Building Nightscout in Ubuntu


Tip

The most complete guide for building your site step by step is the one used for Oracle Cloud.
If you use another hosting provider, skip Oracle specific instructions and follow the flow.


Deploying in Ubuntu is very popular for skilled people, see also here and here.

If you don’t own a domain, get one now, see here.


Update your system

Update your Ubuntu system (you should type this is a command every 3 or 6 months to keep it updated).

sudo apt update
sudo apt upgrade -y
sudo apt clean

You will see it’s completed when the terminal stops scrolling text and you’re returned to the prompt.

If you see the following message: *** System restart required *** you will need to reboot. Do not skip this step: reboot and wait a minute before opening again the console.

sudo reboot

You must probably already have nano installed. If necessary:

sudo apt install nano -y

Step 1 - Install MongoDB

a) Follow the vendor instructions

MongoDB 5 with Ubuntu 20.04 or MongoDB 6 with Ubuntu 22.04

b) Enter in Mongo shell

mongo --port 27017

You will know you’ve entered the mongo shell when the prompt > is displayed.

c) Create an admin user. Decide on a name and a password.
Avoid reusing other usernames and passwords.

Replace ADMIN_NAME and ADMIN_PASSWORD with those your own. Keep all " ".

use admin
db.createUser({user: "ADMIN_NAME", pwd: "ADMIN_PASSWORD", roles: [ { role: "userAdminAnyDatabase", db: "admin" }] })

Exit mongo.

exit

Mongo will answer bye and you’ll be back to Ubuntu’s command prompt.


d) Turn Mongo security on

sudo nano /etc/mongodb.conf

Go to the line reading #auth = true and remove the comment #. Save the modified file:

  1. Press Ctrl-O (the letter O not zero)

  2. Press Enter

  3. Press Ctrl-X

Note: if you use a Mac the Ctrl key is

e) Restart Mongo with this command:

sudo service mongodb restart

You have installed the MongoDB application.


Step 2 - Create a new database

a) Login into Mongo as an admin
Replace ADMIN_NAME with your own database administrator name.

mongo -u ADMIN_NAME -p --authenticationDatabase admin

You will be asked to enter the password matching your admin user.

b) Create a database name.
Make it simple (letters), this is just the place your Nightscout data will be stored. Replace MONGO_NS_DB with your own database name.

use MONGO_NS_DB

c) Create a database user.
Invent a name (letters and numbers) and a password (letters and numbers, uppercase and lowercase). Replace MONGO_NS_USER with your database user name, MONGO_NS_PASSWORD with its matching password and MONGO_NS_DB with the database name you created above.

db.createUser({user: "MONGO_NS_USER", pwd: "MONGO_NS_PASSWORD", roles: [ { role: "readWrite", db: "MONGO_NS_DB" }]})

Exit the shell

exit

d) Check you can login into Mongo with this user
Replace MONGO_NS_USER with your own database administrator name, and replace MONGO_NS_DB with your own database name.

mongo -u MONGO_NS_USER -p --authenticationDatabase MONGO_NS_DB

You will be asked to enter the password matching your user.

Exit the shell.

exit

You have created your Nightscout MongoDB database and its user.


Step 3 - Install Nightscout

a) Create a new user.
Don’t try to run Nightscout as root, it will not work.
Replace mainuser with a name of your choice, like your name, only lowercase letters.

sudo adduser mainuser

You need to invent a password for your new user.
Confirm it then just hit Enter for the following lines, when done key Y then Enter.

b) Make your user an administrator.

Replace mainuser with your new user name.

sudo usermod -aG sudo mainuser

c) Login to the machine using the account we just created.

!!!warning “Do not run Nightscout as root”
From now on use your Nightscout user.

Replace mainuser with your new user name.

sudo -u mainuser -s

d) Install nodejs and npm.

Mind some small VPS will not be powerful enough to deploy with npm, consider using a Docker container in this case.

The example below is with the latest supported npm version: 16.20.1

sudo apt install nodejs
sudo apt install build-essential checkinstall
sudo apt install libssl-dev
wget -qO- https://raw.githubusercontent.com/creationix/nvm/v0.33.8/install.sh | bash
source /etc/profile
nvm install 16.20.1
nvm use 16.20.1

Once complete, install npm

sudo apt-get install -y npm

e) Clone the Nightscout repository cgm-remote-monitor.

cd
git clone https://github.com/nightscout/cgm-remote-monitor.git
ln -s cgm-remote-monitor nightscout
cd nightscout

Make sure you’re in your nightscout directory

Should you exit your terminal and resume working later make sure to return to this state.
1- you’re using your nightscout user
2- you are in your nightscout directory

f) Install Nightscout.

npm install

It will take a long time to complete. Be patient.
On some lightweight virtual computers install might fail or hang, especially if you installed the default latest node.js version.
You can try to interrupt and run another time npm install.


Step 4 - Configure Nightscout

a) Edit the configuration file.

nano my.env

You can use the helper page in a new browser tab.

File all necessary fields, click on the Validate button at the bottom of the form, if no error is seen you will have all variables displayed in the text box at the bottom, click on the Copy All button.

Variables format

1- do not addexport before the variable name
2- safe format is VARIABLE="value"
3- all spaces in the values must be replaced by %20

b) Return to the text editor. Paste the result in nano.

c) Save the modified file:

  1. Press Ctrl-O (the letter O not zero)

  2. Press Enter

  3. Press Ctrl-X

Note: if you use a Mac the Ctrl key is


Manage Nightscout startup

d) Install pm2

sudo npm install pm2 -g

e) Start cgm-remote-monitor with pm2.

env $(cat my.env)  PORT=1337 pm2 start server.js

f) Make pm2 start cgm-remote-monitor on startup

pm2 startup

This will give you a command you need to run as superuser to allow pm2 to start the app on reboot. The command will be something like: sudo su -c "env PATH=$PATH:/usr/bin pm2 startup ..."

Copy the tailored command, paste and execute it.

g) Save it.

pm2 save

Your Nightscout site is now available at http:// and the IP address of your computer/VPS but it’s not secured so most browsers will refuse it.


Step 5 - Open and secure your access

a) Create a reverse nginx proxy

sudo apt-get install nginx

b) Delete and replace the original /etc/nginx/sites-available/default with this one.
Replace MY_FULLYQUALIFIEDNAME with your own (it will look like name.domain.tld). You don’t have one? Look here.

server {
	listen 80;
	server_name MY_FULLYQUALIFIEDNAME;
	location / {
		proxy_pass http://127.0.0.1:1337;
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection 'upgrade';
		proxy_set_header Host $host;
		proxy_cache_bypass $http_upgrade;
		proxy_set_header X-Forwarded-Proto "https";
	}
}

Your Nightscout site is now available at http://MY_FULLYQUALIFIEDNAME but it’s not secured so most browsers will refuse it.

c) If your VPS doesn’t provide a firewall you should install and configure ufw.
Make sure to open ssh if you don’t have KVM access!

sudo apt install ufw
sudo ufw allow 'Nginx Full'
sudo ufw allow OpenSSH
sudo ufw enable

d) Obtain a certificate for your site name.

sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d "MY_FULLYQUALIFIEDNAME" --redirect --agree-tos --no-eff-email

You can increase ssl security with a strong Diffie-Hellman group (src):

sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

e) Make sure certbot takes care of renewing your certificate:

sudo certbot renew --dry-run

f) Restart the service:

sudo service nginx restart

Upon success you will be able to access your Nightscout site from any browser using https://.