On the premise of owning a cloud server, develop a simple personal website based on Flask and deploy it using Apache, and allow outsiders to access it through domain names.
1. Server
1. Deploy a server that meets the requirements on the Vultr official website (https://my.vultr.com/). I just want to demonstrate the demo, so the configuration I chose is as follows:
2. After deploying the server, use software such as FinalShell to connect to the server. The download address of FinalShell is provided below.
Link: https://pan.baidu.com/s/1GZ7UsJKJOXOl7QKlTS1O0w
Extraction code: 4iug
3. Connect to the server through the server's IP, username and password. This article uses IP: 1.2.3.4 for demonstration.
4. In order for the outside world to directly access the personal website, firewall rules need to be configured.
sudo ufw enable
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw reload
2. Domain name
1. You can choose your own domain name on major domain name websites. I chose a domain name on the official Namesilo website (https://www.namesilo.com/) and replaced it with a.com for the demonstration.
2. Configure two A records on the Namesilo official website so that the domain names www.a.com and a.com can be resolved to the server IP: 1.2.3.4. (Warm reminder: For the security of the website, you can choose Cloudflare's DNS service, but the SSL/TLS encryption mode provided by Cloudflare must not be flexible, otherwise access to the domain name will cause too many redirects)
3. Configuration environment
1. Edit the sources list
cp /etc/apt/sources.list /etc/apt/sources.list.bak
vim /etc/apt/sources.list
Add the following
deb https://deb.debian.org/debian buster main contrib non-free
deb-src https://deb.debian.org/debian buster main contrib non-free
deb https://debian.mirror.constant.com buster main contrib non-free
deb-src https://debian.mirror.constant.com buster main contrib non-free
deb https://deb.debian.org/debian-security/ buster/updates main contrib non-free
deb-src https://deb.debian.org/debian-security/ buster/updates main contrib non-free
deb https://deb.debian.org/debian buster-updates main contrib non-free
deb-src https://deb.debian.org/debian buster-updates main contrib non-free
2. The server needs to install Python3.7, Mariadb and Git. Here are the installation commands:
# 更新软件包列表
sudo apt update
# 安装Python3.7
sudo apt install python3.7 virtualenv
# 安装MySQL
sudo apt install mariadb-server
# 安装Git
sudo apt install git
3. Configure MySQL
# 启动MySQL服务
sudo systemctl start mysql
# 启动安装向导
sudo mysql_secure_installation
# 使用root身份登录数据库
mysql -u root -p
# 创建数据库新用户
CREATE USER 'user'@'localhost' IDENTIFIED BY 'User.555';
# 创建DB
CREATE DATABASE web_db;
# 授予用户权限
GRANT ALL PRIVILEGES ON web_db.* TO 'user'@'localhost';
# 刷新权限并退出数据库
FLUSH PRIVILEGES;
EXIT
4. Download the source code and enter the project directory
git clone https://github.com/qinhj5/WebRepo.git
cd WebRepo
5. Create a virtual environment and install dependencies
virtualenv --python=python3.7 venv
source venv/bin/activate
pip3.7 install -r requirements.txt
6. Edit the database configuration file and initialize the database table to ensure that the information in the configuration file is consistent with the previous settings.
cp config.json config.json.bak
vim config.json
python3.7 cli.py --func create
python3.7 cli.py --func init_users
(The init_users script will initialize the two users Jack and Alice)
4. Start the service
1. Install the Apache server and dependent modules
sudo apt install apache2 libapache2-mod-wsgi-py3
2. Get a Let’s Encrypt free certificate for a.com
sudo apt install certbot python3-certbot-apache
sudo certbot --apache -d a.com -d www.a.com
After completing the configuration according to the wizard, you will be prompted for the paths of fullchain.pem (full certificate chain) and privkey.pem (private key), usually in the following location:
/etc/letsencrypt/ live/a.com/fullchain.pem
/etc/letsencrypt/live/a.com/privkey.pem
3. Move the project to the deployment directory and authorize it to www-data
cp -r ../WebRepo /var/www
sudo chown -R www-data:www-data /var/www/WebRepo
4. Write the Apache virtual host configuration file
vim /etc/apache2/sites-available/WebRepo.conf
Enter the following content, where the private key, complete certificate chain, and domain name need to be modified:
<VirtualHost *:80>
ServerName a.com
ServerAlias www.a.com
Redirect permanent / https://a.com/
</VirtualHost>
<VirtualHost *:443>
ServerName a.com
ServerAlias www.a.com
DocumentRoot /var/www/WebRepo
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCertificateFile /etc/letsencrypt/live/a.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/a.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
WSGIDaemonProcess WebRepo python-home=/var/www/WebRepo/venv processes=2 threads=4 user=www-data group=www-data home=/var/www/WebRepo
WSGIProcessGroup WebRepo
WSGIScriptAlias / /var/www/WebRepo/app.wsgi
<Directory /var/www/WebRepo>
WSGIProcessGroup WebRepo
WSGIApplicationGroup %{GLOBAL}
Require all granted
</Directory>
ErrorLog /var/log/apache2/WebRepo_error.log
CustomLog /var/log/apache2/WebRepo_access.log combined
</VirtualHost>
5. Close Apache’s default virtual host configuration file
sudo a2dissite 000-default.conf
sudo a2dissite 000-default-le-ssl.conf
6. Enable Apache’s SSL module
sudo a2enmod ssl
7. Enable the customized virtual host configuration file and restart the Apache service
sudo a2ensite WebRepo.conf
sudo systemctl reload apache2
8. At this point, you can access your personal website through the domain name https://www.a.com or https://a.com
