This repository includes Udacity project unit 5: Linux Server Configuration
A user of this project can add, edit, and delete items belonging to a particular category.
You can visit http://18.194.205.178/ for the website deployed.
Requires Python, and git, an Ubuntu Linux Server Istance on Amazon Lightsail
Get your server.
- Start a new Ubuntu Linux server instance on Amazon Lightsail. There are full details on setting up your Lightsail instance on the next page.
- Follow the instructions provided to SSH into your server.
- Update all currently installed packages.
- Change the SSH port from 22 to 2200. Make sure to configure the Lightsail firewall to allow it.
- Configure the Uncomplicated Firewall (UFW) to only allow incoming connections for SSH (port 2200), HTTP (port 80), and NTP (port 123).
In order for your project to be reviewed, the grader needs to be able to log in to your server.
- Create a new user account named grader.
- Give grader the permission to sudo.
- Create an SSH key pair for grader using the ssh-keygen tool.
- Configure the local timezone to UTC.
- Install and configure Apache to serve a Python mod_wsgi application.
If you built your project with Python 3, you will need to install the Python 3 mod_wsgi package on your server: sudo apt-get install libapache2-mod-wsgi-py3. 11. Install and configure PostgreSQL:
Create a new database user named catalog that has limited permissions to your catalog application database. 12. Install git.
Download private key (for grader see notes)
Move your key into authorized_keys directory or similar
adapt access rights to authorized_keys on your local machine:
Example: chmod 600 .ssh/authorized_keys
connect: ssh [email protected] -i udacity_grader2.pem
IP: 18.194.205.178 User name: grader SSH private Key: may be downloaded from "notes to reviewer" field SSH pubblic key: already set on server
sudo apt-get update sudo apt-get upgrade
sudo adduser bob --disabled --password
connect to bob account: sudo su - bob
mkdir .ssh
chmod 700 .ssh
create a directory for all authorized keys: touch .ssh/authorized_keys
limit access to directory: chmod 600 .ssh/authorized_keys`
make new ssh -key in AWS lightsail console download private key and install on local server (e.g. udacity_grader2.pem)
copy pubblic key into .ssh/authorized_keys:
sudo su - bob
cat >> .ssh/authorized_keys
from MacOS connect as bob:
ssh [email protected] -i udacity_grader2.pem
change to root user: sudo su -
update ssh port in config file: nano /etc/ssh/ssh_config
restart service service ssh restart
Note: for lightsail users, make sure additional Firewall setting under Networking allows SSH connection on port 2200
sudo ufw allow 2200/tcp
sudo ufw allow 80/tcp
sudo ufw allow 123/udp
sudo ufw enable
Note: from now on you will connect using ssh -p2200
example: ssh [email protected] -i udacity.pem -p2200
sudo dpkg-reconfigure tzdata
sugo apt-get install Apache2
sudo apt-get -H install python libapache2-mod-wsgi
sudo service apache2 restart
Note: -H is only required to install packages on route directory and not only for a specific user
sudo apt install unattended-upgrades
sudo apt-get -H install postgre sql
create DB user called catalog
psql
CREATE DATABASE catalog;
CREATE USER catalog;
ALTER ROLE catalog WITH PASSWORD `foo`;
GRANT ALL PRIVILEGES ON DATABASE catalog TO catalog;
quit postgreSQL: ⁄q
exit from psql: exit
sudo apt-get install git
sudo git clone "https://github_catalog_link" destionation_directory
sudo apt-get -H install python-pip
sudo -H pip install Flask
sudo nano myapp.wsgi
sudo -H apt-get install libapache2.mod-wsgi python-dev
sudo a2enmod wsgi
import sys
import logging
sys.path.insert(0, "/var/www/FlaskApp/")
from catalogUdacity import app as application
configure: sudo nano /etc/apache2/sites-available/xxx.conf
enable: sudo a2ensite FlaskApp
Note: make sure git directory and childrens are not accessible from client
<VirtualHost *>
ServerName 18.194.205.178
WSGIDaemonProcess FlaskApp
WSGIScriptAlias / /var/www/FlaskApp/myapp.wsgi
<Directory /var/www/FlaskApp>
WSGIProcessGroup FlaskApp
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Directory>
<Directorymatch "^/.*/\.git/">
Order deny,allow
Deny from all
</Directorymatch>
</VirtualHost>
FlaskApp
├── catalogUdacity
│ ├── database_setup.py
│ ├── fb_client_secrets.json
│ ├── __init__.py
│ ├── lots_of_menus.py
│ ├── README.md
│ ├── static
│ │ └── styles.css
│ └── templates
│ ├── add_item.html
│ ├── catalog.html
│ ├── delete_item.html
│ ├── edit_item.html
│ ├── header.html
│ ├── item_description.html
│ ├── login.html
│ └── specific_category.html
└── myapp.wsgi
sudo service apache2 restart
sudo tail /var/log/apache2/error.log
lsb_release -a
Udacity discussion Forum: (thank you @swooding) : https://discussions.udacity.com/t/helloworld-application-for-flask/399384
Digital ocean tutorial: https://www.digitalocean.com/community/tutorials/how-to-deploy-a-flask-application-on-an-ubuntu-vps