As part of the Udacity Full Stack Nanodegree, this README describes steps taken to configure a linux server instance running on a virtual machine. A Digital Ocean Droplet running Ubuntu 16.04.3 x64 was created for this project.
- IP Address: 128.199.229.152
- SSH port: 2200
most of these steps are taken here
- We first login remotely by typing
ssh [email protected]. - System software is updated:
apt-get updatethenapt-get upgrade - We create a new user:
adduser grader. Enter new UNIX password. - New user is given root priveleges:
usermod -aG sudo grader - To add public key authentication, we first run
ssh-keygenin our local computer to generate a key pair. Default file paths are accepted. We enter a passphrase if we want. - Run
cat ~/.ssh/id_rsa.puband copy contents to clipboard. - Back in our server, we switch to our newly created user:
su - grader - Create .ssh folder and restrict permissions:
mkdir .sshthenchmod 700 ~/.ssh - Create authorized_keys:
nano ~/.ssh/authorized_keys - Paste public key then save.
- Disable password authentication if needed. I chose SSH keys during Droplet creation so sshd_config is already setup for this.
- Login from local computer:
ssh [email protected] - Configure SSH:
sudo nano /etc/ssh/sshd_config - Exit and login again remotely:
ssh [email protected] -p 2200 - ufw is configured to deny incoming and allow outgoing by default:
sudo ufw default deny incomingandsudo ufw default allow outgoing - ufw allow ports 2200, 80 (http), and 123 (ntp):
sudo ufw allow *port number* - enable firewall:
sudo ufw enable - Try logging in again through SSH
reference here
- Install Apache:
sudo apt-get install apache2 - Install mod-wsgi:
sudo apt-get install libapache2-mod-wsgi python-dev - Enable it:
sudo a2enmod wsgi - In local computer, navigate to vagrant directory then copy Item Catalog Project files to server:
scp -P 2200 -r catalog/ [email protected]:/home/grader/. I chose this option because I did not setup a GitHub repo for the previous project. - Make folder for Flask apps:
sudo mkdir /var/www/html/FlaskApps - Copy app to created folder:
sudo cp -r ~/catalog /var/www/html/FlaskAppsand rename main program code to __init.py__ - Install pip:
sudo apt-get install python-pip - Install python packages in a virtual environment:
sudo pip install virtualenvsudo virtualenv venvsource venv/bin/activatesudo pip install Flasksudo pip install SQLAlchemysudo pip install --upgrade google-api-python-clientsudo pip install requestssudo python __init__.pyto testdeactivate
- Configure and Enable a New Virtual Host
sudo nano /etc/apache2/sites-available/Catalog.conf
<VirtualHost *:80>
ServerName 128.199.229.152
ServerAdmin [email protected]
WSGIScriptAlias / /var/www/html/FlaskApps/flaskapp.wsgi
<Directory /var/www/html/FlaskApp/catalog/>
Order allow,deny
Allow from all
</Directory>
Alias /static /var/www/html/FlaskApps/catalog/static
<Directory /var/www/html/FlaskApps/catalog/static/>
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
sudo a2ensite Catalog
- Create .wsgi file:
sudo nano /var/www/html/FlaskApps/flaskapp.wsgi - Restart database:
sudo service apache2 restart - Type
128.199.229.152in browser to access web app - Errors are diagnosed with the command:
sudo tail /var/log/apache2/error.log - Change relative paths to absolute paths: database and client_secrets.json
- Add public IP address to OAuth 2.0 Client Javascript Origins in https://console.developers.google.com/apis
- Add this to db to prevent threading error:
/path/to/db?check_same_thread=False - Change ownership of db file and its directory to prevent write errors. Answer found here
chown www-data *db_file*chown www-data /var/www/html/FlaskApps/catalog
- Restart apache and retry.