Demonstration on how to setup a linux server and deploy an web application using apache with WSGI.

1 - Generate a RSA key pair:

• Run ssh-keygen -t rsa -f ~/.ssh/my-ssh-key -C grader. For more information, see Generating a new SSH key-pair Guide.

2 - Create a Google VM

• After you create a google cloud project go to VM Instances and create instance, also check the option allow http trafic.

3 - Update and upgrade packages

• Connect to the server via ssh.
• Run sudo apt-get update --quiet && sudo apt-get upgrade.

4 - Setup grader public key

• Go to Metadata and add the public key generated by the first command.

5 - Change default ssh port

• Run the command vim /etc/ssh/sshd_config.
• Change the port value to 2200.

6 - Setup firewall rules

• Go Firewall rules and perform the following operations:
• Change the default-allow-ssh to allow connections tcp:2200.
• Remove default-allow-icmp, default-allow-rdp and default-allow-internal.
• Add default-allow-ntp to allow connections udp:123.
• Install and setup ufw:

 sudo apt-get install ufw
 sudo ufw default deny incoming
 sudo ufw default allow outgoing
 # ssh connection
 sudo ufw allow 2200/tcp
 # http connection
 sudo ufw allow 80/tcp
 # ntp connection
 sudo ufw allow 123/udp
 sudo ufw enable

7 - Remove remote login as root

• By default, SSH access is disabled for root, check documentation.
• Read the file /etc/ssh/sshd_config and check if the value "no" is set for the following configurations PermitRootLogin, PasswordAuthentication.

8 - Reserve static external IP address

• Go Networking and reserve a external ip address.

• Install apache2: sudo apt-get install apache2
• Install WSGI module: sudo apt-get install libapache2-mod-wsgi

• Install git: sudo apt-get install git-core.

• Clone Neighborhood Map at /var/www/html/.
• Install NodeJS using NVM.
• At the project directory run npm install.

• Clone Item Catalog at /var/www/html/ and switch to the postgresql branch.
• Run the script /var/www/html/item-catalog/pg_config.sh.

Edit the pg_hba.conf file (/etc/postgresql/[VERSION]/main/pg_hba.conf) and add the following line to allow grader user connect:

host    item-catalog-db grader         127.0.0.1/32             trust

• Create the migration: python manage.py db init
• Create DDL scripts: python manage.py db migrate
• Execute scripts: python manage.py db upgrade

• Copy the files neighborhood-map.tk.conf, item-catalog.tk.conf to /etc/apache2/sites-available
• Active then using the following command:
  • sudo a2ensite /etc/apache2/sites-available/neighborhood-map.tk.conf
  • sudo a2ensite /etc/apache2/sites-available/item-catalog.tk.conf
• And restart apache sudo service apache2 restart

Create an account at https://my.freenom.com/clientarea.php and register two domains. Each domain should match with the domain informed at Virtual Hosts files.

• Alan Thiago do Prado (aprado.cnsp@gmail.com)