A Project for the Udacity Full Stack Nanodegree
This project is a test of setting up and configuring a Linux server and deploying a web app on it.
Note: As the project has now been graded this server has been deactivated.
- IP Address: 35.169.169.18
- SSH Port: 2200
- URL for Web App: 35.169.169.18.xip.io/ <- must use this to login, google login will not work with just the IP address
- Apache2
- mod_wsgi
- PostgreSQL
- Git
- aptitude
- Flask Python library
- SQLAlchemy Python library
- Oauth2client Python library
- psycopg2 Python module
- Requests Python library
- Firewall configured to only allow ports 2200, 80 and 123
- Configured server to only allow public key authentication for logins
- remote login to root disabled both via
sshd_config
file (PermitRootLogin set to no) and adding-:root:ALL EXCEPT LOCAL
to the/etc/security/access.conf
file. - added grader file to
/etc/sudoers.d
to allow grader to usesudo
without entering password - set local timezone to UTC
- confirmed PostgresSQL server set to local connections only (per PostgresSQL docs this is the default setting)
- added .htaccess file to /var/www to prevent accessing .git folder through browser
- added superuser
grader
to server's users - added user
catalog
to PostgresSQL to be used by web app- note: if the grader needs to login to psql as catalog, use the command
psql -U catalog -h 127.0.0.1 -d readinglist
. The password can be found by viewing the file /var/www/ItemCatalogProject/views.py and looking in the connection detail in the create_engine call in line 22
- note: if the grader needs to login to psql as catalog, use the command
- Deploying Python Flask Web App on Amazon Lightsail
- SQLAlchemy Docs - Engine Configuration
- Serverfault - getting MOTD to disappear after upgrading all packages
- Disabling Remote Root Login
- Stackoverflow - logging into psql without peer authentication - used for setting up catalog user, scroll down to the answer with 143 rep for what I did
- Stackoverflow - setting up .htaccess file to prevent .git access
- askUbuntu - Setting up passwordless sudo
- askUbuntu - Changing timezone to UTC
- Documentation for the python modules listed above to confirm the correct package name to use with pip
- Documentation for Git and aptitude to confirm correct package name for use with apt-get