-
Notifications
You must be signed in to change notification settings - Fork 0
/
dependencies.txt
144 lines (114 loc) · 4.39 KB
/
dependencies.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
#!/usr/bin/env sh
# Step
# 1. Setup
# - install dependencies
# - add webapps directory
# - add webapps group
# 2. Add new domain
# - create new domain user
# - create domain directory
# - add postgres script in project directory
# - setup gunicorn, supervisor, nginx
# - setup let's encrypt https
# - add domain to conf file
# 3. Add new subdomain
# - create new subdomain user
# - create subdomain directory
# - add postgres script in project directory
# - setup gunicorn, supervisor, nginx
# - setup let's encrypt https
# - add subdomain to conf file
#################################################
# Install needed package to deploy django
# For debian-9 instance at aws-lightsail
# [email protected] - 26/May/2020
# Make commands invokes serially
sudo set -euo pipefail
sudo apt-get update -y
sudo apt-get upgrade -y
# Dependencies for serving django
sudo apt-get install -y supervisor
sudo apt-get install -y nginx
sudo apt-get install -y python-virtualenv
# Dependencies for using postgres database
sudo apt-get install -y postgresql postgresql-contrib
sudo apt-get install -y libpq-dev python-dev
# Dependency to manage let's encrypt certificate
sudo apt-get install -y python-certbot-nginx
# Dependencies for managing this scripts
sudo apt-get install -y jq
# create webapps directory
sudo mkdir /webapps
# create webapps group
sudo groupadd --system webapps
#################################################
# Add new user
# Setup for new user
USER=$1
sudo useradd --system --gid webapps --shell /bin/bash --home /webapps/$USER_django $USER
# Create user directory
sudo mkdir -p /webapps/$USER_django/
sudo chown $USER /webapps/$USER_django/
# Create django project
sudo su - $USER -c 'cd ~ &&
virtualenv . &&
source bin/activate &&
pip install django gunicorn setproctitle &&
django-admin startproject $0 &&
deactivate' -- $USER
# gunicorn_start template, executable
NAME="CHANGE_HERE_app" # Name of the application
DJANGODIR=/webapps/CHANGE_HERE_django/$0 # Django project directory
SOCKFILE=/webapps/CHANGE_HERE_django/run/gunicorn.sock # we will communicte using this unix socket
USER=CHANGE_HERE # the user to run as
GROUP=webapps # the group to run as
NUM_WORKERS=3 # how many worker processes should Gunicorn spawn
DJANGO_SETTINGS_MODULE=CHANGE_HERE.settings # which settings file should Django use
DJANGO_WSGI_MODULE=CHANGE_HERE.wsgi
# Copy gunicorn start script
sudo su - $USER -c 'sed "s/CHANGE_HERE/$1/g" "$0/gunicorn_start" > "/webapps/$1_django/bin/gunicorn_start"' -- $PWD/template $USER
# Supervisor conf template
[program:CHANGE_HERE]
command = /webapps/CHANGE_HERE_django/bin/gunicorn_start ; Command to start app
user = CHANGE_HERE ; User to run as
stdout_logfile = /webapps/$CHANGE_HERE_django/logs/gunicorn_supervisor.log ; Where to write log messages
redirect_stderr = true
# Copy supervisor conf script
sudo su -c 'sed "s/CHANGE_HERE/$1/g" "$0/supervisor_conf" > "/etc/supervisor/conf.d/$1.conf"' -- $PWD/template $USER
# Reread & update supervisor to start apps
sudo supervisorctl reread
sudo supervisorctl update
# nginx entry
upstream CHANGE_HERE_app_server {
server unix:/webapps/CHANGE_HERE_django/run/gunicorn.sock fail_timeout=0;
}
server {
listen 80;
server_name CHANGE_HERE.test;
client_max_body_size 4G;
access_log /webapps/CHANGE_HERE_django/logs/nginx-access.log;
error_log /webapps/CHANGE_HERE_django/logs/nginx-error.log;
location /static/ {
alias /webapps/CHANGE_HERE_django/static/;
}
location /media/ {
alias /webapps/CHANGE_HERE_django/media/;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://CHANGE_HERE_app_server;
break;
}
}
}
# Copy nginx entry
sudo su -c 'sed "s/CHANGE_HERE/$1/g" "$0/nginx_entry" > "/etc/nginx/sites-available/$1"' -- $PWD/template $USER
# Enable nginx entry
sudo ln -s /etc/nginx/sites-available/$USER /etc/nginx/sites-enabled/$USER
# Add let's encrypt https
sudo certbot --nginx -m $EMAIL --agree-tos -n -d $DOMAIN -d www.$DOMAIN
# Restart nginx
sudo service nginx restart