FullStack Project using Flask Micro framework
Server Details:
Public IP: 52.35.118.167
Application URL: http://ec25235118167.uswest2.compute.amazonaws.com/
SSH Port : 2200
Setting up server:
--- Following softwares have been installed using command sudp apt-get install
-- libpq-dev
-- python-dev
-- fail2ban
-- apache2
-- finger
-- glances
-- git
-- libapache2-mod-wsgi
-- postgresql
-- postgresql-contrib
-- python-pip
-- python-virtualenv
-- python2.7
-- sendmail
-- ufw
-- unattended-upgrades
--- Created a new user grader with sudo privileges
--- Disabled root ssh login by setting following parameter in the file /etc/ssh/sshd_config
PermitRootLogin no
--- Changed ssh port to 2200 by changing following parameter in the file /etc/ssh/sshd_config
Port 2200
--- Configured Uncomplicated Firewall (UFW) to only allow incoming connections from
-- SSH (port 2200)
-- http(port 80)
-- NTP(port 123)
Setting up Apache Server:
--- Do a latest chekout from the following repsitory in the home directory /home/grader
https://github.com/kumaratinfy/p5-linux-config.git
--- From shell navigate inside the folder
-- /home/grader/p5-linux-config
--- Swicth to root user using the following command sudo -s
--- create a virtual environment using the command:
virtualenv venv --always-copy --no-site-packages
--- Activate virtual environemt using the following command
source venv/bin/activate
--- Install all dependenices using the following command
pip install -r requirements.txt
--- Exit to grader user by typing the following command
-- exit
--- Copy following files and directories recursively in the folder /var/www/fullstack
-- catalog
-- instance
-- migrations
-- tests
-- catalog.wsgi
-- config.py
-- manage.py
-- requirements.txt
--- Move the following folder from /home/grader/p5-linux-config to /var/www/fullstack
-- venv
--- Copy the following file from /home/grader/pf-linus-config to /etc/apache2/sites-available
-- catalog.conf
Setting up Postgres:
--- Go to psql shell using the following command
-- sudo -u postgres psql
-- Create a new database catalog
--- Create catalog database schema with default data using the following command inside the folder /var/www/fullstack
-- sudo -u postgres python manage.py deploy
--- Create a new database user 'catalog' using the following command inside psql shell
-- sudo -u postgres psql
-- CREATE USER catalog WITH PASSWORD ;
--- GRANT privileges in catalog database using the following command
-- sudo -u postgres psql
-- GRANT SELECT, INSERT, UPDATE, DELETE ON TO catalog;
-- GRANT SELECT, INSERT ON TO catalog;
--- Update connection string in file /var/www/fullstack/instance/application.cfg as follows
-- SQLALCHEMY_DATABASE_URI = 'postgresql://catalog:@localhost:5432/catalog'
Running Apache
--- Run the following commands to run web site under apache2
-- sudo a2dissite 000-default
-- sudo a2ensite catalog
-- sudo service apache2 reload
-- sudo service apache2 restart
Available routes:
- http://<servername>:<port no>/login
- http://<servername>:<port no>/register
- http://<servername>:<port no>/login
- http://<servername>:<port no>
http://<servername>:<port no>/dashboard - http://<servername>:/edit/item/<item id>
- http://<servername>:<port no>/add/item/<item id>
- http://<servername>:<port no>/delete/item/<item id>
- http://<servername>:<port no>/api/v1.0/categories/
- http://<servername>:<port no>/api/v1.0/category/<category id>
Available logins:
- Email : a@b.com Password: test
- Email : b@c.com Password: test
- Email : c@d.com Password: test
- Email : d@e.com Password: test
- Email : e@f.com Password: test
Miscellaneous:
--- Set up Fail2Ban for disabling a host for 6 consecutive unsuccessful ssh login's.
Following changes were made in the file /etc/failban/jail.local
-- bantime=1800
-- destemail=
-- mta=sendmail
-- action = %(action_mwl)s
Enabled following jails for monitoring of apache logs
-- apache-overflows
-- apache-noscript
-- apache-badbots
-- apache-nohome
-- apache
--- Installed glances for monitoring application availability status
--- Installed and configured unattended-upgrades for automated security patches installation