4.6 KiB
4.6 KiB
Personal-site
Production [Tested on server with Hyperbola GNU + Linux-libre]
Python dependencies
- Django
- Pillow
- psycopg2-binary
- pytz
Production Installation
- Clone Personal-site
$ git clone https://git.sr.ht/~heckyel/personal-site
- Run
virtualenv.
$ cd personal-site && virtualenv ./venv/
- Activate the virtualenv.
$ source ./venv/bin/activate
- Install dependencies through
pip.
$ pip install -r django/requirements_prod.txt
Configuration Postgres
- Login as postgres
$ sudo su - postgres
- Create base
$ createdb namebase
- Create User (place a password for our user)
$ createuser -P username
- Inside the database
$ psql -d namebase
- Give permissions to the created user
$ GRANT ALL PRIVILEGES ON DATABASE namebase TO username;
Tips of Postgres
- List database
$ psql -l
- Delete database
$ dropdb namebase
Conecting to Postgres
- Copy
settings.py.exampletosettings.pyand modify. Make sure to uncomment the appropriate database section (either sqlite or PostgreSQL).
$ cp -v django/personalsite/settings.py.example django/personalsite/settings.py
Replace sqlite configuartion to postgres, example:
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': 'namebase',
'USER': 'username',
'PASSWORD': 'pass',
'HOST': '127.0.0.1',
'PORT': '5432',
}
}
- Check syntax.
$ python django/manage.py check --deploy
- Make migrations
$ python django/manage.py makemigrations
- Migrate changes.
$ python django/manage.py migrate
- Create superUSER
$ python django/manage.py createsuperuser
Run with Apache server and wsgi
- Install WSGI for Apache
$ sudo pacman -S mod_wsgi
- To install mod_wsgi, add the following line in
httpd.conf, example:
$ sudo nano -w /etc/httpd/conf/httpd.conf
Added line:
LoadModule wsgi_module modules/mod_wsgi.so
- Create vhosts, for example:
$ sudo nano -w /etc/httpd/conf/extra/httpd-vhosts.conf
and inside write the configuration, example:
<IfModule ssl_module>
<VirtualHost *:80>
ServerAdmin example@dominio.com
ServerName example.com
ServerAlias example.com
Alias /media /path/to/site/media/
Alias /static /path/to/site/core/static/
<Directory /path/to/site/core/static>
Require all granted
</Directory>
<Directory /path/to/site/media>
Require all granted
</Directory>
<Directory /path/to/site/personalsite>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIDaemonProcess personalsite python-home=/path/to/site/venv python-path=/path/to/site
WSGIProcessGroup personalsite
WSGIScriptAlias / /path/to/site/wsgi.py
</VirtualHost>
</IfModule>
-
Replace
ALLOWED_HOSTS = []on setting.py to:
ALLOWED_HOSTS = ["example.com", "localhost"]
- Added on setting.py:
STATIC_ROOT = '/path/to/site/core/static'
- Generated files static of Admin Django (you must be inside the virtualenv).
$ python django/manage.py collectstatic
- Create the media/ directory
$ cd /path/to/personalsite
$ mkdir media/
- Change Permition to media/ at group http
$ sudo chown -R http:http media/
- Restart Apache server
$ sudo rc-service httpd restart
- Done!
Security on settings.py [SSL, HTTPS, COOKIE, etc]
# security.W004
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
# security.W006
SECURE_CONTENT_TYPE_NOSNIFF = True
# security.W007
SECURE_BROWSER_XSS_FILTER = True
# security.W008
SECURE_SSL_REDIRECT = True
# security.W012
SESSION_COOKIE_SECURE = True
# security.W016、security.W017
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True
# security.W019
X_FRAME_OPTIONS = 'DENY'
Validation subdomain in eepsite
Uncomment in project/urls.py
from django.urls import path
from . import views
urlpatterns = [
path('', views.home, name="home"),
path('filename', views.i2pfile, name='i2pfile') # eepsite
]
also project/views.py
def i2pfile(request):
return render(request, 'trabajo/filename')
and add project/templates/trabajo/filename