Demonstration on how to setup a linux server and deploy an web application using apache with WSGI.
IP address | SSH port | Application URL | Apache Document Root |
---|---|---|---|
130.211.234.25 | 2200 | http://item-catalog.tk | /var/www/html/item-catalog/catalog/server/ |
130.211.234.25 | 2200 | http://neighborhood-map.tk/ | /var/www/html/neighborhood-map/ |
1 - Generate a RSA key pair:
- Run
ssh-keygen -t rsa -f ~/.ssh/my-ssh-key -C grader
. For more information, see Generating a new SSH key-pair Guide.
2 - Create a Google VM
- After you create a google cloud project go to VM Instances and create instance, also check the option allow http trafic.
3 - Update and upgrade packages
- Connect to the server via ssh.
- Run
sudo apt-get update --quiet && sudo apt-get upgrade
.
4 - Setup grader public key
- Go to Metadata and add the public key generated by the first command.
5 - Change default ssh port
- Run the command
vim /etc/ssh/sshd_config
. - Change the port value to 2200.
6 - Setup firewall rules
- Go Firewall rules and perform the following operations:
- Change the default-allow-ssh to allow connections tcp:2200.
- Remove default-allow-icmp, default-allow-rdp and default-allow-internal.
- Add default-allow-ntp to allow connections udp:123.
- Install and setup ufw:
sudo apt-get install ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
# ssh connection
sudo ufw allow 2200/tcp
# http connection
sudo ufw allow 80/tcp
# ntp connection
sudo ufw allow 123/udp
sudo ufw enable
7 - Remove remote login as root
- By default, SSH access is disabled for root, check documentation.
- Read the file /etc/ssh/sshd_config and check if the value "no" is set for the following configurations PermitRootLogin, PasswordAuthentication.
8 - Reserve static external IP address
- Go Networking and reserve a external ip address.
- Install apache2:
sudo apt-get install apache2
- Install WSGI module:
sudo apt-get install libapache2-mod-wsgi
- Install git:
sudo apt-get install git-core
.
- Clone Neighborhood Map at /var/www/html/.
- Install NodeJS using NVM.
- At the project directory run
npm install
.
- Clone Item Catalog at /var/www/html/ and switch to the postgresql branch.
- Run the script
/var/www/html/item-catalog/pg_config.sh
.
Edit the pg_hba.conf file (/etc/postgresql/[VERSION]/main/pg_hba.conf) and add the following line to allow grader user connect:
host item-catalog-db grader 127.0.0.1/32 trust
- Create the migration:
python manage.py db init
- Create DDL scripts:
python manage.py db migrate
- Execute scripts:
python manage.py db upgrade
- Copy the files
neighborhood-map.tk.conf
,item-catalog.tk.conf
to/etc/apache2/sites-available
- Active then using the following command:
sudo a2ensite /etc/apache2/sites-available/neighborhood-map.tk.conf
sudo a2ensite /etc/apache2/sites-available/item-catalog.tk.conf
- And restart apache
sudo service apache2 restart
Create an account at https://my.freenom.com/clientarea.php
and register two domains.
Each domain should match with the domain informed at Virtual Hosts files.
- Alan Thiago do Prado (aprado.cnsp@gmail.com)