Programming

Easy to Install Code-Server on Ubuntu 20.04

In this article, we’ll guide you to install Code-Server on Ubuntu 20.04.

Code-server is an open-source server application that serves VS Code on any machine anywhere and access it in the browser. It allows leveraging powerful cloud servers to speed-up compilations and tests, and to save battery when on the go.

Prerequisites

  • A Ubuntu 20.04 installed VPS with min. recommended: 4GB RAM, 2 vCPU.
  • A valid domain name pointing to the VPS.
  • A root user access or normal user with administrative privileges.

Install Code-Server on Ubuntu 20.04

1. Update the server

Keep the server up to date.

# apt update -y

# apt upgrade -y

2. Install Code-Server

Download code-server from the official repository using following command:

# cd /home
# wget https://github.com/cdr/code-server/releases/download/2.1688-vsc1.39.2/code-server2.1688-vsc1.39.2-linux-x86_64.tar.gz

Extract tar file and rename with the code-server using following command:

# tar -xvzf code-server2.1688-vsc1.39.2-linux-x86_64.tar.gz && rm code-server2.1688-vsc1.39.2-linux-x86_64.tar.gz
# mv code-server2.1688-vsc1.39.2-linux-x86_64 code-server

Make the code-server binary executable.

cd code-server
chmod +x code-server

Run code-server.

./code-server –port 8000

Open your computer browser and navigate to http://YOUR_IP_ADDRESS:8000. You will be prompted for a password. Use the password displayed in the SSH terminal. The Visual Studio Code interface will open up. To stop the server, press CTRL + C in the SSH terminal.

3. Create a System Startup Service

We can create a service using Linux’s systemd service manager. Follow these steps:

Create a new file by name code-server.service using following command:

# vi /lib/systemd/system/code-server.service

Copy and paste following content and replace <password> with the password you want to set. This will be the password you will use to login to code-server.

[Unit] Description=Code Server Service
After=network.target 

[Service] Type=simple
Restart=on-failure
RestartSec=10
WorkingDirectory=/home/code-server
Environment=”PASSWORD=<password>”
ExecStart=/home/code-server/code-server –port 8000
StandardOutput=file:/var/log/code-server-output.log
StandardError=file:/var/log/code-server-error.log 

[Install] WantedBy=multi-user.target 

Save and close the file.

Now, start and enable the code-server.service using following commands:

# systemctl start code-server

# systemctl enable code-server

Open your computer browser and navigate to http://YOUR_IP_ADDRESS:8000. You will be prompted for a password. Use the password you have mentioned in the code-server.service file.

4. Install and Configure Nginx (Optional)

In order to access the installation over a domain name and to add an SSL certificate, it is recommended to setup a reverse proxy. For this demonstration purpose, we are using Nginx web server as a reverse proxy.

To install Nginx use following command:

# apt-get install nginx -y

Disable the default Nginx site configuration file.

# rm /etc/nginx/sites-enabled/default

Create a new Nginx site configuration file for code-server.

# vi /etc/nginx/sites-available/code-server

Paste the following snippet into the file, replacing example.com with your own domain name.

server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
location / {
proxy_pass http://localhost:8000/;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

Enable the configuration and restart the Nginx web server.

# ln -s /etc/nginx/sites-available/code-server /etc/nginx/sites-enabled/

Test the Nginx configuration file.

# nginx -t

If no error occur, restart nginx service.

# systemctl restart nginx

If you are using UFW as a firewall, allow SSH and Nginx connections through the firewall, and enable the firewall. This will ensure that the code-server installation is only accessible through the Nginx reverse proxy.

# ufw allow ssh
# ufw allow ‘Nginx Full’
# ufw enable

Navigate to your domain name to test the installation.

5. Install Let’s Encrypt SSL

Keep the connection secure between server and end-user, it is highly recommended to install SSL certificate. Let’s Encrypt is a free SSL certificate which is come with 90 days validity and it will be renewed for every 90 days. We’re using certbot to install the SSL certificate.

Download and install Certbot.

# apt-get install python-certbot-nginx

Execute the following command to launch Certbot’s command-line installer, replacing example.com with your own domain name.

# certbot –nginx -d example.com -d www.example.com

Proceed through the interactive installer. When asked whether or not to redirect HTTP traffic to HTTPS, choose to redirect.

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
1: No redirect – Make no further changes to the webserver configuration.
2: Redirect – Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you’re confident your site works on HTTPS. You can undo this
change by editing your web server’s configuration.
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2

Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/code-server
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/code-server

6. Install fail2ban (Recommended)

Fail2ban is an application that parses logs to detect and mitigate automated attacks on a server. When a predefined number of unsuccessful login attempts are detected, fail2ban will alter the server’s iptables to block the attacker for a predefined amount of time.

Install setuptools. This is required to install fail2ban.

# apt-get install python3-setuptools -y

Download and install fail2ban.

git clone https://github.com/fail2ban/fail2ban.git
cd fail2ban
sudo python3 setup.py install
cp build/fail2ban.service /lib/systemd/system/fail2ban.service
cd .. && rm -rf fail2ban

Copy the default configuration file jails.conf to jails.local and open the copied file in a text editor.

# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
# vi /etc/fail2ban/jail.local

Paste the following snippet at the bottom of the file. You can change the maxretry, findtime, and bantime parameters.

[code-server] enabled = true
logpath = /var/log/code-server-output.log
# maxretry: The amount of unsuccessful login attempts after which a ban is issued.
maxretry = 5
# findtime: The amount of time within which the login attempts must occur.
findtime = 10m
# bantime: The amount of time for which an IP is banned from accessing the server.
bantime = 10m 

Create a new filter configuration file to define the filter pattern to find unsuccessful login attempts in the code-server log.

# vi /etc/fail2ban/filter.d/code-server.conf

Paste the following snippet into the file.

[Definition] failregex = Failed login attempt {\”xForwardedFor\”:\”<HOST>\”.*
ignoreregex =
datepattern = “timestamp”:{EPOCH}}$ 

Restart the rsyslog service and enable and start the fail2ban service.

# systemctl restart rsyslog.service

# systemctl start fail2ban.service
# systemctl enable fail2ban.service

That’s it. The installation completed successfully.

In this article, we have explained you how to install Code-Server on Ubuntu 20.04

Related Articles