|
|
|
# Deploying on Debian-10.0.0
|
|
|
|
|
|
|
|
|
|
|
|
***This guideline follows this [tutorial](https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-uswgi-and-nginx-on-ubuntu-18-04) very closely, but not exactly.**
|
|
|
|
|
|
|
|
# 1) Update and download necessary libraries
|
|
|
|
```
|
|
|
|
$ sudo apt update
|
|
|
|
$ sudo apt install python3-pip python3-dev build-essential libssl-dev libffi-dev python3-setuptools
|
|
|
|
```
|
|
|
|
|
|
|
|
# 2) Clean up ports (port 80) then install ufw, nginx and git
|
|
|
|
```
|
|
|
|
$ sudo lsof -t -i tcp:80 -s tcp:listen | sudo xargs kill
|
|
|
|
$ sudo apt install ufw nginx git
|
|
|
|
```
|
|
|
|
|
|
|
|
- you need to then enable the UFW firewall
|
|
|
|
```
|
|
|
|
$ sudo ufw enable
|
|
|
|
```
|
|
|
|
|
|
|
|
- check the status by:
|
|
|
|
```
|
|
|
|
$ sudo ufw status
|
|
|
|
```
|
|
|
|
|
|
|
|
# 3) Create a python virtual environment
|
|
|
|
|
|
|
|
- first install python3 virtual env
|
|
|
|
```
|
|
|
|
$ sudo apt install python3-venv
|
|
|
|
```
|
|
|
|
|
|
|
|
- make a parent directory for the spam filter package
|
|
|
|
```
|
|
|
|
$ mkdir ~/myproject
|
|
|
|
$ cd ~/myproject
|
|
|
|
```
|
|
|
|
|
|
|
|
- create the virtual environment
|
|
|
|
```
|
|
|
|
$ python3 -m venv virtenv
|
|
|
|
```
|
|
|
|
|
|
|
|
- activate the virtual environment
|
|
|
|
```
|
|
|
|
$ source virtenv/bin/activate
|
|
|
|
```
|
|
|
|
You should then see {+(virtenv) user@host:~/myproject$+}
|
|
|
|
|
|
|
|
# 4) Download and install the package from gitlab
|
|
|
|
|
|
|
|
- first need to install wheel
|
|
|
|
```
|
|
|
|
$ pip install wheel
|
|
|
|
```
|
|
|
|
*When virtual environment is activate no need to use pip3
|
|
|
|
|
|
|
|
- git clone the package
|
|
|
|
```
|
|
|
|
$ sudo git clone https://gitlab.ecollect.org/josh.yang/spamfilter.git
|
|
|
|
```
|
|
|
|
|
|
|
|
- pip install the requirements.txt and setup.py
|
|
|
|
```
|
|
|
|
$ cd /spamfilter/spamFilter
|
|
|
|
$ pip install -r requirements.txt
|
|
|
|
$ pip install setup.py install
|
|
|
|
```
|
|
|
|
|
|
|
|
- test the package on port 5000:
|
|
|
|
```
|
|
|
|
$ sudo ufw allow 5000
|
|
|
|
$ python APIApp.py
|
|
|
|
```
|
|
|
|
**you can check that everything is fine by typing in a new terminal tab:**
|
|
|
|
```
|
|
|
|
$ curl http://localhost:5000/list
|
|
|
|
```
|
|
|
|
|
|
|
|
# 5) Create the WSGI entry point
|
|
|
|
|
|
|
|
- create a wsgi.py file by:
|
|
|
|
```
|
|
|
|
(virtenv) $ nano ~/spamfilter/spamFilter/wsgi.py
|
|
|
|
```
|
|
|
|
|
|
|
|
- In this file {+(~/spamfilter/spamFilter/wsgi.py)+} you need to write:
|
|
|
|
```python
|
|
|
|
from APIApp import app
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
app.run()
|
|
|
|
```
|
|
|
|
|
|
|
|
# 6) Configure uWSGI
|
|
|
|
|
|
|
|
- first test uWSGI serving
|
|
|
|
```
|
|
|
|
(virtenv) $ uwsgi --socket 0.0.0.0:5000 --protocol=http -w wsgi:app
|
|
|
|
```
|
|
|
|
|
|
|
|
**you can check that everything is fine by typing in a new terminal tab:**
|
|
|
|
```
|
|
|
|
$ curl http://localhost:5000/list
|
|
|
|
```
|
|
|
|
|
|
|
|
- then deactivate the virtual environment
|
|
|
|
```
|
|
|
|
(virtenv) $ deactivate
|
|
|
|
```
|
|
|
|
|
|
|
|
- To configure uWSGI, we first need to create .ini file
|
|
|
|
```
|
|
|
|
$ sudo nano ~/spamfilter/spamFilter/APIApp.ini
|
|
|
|
```
|
|
|
|
|
|
|
|
- Inside this .ini file type:
|
|
|
|
```
|
|
|
|
[uwsgi]
|
|
|
|
module = wsgi
|
|
|
|
callable = app
|
|
|
|
|
|
|
|
master = true
|
|
|
|
processes = 5
|
|
|
|
|
|
|
|
socket = APIApp.sock
|
|
|
|
chmod-socket == 666
|
|
|
|
vacuum = true
|
|
|
|
|
|
|
|
die-on-term = true
|
|
|
|
```
|
|
|
|
|
|
|
|
# 7) Create a systemd Unit file
|
|
|
|
|
|
|
|
- we first create and access .service file:
|
|
|
|
```
|
|
|
|
$ sudo nano /etc/systemd/system/APIApp.service
|
|
|
|
```
|
|
|
|
- In the .service file you type:
|
|
|
|
```
|
|
|
|
[Unit]
|
|
|
|
Description = uWSGI instance to server APIApp
|
|
|
|
After = network.target
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
User = _WhateverUserName_
|
|
|
|
Group = www-data
|
|
|
|
WorkingDirectory = /home/_WhateverUserName_/myproject/spamfilter/spamFilter
|
|
|
|
Environment = "PATH=/home/_WhateverUserName_/myproject/virtenv/bin"
|
|
|
|
ExecStart = /home/_WhateverUserName_/myproject/virtenv/bin/uwsgi --ini APIApp.ini
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy = multi-user.target
|
|
|
|
```
|
|
|
|
|
|
|
|
- now start the uWSGI service
|
|
|
|
```
|
|
|
|
$ sudo systemctl start APIApp
|
|
|
|
$ sudo systemctl enable APIApp
|
|
|
|
```
|
|
|
|
|
|
|
|
- check the status
|
|
|
|
```
|
|
|
|
$ sudo systemctl status APIApp
|
|
|
|
```
|
|
|
|
|
|
|
|
# 8) Configure Nginx
|
|
|
|
**Before you start, delete default files in {-/etc/nginx/sites-available-} and {-etc/nginx/sites-enabled-}**
|
|
|
|
|
|
|
|
- we first create and access a file:
|
|
|
|
```
|
|
|
|
$ sudo nano /etc/nginx/sites-available/APIApp
|
|
|
|
```
|
|
|
|
|
|
|
|
- in this file:
|
|
|
|
```
|
|
|
|
server {
|
|
|
|
listen 80;
|
|
|
|
|
|
|
|
location / {
|
|
|
|
include uwsgi_params;
|
|
|
|
uwsgi_pass unix:/home/_WhateverUserName_/myproject/spamfilter/spamFilter/APIApp.sock;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
- then link the file to /etc/nginx/sites-enabled by:
|
|
|
|
```
|
|
|
|
$ sudo ln -s /etc/nginx/sites-available/APIApp /etc/nginx/sites-enabled
|
|
|
|
```
|
|
|
|
|
|
|
|
- check that we don't have any syntax error:
|
|
|
|
```
|
|
|
|
$ sudo nginx -t
|
|
|
|
```
|
|
|
|
|
|
|
|
- restart the the Nginx process
|
|
|
|
```
|
|
|
|
$ sudo systemctl restart nginx
|
|
|
|
```
|
|
|
|
|
|
|
|
- we can now delete access to the port 5000 and allow nginx the access
|
|
|
|
```
|
|
|
|
$ sudo ufw delete allow 5000
|
|
|
|
$ sudo ufw allow 'Nginx Full'
|
|
|
|
```
|
|
|
|
|
|
|
|
# 8) For the security of the application, view [step 7 of the tutorial](https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-uswgi-and-nginx-on-ubuntu-18-04#step-7-%E2%80%94-securing-the-application) |
