A little bit of context to my problem... I'm trying to deploy my django application following a tutorial (
The tutorial is very long so I've broken down every single step in this post.
The steps I had to follow are:
(everything done in the Windows Linux Bash shell)
Creating Linode and analizing Ip Address and SSH Credentials I got
Root Connection to the Server
ssh
into the server for the first timeInstalling Software Updates
Running the command
sudo apt-get update && apt-get upgrade
Setting Host Name
hostnamectl set-hostname SERVER_NAME
Then checking if it was rightfully executed with
hostname
Setting Host File
nano /etc/hosts
and then adding the IP address and server name to the file.Adding Limited User
The guy in the video said it's not good practice to use root user because it's easy to mess things up like that so we created a limited user with
adduser USER_NAME
and then gave it sudo permissions withadduser USER_NAME sudo
Setting Up SSH Key Based Authentication
In my local machine's bash shell:
ssh keygen -b 4096
And deposit that file into my home folder, after that I copy that file over to my server withscp ~/.ssh/id_rsa.pub user@serverip:~/.ssh/authorized_keys
then lasty confirming it was done correcty in the server withls .ssh
Setting Permissions for SSH Directory
Attach certain permision like
sudo chmod 700 ~/.ssh/
andsudo chmod 600 ~/.ssh/*
Forbiding Root Login & Password Authentication
sudo nano /etc/ssh/sshh_config
to forbit #PermitRootLogin and #PasswordAuthentification and then restart withsudo systemctl restart sshd
Setting Up a Firewall
First, I install Uncomplicated Firewall with
sudo apt-get install ufw
and then I do the following commands:sudo ufw default allow outgoing
,sudo ufw default deny incoming
,sudo ufw allow ssh
andsudo ufw allow 8000
. After that, I enable the firewall withsudo ufw enable
Generating requirements.txt File
Here I actually did it a bit different that in the video. I open my VSCODE environment for the project in question, and then I run a
pip freeze
in the terminal to see if the dependencies are correct, if they are I write the requirements withpip freeze > requirements.txt
Copying Django Application on to the Webserver
This step is pretty straightforward. Just
scp -r /folder/ user@serverip:~/
and that way the folder project is copied into the web server.Creating Virtual Environment on the Server
First run a
sudo apt-get install python3-pip
and thenpip install sudo apt-get install python3-venv
. Once that's done, to create my virtual environment I dopython3 -m venv django_project/venv
and lastly I activate it bycd
ing into the project's folder and thensource venv/bin/activate
.Installing Dependencies
With my virtual environment running I run a
pip install -r requirements.txt
Changing Django Settings for Testing the Application on Django Server
Inside the project's folder:
sudo nano django_project/settings.py
and add my server's IP to the allowed hosts list, and add a STATIC_ROOT directory.Collecting Static Files
python manage.py collectstatic
Which could collect about 120 static files, but my project is a somewhat different from the on in the video because I added way more features so it collects about 137 files (in case these details are needed)Testing Application
python manage.py runserver 0.0.0.0:8000
and then test to see if there is any problems, there are not (minus some variables I forgot to add because they were in my PC's environment variables) so I move on to the next step.Installing Apache & ModWSGI
sudo apt-get install apache2
,sudo apt-get install libapache2-mod-wsgi-py3
.Configuring Apache Webserver
Then move into the apache configuration folder
cd /etc/apache2/sites-available/
and create a new configuration file based off the default one withsudo cp 000-default.conf django_project.conf
, and then I edit withsudo nano django_project.conf
it and add the following things to it: https://github.com/CoreyMSchafer/code_snippets/blob/master/Django_Blog/snippets/django_project.confEnabling Site Through Apache
Run the following commands:
sudo a2ensite django_project
,sudo a2dissite 000-default.conf
Setting Up File Permissions
Run the following commands:
sudo chown :www-date django_project/db.sqlite3
,sudo chmod 664 django_project/db.sqlite3
andsudo chown :www-data django_project/. Then
sudo chown -R :www-data django_project/media/and
sudo chmod -R django_project/media```Creating Configuration File for Hiding Sensitive Information
I won't detail this process, I just make a .json file with some secret information like the SECRET_KEY and the email and password.
Updating Project Settings File
I delete the sentitive information from the settings.py of the project, and instead add those with the .json file (like if it were an environment variable).
Allowing http Traffic
Run the following commands:
sudo ufw delete allow 8000
, andsudo ufw allow http/tcp
.Restarting the Server & Running the Site
sudo service apache2 restart
Please, I'd appreciate any kind of help. I have to fix this error for a school project and I can't find solutions that actually fix it. I've read in some forums that I just needed to change certain permissions again, I did that and still the same error. It's really driving me crazy.
CodePudding user response:
I think the Forbidden is returned as Apache2 user (www-data) cant reach your HOME folder, move everything to another path like /data or /var/www and give www-data a rx access through the chmod command.
CodePudding user response:
you have not done
sudo chown :www-data django_project/django_project
which is the folder of the wsgi.py script