalOcean Spaces, make sure that you have completed the necessary prerequisites and have set up a Spaces bucket and generated a matching Spaces Access Key and Secret. Copy that key to your clipboard and then update your configuration file with the following command:

      • cat << 'EOF' | sudo tee -a /etc/drone
      • DRONE_S3_ENDPOINT=your_s3_endpoint
      • DRONE_S3_BUCKET=your_s3_bucket_name
      • AWS_ACCESS_KEY_ID=your_s3_access_key
      • AWS_SECRET_ACCESS_KEY=your_s3_secret_key
      • EOF

      Remember to replace your_s3_endpoint with the URL for your Space, your_s3_bucket_name with the name of the Space you created, your_s3_access_key with your access key, and your_s3_secret_key with your secret. You can find the first two values in your Control Panel by clicking the Manage menu button, then clicking Spaces, and then choosing your new Space. You can retrieve your Spaces Access Key by clicking the Account menu button, and then clicking the API button, and then scrolling down until you find the Spaces section. If you have misplaced your secret key, then you will need to generate a new access key/secret pair.

      Your Drone configuration file is now complete. Run a cat command to view it:

      Your configuration file will look something like the following, depending on the options you chose:

      Output

      DRONE_SERVER_HOST=drone.your_domain DRONE_SERVER_PROTO=https DRONE_GITHUB_CLIENT_ID=your_github_client_id DRONE_GITHUB_CLIENT_SECRET=your_github_client_secret DRONE_RPC_SECRET=your_rpc_secret DRONE_USER_CREATE=username:sammy_the_shark,admin:true DRONE_USER_FILTER=the_shark_org DRONE_TLS_AUTOCERT=true DRONE_S3_ENDPOINT=your_s3_endpoint DRONE_S3_BUCKET=your_s3_bucket AWS_ACCESS_KEY_ID=your_s3_access_key AWS_SECRET_ACCESS_KEY=your_s3_secret_key

      Once you have confirmed that your configuration file is complete, you can start your Drone server.

      Step 4 — Installing and Starting Drone

      With your proper configurations in place, your next step is to install and start Drone.

      First, pull the Drone Server Docker image:

      • docker pull drone/drone:1

      Next, create a volume to store the SQLite database:

      • docker volume create drone-data

      Finally, start the server, set it to restart on boot, and forward port 80 and 443 to it:

      • docker run --name=drone --detach --restart=always --env-file=/etc/drone --volume=drone-data --publish=80:80 --publish=443:443 drone/drone:1

      If you followed the DigitalOcean Initial Server Setup Guide, then you will have enabled ufw and only allowed OpenSSH through your firewall. You will now need to open ports 80 and 443:

      • sudo ufw allow 80
      • sudo ufw allow 443

      Now reload ufw and check that your rules updated:

      • sudo ufw reload
      • sudo ufw status

      You will see an output like this:

      Output

      Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere 80 ALLOW Anywhere 443 ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6) 80 (v6) ALLOW Anywhere (v6) 443 (v6) ALLOW Anywhere (v6)

      At this point, you will be able to access your server, log in, and manage your repositories. Go to https://drone.your_domain, enter your GitHub credentials, and authorize your new application when prompted.

      Screenshot

      Your Drone server is now live and nearly ready for use. Configuring your Drone runner and/or the DigitalOcean Autoscaler are all that remains.

      Step 5 — Option 1: Installing the Docker Runner

      Before your server can execute jobs, you need to set up a runner.

      If you want to automatically scale the runner with DigitalOcean Droplets, skip down to Option 2: Installing the Drone Autoscaler for DigitalOcean and follow the instructions in Step 6 instead. If you want to use another runner, you can set that up instead and skip to Step 7. Otherwise, follow Option 1 and install the Docker runner.

      Option 1: Installing the Docker Runner

      First, pull the Docker image for the runner:

      • docker pull drone/drone-runner-docker:1

      Next, start the runner. Replace drone.your_domain and your_rpc_secret with your personal values. You can change the DRONE_RUNNER_CAPACITY to increase the number of pipelines that will be executed at once, but be mindful of your available system resources:

      • docker run --name drone-runner --detach --restart=always --volume=/var/run/docker.sock:/var/run/docker.sock -e DRONE_RPC_PROTO=https -e DRONE_RPC_HOST=drone.your_domain -e DRONE_RPC_SECRET=your_rpc_secret -e DRONE_RUNNER_CAPACITY=1 -e DRONE_RUNNER_NAME=${HOSTNAME} drone/drone-runner-docker:1

      Finally, ensure that the runner started successfully:

      You will see an output like this:

      Output

      time="2020-06-13T17:58:33-04:00" level=info msg="starting the server" addr=":3000" time="2020-06-13T17:58:33-04:00" level=info msg="successfully pinged the remote server" time="2020-06-13T17:58:33-04:00" level=info msg="polling the remote server" arch=amd64 capacity=1 endpoint="https://drone.your_domain" kind=pipeline os=linux type=docker

      If you ever need to change the runner configuration or secret, delete your container with docker rm drone-runner, and repeat this step. You can now proceed to Step 7 and create a basic pipeline.

      Option 2: Installing the Drone Autoscaler for DigitalOcean

      The Drone Autoscaler for DigitalOcean can automatically create and destroy Droplets with the Docker runner as needed.

      First, go to your Drone server, log in, and click on User settings in the user menu. Find and copy your Personal Token. This is your_drone_personal_token.

      User Settings

      Next, generate a new character string with the following command:

      Output

      e5cd27400...92b684526c622

      Copy the output like you did in Step 2. This new output is your drone_user_token.

      Now add a new machine user with these new credentials:

      • docker run --rm -it -e DRONE_SERVER=https://drone.your_domain -e DRONE_TOKEN=your_drone_personal_token --rm drone/cli:1 user add autoscaler --machine --admin --token=drone_user_token

      Now, if you haven’t already, you’ll need to create a DigitalOcean API Token with read/write privileges. We will refer to this as your_do_token. If you did not complete this step in the prerequisites section then you can use this guide to create one now. Keep this token very safe; it grants full access to all resources on your account.

      Finally, you can start the Drone Autoscaler. Make sure to replace all the highlighted variables with your own matching credentials:

      • docker volume create drone-autoscaler-data
      • docker run --name=drone-autoscaler --detach --restart=always --volume=drone-autoscaler-data -e DRONE_SERVER_PROTO=https -e DRONE_SERVER_HOST=drone.your_domain -e DRONE_SERVER_TOKEN=drone_user_token -e DRONE_AGENT_TOKEN=your_rpc_secret -e DRONE_POOL_MIN=0 -e DRONE_POOL_MAX=2 -e DRONE_DIGITALOCEAN_TOKEN=your_do_token -e DRONE_DIGITALOCEAN_REGION=nyc1 -e DRONE_DIGITALOCEAN_SIZE=s-2vcpu-4gb -e DRONE_DIGITALOCEAN_TAGS=drone-autoscaler,drone-agent drone/autoscaler

      You can also configure the minimum/maximum number of Droplets to create and the type/region for the Droplet. For faster build start times, set the minimum to 1 or more. Also, note that by default, the autoscaler will determine if new Droplets need to be created or destroyed every minute, and Droplets will be left running for at least 1 hour after creation before being automatically destroyed when inactive.

      Afterwards, verify that the autoscaler started correctly with:

      • docker logs drone-autoscaler

      If you decide you no longer want to use the autoscaler, delete the container with docker rm drone-autoscaler, delete the leftover Droplets (if any) from your account, and revoke the DigitalOcean API Token. You are now prepared to test your new CI/CD workflow.

      Step 6 — Creating a YAML Pipeline

      To test your new Drone installation, let’s create a YAML pipeline.

      First, create a new repository on GitHub. From your GitHub profile page click on the Repositories menu, then click the green New button at the upper right. Give your repository a name on the following page and then click the green Create repository button. Now navigate to your Drone server, press SYNC, refresh the page, and your newly created repository should appear. Press the ACTIVATE button beside it.

      Screenshot

      Afterwards, create a new file in your repo named .drone.yml. You can do this using GitHub’s UI or from the command line using git. From the GitHub UI, click on the Repositories menu, then click on your new repository, and then click the Add file dropdown menu. Choose Create new file, name the file .drone.yaml, and add the following contents:

      .drone.yml

      name: drone-test
      kind: pipeline
      type: docker
      
      steps:
      - name: test
        image: alpine
        commands:
        - echo "It worked!"
      

      If you are using the GitHub UI, press the green Commit new file button at the bottom of the page. If you are using the command line then commit and push your changes. In either case, now open and watch your Drone dashboard in a browser.

      If the build remains pending and doesn’t start, ensure that your runners are set up correctly (and that a Droplet was created if using the autoscaler). You can view the logs for the runner with docker logs drone-runner and the logs for the autoscaler with docker logs drone-autoscaler.

      If you are using the autoscaler, it may take up to a minute for the initial build to start (the last log message during that time would be starting the server).

      After the build completes, you will see the text It worked! in the logs for the test stage of the drone-test pipeline. If the logs fail to load, ensure that your S3 credentials and bucket name are correct. You can use docker logs drone to view Drone’s logs for more information.

      Screenshot

      You’ve now set up and installed a Drone server to handle your CI/CD workflow.

      Conclusion

      In this tutorial you set up the Drone CI/CD server for use with your GitHub projects and optionally set up external storage for build logs. You also set up a local runner or a service to automatically scale them using DigitalOcean Droplets.

      You can continue adding teammates and other authorized users to Drone using the process outlined in Step 2. Should you ever want to prevent any new users from signing up, run the following commands:

      • echo 'DRONE_REGISTRATION_CLOSED=true' | sudo tee -a /etc/drone
      • docker restart drone

      Drone is a very capable tool. From here, you might consider learning more about their pipeline syntax and Drone’s other functionalities, or reviewing the fundamentals of Docker.



      Source link

      How to Create a Link Building Strategy


      Your website is not an island. While creating top-quality content is important, your website’s relationship with every other site on the vast sea of the internet is just as vital. You won’t get very far if no one is linking to your pages, and you can’t expect many people to do so without some effort on your part.

      Even if you can’t force people to link to your content (and you shouldn’t because your mama taught you better than that), you can take some simple steps to encourage other sites to send visitors your way.

      All it takes to generate quality links is a little careful planning and a few proven techniques.

      In this post, we’ll talk about why you need a fully-developed link building strategy. Then we’ll explore how to create one effectively. Let’s get going!

      Got Great Content on Your Site?

      Make sure your hosting can keep up. We’ll ensure your website is fast, secure, and always up so you can focus on building links, not managing downtime. Plans start at $2.59/mo.

      What Is Link Building (And Why Does It Matter)?

      Unless your website is very unusual, it’s going to contain a lot of links. Internal links point towards other pages on your own website, while external links point away from your site to other web pages. Having plenty of both is vital for your site’s User Experience (UX) and Search Engine Optimization (SEO).

      However, there’s another kind of link that should be on your radar as a website owner.

      Backlinks are links on other web pages that point towards your website. So if someone writes an article on their news site and includes a link to one of your blog posts, that’s a backlink.

       A blog post with multiple backlinks.

      Backlinks are just as important as the links you include on your own site because:

      • Links to your site improve your visibility, helping to familiarize people with your brand.
      • They also bring new visitors to your website, including those you might not have had an easy way to reach otherwise.
      • Google and other search engines view backlinks as a positive symbol — they indicate that others find your content useful and worth linking to. Therefore, having plenty of quality links to your site (from relevant websites with high domain authority) can improve your search engine rankings.

      There’s no doubt that the more people are linking to your site, the better. However, there is one big problem when it comes to backlinks — you rarely control them. This means you’ll need to engage in some link building or take steps to increase the number of backlinks pointing your way.

      Doing that isn’t always easy.

      There’s a lot of content for people to link to and they may not even know about yours. So you’re most likely to succeed if you can put together a comprehensive, well-thought-out link building strategy.

      The Dos and Don’ts of Link Building

      In a moment, we’ll walk you through the process of putting together your link building strategy and successfully executing it. First, however, it’s important to cover some basics.

      For example, there are things you’ll want to avoid (like the plague) while conducting your link building efforts. These include:

      • Avoid paying people to include your links on their sites. That’s generally considered unethical, and if Google finds out you’re doing it, you’ll be penalized severely.
      • Don’t mislead people about your links in an effort to get them featured. This is likely to backfire on you — if people click on a link leading to your site but find out that your content isn’t relevant to them, they’re just going to leave.
      • Never spam other people’s sites with your links manually. It can be tempting to add links to your site’s content to as many other websites as possible. However, doing this too much can harm your credibility and get a lot of your links reported as spam.
      • Opt out of link directories and link exchange schemes. These are shady techniques developed to get a lot of links into the public quickly — like the above methods, they can backfire and get the attention of Google (and not in a good way).
      • Familiarize yourself with “black hat” link building techniques and don’t use them. This mostly means trying to get “hidden” links on pages by cloaking them, making them hard to see, or even hacking directly into other sites. Pretty gross, right?

      Some of these are obviously bad ideas, while others (such as link exchanges) might initially seem smart until you learn more about them. None are worth the risks involved.

      So what should you do? We’ll go into more detail shortly, but let’s lay the groundwork with these link building “dos”:

      • Encourage links from high-quality and high-ranking sites. The quality of your backlinks matters just as much to Google as the quantity. So where possible, you want to try and get backlinks from sites that are trustworthy, well-maintained, and visible.
      • Focus on relevant websites. You want to encourage new visitors likely to be interested in what your site has to offer. Backlinks on sites relevant to their needs are much more valuable than backlinks from random pages.
      • Reach out. You don’t have to simply hope for backlinks — you can actually ask for them directly, and there are several effective (and non-intrusive) ways to do so.
      • Use a variety of techniques. One link building method may not get you too far — but a combination of three or four smart techniques can make a big difference.
      • Create awesome content. Your content marketing matters! The truth is the better your content, the more likely people are to link to it, whether as a result of your efforts or simply stumbling across it.

      At this point, you’re probably wondering how to put all of this into practice. Without further ado, let’s jump into the practical portion of link building 101.

      How to Create a Successful Link Building Strategy (In 5 Steps)

      First, a caveat: Like any way of promoting your website, there is no “one right way” to do link building. Likewise, there’s no golden ticket that will get you a hundred backlinks by next Thursday (if you find one, hit us up!).

      However, you can take some basic steps that will greatly improve your chances of successfully increasing backlinks. We recommend starting with the following five steps, molding them as needed to fit your unique needs.

      Step 1: Take a Close Look at Your Target Audience

      A lot of successful link building comes down to pursuing backlinks in relevant places. This means you have to be very familiar with your target audience. If you don’t know what they care about and where they hang out, you can’t encourage links they’re likely to see.

      If you haven’t done so already, this is a perfect time to put together a target audience profile. That’s a detailed description of the visitors you’d like to attract to your website. You’ll want to research them carefully and collect information on their demographics, behaviors, interests, needs, and so on.

      Audience demographic information.

      When it comes to link building, you’ll want to pay particular attention to where your target audience spends their time online. What sites do they visit and which social media platforms do they prefer? These are the places you’ll benefit most from including in your link building strategy.

      This is also a good point to research your competitors’ backlink strategy.

      If you can, find out what kinds of sites link to your top competitors. It’s also useful to know what online places and communities your competitors are ignoring, as those can contain audiences hungry for the quality content you’re offering. That’s a link opportunity you don’t want to miss!

      Step 2: Audit Your Existing Content

      Next up, it’s time to think like a content marketer. You can’t encourage links to your site unless you know what you want people to link to. Generally, you’ll want to focus on specific content, rather than simply your home page (which can appear more spammy and less authentic).

      So this is a great time to conduct a thorough audit of your site’s existing content. While doing this, you can:

      • Look for top-quality pages and posts (or even product pages) that you think other sites would want to link to. Add these to a list as you go, so you know what represents your best content.
      • Find any content that could be great but needs a little improvement. With a few tweaks, so-so articles can become a target for a quality backlink. This means ensuring that they’re up-to-date (for example, make sure you don’t have a broken link in the text and that stats are still accurate), match your brand’s style guide, and provide value to your audience. This publication checklist is a good way to make sure you don’t miss anything.
      • Search for “gaps” you can create new content to fill. There may be information or topics that you think other sites would be happy to link to, but you haven’t written about yet. You can follow our guide to writing a blog post to get started.

      After auditing your content, the next natural step is to start improving and expanding it. Having lots of high-quality content makes link building a lot easier.

      It’s also worth noting that if you don’t have a blog on your website yet, now is the time to start one! There are few things better than a blog for generating lots of new, timely content that people will want to share with their audiences. If you’re not convinced, check out how these companies are using their blogs to increase brand awareness and build their reputations online.

      Step 3: Consider What Link Building You Can Perform Yourself

      As we mentioned earlier, most of link building involves getting other people to link to your site of their own volition. However, there is a little link building you can do on your own, without venturing into spammy territory.

      Who doesn’t love a little DIY?

      The first and most important part of this step is internal linking. You need to make sure all of your online presences are connected. This means your social media accounts should point to your site (and vice versa), and if you have more than one website, they should be interlinked as well.

      Website link on a social media profile.

      You can also include some links to your content on other people’s websites, particularly in forums and comments sections. But be careful — don’t create too many of these links and make sure they’re always highly relevant. You don’t want to be that person shilling Bitcoin on every other post.

      Your best approach is to find sites and communities your target audience is present on and engage genuinely with them. When organic link building opportunities come up and you can share a helpful link, don’t be afraid to do so. While these links are not considered as valuable by Google as a natural link created by someone not affiliated with your site, they still have an impact.

      Step 4: Start Conducting Outreach

      At this point, you’ve done a little link building of your own. You’ve also improved your site’s content marketing efforts, which will hopefully generate more links for you organically (as people stumble across and share your pages and awesome articles).

      However, the best way to build links is to ask for them.

      Yep, you can reach out to a website and simply ask them to link to your content. This is a common practice and can be very successful when approached carefully. It can even help create the foundation for mutually-beneficial relationships between you and other relevant sites.

      So, what does successful outreach look like?

      Everyone’s strategy is a little different, but the following tips and techniques are key:

      • Reach out to highly-relevant sites. This is where all your research back in Step No. 1 will come in handy. Sites that see your content and audience as relevant to them are more likely to welcome your request, rather than seeing it as intrusive.
      • Offer specific content they can link to. It’s not usually effective to just email blogs and write, “Link to my website, pretty please?” Instead, use the results of your content audit to identify specific pages and posts you’d like to share and request links to them specifically.
      • Share genuinely useful content. A link building request is obviously self-serving, but it doesn’t have to be all about you. Do some research on the site you’re reaching out to and find something you think would really be interesting or useful to its audience. Blog posts, tutorials, infographics, and videos are all great options.
      • Suggest specific places your links could be included. This shows that you’ve done your research and makes accepting the request easier on the target site. You can propose new links where none currently exist or even offer a better piece of content as a replacement for an existing link. Don’t forget to offer up some anchor text to make it even easier for the other site’s admin.

      Most importantly, remember to be polite and conduct yourself professionally. Never demand that someone include a link to your site — people who manage successful websites learned not to feed internet trolls a long time ago. Instead, create a concise and friendly message that you can send to the sites and blogs on your list and try to personalize it for each one.

      Step 5: Get Involved in Guest Blogging

      Guest blogging can be one of the most powerful tools in your link building strategy. Also called “guest posting,” it involves writing a brand-new post specifically to be featured on another website. This post can then contain one or more links back to your site and content.

      An example of a “write for us” page.

      You can often get farther with guest blogging than with simple link requests. After all, you’ll be providing content to another website for free. In return, they’ll link back to your site. This is a very attractive proposition for blogs, in particular, since they’re always in need of fresh content.

      Just like with outreach, guest blogging is most effective if you follow some simple best practices. These include:

      • Avoid sites that want you to pay them to publish your guest post. Most blogs will accept this kind of content for free, so there’s no need to pay for placement unless you’re desperate to be featured on a specific high-profile blog.
      • Check the blog to see if they have guidelines for guest bloggers. Many will have a dedicated “write for us” page that outlines their requirements, what they will and won’t accept, and so on. By carefully following these guidelines, you’ll increase your chances of getting past a busy blogger’s spam filter.
      • Do your research. Find out what the blog’s style is like and what kinds of topics they cover. This will help you come up with a topic idea that they’re more likely to accept.
      • Reach out with a proposal first. Don’t simply write up a full post and submit it — these will often be rejected and can waste a lot of your time. Instead, reach out to the blog and let them know what topic you’d like to cover, what key points you’ll include, and what link(s) you’re hoping to see.
      • Create quality, unique content. Never copy content from your own site or elsewhere (plagiarism is always a big no-no) and instead take the time to put together a unique, polished post for each blog. Also, avoid getting too “salesy” about your own website or products and focus on providing real value to the blog’s audience.

      This is the most time-intensive of our link building strategies. Still, it can pay off in increased visibility, improved authority, and links that are perfectly placed to capture your audience’s attention. Plus, you might develop mutually-beneficial relationships with some of these blogs, providing further opportunities for interlinking in the future.

      Measuring Your Link Building Efforts

      The above steps should get you well on your way to running an effective link building campaign. However, like other digital marketing tactics, it’s important to measure your effectiveness. Otherwise, you won’t know if your efforts are paying off or if your approach needs to be adjusted.

      Trying to keep tabs on your backlinks manually can be very difficult — it’s best to use an analytics tool instead. Many solutions can tell you everything you need to know about your backlinks, quickly and with minimal fuss.

      If you have a favorite analytics tool already, chances are it can help you out in this area. If not, a perfect place to start is with Google Analytics. This tool is free, accessible to beginners, and full of useful metrics and features.

      For instance, you can go to Acquisition > All Traffic > Referrals in your Google Analytics dashboard.

      Referral traffic in Google Analytics.

      Here, you’ll see data about the visitors who arrive on your site from external links — in other words, everyone who comes to your website via a backlink. This includes a summary of trends over time, as well as a detailed breakdown of all the links leading to your site and how popular they are.

      A list of referral sources.

      You can use this data to monitor the results of your backlink strategy. It’s also handy for seeing what sites are linking to yours, and which ones drive the most traffic your way. When combined with Google Analytics’ many other data points, this can even tell you how your link building strategy interacts with your other marketing and SEO efforts.

      SEO Strategy in Your Inbox

      Whether you need help choosing the right anchor text, wrangling inbound links, or understanding Google’s algorithm, we can help! Subscribe to our monthly digest so you never miss an article.

      Pass the Link Juice

      If you want to improve your website’s traffic and attract more of your target audience, link building is necessary. A complete link building strategy helps you encourage relevant sites to share your content with their audiences. It’s a method that takes a little time to master but is cheap, cost-effective, and highly-trackable.

      Of course, bringing traffic to your website is just the start. You also want those new visitors to have an excellent experience — which starts with high-quality web hosting. Fortunately, our shared website hosting can do the trick!





      Source link

      How To Set Up Mattermost on Ubuntu 18.04


      The author selected the Free and Open Source Fund to receive a donation as part of the Write for DOnations program.

      Introduction

      Mattermost is an open source collaboration and messaging platform created with security and configurability in mind providing comparable functionality to Discord or Slack. It offers group, threaded and one-to-one messaging, unlimited search history and file sharing capabilities, two-factor authorization and notifications. Mattermost also provides webhooks and bot integration for further customization. It’s accessible from every type of modern device due to its responsive web interface and dedicated mobile apps.

      In this tutorial, you will set up the Mattermost Team Edition on your Ubuntu 18.04 server. First, you’ll install it and expose it at your domain, secured with a free Let’s Encrypt TLS certificate. Then, you’ll enable email notifications, customize branding, and create your messaging board (called a team in Mattermost).

      Prerequisites

      Note: For your Postfix SMTP server to work correctly, the PTR records of your server must match your_domain. You can verify the server’s hostname by typing hostname at the command prompt. The output should match the name you gave your server when you created it.

      Step 1 — Installing Mattermost

      In this section, you will set up Mattermost on your server. This entails downloading the latest version, configuring it to use the MariaDB database, and creating a systemd service that will keep Mattermost always running in the background.

      Downloading Mattermost

      You’ll store all data pertaining to the Mattermost installation in a folder named ~/mattermost. Create it by running the following command:

      Navigate to it:

      You’ll need to head over to the Mattermost download page on the official website and copy the link for the latest release. At the time of writing, the latest version was 5.24.2. Download it using wget with the following command:

      • wget https://releases.mattermost.com/5.24.2/mattermost-5.24.2-linux-amd64.tar.gz

      Then, unpack the archive by running:

      This command will unpack all archive files in the directory whose names starts with mattermost.

      You’ll get a folder named exactly as the original file you downloaded, which contains the Mattermost binaries. Copy it to /opt so you’ll be able to access it system wide by running:

      • sudo cp -r mattermost /opt

      Then, create a folder for Mattermost, where it will store user data:

      • sudo mkdir /opt/mattermost/data

      Note: Mattermost will store files and images you and your team will share in this directory, so make sure you’ve got plenty of free space on the drive where it’s located.

      Next, create a user and group for Mattermost:

      • sudo useradd --system --user-group mattermost

      Then, make the newly made user and its group own the data folder:

      • sudo chown -R mattermost:mattermost /opt/mattermost

      This is done so that in the event of a breach, the attacker will be confined to the Mattermost directory and won’t be able to easily gain access to the rest of the system.

      Finally, make the /opt/mattermost directory writable by groups:

      • sudo chmod -R g+w /opt/mattermost

      Now that Mattermost binaries are in place with secured permissions, let’s set up a database for it.

      Setting Up the Database

      Start off by entering the MariaDB prompt by running:

      Create a database user called mmuser by running the following command, replacing your_mmuser_password with a password of your choice:

      • CREATE USER 'mmuser'@'%' IDENTIFIED BY 'your_mmuser_password';

      Then, create a database for Mattermost:

      • CREATE DATABASE mattermost;

      To let mmuser access the mattermost database, grant it access privileges by running:

      • GRANT ALL PRIVILEGES ON mattermost.* TO 'mmuser'@'%';

      Then, reload the grant tables to immediately apply the changes:

      When you’re done, exit the prompt:

      With the database and an accompanying user created, you’ll now edit the main Mattermost configuration file and set the correct database connection string.

      Open it for editing:

      • sudo nano /opt/mattermost/config/config.json

      Find the lines that look like the following:

      /opt/mattermost/config/config.json

      . . .
      "DriverName": "..."
      "DataSource": "..."
      . . .
      

      Modify them to as shown here, replacing your_mmuser_password with the password you set for the mmuser database account:

      /opt/mattermost/config/config.json

      "DriverName": "mysql"
      "DataSource": "mmuser:your_mmuser_password@tcp(localhost:3306)/mattermost?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"
      

      Save and close the file when you’re done.

      You’ve now configured Mattermost to use the newly created database where it will store users, teams, and messages. Now you’re ready to move on to creating a systemd service for it.

      Creating a systemd Service

      Running Mattermost as a service using systemd ensures that it will be running in the background at all times.

      You’ll store the service configuration in a file named mattermost.service, in the /lib/systemd/system directory, where systemd stores its services. Create it using your text editor:

      • sudo nano /lib/systemd/system/mattermost.service

      Add the following lines:

      /lib/systemd/system/mattermost.service

      [Unit]
      Description=Mattermost
      After=network.target
      After=mysql.service
      Requires=mysql.service
      
      [Service]
      Type=notify
      User=mattermost
      Group=mattermost
      ExecStart=/opt/mattermost/bin/mattermost
      TimeoutStartSec=3600
      Restart=always
      RestartSec=10
      WorkingDirectory=/opt/mattermost
      LimitNOFILE=49152
      
      [Install]
      WantedBy=mysql.service
      

      Here you first specify the description of the service. Then, you state that the mysql service must be started before the Mattermost service since the Mattermost service needs MariaDB running to work. After the [Unit] section, you define the type of the service. notify means that the process will inform systemd that it’s loaded. You provide the command that will be executed and set the restart policy to always. You also define the working directory for the process and which user and group it should run as.

      In the [Install] section, you specify the database service as the value for the WantedBy parameter to ensure that Mattermost restarts together with the database. Omitting this setting may pose a problem when the database is automatically updated, because Mattermost may stop working if not restarted.

      Save and close the file, then reload all services by running the following command:

      • sudo systemctl daemon-reload

      Check that it’s loaded correctly:

      • sudo systemctl status mattermost

      You’ll see the following output:

      Output

      ● mattermost.service - Mattermost Loaded: loaded (/lib/systemd/system/mattermost.service; disabled; vendor preset: enabled) Active: inactive (dead)

      If systemd reports an error, double-check the file name of the service file, its location, and the validity of its contents.

      Then, enable the Mattermost service by running:

      • sudo systemctl enable mattermost

      In this step, you have downloaded Mattermost, configured it to use the MariaDB database, and created a systemd service for it. In the next step, you’ll expose it at your domain.

      Step 2 — Exposing Mattermost at Your Domain

      In this section, you will configure Nginx as a reverse proxy server for Mattermost.

      Before configuring Nginx, you’ll need to specify your domain in the main Mattermost config file. Open it for editing:

      • sudo nano /opt/mattermost/config/config.json

      Find the line that looks like the following:

      /opt/mattermost/config/config.json

      . . .
      "SiteURL": ""
      . . .
      

      Insert the name of your domain in the quotes:

      /opt/mattermost/config/config.json

      ...
      "SiteURL": "http://mattermost.your-domain"
      ...
      

      Save and close the file.

      As you have learned in the Nginx prerequisite step, its site configuration files are stored under /etc/nginx/sites-available and must later be symlinked to /etc/nginx/sites-enabled to become active.

      You’ll store the configuration for exposing Mattermost at your domain in a file named mattermost.conf, under /etc/nginx/sites-available. Create it using your editor:

      • sudo nano /etc/nginx/sites-available/mattermost.conf

      Add the following lines:

      /etc/nginx/sites-available/mattermost.conf

      upstream backend {
         server localhost:8065;
         keepalive 32;
      }
      
      proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;
      
      server {
         listen 80;
         server_name mattermost.your_domain;
      
         location ~ /api/v[0-9]+/(users/)?websocket$ {
             proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "upgrade";
             client_max_body_size 50M;
             proxy_set_header Host $http_host;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Forwarded-Proto $scheme;
             proxy_set_header X-Frame-Options SAMEORIGIN;
             proxy_buffers 256 16k;
             proxy_buffer_size 16k;
             client_body_timeout 60;
             send_timeout 300;
             lingering_timeout 5;
             proxy_connect_timeout 90;
             proxy_send_timeout 300;
             proxy_read_timeout 90s;
             proxy_pass http://backend;
         }
      
         location / {
             client_max_body_size 50M;
             proxy_set_header Connection "";
             proxy_set_header Host $http_host;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Forwarded-Proto $scheme;
             proxy_set_header X-Frame-Options SAMEORIGIN;
             proxy_buffers 256 16k;
             proxy_buffer_size 16k;
             proxy_read_timeout 600s;
             proxy_cache mattermost_cache;
             proxy_cache_revalidate on;
             proxy_cache_min_uses 2;
             proxy_cache_use_stale timeout;
             proxy_cache_lock on;
             proxy_http_version 1.1;
             proxy_pass http://backend;
         }
      }
      

      Replace mattermost.your-domain with your desired domain, then save and close the file.

      In this file, you define that Nginx should listen to HTTP port 80. Then, you specify a server_name that tells Nginx for which domain to accept requests and apply this particular configuration. The next two blocks further configure the proxy connections, so that Mattermost will work correctly.

      To make this site configuration active, you will need to create a symlink to it in the /etc/nginx/sites-enabled folder by running:

      • sudo ln -s /etc/nginx/sites-available/mattermost.conf /etc/nginx/sites-enabled/mattermost.conf

      To test the validity of the configuration, run the following command:

      You’ll see the following output:

      Output

      nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

      For the configuration to take effect, you’ll need to restart Nginx:

      • sudo systemctl restart nginx

      Then, start the Mattermost service by running:

      • sudo systemctl start mattermost

      When this command finishes, try navigating to your domain in your browser. You should see a page asking you to sign up:

      Mattermost - Sign up prompt

      You now have your Mattermost installation available and accessible at your domain. In the next step, you’ll secure it by applying a free Let’s Encrypt TLS certificate.

      Step 3 — Securing Your Domain

      In this section, you will secure your domain using a Let’s Encrypt TLS certificate, which you’ll provision using Certbot.

      You should have already installed Certbot as part of the prerequisites, so you’ll only need to install its Nginx plugin by running:

      • sudo apt install python3-certbot-nginx

      Also as part of the prerequisites, you enabled ufw (Uncomplicated Firewall) and configured it to allow unencrypted HTTP traffic. To be able to access the secured site, you’ll need to configure it to accept encrypted traffic by running the following command:

      The output will be:

      Output

      Rule added Rule added (v6)

      Similarly to Nginx, you’ll need to reload it for the configuration to take effect:

      The output will show:

      Output

      Firewall reloaded

      To request certificates for your domain, run the following command:

      • sudo certbot --nginx -d mattermost.your-domain

      In this command, you run certbot to request certificates for your domain—you pass the domain name with the -d parameter. The --nginx flag tells it to automatically change Nginx site configuration to support HTTPS. Remember to replace mattermost.your-domain with your domain name.

      If this is your first time running Certbot, you’ll be asked to provide an email address for urgent notices and to accept the EFF’s Terms of Service. Certbot will then request certificates for your domain from Let’s Encrypt. It will then ask you if you’d like to redirect all HTTP traffic to HTTPS:

      Output

      Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel):

      It is recommended to select the second option in order to maximize security. After you input your selection, press ENTER.

      Your output will be similar to this:

      Output

      IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/mattermost.your-domain/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/mattermost.your-domain/privkey.pem Your cert will expire on 2020-09-28. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le

      This means that Certbot has successfully generated TLS certificates and applied them to the Nginx configuration for your domain.

      Since your domain can now be accessed using HTTPS, you’ll need to correct the URL of your domain in the main Mattermost config file. Open it for editing:

      • sudo nano /opt/mattermost/config/config.json

      Once more, find the line that looks like this:

      /opt/mattermost/config/config.json

      . . .
      "SiteURL": "http://mattermost.your-domain"
      . . .
      

      Change http to https:

      /opt/mattermost/config/config.json

      . . .
      "SiteURL": "https://mattermost.your-domain"
      . . .
      

      That is all you need to edit, so save and close the file.

      Restart Mattermost by running:

      • sudo systemctl restart mattermost

      You can now reload your Mattermost domain in your browser and observe a padlock to the left of the site address, which means that you have properly secured your connection.

      Now that your TLS certificates are configured successfully and your domain is accessible through a secure connection, you’re ready to configure Mattermost.

      Step 4 — Setting up Mattermost

      In this section, you’ll create your team in Mattermost, set up email notifications, and change server branding.

      When you access Mattermost for the first time, you need to create an account with admin privileges to your server. If you already have an account, you can log in instead. Once you’re logged in, you’ll see a page telling you that there are no teams you can join.

      To remedy this, select Create a team. You’ll see a page asking you to name your team (for instance, Sammy):

      Mattermost - Creating a Team

      Enter a name of your choice and click Next. It’ll then ask you to define a web address for your team, at your domain, which will be the access point for your team in Mattermost:

      Mattermost - Team URL

      You can leave the URL unchanged. Once you’re done, click Finish. Mattermost will create your team and after you skip the tutorial, you’ll see the main interface, where you’ll spend most of your time communicating:

      Mattermost - Main Interface

      The interface will be explained in detail in the next step. To access settings, click on your username in the upper left corner and then System Console. You’ll be able to access this option only if you are an admin user.

      Mattermost - Selecting System Console

      On the left side is a menu providing access to sections of Mattermost configuration. You’ll first set up email notifications, so click the SMTP option, which can be found under Environment:

      Mattermost - SMTP Section

      To connect to the Postfix server you installed as part of the prerequisites, type in localhost as the SMTP Server, and 25 as the SMTP Server Port. Click the blue Save button when you’re done and then press the Test Connection button located further down. You’ll receive a message in a green box saying No errors were reported while sending an email. Please check your inbox to make sure.

      Mattermost - SMTP Verification Successful

      You can now check the inbox of the email you signed up with. You’ll find a message from Mattermost, saying that the email settings are set up correctly. If you don’t receive it, check your spam folder. In case you received an error from Mattermost, double-check what you entered, and if required, go through the prerequisite tutorial once again.

      Now that you’ve verified that emails are working, you need to enable email notifications by selecting Notifications underneath Site Configuration in the menu. Set the Enable Email Notifications setting to true and set the Notification From Address to an email address of your choice, such as mattermost@your_domain.

      Because it does not need to actually exist, and will not be monitored, type in no-reply as the Notification Display Name, which is the sender’s name that will show in the email client. You can optionally Enable Email Batching to compress multiple unread messages into one email to reduce the overall number of emails that you send to members of your team. Click Save when you’re done modifying the settings.

      You’ve globally enabled email notifications, and you can now optionally change the server branding by selecting the Customization option below Site Configuration. Here you can set the Site Name and Site Description, as well as upload a custom brand image and text.

      You can exit the System Console by clicking on your username in the upper left corner and selecting the first option from the dropdown menu.

      You’ve created your team in Mattermost and set up email notifications, so you’ll be kept informed about new discussions occurring in your team.

      Conclusion

      You now have your own scalable, self-hosted messaging platform, that you and your team can use to collaborate across all devices. You will now be able to communicate more efficiently, share files, and search across messages and channels with ease.

      Mattermost does not provide video and audio meeting features. To set up video conferencing, check out our tutorial on Jitsi Meet, an open source application that provides encrypted multi-person conference rooms.

      If you’d like to learn more about using the Mattermost user interface, visit the official documentation.



      Source link