server/django_installer
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: server:master
Branches Tags
server:master server:debian-dev server:debian server:raspbian-dev server:centos server:centos-dev server:raspbian server:ubuntu server:ubuntu-dev
...
pull from: server:ubuntu-dev
Branches Tags
server:debian-dev server:debian server:raspbian-dev server:centos server:centos-dev server:raspbian server:master server:ubuntu server:ubuntu-dev

11 Commits
master ... ubuntu-dev

Author SHA1 Message Date
ducoterra
a059826a35 update title of ubuntu README 2018-09-28 21:41:02 -04:00
ducoterra
c424f89350 udpate project structure in README 2018-09-28 21:40:22 -04:00
ducoterra
39ab8ec83a don't need to touch files 2018-09-28 21:37:04 -04:00
ducoterra
3b07478579 enable ufw 2018-09-28 21:36:30 -04:00
ducoterra
95a03394b2 update READEME 2018-09-28 21:33:48 -04:00
ducoterra
d996b0ff94 fix gunicorn issue with group www-data 2018-09-28 21:16:18 -04:00
ducoterra
d4cff6cbcd fix package list 2018-09-28 20:54:09 -04:00
ducoterra
f862597033 install make 2018-09-28 20:45:00 -04:00
ducoterra
28c2b00c86 update permissions 2018-09-28 20:41:08 -04:00
ducoterra
baaae97726 update log names to apt 2018-09-28 20:33:52 -04:00
ducoterra
0fa8f5495d first ubuntu conversion 2018-09-28 20:28:50 -04:00
5 changed files with 64 additions and 102 deletions
Expand all files Collapse all files

112
README.md
View File

@@ -1,4 +1,4 @@
# Django Setup for CentOS 7 # Django Setup for Ubuntu 18.04
## Install ## Install
```bash ```bash
vim vars vim vars
@@ -15,20 +15,23 @@ export gitkey="" <-- put the path to the ssh key git will use here
``` ```
```bash ```bash
sudo ./install.sh sudo -s <-- you must be root to run script
./install.sh
``` ```
## Reset ## Reset
If anything goes wrong with the project and you don't want to perform a full uninstall: If anything goes wrong with the project and you don't want to perform a full uninstall:
```bash ```bash
sudo ./reset sudo -s
./reset
``` ```
will reset the project but leave the dependencies installed. You can rerun the installer with different variables to fix what was incorrect. WARNING: This will delete your project (including your database) will reset the project but leave the dependencies installed. You can rerun the installer with different variables to fix what was incorrect. WARNING: This will delete your project (including your database)
## Uninstall ## Uninstall
To completely remove every trace of the project from your server: To completely remove every trace of the project from your server:
```bash ```bash
sudo ./uninstall sudo -s
./uninstall
``` ```
This will completely remove everything. This will completely remove everything.
@@ -37,18 +40,15 @@ This will completely remove everything.
### vars ### vars
```bash ```bash
# Django project settings # Django project settings
user="centos" user=""
projectname="mysite" projectname=""
hostname="centos.duco.net" hostname=""
letsencrypt=False letsencrypt=False
# set True if CentOS minimal install
install_epel_release=False
# general install settings # general install settings
logdir="/var/log/djangosetup/" logdir="/var/log/djangosetup/"
yumlogloc=$logdir"yum.log" aptlogloc=$logdir"apt.log"
yumlogmsg="See $yumlogloc for more info." aptlogmsg="See $aptlogloc for more info."
firelogloc=$logdir"firewall.log" firelogloc=$logdir"firewall.log"
firelogmsg="See $firelogloc for more info." firelogmsg="See $firelogloc for more info."
pylogloc=$logdir"python.log" pylogloc=$logdir"python.log"
@@ -72,15 +72,11 @@ My recommendation is to use nginx as the user. The installer takes care of creat
The projectname variable can be whatever you want. When Django starts the project it will use this name. The projectname variable can be whatever you want. When Django starts the project it will use this name.
The hostname will be inserted into "ALLOWED_HOSTS" in your app settings. Multiple hosts are not supported at the moment so set this to the address you'll test with. You can add additional hosts by manually editing ```settings.py```. The hostname will be added as an environment variable for gunicorn. Multiple hosts are not supported at the moment so set this to the address you'll test with. You can add additional hosts by manually editing ```settings.py```.
```install_epel_release=True```
If you are installing this on a system with the minimal CentOS build you'll need install_epel_release to be True. ```epel_release``` installs nginx. Kinda hard to run the site without that.
## Install ## Install
### Dependencies ### Dependencies
In order for this script to work its magic you'll need a few packages provided by Yum. This part is likely to break due to Yum's inconsistency accross distributions, firewall and proxy configurations, and whether CentOS had its morning coffee. In order for this script to work its magic you'll need a few packages provided by apt.
```bash ```bash
# check if root # check if root
@@ -97,61 +93,43 @@ tput setaf 0
if [ ! -d $logdir ] ; then if [ ! -d $logdir ] ; then
mkdir $logdir mkdir $logdir
fi fi
if [ $install_epel_release = True ] ; then
yum -y install epel-release 1>> $yumlogloc 2>> $yumlogloc 3>> $pylogloc
fi
``` ```
The first part of the script is fairly straight forward. If you aren't root user, the installer can't use yum and won't work. After checking if you are the root user it creates the necessary directories to prevent future complaints and installs the aforementioned epel-release package if you want it. The first part of the script is fairly straight forward. If you aren't root user, the installer can't use apt and won't work. After checking if you are the root user it creates the necessary directories to prevent future complaints.
```bash ```bash
# install dependencies # install dependencies
packages=(gcc wget nginx libsqlite3x-devel.x86_64 postgresql-server postgresql-devel postgresql-contrib bzip2-devel zlib-devel libffi-devel openssl-devel policycoreutils-python.x86_64) packages=(gcc wget nginx ufw make sqlite3 bzip2 openssl libffi-dev libssl-dev libsqlite3-dev zlib1g-dev libbz2-dev)
for package in ${packages[@]}; for package in ${packages[@]};
do do
echo -e "\tInstalling $package" echo -e "\tInstalling $package"
yum -y install $package 1>> $yumlogloc 2>> $yumlogloc 3>> $yumlogloc touch $aptlogloc
apt install -y $package 1>> $aptlogloc 2>> $aptlogloc 3>> $aptlogloc
if [ $? -ne 0 ] ; then if [ $? -ne 0 ] ; then
echo -e "yum failed to install $package. $yumlogmsg" echo -e "apt failed to install $package. $aptlogmsg"
exit 1 exit 1
fi fi
done done
``` ```
The next part of the script installs yum dependencies. The script verifies that the installation goes smoothly and exits if an error occurs. The next part of the script installs apt dependencies. The script verifies that the installation goes smoothly and exits if an error occurs.
### Firewall ### Firewall
```bash ```bash
# set firewall # firewall
echo -e "firewall-cmd --zone=public --add-port=80/tcp --permanent" > $firelogloc ports=(22 80 443)
firewall-cmd --zone=public --add-port=80/tcp --permanent >> $firelogloc for port in ${ports[@]};
if [ $? -ne 0 ] ; then do
echo -e "firewall failed to update port 80 correctly (this may not be an issue). $firelogmsg" echo -e "ufw allow $port/tcp" > $firelogloc
fi ufw allow $port/tcp 1>> $firelogloc 2>> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "firewall-cmd --zone=public --add-port=443/tcp --permanent" >> $firelogloc echo -e "\tfirewall failed to update port $port correctly. $firelogmsg"
firewall-cmd --zone=public --add-port=443/tcp --permanent >> $firelogloc exit 1
if [ $? -ne 0 ] ; then fi
echo -e "firewall failed to update port 443 correctly, (this may not be an issue). $firelogmsg" done
fi
echo -e "firewall-cmd --reload" >> $firelogloc
firewall-cmd --reload >> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "firewall failed to reload, (this may not be an issue). $firelogmsg"
fi
echo -e "semanage permissive -a httpd_t" >> $firelogloc
semanage permissive -a httpd_t >> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "semanage failed to set permissive. See $firelogmsg"
exit 1
fi
``` ```
The firewall commands are specific to a CentOS 7 minimal install. You may not need them. The installer doesn't really care if they fail because they aren't mission critical. It'll yell at you and that's about it. The next part of the script opens the necessary ports through ufw.
The **semanage** command fixes an issue where the websocket would be inaccessible after an install.
### Python ### Python
```bash ```bash
@@ -252,19 +230,19 @@ fi
``` ```
Next the script starts the Django project. You'll notice that the project structure looks like this: Next the script starts the Django project. You'll notice that the project structure looks like this:
``` ```
[projectname]/
├── [projectname]/
│ ├── [projectname]/
│ │ ├── __init__.py
│ │ ├── settings.py
│ │ ├── urls.py
│ │ └── wsgi.py
│ └── manage.py
└── venv/
```
When making changes to nginx or gunicorn it's important to keep this structure in mind. There are 3 folders called ```$projectname```.
After this, the script updates allowed hosts, collects static, and makes migrations. [projectname]/
├── [config]/
│ ├── __init__.py
│ ├── settings.py
│ ├── urls.py
│ └── wsgi.py
├── manage.py
└── venv/
```
When making changes to nginx or gunicorn it's important to keep this structure in mind.
After starting the Django project, the script updates allowed hosts, collects static, and makes migrations.
### Gunicorn ### Gunicorn
```bash ```bash
@@ -275,7 +253,7 @@ After=network.target
[Service] [Service]
User=$user User=$user
Group=nginx Group=www-data
WorkingDirectory=/home/$user/$projectname/$projectname WorkingDirectory=/home/$user/$projectname/$projectname
ExecStart=/home/$user/$projectname/venv/bin/gunicorn --workers 3 --bind unix:/home/$user/$projectname/$projectname.sock $projectname.wsgi:application ExecStart=/home/$user/$projectname/venv/bin/gunicorn --workers 3 --bind unix:/home/$user/$projectname/$projectname.sock $projectname.wsgi:application

39
install.sh
View File

@@ -4,14 +4,13 @@
################################################################################ ################################################################################
# source vars # source vars
source ./vars source vars
# check if root # check if root
if [[ $EUID -ne 0 ]]; then if [[ $EUID -ne 0 ]]; then
echo -e "This script must be run as root" echo -e "This script must be run as root"
exit 1 exit 1
fi fi
cd /root/
tput setaf 2 tput setaf 2
echo -e "Installing dependencies" echo -e "Installing dependencies"
@@ -21,45 +20,31 @@ if [ ! -d $logdir ] ; then
mkdir $logdir mkdir $logdir
fi fi
if [ $install_epel_release=True ] ; then
yum -y install epel-release 1>> $yumlogloc 2>> $yumlogloc 3>> $yumlogloc
fi
# install dependencies # install dependencies
packages=(gcc wget nginx libsqlite3x-devel.x86_64 postgresql-server postgresql-devel postgresql-contrib bzip2-devel zlib-devel libffi-devel openssl-devel policycoreutils-python.x86_64) packages=(gcc wget nginx ufw make sqlite3 bzip2 openssl libffi-dev libssl-dev libsqlite3-dev zlib1g-dev libbz2-dev)
for package in ${packages[@]}; for package in ${packages[@]};
do do
echo -e "\tInstalling $package" echo -e "\tInstalling $package"
yum -y install $package 1>> $yumlogloc 2>> $yumlogloc 3>> $yumlogloc apt install -y $package 1>> $aptlogloc 2>> $aptlogloc 3>> $aptlogloc
if [ $? -ne 0 ] ; then if [ $? -ne 0 ] ; then
echo -e "yum failed to install $package. $yumlogmsg" echo -e "apt failed to install $package. $aptlogmsg"
exit 1 exit 1
fi fi
done done
# firewall # firewall
ports=(80 443) ports=(22 80 443)
for port in ${ports[@]}; for port in ${ports[@]};
do do
echo -e "firewall-cmd --zone=public --add-port=$port/tcp --permanent" > $firelogloc echo -e "ufw allow $port/tcp" > $firelogloc
firewall-cmd --zone=public --add-port=$port/tcp --permanent 1>> $firelogloc 2>> $firelogloc ufw allow $port/tcp 1>> $firelogloc 2>> $firelogloc
if [ $? -ne 0 ] ; then if [ $? -ne 0 ] ; then
echo -e "\tfirewall failed to update port $port correctly (this may not be an issue). $firelogmsg" echo -e "\tfirewall failed to update port $port correctly. $firelogmsg"
exit 1
fi fi
done done
echo -e "\tenabling ufw"
echo -e "firewall-cmd --reload" >> $firelogloc ufw --force enable
firewall-cmd --reload 1>> $firelogloc 2>> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "\tfirewall failed to reload, (this may not be an issue). $firelogmsg"
fi
echo -e "semanage permissive -a httpd_t" >> $firelogloc
semanage permissive -a httpd_t >> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "semanage failed to set permissive. See $firelogmsg"
exit 1
fi
################################################################################ ################################################################################
# Python # Python
@@ -250,7 +235,7 @@ After=network.target
[Service] [Service]
User=$user User=$user
Group=nginx Group=www-data
WorkingDirectory=/home/$user/$projectname WorkingDirectory=/home/$user/$projectname
ExecStart=/home/$user/$projectname/venv/bin/gunicorn --workers 3 --bind unix:/home/$user/$projectname/$projectname.sock config.wsgi:application ExecStart=/home/$user/$projectname/venv/bin/gunicorn --workers 3 --bind unix:/home/$user/$projectname/$projectname.sock config.wsgi:application
Environment=HOST=$hostname Environment=HOST=$hostname

2
reset.sh
View File

@@ -5,7 +5,7 @@
################################################################################ ################################################################################
# source vars # source vars
source ./vars source vars
# remove nginx conf # remove nginx conf
tput setaf 2 tput setaf 2

8
uninstall.sh
View File

@@ -3,7 +3,7 @@
################################################################################ ################################################################################
# source vars # source vars
source ./vars source vars
# remove nginx conf # remove nginx conf
tput setaf 2 tput setaf 2
@@ -37,12 +37,12 @@ rm -rf $pyinstalldir
tput setaf 2 tput setaf 2
echo "Uninstalling dependencies" echo "Uninstalling dependencies"
tput setaf 9 tput setaf 9
packages=(gcc wget nginx libsqlite3x-devel.x86_64 postgresql-server postgresql-devel postgresql-contrib bzip2-devel zlib-devel libffi-devel openssl-devel policycoreutils-python.x86_64) packages=(gcc wget nginx ufw make sqlite3 bzip2 openssl libffi-dev libssl-dev libsqlite3-dev zlib1g-dev libbz2-dev)
for package in ${packages[@]}; for package in ${packages[@]};
do do
echo -e "\tRemoving $package" echo -e "\tRemoving $package"
yum -y erase $package 1>> /dev/null 2>> /dev/null 3>> /dev/null apt purge -y $package 1>> /dev/null 2>> /dev/null 3>> /dev/null
if [ $? -ne 0 ] ; then if [ $? -ne 0 ] ; then
echo -e "\tyum failed to remove $package." echo -e "\tapt failed to remove $package."
fi fi
done done

5
vars
View File

@@ -5,12 +5,11 @@ export hostname=""
export usegit=False # if you have a django git project export usegit=False # if you have a django git project
export giturl="" # url for git project export giturl="" # url for git project
export gitkey="" # IdentityFile export gitkey="" # IdentityFile
install_epel_release=False
# general install settings # general install settings
export logdir="/var/log/djangosetup/" export logdir="/var/log/djangosetup/"
export yumlogloc=$logdir"yum.log" export aptlogloc=$logdir"apt.log"
export yumlogmsg="See $yumlogloc for more info." export aptlogmsg="See $aptlogloc for more info."
export firelogloc=$logdir"firewall.log" export firelogloc=$logdir"firewall.log"
export firelogmsg="See $firelogloc for more info." export firelogmsg="See $firelogloc for more info."
export pylogloc=$logdir"python.log" export pylogloc=$logdir"python.log"