The following are instructions on setting up an on-premesis or cloud based DevOps server using modern editions of Windows Server (or Professional) as a hosting platform. We are starting off using a base Windows Server or Professional installation with all security updates installed. This process is a little lengthy, but should only need to be done once.
After installing Windows, create an new account personalized to you or your organization with Administrative level access. After doing that, disable the built-in "Administrator" account. This gives any potential hackers with an additional layer of security when attempting to access your server. If added security is needed, you can install a Multi-Factor Authentication (MFA) provider such as Duo.
It's recommended that you keep track of any secrets such as passwords or API keys in a secure, encrypted note such as LastPass or Keepass.
In order to keep this process as simple as possible, all software is installed using default installation settings unless otherwise noted. It's recommended that all of the software listed below be installed prior to setting up Team City or Octopus Server.
Firefox or any other edge based web browser like Google Chrome or Microsoft Edge should be installed.
Notepad++ is an extremely lightweight and powerful text editor that far surpasses the capabilities provided with the Notepad application built into Windows and is even leaner than a base installation of Visual Studio Code. A default installation will provide a right-click context-menu in Windows Explorer, making working with configuration files a snap. Also if a file you are trying to save is locked by administrator permissions, it provides an easy way to relaunch the app in "Administrator Mode" without having to fumble around with shutting down, running the program manually as Admin, and reimplementing your edits prior to saving (e.g. - this comes in handy when editing the hosts file on your computer).
SQL Server Express Edition will be used to host your TeamCity and Octopus DevOps databases. Keeping these databases separate will keep service polling separate from you custom app databases. This makes it easier to perform SQL Query Traces using the SQL Server Profiler tool when debugging non-performant or problematic queries in your application.
SQL Server Developer Edition is a full-featured Enterprise-level edition of SQL Server licensed for development purposes only. It will be used to host your databases that will provide data to your UAT applications. The SQL Server Developer edition includes many features that are handy for development and are not included included in the Express edition. The most notable of these features would be the Database Diagramming tool, which is handy for visualizing entities / relationships in the database as well as the ability to design schema that can be scripted for your deployments. The other key feature is the Database Engine Tuning Advisor, which can analyze a Profiler trace file and make recommendations on new indexes or statistics to improve query performance in your app.
SSMS is a free set of tools used for managing and working with your SQL Server Express and SQL Developer Edition instances. In includes all of the aforementioned tools such as diagramming, query analysis with Profiler and database performance tuning using the Tuning Wizard.
Git is the source control tool that will be used by your CI / CD pipeline it order to delivery code changes to your build server. There seem to be a million options when installing git. Never fear and just keep pressing "Next" throughout the installation process. Customize what you like, but it's not required for purposes of this guide.
NodeJS is a free JavaScript runtime environment required for CLI tools required by your CI / CD pipeline when building LymeStack's Angular app.
After installing NodeJS, you can install Yarn Classic which is used by your LymeStack's Angular app's node dependency management. You can install NodeJs
The DotNet SDK is required to run your ASP.NET WebApi.
As an afterthought, I usually install WinDirStat on any new Windows server or workstation installation as a way to visually display disk usage statistics and clearly see what space is being taken up and where. This is handy for identifying rogue log file folders that expand over time.
Installing IIS on Windows 10 or 11 is done using the "Turn Windows features on or off" option in your control panel or search for "Windows Features" using the Windows search tool next to the start button. The options under the "Internet Information Services" menu are similar to the items listed in the "Server Roles" section described above.
The IIS URL Rewrite Module is needed to host your Angular application on IIS to instruct IIS on which routes are server routes versus client application routes.
Now that we have all the necessary prerequisite software, let's proceed with making some configuration changes to the server and network settings.
In order to use integrated security with SQL Server, we need to set up at least one service account to perform this task. Per the recommendations at the start of this guide, it's recommended you use a password manager or secured note to maintain any usernames or passwords you create for future reference.
While you can create just one account for this, I usually create three different accounts to separate concerns:
If the server is on-premesis, you'll want to create a DHCP Reservation for this server so that the local IP address never changes.
After you have setup a fixed IP address on your local network with a DHCP IP Reservation, if you want outside traffic to be able to navigate your UAT test server, you will want to expose ports 80 (HTTP) and 443 (SSL) port forwarding on your router to the newly built server.
SECURITY NOTE - Exposing ports directly to the Internet has security implications and it could be wise to speak with a security consultant about mitigating these risks by implementing VPN's, VLAN's, IP Restrictions among other technologies or strategies.
Now that we've done all of this preparation, we are finally ready to setup our deployment pipeline server software.
More content coming soon... (I need to stand up a new server and go through the steps to make sure I'm getting this right)
TODO's:
PAYWALL WARNING: Octopus used to have a free community editon of its software, which allowed for production use for a limited number of projects / deployment targets for free. However as of the writing of this guide, they no longer offer this as an option. Their new pricing structure indicates that their Starter tier allows for 10 projects at $360 per year. Considering the number hours it might take to replicate this functionality via custom scripting, $360 saves a lot of time in configuration, but the repeat annual billing along with a healthy growth trend as the number of projects increase leaves us here at LymeStack to seek or consider building other solutions to compliment our current product offering. Luckily Octopus offers a free one month trial license to get started and give you time to think of something else if you desire.
More content coming soon... (I need to stand up a new server and go through the steps to make sure I'm getting this right)
TODO's:
Install the Octopus TeamCity Plugin to more gracefully integrate TeamCity with Octopus.
After following the steps in this guide, you should be able to access the following URL's locally in a browser on the DevOps server.
Now that the deployment pipeline is setup, it's time to put it to use by setting up your first app in UAT and Production.