This is the last project toward Udacity Full Stack Web Developer Nanodegree. In this project, the University App from project 3 will be hosted by a Ubuntu Linux server on an Amazon Lightsail instance. A series of instructions will be presented below. You can visit http://13.233.204.152/ for the website deployed.
Above link is now unavailable because I have graduated from the nanodegree program.
- Public IP address: http://13.233.204.152/
- SSH port: 2200
- Create an AWS account
- Click Create instance button on the home page
- Select Linux/Unix platform
- Select OS Only and Ubuntu as blueprint
- Select an instance plan
- Name your instance
- Click Create button
- Download private key from the SSH keys section in the Account section on Amazon Lightsail. The file name should be like LightsailDefaultPrivateKey-us-east-2.pem
- Create a new file named lightsail_key.rsa under ~/.ssh folder on your local machine
- Copy and paste content from downloaded private key file to lightsail_key.rsa
- Set file permission as owner only :
$ chmod 600 ~/.ssh/lightsail_key.rsa
- SSH into the instance: `$ ssh -i ~/.ssh/lightsail_key.rsa ubuntu@13.233.204.152
- Run
sudo apt-get update
to update packages - Run
sudo apt-get upgrade
to install newest versions of packages - Set for future updates:
sudo apt-get dist-upgrade
- Run
$ sudo nano /etc/ssh/sshd_config
to open up the configuration file - Change the port number from 22 to 2200 in this file
- Save and exit the file
- Restart SSH:
$ sudo service ssh restart
- Check firewall status:
$ sudo ufw status
- Set default firewall to deny all incomings:
$ sudo ufw default deny incoming
- Set default firewall to allow all outgoings:
$ sudo ufw default allow outgoing
- Allow incoming TCP packets on port 2200 to allow SSH:
$ sudo ufw allow 2200/tcp
- Allow incoming TCP packets on port 80 to allow www:
$ sudo ufw allow www
- Allow incoming UDP packets on port 123 to allow NTP:
$ sudo ufw allow 123/udp
- Close port 22:
$ sudo ufw deny 22
- Enable firewall:
$ sudo ufw enable
- Check out current firewall status:
$ sudo ufw status
- Update the firewall configuration on Amazon Lightsail website under Networking. Delete default SSH port 22 and add port 80, 123, 2200
- Open up a new terminal and you can now ssh in via the new port 2200:
$ ssh -i ~/.ssh/lightsail_key.rsa ubuntu@13.233.204.152 -p 2200
- Create a new user account grader:
$ sudo adduser grader
$ sudo nano /etc/sudoers
- Create a file named grader under this path:
$ sudo touch /etc/sudoers.d/grader
- Edit this file:
$ sudo nano /etc/sudoers.d/grader
, add codegrader ALL=(ALL:ALL) ALL
. Save and exit
- Create an SSH key pair for grader using the
ssh-keygen
tool on your local machine. Save it in~/.ssh
path - Deploy public key on development environment
- On your local machine, read the generated public key
cat ~/.ssh/FILE-NAME.pub
- On your virtual machine
$ mkdir .ssh $ touch .ssh/authorized_keys $ nano .ssh/authorized_keys
- Copy the public key to this authorized_keys file on the virtual machine and save
- On your local machine, read the generated public key
- Run
chmod 700 .ssh
andchmod 644 .ssh/authorized_keys
on your virtual machine to change file permission - Restart SSH:
$ sudo service ssh restart
- Now you are able to login in as grader: `$ ssh -i ~/.ssh/grader_key -p 2200 grader@13.233.204.152
- You will be asked for grader's password. To unable it, open configuration file again:
$ sudo nano /etc/ssh/sshd_config
- Change
PasswordAuthentication yes
to no - Restart SSH:
$ sudo service ssh restart
- Run
$ sudo dpkg-reconfigure tzdata
- Choose None of the above to set timezone to UTC
- Install Apache:
$ sudo apt-get install apache2
- Go to http://13.233.204.152/ if Apache is working correctly, a Apache2 Ubuntu Default Page will show up
- Install the mod_wsgi package:
$ sudo apt-get install libapache2-mod-wsgi python-dev
- Enable mod_wsgi:
$ sudo a2enmod wsgi
- Restart Apache:
$ sudo service apache2 restart
- Check if Python is installed:
$ python
- Create a new Linux user:
$ sudo adduser catalog
- Give catalog user sudo access:
$ sudo visudo
- Add
$ catalog ALL=(ALL:ALL) ALL
under line$ root ALL=(ALL:ALL) ALL
- Save and exit the file
- Log in as catalog:
$ sudo su - catalog
- Create database catalog:
createdb catalog
- Exit user catalog:
exit
- Run
$ sudo apt-get install git
- Create dictionary:
$ mkdir /var/www/UniversityApp
- CD to this directory:
$ cd /var/www/UniversityApp
- Clone the catalog app:
$ sudo git clone RELEVENT-URL UniversityApp
- Change the ownership:
$ sudo chown -R ubuntu:ubuntu UniversityApp/
- CD to
/var/www/UniversityApp
- Change file application.py to init.py:
$ mv application.py __init__.py
- Change line
app.run(host='0.0.0.0', port=5000)
toapp.run()
in init.py file
- Create a new project on Google API Console and download
client_secrets.json
file - Copy and paste contents of downloaded
client_secrets.json
to the file with same name under directory/var/www/UniversityApp/client_secrets.json
- Install pip:
$ sudo apt-get install python-pip
- Install packages:
$ sudo pip install httplib2
$ sudo pip install requests
$ sudo pip install --upgrade oauth2client
$ sudo pip install sqlalchemy
$ sudo pip install flask
$ sudo apt-get install libpq-dev
$ sudo pip install psycopg2
- Create file:
$ sudo touch /etc/apache2/sites-available/catalog.conf
- Add the following to the file:
<VirtualHost *:80>
ServerName XX.XX.XX.XX
ServerAdmin admin@xx.xx.xx.xx
WSGIScriptAlias / /var/www/UniversityApp/catalog.wsgi
<Directory /var/www/UniversityApp/>
Order allow,deny
Allow from all
Options -Indexes
</Directory>
Alias /static /var/www/UniversityApp/catalog/static
<Directory /var/www/UniversityApp/catalog/static/>
Order allow,deny
Allow from all
Options -Indexes
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
- Run
$ sudo a2ensite catalog
to enable the virtual host - Restart Apache:
$ sudo service apache2 reload
- Create file:
$ sudo touch /var/www/UniversityApp/catalog.wsgi
- Add content below to this file and save:
#!/usr/bin/python
import sys
import logging
logging.basicConfig(stream=sys.stderr)
sys.path.insert(0,"/var/www/UniversityApp/")
from nuevoMexico import app as application
application.secret_key = 'super_secret_key'
- Restart Apache:
$ sudo service apache2 reload
- Replace lines in
__init__.py
,database_setup.py
, andlotsofitems.py
withengine = create_engine('sqlite://catalog')
$ sudo a2dissite 000-defualt.conf
- Restart Apache:
$ sudo service apache2 reload
- Run
$ sudo python database_setup.py
- Run
$ sudo python lotsofitems.py
- Restart Apache:
$ sudo service apache2 reload
- Now follow the link to http://13.233.204.152/ the application should be runing online
- If internal errors occur: check the Apache error file