A Udacity Fullstack Web Developer nanodegree project.
A baseline installation of a Linux server and prepare it to host my web applications.
The Linux server instance choosed was Amazon Lightsail, with the following specifications:
- Name: udaprojLinux
- Linux: Ubuntu 18.04 LTS
- IP: 34.231.195.103
- SSH Port: 2200
- Reviewer user: grader
- Url: http://34.231.195.103/
- Enter https://lightsail.aws.amazon.com/ls/webapp/home/instances
- Choose: [Create Instance] -> [Linux] -> [Ubuntu 16.04] -> [Create Instance]
- Wait "Pending" status change
In the networks tab you need to configure the following ports:
- Custom - TCP - 2200
To create a static ip we need to use a DNS and the service XPI.io offers it to use for example in the application OAuth. This is a public service offered free of charge by Basecamp. An example would be: 54.84.49.254.xip.io
Set-up SSH keys for user grader
$ ssh-keygen grader-key
# Enter file name to save the key: grader
# Let's keep passphrase empty
$ cp grader-key ~/.ssh
#to save the private key in ~/.ssh on local machine
- Create a new user named grader
$ sudo adduser grader
#to create the user
$ sudo chage -d 0 grader
#to make grader change its pw at first login
$ sudo usermod -aG sudo grader
#to grant sudo to grader, add it to Sudoers
- Adding ssh key to the created user
$ su - grader
#login with grader
$ mkdir .ssh
$ sudo touch .ssh/authorized_keys
$ sudo nano .ssh/authorized_keys
Copy the public key generated on your local machine to this file.
CTRL+O (save), ENTER (confirm), CTRL+X (exit nano)
- Permissioning ssh files. Again, in aws console:
$ sudo chown -R grader.grader /home/grader/.ssh
$ sudo chmod 700 /home/grader/.ssh
$ sudo chmod 600 /home/grader/.ssh/authorized_keys
$ ls -als .ssh/
Logged as grader:
$ sudo nano /etc/ssh/sshd_config
Change the following lines:
- FROM:
PermitRootLogin without-password
TO:PermitRootLogin no
- FROM:
PasswordAuthentication yes
TO:PasswordAuthentication no
- ADD:
DenyUsers root
CTRL+O (save), ENTER (confirm), CTRL+X (exit nano)
Now, let's restart ssh and change its port to 2200:
$ sudo service ssh restart
$ sudo nano /etc/ssh/sshd_config
Change Port to 2200
CTRL+O (save), ENTER (confirm), CTRL+X (exit nano)
$ sudo service ssh restart
The ssh key was placed in the "Notes to Reviewer" field body
ssh -i grader-key grader@34.192.184.204 -p 2200
Logged as grader:
$ sudo ufw default deny incoming
#to block all incoming connections on all ports by default
$ sudo ufw allow 2200/tcp
#to allow incoming connection for SSH on port 2200
$ sudo ufw allow 80/tcp
#to allow incoming connection for port 80
$ sudo ufw allow 123/udp
#to allow incoming connection for port 80
$ sudo ufw enable
#to enable the firewall, use
$ sudo ufw status
#to make sure everything is fine
Logged as grader:
$ sudo timedatectl set-timezone UTC
Logged as grader:
$ sudo apt-get install apache2
#to install appache
$ sudo apt-get install python-setuptools libapache2-mod-wsgi
#to install Install mod_wsgi
$ sudo service apache2 restart
#to restart apache
$ sudo apt-get install postgresql
#to install postgresql
$ sudo nano /etc/postgresql/9.3/main/pg_hba.conf
#to check if no remote connections are allowed
$ sudo su - postgres
#to login as postgres
- as postgree get into postgreSQL shell with
psql
in there do:
- Create a new database named (in my case restaurantmenulist) and a user named catalog
postgres=# CREATE DATABASE restaurantmenulist;
- Create a new user named catalog
postgres=# CREATE USER catalog;
- Set a password for user catalog
postgres=# ALTER ROLE catalog WITH PASSWORD 'myNewPassword';
I've also paste the myNewPassword on the "Notes to Reviewer" field.
- Give user "catalog" permission to "catalog" application database
postgres=# GRANT ALL PRIVILEGES ON DATABASE restaurantmenulist TO catalog;
- Quit postgreSQL
postgres=# \q
Exit from user "postgres"
exit
$ sudo apt-get install git
$ cd /var/www
$ sudo mkdir ItemCatalog
$ cd ItemCatalog/
$ sudo git init
# Initiate an empty git repository in the current folder
$ sudo git remote add origin https://github.com/lucianobarauna/udacityproj_item_catalogy
# Add my Item Catalog App Repo as a remote repository
$ sudo git remote -v
# Check if the remote repository was added successfully
$ sudo git pull origin master
# Pull the remote repository
$ ls
# Check if the files were downloaded successfully
$ cd catalog/
- Rename
project.py
to__init__.py
$ sudo mv project.py __init__.py
- Edit database_setup.py, lotsofmenus.py, and the now renamed init.py, and change all occurrences of 'sqlite:///restaurantmenulist.db' to 'postgresql://catalog:password@localhost/restaurantmenulist', editing the files with: sudo nano 'FILE-NAME'
# engine = create_engine('sqlite:///restaurantmenulist.db')
#to
create_engine('postgresql://catalog:grader@localhost/restaurantmenulist')
at
$ sudo nano __init__.py
$ sudo nano db_config.py
- Install pip
$ sudo apt-get install python-pip
$ sudo pip install -r requirements.txt
- Then, use it to install all dependencies listed on requirements.txt
$ sudo pip install -r requirements.txt
- Create database schema
$ sudo python database_setup.py
- To fill the database
$ sudo python lotsofmenus.py
- Configure Apache and Enable a New Virtual Host Create FlaskApp.conf to edit:
$ sudo nano /etc/apache2/sites-available/ItemCatalog.conf
Add the following lines of code to the file to configure the virtual host.
<VirtualHost *:80>
ServerName 34.231.195.103
ServerAdmin baraunaluciano@gmail.com
ServerAlias 34.192.184.204.xip.io
WSGIScriptAlias / /var/www/ItemCatalog/itemcatalog.wsgi
<Directory /var/www/ItemCatalog>
Order allow,deny
Allow from all
</Directory>
Alias /static /var/www/ItemCatalog/static
<Directory /var/www/ItemCatalog/static/>
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Enable the virtual host with the following command:
$ sudo a2ensite ItemCatalog
Activate the new configuration
$ sudo service apache2 reload
- Create and config the *.wsgi file
To create AND edit the desired file:
$ sudo nano /var/www/ItemCatalog/itemcatalog.wsgi
add the following code to flaskapp.wsgi
#!/usr/bin/python
import sys
import logging
logging.basicConfig(stream=sys.stderr)
sys.path.insert(0,"/var/www/ItemCatalog")
from __init__ import app as application
application.secret_key = 'super_secret_key'
If something breaks or go wrong, you can access a log for this application with the following command:
sudo tail -f /var/log/apache2/error.log