In this guide we will set up clean Debian server on Google cloud for Python and Django projects. We will configure secure SSH connection, install from Debian repositories and from sources all needed packages and ware it together for working Debian Django server.
Youtube video guide (in Russian)
Connect through SSH to remote Debian server and update repositories and install some initial needed packages:
First connection:
add your id_rsa.pub key into VM ssh key settings, take your username:
ssh -i path-to-private-key username@external-ip
ssh username@external-ip
sudo passwd <username>
sudo apt-get update ; \
sudo apt-get install -y vim mosh tmux htop git curl wget unzip zip gcc build-essential make
Configure SSH:
sudo vim /etc/ssh/sshd_config
AllowUsers <username>
PermitRootLogin no
PasswordAuthentication no
SSH Language:
sudo localedef en_US.UTF-8 -i en_US -fUTF-8 ; \
export LANGUAGE=en_US.UTF-8 ; \
export LANG=en_US.UTF-8 ; \
export LC_ALL=en_US.UTF-8 ; \
sudo locale-gen en_US.UTF-8 ; \
sudo dpkg-reconfigure locales
cat ~/.bashrc server
sudo vim ~/.bashrc server
cat ~/.bash_profile
sudo vim ~/.bash_profile
In ~/.bash_profile, ~/.bashrc server:
export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8
export LANGUAGE=en_US.UTF-8
Add locales to /etc/profile
:
sudo vim /etc/profile
export LANGUAGE=en_US.UTF-8
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
Google cloud firewall mosh-fw
Направление:
Входящий трафик
Протоколы и порты:
udp
Диапазоны IP-адресов:
0.0.0.0/0
Применить:
для всех/по тегу
Restart SSH server, change www
user password:
sudo service ssh restart
sudo apt-get install -y zsh tree redis-server nginx libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev llvm libncurses5-dev libncursesw5-dev xz-utils tk-dev libffi-dev liblzma-dev python3-dev python-imaging python3-lxml libxslt-dev python-libxml2 python-libxslt1 libffi-dev libssl-dev python-dev gnumeric libsqlite3-dev libpq-dev libxml2-dev libxslt1-dev libjpeg-dev libfreetype6-dev libcurl4-openssl-dev supervisor
Install oh-my-zsh:
sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
chsh -s $(which zsh)
Configure some needed aliases:
vim ~/.zshrc
alias cls="clear"
mkdir ~/Dev
Build from source python 3.*, install with prefix to ~/.python folder:
mkdir ~/.python
cd ~/.python
wget https://www.python.org/ftp/python/3.*.*/Python-3.*.*.tgz ; \
tar xvf Python-3.*.* ; \
cd Python-3.*.* ; \
mkdir ~/.python ; \
./configure --enable-optimizations --prefix=/home/www/.python ; \
make -j8 ; \
sudo make altinstall
Now python3.* in /home/www/.python/bin/python3.*
. Update pip:
sudo /home/www/.python/bin/python3.* -m pip install -U pip
sudo /home/www/.python/bin/python3.* -m pip install virtualenv
Ok, now we can pull our project from Git repository (or create own), create and activate Python virtual environment:
cd Dev
git pull project_git
cd project_dir
python3.* -m virtualvenv venv_<projectname>
. ./venv_<projectname>/bin/activate
Install PostgreSQL 11 and configure locales.
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add - ; \
RELEASE=$(lsb_release -cs) ; \
echo "deb http://apt.postgresql.org/pub/repos/apt/ ${RELEASE}"-pgdg main | sudo tee /etc/apt/sources.list.d/pgdg.list ; \
sudo apt update ; \
sudo apt -y install postgresql-11 ; \
sudo localedef ru_RU.UTF-8 -i ru_RU -fUTF-8 ; \
export LANGUAGE=ru_RU.UTF-8 ; \
export LANG=ru_RU.UTF-8 ; \
export LC_ALL=ru_RU.UTF-8 ; \
sudo locale-gen ru_RU.UTF-8 ; \
sudo dpkg-reconfigure locales
Add locales to /etc/profile
:
sudo vim /etc/profile
export LANGUAGE=ru_RU.UTF-8
export LANG=ru_RU.UTF-8
export LC_ALL=ru_RU.UTF-8
Change postges
password, create clear database named dbms_db
:
sudo passwd postgres
su - postgres
export PATH=$PATH:/usr/lib/postgresql/11/bin
createdb --encoding UNICODE dbms_db --username postgres
exit
Create dbms
db user and grand privileges to him:
sudo -u postgres psql
postgres=# ...
create user dbms with password 'some_password';
ALTER USER dbms CREATEDB;
grant all privileges on database dbms_db to dbms;
\c dbms_db
GRANT ALL ON ALL TABLES IN SCHEMA public to dbms;
GRANT ALL ON ALL SEQUENCES IN SCHEMA public to dbms;
GRANT ALL ON ALL FUNCTIONS IN SCHEMA public to dbms;
CREATE EXTENSION pg_trgm;
ALTER EXTENSION pg_trgm SET SCHEMA public;
UPDATE pg_opclass SET opcdefault = true WHERE opcname='gin_trgm_ops';
\q
exit
Now we can test connection. Create ~/.pgpass
with login and password to db for fast connect:
vim ~/.pgpass
localhost:5432:dbms_db:dbms:some_password
chmod 600 ~/.pgpass
psql -h localhost -U dbms dbms_db
Run SQL dump, if you have:
psql -h localhost dbms_db dbms < dump.sql
Now recommended way is using Systemd instead of supervisor. If you need supervisor — welcome:
sudo apt install supervisor
vim /home/www/code/project/bin/start_gunicorn.sh
#!/bin/bash
source /home/www/code/project/env/bin/activate
source /home/www/code/project/env/bin/postactivate
exec gunicorn -c "/home/www/code/project/gunicorn_config.py" project.wsgi
chmod +x /home/www/code/project/bin/start_gunicorn.sh
vim project/supervisor.salesbeat.conf
[program:www_gunicorn]
command=/home/www/code/project/bin/start_gunicorn.sh
user=www
process_name=%(program_name)s
numprocs=1
autostart=true
autorestart=true
redirect_stderr=true
If you need some Gunicorn example config — welcome:
command = '/home/www/code/project/env/bin/gunicorn'
pythonpath = '/home/www/code/project/project'
bind = '127.0.0.1:8001'
workers = 3
user = 'www'
limit_request_fields = 32000
limit_request_field_size = 0
raw_env = 'DJANGO_SETTINGS_MODULE=project.settings'