server/django_installer
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: server:ubuntu
Branches Tags
server:master server:debian-dev server:debian server:raspbian-dev server:centos server:centos-dev server:raspbian server:ubuntu server:ubuntu-dev
..
compare: server:centos
Branches Tags
server:debian-dev server:debian server:raspbian-dev server:centos server:centos-dev server:raspbian server:master server:ubuntu server:ubuntu-dev

5 Commits
ubuntu ... centos

Author SHA1 Message Date
ducoterra
b4dfdaeac7 use raspbian-dev git install 2018-12-12 21:58:31 -05:00
ducoterra
ac8b6d8941 add shebang 2018-12-12 21:57:18 -05:00
ducoterra
f7b8d6da96 always update allowed hosts 2018-10-08 23:29:27 -04:00
ducoterra
2258b1df0e add branch option 2018-10-08 23:23:28 -04:00
ducoterra
7a2ec49b6d update git settings 2018-10-08 23:21:05 -04:00
5 changed files with 126 additions and 75 deletions
Expand all files Collapse all files

108
README.md
View File

@@ -1,4 +1,4 @@
# Django Setup for Ubuntu 18.04
# Django Setup for CentOS 7
## Install
```bash
vim vars
@@ -15,23 +15,20 @@ export gitkey="" <-- put the path to the ssh key git will use here
```
```bash
sudo -s <-- you must be root to run script
./install.sh
sudo ./install.sh
```
## Reset
If anything goes wrong with the project and you don't want to perform a full uninstall:
```bash
sudo -s
./reset
sudo ./reset
```
will reset the project but leave the dependencies installed. You can rerun the installer with different variables to fix what was incorrect. WARNING: This will delete your project (including your database)
## Uninstall
To completely remove every trace of the project from your server:
```bash
sudo -s
./uninstall
sudo ./uninstall
```
This will completely remove everything.
@@ -40,15 +37,18 @@ This will completely remove everything.
### vars
```bash
# Django project settings
user=""
projectname=""
hostname=""
user="centos"
projectname="mysite"
hostname="centos.duco.net"
letsencrypt=False
# set True if CentOS minimal install
install_epel_release=False
# general install settings
logdir="/var/log/djangosetup/"
aptlogloc=$logdir"apt.log"
aptlogmsg="See $aptlogloc for more info."
yumlogloc=$logdir"yum.log"
yumlogmsg="See $yumlogloc for more info."
firelogloc=$logdir"firewall.log"
firelogmsg="See $firelogloc for more info."
pylogloc=$logdir"python.log"
@@ -72,11 +72,15 @@ My recommendation is to use nginx as the user. The installer takes care of creat
The projectname variable can be whatever you want. When Django starts the project it will use this name.
The hostname will be added as an environment variable for gunicorn. Multiple hosts are not supported at the moment so set this to the address you'll test with. You can add additional hosts by manually editing ```settings.py```.
The hostname will be inserted into "ALLOWED_HOSTS" in your app settings. Multiple hosts are not supported at the moment so set this to the address you'll test with. You can add additional hosts by manually editing ```settings.py```.
```install_epel_release=True```
If you are installing this on a system with the minimal CentOS build you'll need install_epel_release to be True. ```epel_release``` installs nginx. Kinda hard to run the site without that.
## Install
### Dependencies
In order for this script to work its magic you'll need a few packages provided by apt.
In order for this script to work its magic you'll need a few packages provided by Yum. This part is likely to break due to Yum's inconsistency accross distributions, firewall and proxy configurations, and whether CentOS had its morning coffee.
```bash
# check if root
@@ -93,43 +97,61 @@ tput setaf 0
if [ ! -d $logdir ] ; then
mkdir $logdir
fi
if [ $install_epel_release = True ] ; then
yum -y install epel-release 1>> $yumlogloc 2>> $yumlogloc 3>> $pylogloc
fi
```
The first part of the script is fairly straight forward. If you aren't root user, the installer can't use apt and won't work. After checking if you are the root user it creates the necessary directories to prevent future complaints.
The first part of the script is fairly straight forward. If you aren't root user, the installer can't use yum and won't work. After checking if you are the root user it creates the necessary directories to prevent future complaints and installs the aforementioned epel-release package if you want it.
```bash
# install dependencies
packages=(gcc wget nginx ufw make sqlite3 bzip2 openssl libffi-dev libssl-dev libsqlite3-dev zlib1g-dev libbz2-dev)
packages=(gcc wget nginx libsqlite3x-devel.x86_64 postgresql-server postgresql-devel postgresql-contrib bzip2-devel zlib-devel libffi-devel openssl-devel policycoreutils-python.x86_64)
for package in ${packages[@]};
do
echo -e "\tInstalling $package"
touch $aptlogloc
apt install -y $package 1>> $aptlogloc 2>> $aptlogloc 3>> $aptlogloc
yum -y install $package 1>> $yumlogloc 2>> $yumlogloc 3>> $yumlogloc
if [ $? -ne 0 ] ; then
echo -e "apt failed to install $package. $aptlogmsg"
echo -e "yum failed to install $package. $yumlogmsg"
exit 1
fi
done
```
The next part of the script installs apt dependencies. The script verifies that the installation goes smoothly and exits if an error occurs.
The next part of the script installs yum dependencies. The script verifies that the installation goes smoothly and exits if an error occurs.
### Firewall
```bash
# firewall
ports=(22 80 443)
for port in ${ports[@]};
do
echo -e "ufw allow $port/tcp" > $firelogloc
ufw allow $port/tcp 1>> $firelogloc 2>> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "\tfirewall failed to update port $port correctly. $firelogmsg"
exit 1
fi
done
# set firewall
echo -e "firewall-cmd --zone=public --add-port=80/tcp --permanent" > $firelogloc
firewall-cmd --zone=public --add-port=80/tcp --permanent >> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "firewall failed to update port 80 correctly (this may not be an issue). $firelogmsg"
fi
echo -e "firewall-cmd --zone=public --add-port=443/tcp --permanent" >> $firelogloc
firewall-cmd --zone=public --add-port=443/tcp --permanent >> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "firewall failed to update port 443 correctly, (this may not be an issue). $firelogmsg"
fi
echo -e "firewall-cmd --reload" >> $firelogloc
firewall-cmd --reload >> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "firewall failed to reload, (this may not be an issue). $firelogmsg"
fi
echo -e "semanage permissive -a httpd_t" >> $firelogloc
semanage permissive -a httpd_t >> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "semanage failed to set permissive. See $firelogmsg"
exit 1
fi
```
The next part of the script opens the necessary ports through ufw.
The firewall commands are specific to a CentOS 7 minimal install. You may not need them. The installer doesn't really care if they fail because they aren't mission critical. It'll yell at you and that's about it.
The **semanage** command fixes an issue where the websocket would be inaccessible after an install.
### Python
```bash
@@ -230,19 +252,19 @@ fi
```
Next the script starts the Django project. You'll notice that the project structure looks like this:
```
[projectname]/
├── [config]/
│ ├── __init__.py
├── settings.py
├── urls.py
└── wsgi.py
├── manage.py
└── venv/
├── [projectname]/
├── [projectname]/
│ ├── __init__.py
│ ├── settings.py
│ ├── urls.py
│ │ └── wsgi.py
│ └── manage.py
└── venv/
```
When making changes to nginx or gunicorn it's important to keep this structure in mind.
When making changes to nginx or gunicorn it's important to keep this structure in mind. There are 3 folders called ```$projectname```.
After starting the Django project, the script updates allowed hosts, collects static, and makes migrations.
After this, the script updates allowed hosts, collects static, and makes migrations.
### Gunicorn
```bash
@@ -253,7 +275,7 @@ After=network.target
[Service]
User=$user
Group=www-data
Group=nginx
WorkingDirectory=/home/$user/$projectname/$projectname
ExecStart=/home/$user/$projectname/venv/bin/gunicorn --workers 3 --bind unix:/home/$user/$projectname/$projectname.sock $projectname.wsgi:application

62
install.sh
View File

@@ -1,16 +1,19 @@
#!/bin/bash
################################################################################s
# Dependencies
# Installs Dependencies automatically
################################################################################
# source vars
source vars
source ./vars
# check if root
if [[ $EUID -ne 0 ]]; then
echo -e "This script must be run as root"
exit 1
fi
cd /root/
tput setaf 2
echo -e "Installing dependencies"
@@ -20,31 +23,45 @@ if [ ! -d $logdir ] ; then
mkdir $logdir
fi
if [ $install_epel_release=True ] ; then
yum -y install epel-release 1>> $yumlogloc 2>> $yumlogloc 3>> $yumlogloc
fi
# install dependencies
packages=(gcc wget nginx ufw make sqlite3 bzip2 openssl libffi-dev libssl-dev libsqlite3-dev zlib1g-dev libbz2-dev)
packages=(gcc wget nginx libsqlite3x-devel.x86_64 postgresql-server postgresql-devel postgresql-contrib bzip2-devel zlib-devel libffi-devel openssl-devel policycoreutils-python.x86_64)
for package in ${packages[@]};
do
echo -e "\tInstalling $package"
apt install -y $package 1>> $aptlogloc 2>> $aptlogloc 3>> $aptlogloc
yum -y install $package 1>> $yumlogloc 2>> $yumlogloc 3>> $yumlogloc
if [ $? -ne 0 ] ; then
echo -e "apt failed to install $package. $aptlogmsg"
echo -e "yum failed to install $package. $yumlogmsg"
exit 1
fi
done
# firewall
ports=(22 80 443)
ports=(80 443)
for port in ${ports[@]};
do
echo -e "ufw allow $port/tcp" > $firelogloc
ufw allow $port/tcp 1>> $firelogloc 2>> $firelogloc
echo -e "firewall-cmd --zone=public --add-port=$port/tcp --permanent" > $firelogloc
firewall-cmd --zone=public --add-port=$port/tcp --permanent 1>> $firelogloc 2>> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "\tfirewall failed to update port $port correctly. $firelogmsg"
exit 1
echo -e "\tfirewall failed to update port $port correctly (this may not be an issue). $firelogmsg"
fi
done
echo -e "\tenabling ufw"
ufw --force enable
echo -e "firewall-cmd --reload" >> $firelogloc
firewall-cmd --reload 1>> $firelogloc 2>> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "\tfirewall failed to reload, (this may not be an issue). $firelogmsg"
fi
echo -e "semanage permissive -a httpd_t" >> $firelogloc
semanage permissive -a httpd_t >> $firelogloc
if [ $? -ne 0 ] ; then
echo -e "semanage failed to set permissive. See $firelogmsg"
exit 1
fi
################################################################################
# Python
@@ -166,14 +183,6 @@ if [ $usegit = False ] ; then
exit 1
fi
# update allowed hosts
echo -e "echo -e sed -i 's/ALLOWED_HOSTS = []/ALLOWED_HOSTS = ['localhost', os.environ.get('HOST')'] config/settings.py" >> $djalogloc
# | FROM | TO |
sed -i "s/ALLOWED_HOSTS = \[\]/ALLOWED_HOSTS = \['localhost', os.environ.get('HOST')\]/" config/settings.py
if [ $? -ne 0 ] ; then
echo -e "Failed to change ALLOWED_HOSTS. $djamsg"
exit 1
fi
echo -e "echo -e STATIC_ROOT = os.path.join(BASE_DIR, 'static') >> config//settings.py" >> $djalogloc
echo -e "STATIC_ROOT = os.path.join(BASE_DIR, 'static')" >> config/settings.py
if [ $? -ne 0 ] ; then
@@ -184,17 +193,26 @@ fi
if [ $usegit = True ] ; then
echo -e "\tCloning django project"
ssh-agent bash -c 'ssh-add $gitkey 1>> $gitlogloc 2>> $gitlogloc 3>> $gitlogloc;
git init 1>> $gitlogloc 2>> $gitlogloc 3>> $gitlogloc;
git remote add origin $giturl 1>> $gitlogloc 2>> $gitlogloc 3>> $gitlogloc;
ssh-agent bash -c 'ssh-add $gitkey 1>> $gitlogloc 2>> $gitlogloc 3>> $gitlogloc;
git pull origin master 1>> $gitlogloc 2>> $gitlogloc 3>> $gitlogloc;'
echo -e "\tInstalling pip requirements"
pip install -r requirements.txt 1>> $gitlogloc 2>> $gitlogloc 3>> $gitlogloc
fi
# update allowed hosts
echo -e "echo -e sed -i 's/ALLOWED_HOSTS = []/ALLOWED_HOSTS = ['localhost', os.environ.get('HOST')'] config/settings.py" >> $djalogloc
# | FROM | TO |
sed -i "s/ALLOWED_HOSTS = \[\]/ALLOWED_HOSTS = \['localhost', os.environ.get('HOST')\]/" config/settings.py
if [ $? -ne 0 ] ; then
echo -e "Failed to change ALLOWED_HOSTS. $djamsg"
exit 1
fi
# collect static, migrate
echo -e "\tCollecting static"
python manage.py collectstatic 1>> $djalogloc 2>> $djalogloc 3>> $djalogloc
python manage.py collectstatic --noinput 1>> $djalogloc 2>> $djalogloc 3>> $djalogloc
if [ $? -ne 0 ] ; then
echo -e "Failed to collect static files. $djamsg"
exit 1
@@ -235,7 +253,7 @@ After=network.target
[Service]
User=$user
Group=www-data
Group=nginx
WorkingDirectory=/home/$user/$projectname
ExecStart=/home/$user/$projectname/venv/bin/gunicorn --workers 3 --bind unix:/home/$user/$projectname/$projectname.sock config.wsgi:application
Environment=HOST=$hostname

4
reset.sh
View File

@@ -1,3 +1,5 @@
#!/bin/bash
################################################################################
# Performs a QUICK uninstall #
# - Does not uninstall dependencies #
@@ -5,7 +7,7 @@
################################################################################
# source vars
source vars
source ./vars
# remove nginx conf
tput setaf 2

10
uninstall.sh
View File

@@ -1,9 +1,11 @@
#!/bin/bash
################################################################################
# Performs a FULL uninstall #
################################################################################
# source vars
source vars
source ./vars
# remove nginx conf
tput setaf 2
@@ -37,12 +39,12 @@ rm -rf $pyinstalldir
tput setaf 2
echo "Uninstalling dependencies"
tput setaf 9
packages=(gcc wget nginx ufw make sqlite3 bzip2 openssl libffi-dev libssl-dev libsqlite3-dev zlib1g-dev libbz2-dev)
packages=(gcc wget nginx libsqlite3x-devel.x86_64 postgresql-server postgresql-devel postgresql-contrib bzip2-devel zlib-devel libffi-devel openssl-devel policycoreutils-python.x86_64)
for package in ${packages[@]};
do
echo -e "\tRemoving $package"
apt purge -y $package 1>> /dev/null 2>> /dev/null 3>> /dev/null
yum -y erase $package 1>> /dev/null 2>> /dev/null 3>> /dev/null
if [ $? -ne 0 ] ; then
echo -e "\tapt failed to remove $package."
echo -e "\tyum failed to remove $package."
fi
done

17
vars
View File

@@ -1,15 +1,22 @@
#!/bin/bash
# django project settings
export user=""
export projectname=""
export hostname=""
export usegit=False # if you have a django git project
export giturl="" # url for git project
export gitkey="" # IdentityFile
# MAKE SURE root HAS A DEPLOY KEY
export usegit=False
export giturl=""
export gitbranch=""
export gitkey=""
export install_epel_release=False
# general install settings
export logdir="/var/log/djangosetup/"
export aptlogloc=$logdir"apt.log"
export aptlogmsg="See $aptlogloc for more info."
export yumlogloc=$logdir"yum.log"
export yumlogmsg="See $yumlogloc for more info."
export firelogloc=$logdir"firewall.log"
export firelogmsg="See $firelogloc for more info."
export pylogloc=$logdir"python.log"