Deploying To A VPS with Psake and WebDeploy 3.0

I was hosting this and other sites through a shared hosting company for over two years and the costs of having to pay for separate hosting accounts for each domain started to add up. The costs of a dedicated server are ridiculous and usually unnecessary. The cost of infrastructure/ software as a service, like Windows Azure, are priced well for demand but still are too expensive for what I'm trying to do. The best priced choice for me was to get a virtual private server.

I decided to get a dedicated single core instance of Windows Server 2012 with an AMD Opertron 6212 Processor, 2 GB of RAM and 50 GB of hard drive space. The extra space is for MP3s on the radio station. I prefer to use Amazon AWS for content storage and delivery.

First of all, updating Windows with all the latest updates will take a little while. After doing this and a few reboots, it's time to configure the system. The first thing to do is to edit the Windows Firewall to accept requests on the ports needed. In this case, port 80 is all I need right now.

Go to: Windows Key > Control Panel > System and Security > Windows Firewall > Advanced settings > Inbound Rules > New Rule > select Port > Next, TCP > Specific local ports: 80 > Allow the connection. Then Domain, Private and Public need to be checked and click Next. The Name can be anything, it will be WWW for this and then click Finish.

By default ,Windows 2012 does not have IIS or Application Development installed on it. Before this however, ASP.NET 4.5 needs to be installed, if it isn't already.

To do this: Window Key > Control Panel > Turn Windows features on or off

This launches the Server Manager. From here: Next > Role-based or feature-based installation, Next > Select the server, Next

On the list for Server Roles: Application Server needs to be installed with .NET Framework 4.5; Web Server (IIS) with all the features under Web Server; Windows Deployment Services, all features under it.

On the list for for Features: .NET Framework 4.5 should be installed as well.

This should be all the features needed for now.

Now that the basics are set up to host a website with ASP.NET, I want to be able to have a free database to use for all my sites. There is good comparison of the features here: http://msdn.microsoft.com/en-us/library/cc645993.aspx. I am using SQL Express 2012 with Management Studio for 64 bit. To use that I download: ENU\x64\SQLManagementStudio_x64_ENU.exe from: http://www.microsoft.com/en-us/download/details.aspx?id=29062.

After selecting all the defaults for the installation I will be able to connect locally to the database. Once the application is installed, I can get to it by pressing the Windows key. It's located at: "C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\ManagementStudio\Ssms.exe"

The way that I usually setup websites in IIS is to have a folder called: Sites at the C drive and then put each domain in a folder under it. I can select the folders one by one or apply permissions at the parent directory. In this case I will create a folder for this domain and right click on the folder and go to Properties. From there I will select the security tab and then click Edit then Add. In the text box I will put: NETWORK SERVICE and click Check Names and OK. I will give this account Full Control by selecting the check box for it and pressing OK and OK again.

At this point I have setup the directory to have access from the Network Service account. I want to use this same account in SQL Server so that the database and application can use the same computer account. I will first need to attach, restore or create the database in SQL Server Management Studio Express. I can set up the Network Service account on the whole server of just per database.

I will go to the database then Security > Users and right click the folder to add a user. From there I will add: NT AUTHORITY\NETWORK SERVICE as the User name and Login name and press OK. I need to make sure that this account is a member of db_owner either at the database or database server level for membership. This will give it control to execute all the SQL commands with full permission.

Now that the basics are set up for the database and file permissions, I need to apply these settings to IIS to access and run the site. To do that I will open IIS Manager by going to: Server Manager > IIS > right clicking on the server and opening the manager. I will expand the server icon and then right click on sites and go to: Add Website. I am going to name the site after the domain, set the path to where the folder is that I set up permission, set the IP address to the public server IP address and bind it to the default domain name.

From there I will go to: Application Pools > right click on the application pool that was associated with the site when it was setup, which is the name, usually. I will right click the application pool and go to: Advanced Settings > for: Identity I will select NetworkService and I will press OK. This will associate the site with account when it's accessed.

From here, if the files are in the sites folder and the database is set up with the correct connection string, the site could be live. If there are module settings that are a problem, it's possible that the application configs are without the correct permissions. This file can be edited at: C:\Windows\System32\inetsrv\configs\applicationHost.config and the various nodes may need to be set from Deny to Allow depending on what is required.

Now that the site is running, the upgrade process requires manually logging into the server with the new compiled code and database modification scripts. That isn't a process that makes development enjoyable. Most developers want their changes out production as quickly as possible so they can iterate and improve constantly.

Previously I was doing auto-deploying on a shared server that had MS Deploy setup. From here I will need to install and setup this feature so I can have the same development experience.

Before anything, I will download the Web Platform Installer and install: Recommended Configuration for Hosting Providers. This will enable Web Deploy to be used. A word of warning, some of the installed parts of the hosting provider configuration will temporarily stop IIS related services, causing sites to 503 for several minutes. It is best not to have live traffic when making this installation.

After the installation is complete, I need to go to: Control Panel\System and Security\Administrative Tools and launch Services. I want to set the Web Deployment Agent Service to Started and to Start Automatically, if it isn't. From here I will need to configure the server to enable publishing. The general process is outlined on this site about WebDeploy on Windows Server 2012.

Go to: IIS Manager > expand the Sites > right click the specific site > select Deploy > Configure Web Deployment Publishing. The account needs to be an Administrator or one with permissions on the directory. The publish file can be used as an importable publish setting in Visual Studio. In my case, I will use the account and password I connect with over RDP and adjust the URL to be the IP of my server. From here, I can adjust my Psake script with this information and automatically deploy from the command line. I'll want to make sure I have the right ports open to connect to the service.

The only issue I came up with porting my site from shared hosting to a VPS was related to how I do database migrations. I currently have my script connect to SQL remotely but the connection I set up is local to the VPS. I would need to create an account and open the ports for that connection. I can setup remote connections with SQL Express and change all my connection strings to use my same deployment logic if I want to. This requires making an account and applying it to the databases then logging into SQL Server Management Studio, right clicking the server and going to Properties > then selecting Security > selecting SQL Server and Windows Authentication mode.

There are many different script execution and security options once all the services have been setup. I prefer to be able to do all the tasks remotely and not rely on the build server to have access to any specific service access. To do this properly I would need to make accounts for remote connections and use the correct connection string. Additionally, I should configure more accounts to enable non-admin users to potentially deploy their sites.