Commit 87946534 authored by Lukas Burgey's avatar Lukas Burgey

Add README

parent ae7837f7
.secret.key
env
db.cnf
static
deployment
deploy
runtest
oidc-config
Installation
====
- apt install nginx rabbitmq-server uwsgi-plugin-python3 virtualenv default-libmysqlclient-dev gcc
- Notes: gcc is needed for the python package mysqlclient
- useradd -m feudal
- su feudal
- git clone git.scc.kit.edu/fum/fum_backend ~/backend
- Configure your database in ~/.my.cnf
- Configure django in ~/backend/django_backend/settings.py
- cd ~/backend
- ./generate-secret
- virtualenv -p /usr/bin/python3
- source env/bin/activate
- pip install Django django-cors-headers django-mysql django-polymorphic django-rest-polymorphic djangorestframework oic urllib3 mysqlclient pika
- Configure uwsgi in /etc/uwsgi/backend.ini
- Configure nginx in /etc/nginx/conf.d/feudal.conf
- su feudal
- cd ~/backend
- source env/bin/activate
- ./manage.py makemigrations backend
- ./manage.py migrate
- ./manage.py create superuser
[uwsgi]
# Django-related settings
# the base directory (full path)
chdir = /home/hdf/backend
# Django's wsgi file
module = django_backend.wsgi
# the virtualenv (full path)
home = /home/hdf/backend/env
# process-related settings
# master
master = true
# maximum number of worker processes
processes = 1
# the socket (use the full path to be safe
socket = /home/hdf/backend/backend.sock
# ... with appropriate permissions - may be needed
chmod-socket = 666
# clear environment on exit
vacuum = true
logger = file:/var/log/uwsgi.log
env = DB_PASSWORD=jaydGodd6
env = DB_USER=scc-hdfmysql0001
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream django {
server unix://home/feudal/backend/feudal.sock;
}
upstream websocket {
server 127.0.0.1:15674;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name hdf-portal.data.kit.edu;
charset utf-8;
client_max_body_size 75M;
ssl on;
ssl_certificate /etc/ssl/hdf-portal.data.kit.edu/chain.pem;
ssl_trusted_certificate /etc/ssl/hdf-portal.data.kit.edu/fullchain.pem;
ssl_certificate_key /etc/ssl/hdf-portal.data.kit.edu/key.pem;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 180m;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DHE+AES128:!ADH:!AECDH:!MD5;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_dhparam /etc/nginx/cert/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
resolver 141.3.175.65 141.3.175.66;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
root /home/feudal/webpage/dist;
index index.html;
location /backend/static {
alias /home/feudal/backend/static;
}
location /backend {
uwsgi_pass django;
include /home/feudal/backend/deployment/uwsgi_params;
}
location /frontend {
try_files $uri $uri/ /index.html;
}
location /ws {
proxy_pass http://websocket/ws;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
location / {
rewrite "^$" /frontend;
}
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream django {
server unix://home/feudal/backend/feudal.sock;
}
upstream websocket {
server 127.0.0.1:15674;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name hdf-portal.data.kit.edu;
charset utf-8;
client_max_body_size 75M;
ssl on;
ssl_certificate /etc/ssl/hdf-portal.data.kit.edu/chain.pem;
ssl_trusted_certificate /etc/ssl/hdf-portal.data.kit.edu/fullchain.pem;
ssl_certificate_key /etc/ssl/hdf-portal.data.kit.edu/key.pem;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 180m;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DHE+AES128:!ADH:!AECDH:!MD5;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_dhparam /etc/nginx/cert/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
resolver 141.3.175.65 141.3.175.66;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
root /home/feudal/webpage/dist;
index index.html;
location /backend/static {
alias /home/feudal/backend/static;
}
location /backend {
uwsgi_pass django;
include /home/feudal/backend/example-config/uwsgi_params;
}
location /frontend {
try_files $uri $uri/ /index.html;
}
location /ws {
proxy_pass http://websocket/ws;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
location / {
rewrite "^$" /frontend;
}
}
[uwsgi]
# Django-related settings
# the base directory (full path)
chdir = /home/feudal/backend
# Django's wsgi file
module = feudal.wsgi
# the virtualenv (full path)
home = /home/feudal/backend/env
# process-related settings
# master
master = true
# maximum number of worker processes
processes = 1
# the socket (use the full path to be safe
socket = /home/feudal/backend/feudal.sock
# ... with appropriate permissions - may be needed
chmod-socket = 666
# clear environment on exit
vacuum = true
[client]
database =
user =
host =
password =
default-character-set = utf8
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REQUEST_SCHEME $scheme;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment