Fabric file for the deployment of a personal, fully capable, scientific web server on an Ubuntu 14.04 LTS machine.
- Insure that you have a public ssh key at ~/.ssh/id_rsa.pub
- Make a copy of deploy_settings_template.py in deploy_settings.py and put in the appropriate server settings
- Install the requirements listed below
- run "fab full_setup" to setup server
- Wait for restart
- run "fab full_deploy" to configures server and install pakages.
- Enjoy!
- fabric
- jinja2
- Python / Django, Set up with proper virtualenv, a super
user account and a migration ready connection to a PostgreSQL database
- Django
- Numpy
- Scipy
- Pandas
- Sympy
- Matplotlib
- psycopg2
- (or via supplied "requriements.txt" file)
- PostgreSQL
- uWSGI
- nginx
- Postfix (SMTP)
- Dovecot (IMAP)
- Authentication via DKIM
- Git, set up to automatically deploy to a production server
- On server workspace that is easily connected to Cloud9 IDE.
- iptables firewall
- appropriate user accounts
- outside ssl access to all users
- internal ssl access to git user from main user account
- fail2ban
- https with self signed ssl cert (optional)
- Alias for one time run in virtualenv "runenv"
- Alias for loading virtualenv "loadenv"
- Alias to run the test server on port 8080 "runtestserver"
- Varios goto-* aliases to move around filesystem
- (goto-)env: virtualenv root
- www: web root directory
- live: production code root
- wspc: on-server workspace
- repo: git repository
- Make sure that the app_name variable in the fabfile is a legal python application name
- If you do not have an ssh key setup in your home directory at ~/.ssh/id_rsa.pub then you will need to do so before you run this script.
- Update the DNS DKIM records with the contents of info/dkim.public.key
- Update the DNS SPF records to show send ip addresses
- After running create a local repository and connect it to remote git@{ip_address}:~/{domain_name}.git
- Create a local secrets.py file
- Tweak the values in /etc/init/uwsgi.conf to match server specs
- Replace the self signed certificates and keys at /etc/ssl/universal/certs/server.crt to a non self-signed certificate