/FSND-project3-linux-server-configuration

Configuring and preparing a bare-bones Linux server to host a web application.

FSND project3 - Linux Server Configuration

This is my submission as the third project of the Full Stack Nano Degree from Udacity.

This project is about how to take a baseline installation of a Linux server and prepare it to host web applications. It involves how to secure the server from a number of attack vectors, install and configure a database server, and deploy an existing web application onto it.

Server Information:

Server Access:

  • download the grader_key file (preferably into ~/.ssh/ directory)
  • ssh grader@52.57.126.228 -p 2200 -i ~/.ssh/grader_key

Server Configuration:

  1. Start a new Ubuntu Linux server instance on Amazon Lightsail.
  2. Login into instance using a provided SSH key for a default user ubuntu.
    ------- User Management
  3. Disable remote login as user root.
  4. Create a new user grader and give him sudo access.
  5. Create an SSH key pair for grader using the ssh-keygen tool.
    ------- Security
  6. Update Package-Source-List and all currently installed packages.
  7. Change SSH hosting port from the default 22 into 2200.
  8. Configure ufw (Uncomplicated Firewall) to only allow connections for (SSH, HTTP, NTP) on ports (2200, 80, 123) respectively.
  9. Force Key-based SSH authentication.
    ------- Prepare for deployment
  10. Configure the local timezone to UTC.

Software Installed:

  • Install Apache web server.
  • Install mod_wsgi python application handler.
  • Install PostgreSQL database server.
  • Install Git version control system.

Deployment:

  • Clone Item Catalog project.
  • Construct the file structure for the app to work with Apache.
  • Configure Python version and install application requirements.
  • Configure WSGI files.
  • Configure, setup and connect database.
  • Update OAuth settings to use the domain name.
  • Restart Apache service and use Apache logs for debugging.

Resources: