- Ubuntu 12.04 LTS
- Git 1.7+
- Python 2.7
- Pip 1.5+
- virtualenvwrapper 4.2
- Nginx 1.1+
- PostgreSQL 9.1+
- RabbitMQ 2.7+
- Solr 4.9.0+
- GEOS 3.2.2+
- PROJ.4 4.7+
- PostGIS 1.5+
- SpatiaLite 3.0+
First, we need to create a system acccount that we can use to run the web app daemon without root priviledges for security reasons:
sudo adduser --disabled-password select_a_proper_username_matching_projects_name
The previous step will create a user, a group with the same name as the user and the user's home directory.
Install build essentials and Python header files
sudo aptitude install build-essential automake autoconf libtool python-dev \
postgresql-server-dev-9.1 libxml2-dev libxslt1-dev
Install git
sudo aptitude install git-core
We need to install the python-pip package to be so that we can be able to install the virtualenvwrapper afterwards
sudo aptitude install python-pip
Install virtualenvwrapper using the pip command. virtualenvwrapper will
allow us to create several virtualenv environments manageable through practical
commands like workon
, mkvirtualenv
, etc; which should be very helpful for
automated deployment scripts
sudo pip install virtualenvwrapper
Install nginx
sudo aptitude install nginx nginx-light
Configure nginx so that it remains as a balanced reverse proxy, forwarding
everything relayed through the local port 9000 into the port 80.
To do this, create a file (i.e. example_com) into
/etc/nginx/sites-available` with the following configuration:
server {
listen 80;
listen 443 default ssl;
include mime.types;
default_type application/octect-stream;
sendfile on;
keepalive_timeout 65;
#https://github.com/kaleidos/django-validated-file#note-on-dos-attacks
client_max_body_size 100M;
root /usr/share/nginx/www;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name put.the.web.app.domain.name.here;
location /static/ {
alias /path/to/djangos/static/files/;
expires 30d;
}
location /media/ {
alias /path/to/djangos/media/files/;
expires 30d;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass https://127.0.0.1:9000;
#proxy_pass_header Server;
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 10;
proxy_read_timeout 10;
#proxy_set_header SCRIPT_NAME /;
}
if ($ssl_protocol = "") {
# TODO replace 107.170.145.112 with $server_name
rewrite ^/(.*) https://107.170.145.112/$1 permanent;
}
# ssl configuration
ssl on;
ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/key.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
}
Create a symlink to this file inside the /etc/nginx/sites-enabled
directory.
sudo ln -s /etc/nginx/sites-available/your_site_configuration \
/etc/nginx/sites-enabled
Now install postgresql and then configure a user and assign the proper permissions for it to be able to create databases and access them
sudo aptitude install postgresql-9.1
sudo su - postgres
psql -c "create role selected_username; \
alter role selected_username with createdb login;"
exit
Install RabbitMQ
sudo aptitude install rabbitmq-server
Add sudoer permissions to allow the project's user to run rabbitmqctl without inputing a password
echo "dentexchange ALL=NOPASSWD: /usr/sbin/rabbitmqctl" \
| sudo tee -a /etc/sudoers
Finally, we'll have to configure the system account's home directory to be able to use virtualenvwrapper, log supervisord and gunicorn outputs, and for storing the pidfiles for each supervisord job
sudo su - dentexchange
mkdir -p var/log var/run projects
echo source /usr/local/bin/virtualenvwrapper.sh >> ~/.profile
Adding Authentication to Nginx
Follow the instructions described here https://www.digitalocean.com/community/tutorials/how-to-set-up-http-authentication-with-nginx-on-ubuntu-12-10
Install Apache Solr
We need Solr for haystack-based full-text searches. First we need to install Java's JRE
sudo aptitude install openjdk-7-jre-headless
Download and Install Apache Solr
sudo su - <projects_username>
mkdir -p projects/solr
cd projects/solr
wget http://archive.apache.org/dist/lucene/solr/4.9.0/solr-4.9.0.tgz
tar xf solr-4.9.0.tgz
rm solr-4.9.0.tgz
ln -s solr-4.9.0 current
cd current/example/solr
mv collection1 <project_name>
rm <project_name>/README.txt
echo "name=<project_name>" > <project_name>/core.properties
rm <project_name>/conf/schema.xml
rm -rf <project_name>/data/*
ln -s ~/projects/<project_dir>/<project_name>/data/schema.xml \
<project_name>/conf/schema.xml
ln -s <project_name>/conf/stopwords.txt <project_name/conf/stopwords_en.txt
Install GEOS, PROJ.4, SpatiaLite and PostGIS
sudo aptitude install libgeos-c1 libproj0 postgis libspatialite3