Sakura's VPS Name dot com ubuntu18.04 ubuntu username: ubuntu (match your username) SSH connection software: Teraterm (copy and paste can be used, great) python3.6.9 nginx/1.14.0
reference: https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-uswgi-and-nginx-on-ubuntu-18-04
sudo apt update
sudo apt upgrade
sudo apt install git
python installation
sudo apt install python3-pip python3-dev build-essential libssl-dev libffi-dev python3-setuptools
#Verification
python3.6 -V
Create a virtual environment for python
sudo apt install python3-venv
#Create environment directory
mkdir ~/myproject
cd ~/myproject
#Create and start virtual environment
python3.6 -m venv myprojectenv
source myprojectenv/bin/activate
#How to deactivate is [deactivate]
pip install wheel
pip install uwsgi flask
sudo nano ~/myproject/myproject.py
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "<h1 style='color:#ff0000'>Hello Flask!</h1>"
if __name__ == "__main__":
app.run(host='0.0.0.0')
** Open custom port 5000 from the Sakura VPS network information. ** **
python myproject.py
http://"your_ipadress":5000にアクセス
sudo nano ~/myproject/wsgi.py
wsgi.py
from myproject import app
if __name__ == "__main__":
app.run()
uwsgi test
uwsgi --socket 0.0.0.0:5000 --protocol=http -w wsgi:app
http://"your_ipadress":5000へアクセスして確認
Creating a uWSGI configuration file
deactivate
sudo nano ~/myproject/myproject.ini
myproject.ini
[uwsgi]
module = wsgi:app
master = true
processes = 5
socket = myproject.sock
chmod-socket = 660
vacuum = true
die-on-term = true
Create systemd
sudo nano /etc/systemd/system/myproject.service
/etc/systemd/system/myproject.service
[Unit]
Description=uWSGI instance to serve myproject
After=network.target
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/home/ubuntu/myproject
Environment="PATH=/home/ubuntu/myproject/myprojectenv/bin"
ExecStart=/home/ubuntu/myproject/myprojectenv/bin/uwsgi --ini myproject.ini
systemd startup / automatic startup / status check
sudo systemctl start myproject
sudo systemctl enable myproject
sudo systemctl status myproject
OK if you say activate (running)
** * [Stop] sudo systemctl stop my project ** ** * [Automatic start / stop] sudo systemctl disable my project **
sudo apt install -y nginx
Verification
ls /etc/nginx/sites-available/
>>If it says default, the installation file is ready, so it's OK.
sudo nano /etc/nginx/sites-available/myproject
/etc/nginx/sites-available/myproject
server {
listen 80;
server_name <your_ipadress> www.<your_ipadress>;
location / {
include uwsgi_params;
uwsgi_pass unix:/home/ubuntu/myproject/myproject.sock;
}
}
To enable the Nginx server block configuration you created, link the file to the sites-enabled directory.
sudo ln -s /etc/nginx/sites-available/myproject /etc/nginx/sites-enabled
Test: `` `sudo nginx -t``` Finally, if you say test is successful, k
restart nginx
sudo systemctl restart nginx
Site confirmation http://"your_ipadress"
Confirmation of LOG system
sudo less /var/log/nginx/error.log: Check the Nginx error log.
sudo less /var/log/nginx/access.log: Check the Nginx access log.
sudo journalctl -u nginx: Check the log of Nginx process.
sudo journalctl -u myproject: Check the uWSGI log for the Flask app.
[Acquisition of domain / setting of name server] Log in to Name.com Domain acquisition Name server registration from domain details From others Name server 1: ** ns1.dns.ne.jp ** Name server 2: ** ns2.dns.ne.jp ** To set. Done. ** One day later? Do you reflect it? ?? maybe** There was information
[Domain settings] Access Domain Navi "Domain settings"-> "DNS-related function settings" Select the target domain and go to the next "Use DNS record settings" Enter the required items and click "Add" to add to the bottom.
sudo nano /etc/nginx/sites-available/myproject
Make your_ipadress your_domain. In short, rewrite to the set original domain.
/etc/nginx/sites-available/myproject
server {
listen 80;
server_name <your_DOMAIN> www.<your_DOMAIN>;
location / {
include uwsgi_params;
uwsgi_pass unix:/home/ubuntu/myproject/myproject.sock;
}
}
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx
sudo certbot --nginx -d your_domain -d www.your_domain
>>output is the following minutes
output
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
-------------------------------------------------------------------------------
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter](press 'c' to cancel):
Select ENTER. The configuration will be updated and Nginx will reload to get the new settings. The certbot process is successful and you will see a message telling you where the certificate is stored.
output
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/your_domain/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/your_domain/privkey.pem
Your cert will expire on 2018-07-23. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Stop HTTP on NGINX
sudo ufw delete allow 'Nginx HTTP'
Verification https://"your-domain"
Surprisingly easy. LINEBOT etc. must be converted to Https, so you can make it with this. It may be good to put together management commands.
Recommended Posts