nano-fs-05
VM details:
AWS link: http://ec2-52-39-44-26.us-west-2.compute.amazonaws.com/
IP address: 52.39.44.26
SSH port: 2200
Commands since last review:
- Set password for grader
su grader
passwd
set new password to the following string
qw345!
and set one for root too
myAw3somepassword
- Make sudo ask for password for grader
sudo nano /etc/sudoers.d/grader
add the following to the file and then save it.
grader ALL=(ALL) ALL
- Give grader remote access
cp /root/.ssh/authorized_keys /home/grader/.ssh
sudo nano /etc/ssh/sshd_config
Add the following to the bottom and then save the file.
AllowUsers grader
Then restart ssh
service ssh restart
- Disable remote root access
sudo nano /etc/ssh/sshd_config
Modify the line with PermitRootLogin on.
PermitRootLogin no
Then restart ssh
service ssh restart
Commands:
ssh -i ~/.ssh/udacity_key.rsa -p 2200 grader@52.39.44.26
The following steps were run after having logged into the virtual machine.
- Create a new user named grader
sudo adduser grader
- Give the grader the permission to sudo
sudo nano /etc/sudoers.d/grader
Add the following:
grader ALL=(ALL) NOPASSWD:ALL
Save and exit.
- Update all currently installed packages.
sudo apt-get update
sudo apt-get upgrade
- Configure the local timezone to UTC.
sudo dpkg-reconfigure tzdata
Then follow the menu options to select UTC.
- Change the SSH port from 22 to 2200
nano /etc/ssh/sshd_config
Then change the port number from 22 to 2200 in the file.
Save the file and exit nano.
service ssh restart
- Configure the Uncomplicated Firewall (UFW) to only allow incoming connections for SSH (port 2200), HTTP (port 80), and NTP (port 123)
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 2200/tcp
sudo ufw allow ntp
sudo ufw allow www
sudo ufw enable
- Install and configure Apache to serve a Python mod_wsgi application
sudo apt-get install apache2
sudo apt-get install python-dev python-setuptools
sudo apt-get install libapache2-mod-wsgi
sudo service apache2 restart
- Install and configure PostgreSQL
sudo apt-get install postgresql
sudo locale-gen en_GB.UTF-8
sudo a2enmod wsgi
sudo service apache2 restart
- Install git, clone and set up your Catalog App project (from your GitHub repository from earlier in the Nanodegree program) so that it functions correctly when visiting your server’s IP address in a browser. Remember to set this up appropriately so that your .git directory is not publicly accessible via a browser!
sudo apt-get install git
cd /var/www
git clone https://github.com/maweeks/nano-fs-03.git
mkdir /var/www/catalog
cp -r catalog /var/www/catalog
mv nano-fs-03/ /var
cd /var/www/catalog/catalog
sudo apt-get install python-pip
sudo pip install virtualenv
sudo virtualenv venv
source venv/bin/activate
sudo pip install Flask
sudo easy_install SQLAlchemy
sudo pip install google-api-python-client
sudo nano /etc/apache2/sites-available/FlaskApp
Add the following to the new file.
<VirtualHost *:80>
ServerName 52.39.44.26
ServerAdmin m_weeks@hotmail.co.uk
WSGIScriptAlias / /var/www/catalog/catalog.wsgi
<Directory /var/www/catalog/catalog/>
Order allow,deny
Allow from all
</Directory>
Alias /static /var/www/catalog/catalog/static
<Directory /var/www/catalog/catalog/static/>
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Save and exit nano.
cd /var/www/catalog sudo nano flaskapp.wsgi
#!/usr/bin/python
import sys
import logging
logging.basicConfig(stream=sys.stderr)
sys.path.insert(0,"/var/www/catalog/")
from catalog import app as application
application.secret_key = 'Add your secret key'
Resources used:
Stack overflow