This project is used to test small projects and experiments that I post online
- Python 3
- pip3
- virtualenv
- mysql-client
- nginx
- supervisor
- Run
ubuntu_setup.sh - Add
config/.bashrcshortcuts to.bashrc - Setup Nginx
- Setup supervisor
- Create Gmail account
- Create Google Cloud account (1-year free)
- Create Compute Engine instance (small)
- Access from the local console
- Log in gcloud (gcloud auth login ...)
- Check default configuration (gcloud config list)
- If there are problems, delete previous public keys
- Log in gcloud (gcloud auth login ...)
- Check whether you can access
- Using the console
- Through SFTP (Cyberduck)
- Add shortcut to the terminal (to speed-up things)
- Update certificates (in the code)
- Install initial requirements (MySQL, python, supervisor, ...)
- Access from the local console
- Create CloudSQL instance (MySql 2nd gen) - (...Or use SQLite and f*ck it!)
- Authorize IP "Home" (temp)
- Create certificates (from the web)
- Add them to the project
- Add them to ~ / .ssh
- Update codes (if necessary)
- Check that you can access
- Using the console
- Through an IDE (DataGrip/MySQLWorkbench)
- Add shortcut to the terminal
- Import database *
- Verify domain (bare IPs present problems with (self-signed) certificates, browsers,...)
- Create static and media buckets (EU)
- Add files
- Check files
- Delete cache folder
- Make public bucket (Add member -> allUsers -> Storage Object Viewer)
- Fix CORS problem
- Create credential API service account key (storage-auth.json)
- Update code
- Run web in local - (Remote DB and buckets)
- Add/Update Google Analytics (if you want)
- Update Github
- Clone code to the server (
git clone ...) - Create a virtual environment and install requirements
- Ensuring the requirements have a specific version (PLEASE WRITE THE FUCKING DEPENDENCY VERSIONS!!!!)
- Update settings.py
- Add shortcuts to .bashrc
- Configure Nginx
- Configure supervisor
- Configure Let'sEncrypt
- Install certbot
- Prepare Nginx
- Disable routes from letsencrypt of the nginx config
- Allowing HTTPS Through the Firewall (Activate UFW)
- Obtain certificate
- Updating Diffie-Hellman Parameters
- Setting Up Auto Renewal (crontab, usually is automatic /etc/cron.d)
- Authorize ComputeEngine instance to access the CloudSQL (external)
- Read logs
- Check browser console
- Check caches and reset
- Make static external IP
1. [Google Cloud] Configuring CORS on a Bucket
gsutil cors set cors-json-file.json gs://example
where cors-json-file.json is a your CORS configuration file:
[
{
"origin": ["http://example.appspot.com"],
"responseHeader": ["Content-Type"],
"method": ["GET", "HEAD", "DELETE"],
"maxAgeSeconds": 3600
}
]
2. [Nginx] Force Access-Control-Allow-Origin
Go to /etc/nginx/sites-available/[your_server_config] and add this line into your server block:
add_header Access-Control-Allow-Origin *;
More: https://serverfault.com/questions/162429/how-do-i-add-access-control-allow-origin-in-nginx
3. [Django-cors] Adds CORS headers to Django responses.
Check this out:
- https://github.com/ottoyiu/django-cors-headers
- https://stackoverflow.com/questions/28046422/django-cors-headers-not-work/28834566
More things: https://cloud.google.com/storage/docs/cross-origin https://stackoverflow.com/questions/26189835/cors-error-on-chrome-with-google-fonts/44855107#44855107 https://stackoverflow.com/questions/22476273/no-access-control-allow-origin-header-is-present-on-the-requested-resource-i
Note: Remember to restart celery when the code of the tasks changes
1. Install RabbitMQ outside the virtual environment
-
Ubuntu:
sudo apt-get install rabbitmq-server
-
Mac OS X:
brew install rabbitmq
2. Start RabbitMQ
sudo rabbitmq-server
3. Start Celery using this project
celery -A (PROJECT_NAME) worker --loglevel=info
4. Demonizing Celery
See more (First steps): http://docs.celeryproject.org/en/latest/getting-started/first-steps-with-celery.html See more (Celery for Django): http://docs.celeryproject.org/en/latest/django/first-steps-with-django.html
1. Install redis-server outside the virtual environment
-
Ubuntu:
sudo apt-get install redis-server -
Mac OS X:
brew install redis
2. Start redis-server
```
redis-server
```
3. Test if it is working
After the command, redis should respond with PONG:
redis-cli ping
Check log permissions:
sudo chmod 777 /var/log/redis/redis-server.log
4. Edit Redis config
5. Restart Redis
sudo service redis-server restart
**See more (Redis in Django): ** https://realpython.com/blog/python/caching-in-django-with-redis/ **See more (Setting up): ** http://michal.karzynski.pl/blog/2013/07/14/using-redis-as-django-session-store-and-cache-backend/
Edit /etc/nginx/nginx.conf (on Ubuntu):
. . .
##
# `gzip` Settings
#
#
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
. . .
and save and restart nginx:
sudo service nginx restart
**See more: ** https://www.digitalocean.com/community/tutorials/how-to-add-the-gzip-module-to-nginx-on-ubuntu-14-04
- Install Certbot
- Prepare Nginx
- Disable letsencrypt paths from Nginx config file
- Get certificate
sudo certbot --nginx -d domain.com -d www.domain.com - Updating Diffie-Hellman Parameters
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 - Setting Up Auto Renewal (crontab)
**See more: ** https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
See more: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-14-04