GithubHelp home page GithubHelp logo

ashutosh-sharma / linux-server-configuration-project-6-fsnd-udacity Goto Github PK

View Code? Open in Web Editor NEW
1.0 0.0 2.0 17 KB

This repository contains project 6 Linux Server Configuration of Udacity's Full Stack Nano Degree.

linux-server server-configuration full-stack-web-development

linux-server-configuration-project-6-fsnd-udacity's Introduction

Linux Server Configuration-Project 6 | FSND Udacity

Project Overview

A baseline installation of a Linux server and prepare it to host web applications. Learning how to secure your server from a number of attack vectors, install and configure a database server, and deploy one of your existing web applications onto it.

What did I learn?

I have learnt how to access, secure, and perform the initial configuration of a bare-bones Linux server. You will then learn how to install and conzfigure a web and database server and actually host a web application.

Public IP Address: 13.126.78.60 || Accessible SSH port: 2200

Update This Lightsail instance has been removed. Now, I am using Amazon EC2. Find Live Project Here

To complete this project, you'll need a Linux server instance. I have used Amazon Lightsail. If you don't already have an Amazon Web Services account, you'll need to set one up. Once you've done that, Follow the steps to configure the server. Go through AWS tutorials if you feel need to. Later I will shift to Amazon EC2 from Amazon Lightsail, just to get thorugh both major services of AWS.

Steps to Configure Linux server

1. Start a new Ubuntu Linux server instance on Amazon Lightsail.

You can refer to the documentation which will help you to get started. Also, you may want to have a look at this.

2. Follow the instructions provided to SSH into your server.

There is a button on lightsail dashboard to directly SSH into your server. You can also SSH into your machine using the private key.

  • Download the private key provided in account section of AWS Lightsail.
  • Use this command: $ ssh -i <privateKeyOfInstance.rsa> <Username>@<Public IP address>

Secure your server

3. Update all currently installed packages.
$ sudo apt-get update
$ sudo apt-get upgrade
4. Configure the Uncomplicated Firewall (UFW) to only allow incoming connections for SSH (port 2200), HTTP (port 80), and NTP (port 123).
$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing
$ sudo ufw allow www
$ sudo ufw allow ntp
$ sudo ufw allow 2200/tcp
$ sudo ufw enable
5. Change the SSH port from 22 to 2200.

Make sure to configure the server firewall before changing the port to 2200. Otherwise, you will lose your machine.

  • Locate the line port 22 in the file /etc/ssh/sshd_config and edit it to port 2200, or any other desired port.
  • Restart the SSH service usign $ sudo service ssh restart.
6. Creating a new user called grader, and generating a SSH key pair for grader.
  • Add User grader 
    $ sudo adduser grader
    Set its password if you want and fill other details.
  • Give Sudo Access to grader and set NOPASSWD 
    $ sudo vim /etc/sudoers.d/grader
    • Edit and following line to this file 
      grader ALL=(ALL) NOPASSWD:ALL
  • Generate a keypair and push it to server. Use your local machine to generate a key pair 
    $ssh-keygen -t rsa
    Push it to server: Create .ssh directory in home of server machine. And follow the commands to push and authorize the key for SSH login. 
    $ mkdir .ssh
$ touch .ssh/authorized_keys
    Copy and paste the key from your local machine, usign vim editor: 
    $ vim .ssh/authorized_keys
    Changing permission of .ssh and .ssh/authorized_keys 
    $ chmod 700 .ssh
$ chmod 644 .ssh/authorized_keys

Prepare to deploy your project.

9. Configure the local timezone to UTC.
  • Change the timezone to UTC using following command: 
    $ sudo timedatectl set-timezone UTC

You may need to take refrence from Digital ocean-Deploy a Flask Appfor furthur steps.

10. Install and configure Apache to serve a Python mod_wsgi application.
$ sudo apt-get install apache2 libapache2-mod-wsgi

Enable mod_wsgi: $ sudo a2enmod wsgi

11. Install and configure PostgreSQL:

  • Installing Postgresql python dependencies

    $ sudo apt-get install libpq-dev python-dev

  • Installing PostgreSQL:

    $ sudo apt-get install postgresql postgresql-contrib

  • Do not allow remote connections. Find the remote connection permission in the file specified below.

    $ sudo cat /etc/postgresql/9.5/main/pg_hba.conf

  • Create a new database user named catalog that has limited permissions to your catalog application database.

    $ sudo su - postgres
$ psql
    • Create a new database named catalog: # CREATE DATABASE catalog;
    • Create a new user named catalog: # CREATE USER catalog;
    • Set a password for catalog user: # ALTER ROLE catalog with password 'password';
    • Grant permission to catalog user: # GRANT ALL PRIVILEGES ON DATABASE catalog TO catalog;
    • Exit from psql: # \q;
    • Return to grader using: $ exit

  • Change the database connection to:

    engine = create_engine('postgresql://catalog:<password>@localhost/catalog')
12. Install python-pip, Flask and other dependencies.

Find the package name: Ubuntu Packages Search

 $ sudo apt-get install python-pip
 $ sudo pip install Flask
 $ sudo pip install sqlalchemy psycopg2 sqlalchemy_utils
 $ sudo pip install httplib2 oauth2client requests
13. Install git and clone the project to /var/www/
  • Make a ItemCatalogFlaskApp named directory in /var/www/ and FlaskApp in ItemCatalogFlaskApp 
      $ sudo mkdir /var/www/ItemCatalogFlaskApp
  $ sudo mkdir /var/www/ItemCatalogFlaskApp/FlaskApp
  • Make grader as ownner of that directory 
     $ sudo chown -R grader:grader /var/www/ItemCatalogFlaskApp
  • Clone the Item Catalog and put them in the ItemCatalogFlaskApp/FlaskApp directory: 
    $ git clone https://github.com/ashutosh-sharma/Item-Catalog-Project-4---FSND---Udacity
14. Create the .wsgi file in ItemCatalogFlaskApp to help apache to serve the FlaskApp
$ cd /var/www/ItemCatalogFlaskApp/
$ sudo vim ItemCatalogFlaskApp.wsgi
  • Add the following lines of code to the .wsgi file
#!/usr/bin/python
import sys
import logging
logging.basicConfig(stream=sys.stderr)
sys.path.insert(0,"/var/www/ItemCatalogFlaskApp")

from FlaskApp import app as application

Now your directory structure should look like this:

|--------/var/www/ItemCatalogFlaskApp
|----------------FlaskApp
|-----------------------static
|-----------------------templates
|---------------------- *other files*
|-----------------------__init__.py
|----------------ItemCatalogFlaskApp.wsgi
16. Configure and Enable a New Virtual Host:
  $  sudo vim /etc/apache2/sites-available/000-default.conf

Add the following lines of code to the file to configure the virtual host. This will also add path for server error logs and access error logs.

<virtualHost *:80>
    ServerName 'XXX.XXX.XXX.XXX'
    ServerAdmin [email protected]
    WSGIScriptAlias / /var/www/ItemCatalogFlaskApp/ItemCatalogFlaskApp.wsgi
    <Directory /var/www/ItemCatalogFlaskApp/FlaskApp>
        Order allow,deny
        Allow from all
    </Directory>
    Alias /static /var/www/ItemCatalogFlaskApp/FlaskApp/static
    <Directory /var/www/ItemCatalogFlaskApp/FlaskApp/static/>
        Order allow,deny
        Allow from all
    </Directory>
    ErrorLog /home/grader/serverErrors/serverError.log
    LogLevel warn
    CustomLog /home/grader/serverErrors/access.log combined
</VirtualHost>

Enable the virtual host with the following command:

$ sudo a2ensite 000-default
17. Restart Apache to run the app on sever
$ sudo service apache2 restart

Refrences:

๐ŸŽฉ Hat tip to everyone who helped me!

linux-server-configuration-project-6-fsnd-udacity's People

Contributors

ashutosh-sharma avatar

Stargazers

avatar

Forkers

shroukelrawy asemdevs

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.