This project involves setting up a base Linux server to host web apps and protects against malicious users.
user: grader
IP Address: 34.199.16.1
SSH Port: 2200
Url: 34.199.16.1
-
Download the private key
-
Login into server as root using the command:
ssh [email protected] -i ~/.ssh/insertprivatekey.pem
Run the following commands:
sudo apt-get update
Then:
sudo apt-get upgrade
- Use the command below to create a new user:
sudo adduser grader
- Give the user grader sudo permission by:
sudo nano /etc/sudoers.d/grader
In the file add the following text and save with CTRL + O and exit with Ctrl + X:
grader ALL=(ALL:ALL) ALL
- Configure the time using
sudo dpkg-reconfigure tzdata
- On your local machine generate a ssh key pair with the command
ssh-keygen
-
Switch users with the command
su graderand enter the password you gave -
Change to your home directory with:
cd ~
- Now create file for authorized keys with:
sudo touch .ssh/authorized_keys
Then type in:
sudo nano .ssh/authorized_keys
- On your local machine use the command:
sudo cat publickey.pub
-
Copy the contents and paste them into the authorized keys file on the server and save.
-
Change the file permissions for the authorized key files with the commands below:
chmod 700 .ssh
chmod 644 .ssh/authorized_keys
-
Run the command
sudo nano /etc/ssh/sshd_config -
On the top there should be a port line change it to Port 2200
-
Find the line PasswordAuthentication and change it to no
-
Find the line PermitRootLogin and change it to no
-
Save the file and restart the ssh service with
sudo service ssh restart
Run the commands to set ports and enable the firewall:
sudo ufw allow 2200/tcp
sudo ufw allow www
sudo ufw allow 123/tcp
sudo ufw enable
Run the following commands:
sudo apt-get install git
sudo apt-get install apache2
sudo apt-get install libapache2-mod-wsgi
sudo apt-get install postgresql
sudo apt-get install python-pip
sudo pip install sqlalchemy
sudo pip install psycopg2
sudo pip install httplib2
sudo pip install requests
sudo pip install flask
-
Switch to user postgres with
sudo su postgres -
Run
psqlto get into postgresql shell -
Create database using the command:
CREATE DATABASE catalog;
- Create user catalog and change the role with the following commands:
CREATE User catalog;
ALTER ROLE catalog WITH PASSWORD 'password';
- Transfer database privileges to catalog user with:
GRANT ALL PRIVILEGES ON DATABASE catalog TO catalog;
- Quit psql shell with
\qandexitto switch back to grader
-
Change the directory with
cd /var/www/ -
Create a directory with
sudo mkdir FlaskApp -
Run the command to get the project:
git clone https://github.com/arthurchan1111/catalog.git
- Rename the project using:
sudo mv ./catalog ./FlaskApp
- Move into the project directory and rename using the following command
sudo mv application.py __init__.py
- Using the
sudo nanocommand change the following line in__init__.pyanddatabase_setup.pyfrom:
engine = create_engine('postgresql:///catalog')
To:
engine = create_engine('postgresql://catalog:password@localhost/catalog')
- Create the database schema with:
sudo python database_setup.py
- Use the command
sudo nano /etc/apache2/sites-available/FlaskApp.confand copy the contents below:
<VirtualHost *:80>
ServerName 34.199.16.1
ServerAdmin [email protected]
WSGIScriptAlias / /var/www/FlaskApp/flaskapp.wsgi
<Directory /var/www/FlaskApp/FlaskApp/>
Order allow,deny
Allow from all
</Directory>
Alias /static /var/www/FlaskApp/FlaskApp/static
<Directory /var/www/FlaskApp/FlaskApp/static/>
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Save the file then exit.
- Use the command
sudo nano /var/www/FlaskApp/flaskapp.wsgiand copy the contents below:
#!/usr/bin/env python
import sys
import logging
logging.basicConfig(stream=sys.stderr)
sys.path.insert(0, '/var/www/FlaskApp/')
from FlaskApp import app as application
application.secret_key= 'super_secret_key'
Save the file then exit.
- Restart the service with
sudo service apache2 restart