More Related Content
Similar to Nginx-deploy on linux server with 80 and 442 (20)
Recently uploaded (20)
Nginx-deploy on linux server with 80 and 442
- 1. Gunicorn with Nginx Setup • 1. What is Gunicorn? • 2. What is Nginx? 3. Why Gunicorn and Nginx? • 4. Steps to create User and Group 5. Deploy.sh • 6. Gunicorn Setup • 7. Nginx Setup • 8. What is SSL certificate? • 9. How do SSL certificates work? • 10. Why you need an SSL certificate? • 11. Configure Certbot for SSL Certificate • 12. Benefits with Ngix and Gunicorn
- 2. What is Gunicorn? • Gunicorn implements the Web Server Gateway Interface (WSGI), which is a standard interface between web server software and web applications. • 1. Gunicorn (Green Unicorn) is a WSGI HTTP server for Python Web applications. • 2. Designed to be lightweight, simple and fast. • 3. WSGI (Web Server Gateway Interface) is a standard interface between web servers and Python web applications.
- 3. What is Nginx? • Nginx is a web server. It's the public handler, more formally called the reverse proxy, for incoming requests and scales to thousands of simultaneous connections. • 1. Nginx is a high performance, open source web server and reverse proxy server. • 2. Know for its scalability and low resources consumption. • 3. Commonly used to server static content, revers proxy and • load balancing.
- 4. Nginx
- 5. Why Gunicorn and Nginx? • 1. Gunicorn handles dynamic content and interect with the python web applications. • 2. Nginx handles static content, SSL terminations and acts as a reverse proxy. • 3. Combined, they provide a scalable and efficient web server setup.
- 6. Steps to create User and Group 1. Create a new user "“Servicename”" + create a new Group for the new user. (sudo useradd -m “Servicename 2. Add Ubuntu and www-data to “Servicename”'s new group. (sudo adduser ubuntu “Servicename”) (sudo adduser ubuntu www-data) 3. Give permission to /home/”Servicename”/ (sudo chmod -R g+w /home/”Servicename”/) 4. Configure Ngix file 5. Create a symbolic link (sudo ln -s/bin/python/usr/local/bin/python3.10) 6. Create a virtual environment (python -m venv vm) 7. Install requried packages (pip install -r requirements.txt) PostgreSQL • 1. Set a password if not configured. • 2. Create login group Roles • 3. Create a Database with owner “Servicename” rights
- 7. Deploy.sh • git push cd .. rm -f project-deploy.tar.gz rm -rf project-deploy git clone <git repository name> project-deploy --depth 1 tar --exclude-vcs -cvzf project-deploy.tar.gz project-deploy scp -C project-deploy.tar.gz ubuntu@abc.com:~/ ssh ubuntu@abc.com <<-SCRIPT tar -xvzf project-deploy.tar.gz rm -rf project mv project-deploy project cd project ln -s ../kyc kyc; source ../project_env/bin/activate python manage.py migrate; python manage.py collectstatic --no-input; sudo service project restart; sudo service nginx restart; SCRIPT
- 8. Gunicorn Setup • 1. Installation: pip install gunicorn • 1.1 Open your Linux terminal or shell. • 1.2 Type “ pip install gunicorn ” (without quotes), hit Enter. • 1.3 If it doesn't work, try "pip3 install gunicorn" or “ python -m pip install gunicorn “. • 1.4 Wait for the installation to terminate successfully. • 2. After installing Gunicorn you will have access to the command line script gunicorn. Running Gunicorn command: • -> gunicorn myapp:app • 3. Configuration options (workers, bind address, etc.) • 4. Example command: gunicorn -w 4 -b 0.0.0.0:8000 myapp:app
- 9. Gunicorn Setup • 1. gunicorn: This is the command to start the Gunicorn server. • 2. -w 4: This option specifies the number of worker processes Gunicorn should use. In this case, it is set to 4. Worker processes are separate instances of the application that handle incoming requests concurrently. Adjusting the number of workers can impact the server's performance. • 3. -b 0.0.0.0:8000: This option specifies the socket to bind Gunicorn to. In this case, it binds to all available network interfaces (0.0.0.0) on port 8000. This means the server will listen for incoming connections on port 8000 and be accessible from any IP address. • 4. myapp:app: This argument specifies the location of the WSGI application object. In this example, it assumes your application is in a file named myapp (without the file extension) and the WSGI application object is named app. This could vary based on the structure of your project.
- 10. Nginx Setup • 1. Installation: sudo apt-get install nginx 1.1 Installing Nginx. To install Nginx, use following command: sudo apt update sudo apt install nginx. ... • 1.2 Creating our own website. Default page is placed in /var/www/html/ location. ... • 1.3 Setting up virtual host. ... • 1.4 Activating virtual host and testing results. • 2. Basic configuration: server blocks, location blocks server { listen 80; server_name abc.com; . . . } • 3. Reverse proxy configuration for Gunicorn • 3.1 A reverse proxy is a server that sits between client devices (such as web browsers) and a backend server. • 3.2 It performs tasks on behalf of the server, acting as an intermediary between clients and the actual server hosting the application. • 3.3 Unlike a forward proxy, which handles requests from clients to the internet, a reverse proxy handles requests from clients to a server. • 4. Example Nginx configuration snippet:
- 11. What is SSL certificate • 1. An SSL certificate is a digital certificate that authenticates website’s identity and enables an encrypted connection. • 2. SSL stands for Secure Socket Layer, a security protocol that creates an encrypted link between a web server and a web browser.
- 12. How do SSL certificates work? • 1. A browser or server attempts to connect a website(i. g. Web server) secured with SSL. • 2. The browser or server requests that the web server identifies itself. • 3. The web server sends the browser or server a copy of its SSL certificate in response. • 4. The browser or server checks to see whether it trusts the SSL certificate. If it does, it signals this to the webserver. • 5. The web server then returns a digitally signed acknowledgment to start an SSL encrypted session. • 6. Encrypted data is shared between the browser or server and the webserver.
- 13. Why you need an SSL certificate • 1. Login Credentials. • 2. Credit card transactions and bank account informations. • 3. Personally identifiable information – such as full name , address, date of birth or mobile number. • 4. Legal documents and contracts. • 5. Medical records. • 6. Proprietary information.
- 14. Configure Certbot for SSL Certificate • 1. Update package Lists (sudo apt-get update) • 2. Install certbot (sudo apt-get install certbot) • 3. Install certbot nginx plugin (sudo apt-get install python3- certbot-nginx) • 4. Obtain SSL / TLS Certificates (sudo certbot)
- 15. Benefits of Gunicorn and Nginx • 1. Gunicorn provides a simple and efficient WSGI server for Python • 2. Nginx handles static files, improves security, and enhances performance • 3. Improved scalability and resource utilization