-
-
Notifications
You must be signed in to change notification settings - Fork 16
Deployment
Follow the installation instructions before continuing. If you are running the Django server, press Control-C to close it.
Make sure you have root
privileges.
-
Collect the static files (by default in
/var/www/my-buisness/static/
) using$ python manage.py collectstatic
. -
Generate a
SECRET_KEY
using$ python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'
. -
Copy the returned key to your clipboard because we will need it soon.
-
Edit
config.ini
with your preferred text editor and replace the currentSECRET_KEY
with the one you generated earlier (it's in your clipboard, right!?).
If you have a firewall set up (recommended), make sure to open ports 80 and 443.
-
If you have
UFW
set up:- Run
$ ufw allow http
. - Run
$ ufw allow https
.
- Run
-
If don't have
UFW
and have onlyiptables
set up:- Open
/etc/sysconfig/iptables
for editing using your preferred text editor. - Add the following lines to the file if they do not already exist, then save and exit:
- Open
-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
- Install Gunicorn using
$ pip install gunicorn
. - Install Nginx using
$ apt install nginx
. - Install Certbot using
$ apt install python3-certbot-nginx
.
Note: Make sure to edit the file and directory paths accordingly in the instructions below.
- Edit
/etc/systemd/system/gunicorn_bt.socket
using your preferred text editor and add the following to the file:
[Unit]
Description=gunicorn bt socket
[Socket]
ListenStream=/run/gunicorn_bt.sock
[Install]
WantedBy=sockets.target
- Edit
/etc/systemd/system/gunicorn_bt.service
using your preferred text editor and add the following to the file:
[Unit]
Description=gunicorn bt daemon
Requires=gunicorn_bt.socket
After=network.target
[Service]
User=www-data
Group=www-data
WorkingDirectory=/srv/my-buisness
ExecStart=/srv/business-tracer/venv/bin/gunicorn \
--access-logfile - \
--workers 3 \
--bind unix:/run/gunicorn_bt.sock \
common.wsgi:application
[Install]
WantedBy=multi-user.target
- Start the Gunicorn socket using
$ systemctl start gunicorn_bt.socket
. - Enable the Gunicorn socket (to run at startup) using
$ systemctl enable gunicorn_bt.socket
.
- Remove the
default
configuration fromsites-enabled
using$ rm /etc/nginx/sites-enabled/default
. - Edit
/etc/nginx/sites-available/blog
using your preferred text editor and add the following to the file:
*Note: Make sure to replace YOUR_FULLY_QUALIFIED_DOMAIN_NAME
with your FQDN.
server {
listen 80;
server_name YOUR_FULLY_QUALIFIED_DOMAIN_NAME;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /var/www/my-buisness;
}
location /media/ {
root /var/www/my-buisness;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn_bt.sock;
}
}
- Enable the Nginx config using
$ ln -s /etc/nginx/sites-available/my-buisness /etc/nginx/sites-enabled/my-buisness
. - Restart Nginx using
$ systemctl restart nginx
.
*Note: Make sure to replace YOUR_FULLY_QUALIFIED_DOMAIN_NAME
with your FQDN.
- Create an HTTPS certificate with Certbot using
$ certbot --nginx -d YOUR_FULLY_QUALIFIED_DOMAIN_NAME
. - Follow the script instructions.
- You should choose option 2 (Redirect) when the script asks if you want users to be redirected to the
HTTPS
version of the website if they try accessing theHTTP
version.
Good job! You should now have a running instance of My Buisness.