Install Strapi on Ubuntu 18.04 LTS on Google Cloud with Cloud SQL. Strapi is a most advanced open source content management framework to build powerful API. It is a headless CMS built with Node.js.
In this guide you are going to learn how to install and setup Node.js, Strapi for production on Ubuntu 18.04 on Google Cloud with Cloud SQL.
This setup is tested on Google Cloud Platform, so this guide can be used on any other cloud hosting services or VPS or Dedicated server running Ubuntu.
Prerequisites
- Your Compute Engine Instance running, see the Setting up Compute Engine Instance.
- Domain name is pointed to your virtual machine.
- For setting up Cloud DNS, see the Setting up Google Cloud DNS for your domain.
- Google Cloud SQL Setup, see Setup Cloud SQL and connect with Compute Engine.
Install Node.js
You can install the latest LTS release of Node.js
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
sudo apt install -y nodejs build-essential
Once the installation is complete you can check the node.js
version and npm
version using the following commands.
node -v
npm -v
Install Strapi
Once Node.js and NPM is installed you can proceed to install Strapi.
sudo npm install strapi@alpha -g
This will take a minute to install Strapi. Once Strapi is installed you can verify the installation by verifying the version of Strapi.
strapi version
Create New Strapi Project
sudo strapi new myproject
Select MySQL when prompted to select database.
Provide your Cloud SQL details for setting up.
- Database name:
database name
- Host:
Cloud SQL Instance IP Address
- Port:
3306
- Username:
username
- Password:
password
Now Strapi will check the database connection and create your application. You will get the output similar to the below image.

Once your application is created you can run your application with PM2
and Nginx as reverse proxy.
Install Process Manager
sudo npm install pm2 -g
Install and Set up Nginx
sudo apt install nginx
Remove default configurations
sudo rm /etc/nginx/sites-available/default
sudo rm /etc/nginx/sites-enabled/default
Create new Nginx configuration
sudo nano /etc/nginx/sites-available/yourdomainname.com
Paste the following
server { listen [::]:80; listen 80; server_name yourdomainname.com www.yourdomainname.com; location / { proxy_pass http://localhost:1337; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } }
Save and exit the file
Enable your configuration by creating a symbolic link
sudo ln -s /etc/nginx/sites-available/yourdomainname.com /etc/nginx/sites-enabled/yourdomainname.com
Check your Nginx configuration and restart Nginx
sudo nginx -t
sudo service nginx restart
Start Strapi application using PM2
Move inside your Strapi application and execute the following command
sudo pm2 start strapi --no-automation --name app_name -- start
Now you can visit your domain name in browser, you should view the welcome page of Strapi.

Create a new admin user by visiting the admin panel http://yourdomainname.com/admin

Once you have created the root admin user you can view the Strapi admin dashboard.

For more advanced documentation checkout official Strapi.
Install SSL certificate and enable HTTP/2
HTTPS
HTTPS is a protocol for secure communication between a server (instance) and a client (web browser). Due to the introduction of Let’s Encrypt, which provides free SSL certificates, HTTPS are adopted by everyone and also provides trust to your audiences.
HTTP/2
HTTP/2 is the latest version of the HTTP protocol and can provide a significant improvement to the load time of your sites. There really is no reason not to enable HTTP/2, the only requirement is that the site must use HTTPS.
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install python-certbot-nginx
Now we have installed Certbot by Let’s Encrypt for Ubuntu 18.04, run this command to receive your certificates.
sudo certbot --nginx certonly
Enter your email
and agree to the terms and conditions, then you will receive the list of domains you need to generate SSL certificate.
To select all domains simply hit Enter
The Certbot client will automatically generate the new certificate for your domain. Now we need to update the Nginx config.
Redirect HTTP Traffic to HTTPS with www in Nginx
Open your site’s Nginx configuration file and replace everything with the following. Replacing the file path with the one you received when obtaining the SSL certificate. The ssl_certificate directive
should point to your fullchain.pem file, and the ssl_certificate_key
directive should point to your privkey.pem file.
server {
listen [::]:80;
listen 80;
server_name yourdomainname.com www.yourdomainname.com;
return 301 https://yourdomainname.com$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name www.yourdomainname.com;
ssl_certificate /etc/letsencrypt/live/yourdomainname.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomainname.com/privkey.pem;
return 301 https://yourdomainname.com$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name yourdomainname.com;
ssl_certificate /etc/letsencrypt/live/yourdomainname.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomainname.com/privkey.pem;
location / {
proxy_pass http://localhost:1337;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
add_header Content-Security-Policy "img-src * 'self' data: blob: https:; default-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://s.ytimg.com https://www.youtube.com https://yourdomainname.com https://*.googleapis.com https://*.gstatic.com https://*.w.org data: 'unsafe-inline' 'unsafe-eval';" always;
add_header X-Xss-Protection "1; mode=block" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Access-Control-Allow-Origin "https://yourdomainname.com";
add_header Referrer-Policy "origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
}
}
The http2
value is all that is needed to enable the HTTP/2 protocol.
Now you have enabled SSL Hardening, created a Content Security Policy, X-XSS-Protection, Clickjacking, MIME Sniffing, Referrer Policy, Access Control Allow Origin.
These are some Nginx security tweaks by closing all areas of attacks.
Hit CTRL+X
followed by Y
to save the changes.
Check your configuration and restart Nginx for the changes to take effect.
sudo nginx -t
sudo service nginx restart
Renewing SSL Certificate
Certificates provided by Let’s Encrypt are valid for 90 days only, so you need to renew them often. Now you set up a cronjob to check for the certificate which is due to expire in next 30 days and renew it automatically.
sudo crontab -e
Add this line at the end of the file
0 0,12 * * * certbot renew >/dev/null 2>&1
Hit CTRL+X
followed by Y
to save the changes.
This cronjob will attempt to check for renewing the certificate twice daily.
Now you have installed Strapi in production environment with Node.js on Ubuntu 18.04 LTS, Nginx and HTTPS on Google Compute Engine.
Can we deploy multiple Strapi on a single server? is it possible
Hi there,
in the stage “Redirect HTTP Traffic to HTTPS with www in Nginx”
Which file am I editing?
You also say “Open your site’s Nginx configuration file add replace everything with the following.” – Do you mean add? Or do you mean “and”?
Also where you say “Replacing the file path with the one you received when obtaining the SSL certificate. ” What are you replacing here?
many thanks
Hi Will,
Thank for reaching out.
The file you need to edit is /etc/nginx/sites-available/yourdomainname.com
That is not “add”, it is “and”.
The file path is the SSL certificate file path “/etc/letsencrypt/live/yourdomainname.com/fullchain.pem” similar to this.
Hey! Thank you so much for this – really great tutorial. I had this up and running quite quickly and am doing well now!
I wonder what you would use with Strapi on a GCE VM instance for the front end? I am interested in Gatsby but can’t find much about deployment on GCP, but wondered if you have any thoughts?
Thanks again.