RamNode logo
    Sign UpLogin
    PayloadCMS Guide

    Install PayloadCMS on RamNode VPS

    PayloadCMS is a modern, headless content management system built with TypeScript and React. It offers a developer-friendly approach to content management with powerful APIs and a beautiful admin interface. Combined with RamNode's reliable VPS hosting, you can deploy a scalable, high-performance CMS in under 25 minutes.

    Ubuntu 22.04 LTS
    Node.js + PayloadCMS
    SSL Certificate
    ⏱️ 20-25 minutes

    Why Choose PayloadCMS and RamNode?

    PayloadCMS Advantages:

    • • Modern TypeScript/React-based CMS
    • • Powerful REST and GraphQL APIs
    • • Beautiful, responsive admin interface
    • • Developer-friendly configuration
    • • Built-in authentication and access control
    • • Flexible field types and relationships

    RamNode Benefits:

    • • High-performance SSD storage
    • • Excellent Node.js hosting environment
    • • Full server control and customization
    • • Cost-effective for modern web apps
    • • Reliable network infrastructure
    • • Easy scaling as your project grows

    Prerequisites

    Before starting, ensure you have:

    Server Requirements

    • • RamNode VPS (Ubuntu 22.04 LTS recommended)
    • • Domain name pointed to your server IP
    • • SSH access to your server
    • • At least 2GB RAM (4GB+ recommended)
    • • 20GB+ available disk space
    → View Recommended Standard VPS Plans

    Knowledge Requirements

    • • Basic Linux command line skills
    • • Understanding of Node.js applications
    • • Domain DNS management
    • • Basic JavaScript/TypeScript knowledge helpful
    2

    Initial Server Setup

    Connect to your RamNode VPS and prepare the system:

    Connect via SSH
    ssh root@your-server-ip
    Update System Packages
    apt update && apt upgrade -y
    Install Essential Tools
    apt install curl wget unzip software-properties-common build-essential -y
    Create Non-Root User
    adduser payloaduser
usermod -aG sudo payloaduser
su - payloaduser

    💡 Security: Using a non-root user for running applications improves server security.

    3

    Install Node.js

    Install Node.js 18+ which is required for PayloadCMS:

    Install Node.js via NodeSource
    curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs
    Verify Installation
    node --version
npm --version
    Install Yarn (Optional but Recommended)
    curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt update && sudo apt install yarn -y

    ✅ Node.js 18+ is now installed and ready for PayloadCMS.

    4

    Install MongoDB

    Install MongoDB as the database for PayloadCMS:

    Import MongoDB GPG Key
    wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list
    Install MongoDB
    sudo apt update
sudo apt install -y mongodb-org
    Start and Enable MongoDB
    sudo systemctl start mongod
sudo systemctl enable mongod
sudo systemctl status mongod
    Secure MongoDB (Optional)
    mongo
> use admin
> db.createUser({
    user: "admin",
    pwd: "your_strong_password",
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
})
> exit

    🔐 Security: For production, enable authentication by editing /etc/mongod.conf and setting security.authorization: enabled

    5

    Install Nginx

    Install Nginx as a reverse proxy for PayloadCMS:

    Install Nginx
    sudo apt install nginx -y
    Start and Enable Nginx
    sudo systemctl start nginx
sudo systemctl enable nginx
sudo systemctl status nginx
    Configure Firewall
    sudo ufw allow 'Nginx Full'
sudo ufw allow OpenSSH
sudo ufw --force enable

    ✅ Nginx is installed and will act as a reverse proxy for your PayloadCMS application.

    6

    Create PayloadCMS Application

    Create a new PayloadCMS application:

    Create Application Directory
    mkdir -p /var/www/html/your-domain.com
cd /var/www/html/your-domain.com
sudo chown -R payloaduser:payloaduser .
    Create PayloadCMS Project
    npx create-payload-app@latest .
# Choose the following options:
# - Use TypeScript: Yes
# - Database: MongoDB
# - Template: Blog (or Blank for custom)

    Follow the interactive setup prompts:

    • Project name: Your project name
    • Use TypeScript: Yes (recommended)
    • Database adapter: MongoDB
    • Database URI: mongodb://localhost:27017/your-database-name
    • Template: Choose based on your needs (Blog, E-commerce, or Blank)
    Install Dependencies
    cd /var/www/html/your-domain.com
npm install
# or if using Yarn
yarn install
    7

    Configure PayloadCMS

    Configure PayloadCMS for production deployment:

    Create Production Configuration
    nano /var/www/html/your-domain.com/.env

    Add the following environment variables:

    Environment Configuration
    # Database
MONGODB_URI=mongodb://localhost:27017/your-database-name

# Server Configuration  
PAYLOAD_SECRET=your-very-long-secret-key-here
PORT=3000
NODE_ENV=production

# Domain Configuration
PAYLOAD_PUBLIC_SERVER_URL=https://your-domain.com

# Email Configuration (optional)
# SMTP_HOST=your-smtp-server
# SMTP_PORT=587
# SMTP_USER=your-email
# SMTP_PASS=your-password

# File Storage (optional - for cloud storage)
# AWS_S3_BUCKET=your-bucket
# AWS_ACCESS_KEY_ID=your-access-key
# AWS_SECRET_ACCESS_KEY=your-secret-key
    Build Application for Production
    cd /var/www/html/your-domain.com
npm run build
# or
yarn build
    Test Application
    npm run serve
# Visit http://your-server-ip:3000 to test
# Press Ctrl+C to stop

    🔑 Security: Generate a secure PAYLOAD_SECRET using: openssl rand -base64 32

    8

    Configure Nginx Reverse Proxy

    Configure Nginx to proxy requests to PayloadCMS:

    Create Nginx Configuration
    sudo nano /etc/nginx/sites-available/your-domain.com

    Add the following PayloadCMS-optimized configuration:

    Nginx PayloadCMS Configuration
    server {
    listen 80;
    listen [::]:80;
    server_name your-domain.com www.your-domain.com;

    client_max_body_size 100M;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_cache_bypass $http_upgrade;
        proxy_read_timeout 300s;
        proxy_connect_timeout 75s;
    }

    # Static file serving (if using local file storage)
    location /media/ {
        alias /var/www/html/your-domain.com/media/;
        expires 1y;
        add_header Cache-Control "public, immutable";
    }

    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header Referrer-Policy "no-referrer-when-downgrade" always;
    add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;

    # Gzip compression
    gzip on;
    gzip_vary on;
    gzip_min_length 1024;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_types
        text/plain
        text/css
        text/xml
        text/javascript
        application/json
        application/javascript
        application/xml+rss
        application/atom+xml
        image/svg+xml;
}
    Enable Site and Test Configuration
    sudo ln -s /etc/nginx/sites-available/your-domain.com /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
    9

    Install SSL Certificate

    Secure your PayloadCMS site with a free SSL certificate:

    Install Certbot
    sudo apt install snapd -y
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
    Create Certbot Symlink
    sudo ln -s /snap/bin/certbot /usr/bin/certbot
    Obtain SSL Certificate
    sudo certbot --nginx -d your-domain.com -d www.your-domain.com
    Test SSL Renewal
    sudo certbot renew --dry-run

    🔒 SSL Active: Your PayloadCMS site is now secured with HTTPS!

    10

    Process Management with PM2

    Use PM2 to manage the PayloadCMS process in production:

    Install PM2 Globally
    sudo npm install -g pm2
    Create PM2 Ecosystem File
    nano /var/www/html/your-domain.com/ecosystem.config.js
    PM2 Configuration
    module.exports = {
  apps: [
    {
      name: 'payloadcms',
      script: 'dist/server.js',
      cwd: '/var/www/html/your-domain.com',
      instances: 'max',
      exec_mode: 'cluster',
      env: {
        NODE_ENV: 'production',
        PORT: 3000
      },
      error_file: './logs/err.log',
      out_file: './logs/out.log',
      log_file: './logs/combined.log',
      time: true,
      max_memory_restart: '1G'
    }
  ]
};
    Create Log Directory and Start Application
    cd /var/www/html/your-domain.com
mkdir -p logs
pm2 start ecosystem.config.js
pm2 save
pm2 startup
    PM2 Management Commands
    # Check status
pm2 status

# View logs
pm2 logs payloadcms

# Restart application
pm2 restart payloadcms

# Stop application
pm2 stop payloadcms

    🚀 Production Ready: Your PayloadCMS application is now running in production with PM2!

    11

    Security Hardening

    Implement additional security measures:

    Set Proper File Permissions
    cd /var/www/html/your-domain.com
sudo chown -R payloaduser:payloaduser .
chmod -R 755 .
chmod 600 .env
    Configure MongoDB Security (if not done)
    sudo nano /etc/mongod.conf
# Uncomment and modify:
# security:
#   authorization: enabled

sudo systemctl restart mongod
    Install Fail2Ban for SSH Protection
    sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
    Hide Nginx Version
    sudo nano /etc/nginx/nginx.conf
# Add to http block:
# server_tokens off;

sudo systemctl reload nginx

    🔐 Additional Security: Consider implementing rate limiting, IP whitelisting for admin access, and regular security updates.

    12

    Performance Optimization

    Optimize your PayloadCMS deployment for better performance:

    Configure Node.js Optimization
    # Update ecosystem.config.js with optimization flags
nano /var/www/html/your-domain.com/ecosystem.config.js
    Optimized PM2 Configuration
    module.exports = {
  apps: [
    {
      name: 'payloadcms',
      script: 'dist/server.js',
      cwd: '/var/www/html/your-domain.com',
      instances: 'max',
      exec_mode: 'cluster',
      node_args: '--max-old-space-size=2048',
      env: {
        NODE_ENV: 'production',
        PORT: 3000,
        NODE_OPTIONS: '--max-old-space-size=2048'
      },
      error_file: './logs/err.log',
      out_file: './logs/out.log',
      log_file: './logs/combined.log',
      time: true,
      max_memory_restart: '1G',
      min_uptime: '10s',
      max_restarts: 10
    }
  ]
};
    Enable Redis for Caching (Optional)
    sudo apt install redis-server -y
sudo systemctl enable redis-server
sudo systemctl start redis-server

# Add to your PayloadCMS config
npm install redis
    MongoDB Performance Tuning
    # Create indexes for better query performance
mongo your-database-name
> db.users.createIndex({ "email": 1 })
> db.pages.createIndex({ "slug": 1 })
> exit
    Restart Services
    pm2 restart payloadcms
sudo systemctl reload nginx

    Troubleshooting

    Next Steps & Recommendations

    PayloadCMS Administration

    • • Access admin panel at: https://your-domain.com/admin
    • • API endpoints available at: https://your-domain.com/api
    • • GraphQL playground: https://your-domain.com/graphql
    • • Configure collections, fields, and relationships
    • • Set up user roles and access control

    Maintenance Tasks

    • • Regular PayloadCMS and dependency updates
    • • MongoDB database backups and maintenance
    • • Monitor application performance and logs
    • • Security updates and patches
    • • SSL certificate renewal (automatic with Certbot)