heckyel/personal-site
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
personal-site/HACKING.md
Jesús 17ab12aa15
added tips postgres
2019-01-29 15:54:41 -05:00

4.0 KiB
Raw Blame History

Personal-site

Production [Tested on server with Hyperbola GNU + Linux-libre]

Python dependencies

  • Django
  • Pillow
  • psycopg2-binary
  • pytz

Production Installation

  1. Clone Personal-site

     git clone https://libregit.org/heckyel/personal-site /path/to/site

  2. Run virtualenv.

     cd /path/to/site && virtualenv ./venv/

  3. Activate the virtualenv.

     source ./env/bin/activate

  4. Install dependencies through pip.

     pip install -r requirements_prod.txt

Configuration Postgres

  1. Login as postgres

     sudo su - postgres

  2. Create base

     createdb namebase

  3. Create User (place a password for our user)

     createuser -P username

  4. Inside the database

     psql -d namebase

  5. Give permissions to the created user

     GRANT ALL PRIVILEGES ON DATABASE namebase TO username;

Tips of Postgres

  1. List database

     psql -l

  2. Delete database

     dropdb namebase

Conecting to Postgres

  1. Copy settings.py.example to settings.py and modify. Make sure to uncomment the appropriate database section (either sqlite or PostgreSQL).

    Replace sqlite configuartion to postgres, example:

     DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.postgresql',
         'NAME': 'namebase',
         'USER': 'username',
         'PASSWORD': 'pass',
         'HOST': '127.0.0.1',
         'PORT': '5432',
     }
 }

  2. Check syntax.

     ./manage.py check --deploy

  3. Migrate changes.

     ./manage.py migrate

  4. Create superUSER

     ./manage.py createsuperuser

Run with Apache server and wsgi

  1. Install WSGI for Apache

     sudo pacman -S mod_wsgi

  2. To install mod_wsgi, add the following line in httpd.conf, example:

     sudo nano /etc/httpd/conf/httpd.conf

    Added line:

     LoadModule wsgi_module modules/mod_wsgi.so

  3. Create vhosts, for example:

     sudo emacs /etc/httpd/conf/extra/httpd-vhosts.conf

    and inside write the configuration, example:

     <IfModule ssl_module>
     <VirtualHost *:80>
         ServerAdmin example@dominio.com
         ServerName example.com
         ServerAlias example.com

         Alias /media /path/to/site/media/
         Alias /static /path/to/site/core/static/
     <Directory /path/to/site/core/static>
         Require all granted
     </Directory>

     <Directory /path/to/site/media>
         Require all granted
     </Directory>

     <Directory /path/to/site/personalsite>
         <Files wsgi.py>
             Require all granted
         </Files>
     </Directory>

     WSGIDaemonProcess personalsite python-home=/path/to/site/venv python-path=/path/to/site
     WSGIProcessGroup personalsite
     WSGIScriptAlias / /path/to/site/wsgi.py

     </VirtualHost>
 </IfModule>

  4. Replace ALLOWED_HOSTS = []

    on setting.py to:

     ALLOWED_HOSTS = ["example.com", "localhost"]

  5. Added on setting.py:

     STATIC_ROOT = '/path/to/site/core/static'

  6. Generated files static of Admin Django (you must be inside the virtualenv).

     ./manage.py collectstatic

  7. Create the media/ directory

    cd /path/to/personalsite

    mkdir media/

  8. Change Permition to media/ at group http

     sudo chown -R http:http media/

  9. Restart Apache server

     sudo service httpd restart

  10. Done!

Security on settings.py [SSL, HTTPS, COOKIE, etc]

# security.W004
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True

# security.W006
SECURE_CONTENT_TYPE_NOSNIFF = True

# security.W007
SECURE_BROWSER_XSS_FILTER = True

# security.W008
SECURE_SSL_REDIRECT = True

# security.W012
SESSION_COOKIE_SECURE = True

# security.W016、security.W017
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True

# security.W019
X_FRAME_OPTIONS = 'DENY'