Building data-driven web apps with Flask and SQLAlchemy Transcripts
Lecture: Configure the server
0:00 Now it's time to start working
0:02 through our little script here, and configure the server.
0:04 The first thing I actually want to do
0:06 is commit these files.
0:07 So let's do a quick commit here and say
0:12 Commit and push those over.
0:13 The reason is, we're going to use get
0:16 to get our files onto the server.
0:19 And if these are not checked in
0:21 then obviously they won't show up
0:23 and we won't be able to copy them to the right location.
0:25 So our goal is going to be basically
0:27 to work our way down this file.
0:28 Like I said, don't run it all at once
0:30 'cause in case something fails
0:32 you might not notice it or whatever.
0:35 So we've already done this.
0:36 This was our right away, log in and do our update.
0:38 The next thing, let's go ahead and log in over here.
0:41 That looks like we are.
0:42 Let me just log out and log back in real quick.
0:45 So, notice our shell here.
0:47 We're using Bash. Now Bash is okay
0:50 but I actually don't like it all that much.
0:52 I like Oh My Zsh so much better.
0:56 So I'm going to install Z-Shell
1:00 and then on my Z-Shell, get those.
1:04 Again, it's not required
1:05 but it just makes working with the server nicer.
1:12 Here we go. Notice our cool prompt has changed
1:14 and we get better history of commands we've run
1:17 so we can more easily rerun them
1:18 and find what we've been up to.
1:20 Now, with that in place
1:21 let's just start going through
1:22 and installing some dependencies.
1:25 So first we're going to need build-essential
1:26 for installing some packages potentially.
1:29 We need get to get our files there
1:31 having zip is always nice.
1:33 Nload is a utility we can use.
1:35 We're looking at network traffic
1:36 to see that requests are coming in and out.
1:38 And tree is just a way to look at directory structure.
1:41 So we can run those. All right, super.
1:48 It looked like that succeeded.
1:49 Now we need to have
1:50 there's simple things that are not here.
1:52 Like if I try to type pip3 it's like
1:54 well, sorry. pip3 is not a command. pip as well.
1:59 Having the ability to pip and solve something
2:01 that seems pretty fundamental
2:02 so let's go and add stuff like that.
2:08 There we go. It looks like pip does something now.
2:10 Cool. Now we're also going to want to have Nginx.
2:13 Nginx is a system-wide thing installed by app
2:16 so we're going to do that.
2:20 Now, this next set of dependencies here
2:23 that we're going to install
2:24 this is so that we can able gzip support in uWSGI.
2:28 This let's us compress some of our files
2:30 and make the response a little bit better
2:32 so let's go ahead and have that in there.
2:35 All right, so that's pretty much it for the dependencies.
2:37 The next thing I want to install
2:38 is something called Fail2ban.
2:40 And when we check the box for using SSH certificates
2:45 when we set up the server in Digital Ocean
2:47 that disabled logins with a password
2:50 so this might not technically be necessary
2:52 but what this will do is it'll watch
2:54 and if people try to log in over SSH and they fail
2:58 we're going to eventually blacklist them
3:00 and not let them even attempt to log in.
3:02 All right, so we could potentially
3:04 accidentally turn that feature back on
3:06 or they could start trying to send certificates over
3:09 or something like that.
3:10 So let's set this up to make sure that people who try
3:12 to pound on the server get turned away.
3:15 At least for SSH.
3:17 Next, we only want to expose the ports that are necessary
3:21 so SSH so we can manage our server.
3:23 80 for the base request, and 443 for SSH.
3:27 So let's go use this thing
3:28 called uncomplicated firewall to enable those
3:31 and then it's off by default so let's turn it on.
3:34 Now it says, warning, you may not ever be able
3:36 to come back if you forgot that line.
3:39 We didn't, so we should be okay
3:41 but let's just double check here.
3:43 If we go and log out, and then
3:48 log out of both shells just that one time.
3:50 So if we go back, hey we can get back in
3:52 our Z-Shell is here too, that's good.
3:54 We can get back in
3:55 that means the firewall is letting us through.
3:57 That's all good.
3:58 Now, we're going to use get
4:00 and we're just going to type in our password in the server.
4:03 So, in order to make sure that we have to do that
4:05 as little as possible
4:06 I'm going to set up this command that says
4:08 basically remember my login credentials for a month
4:12 under my account if I log in and type them in.
4:15 So that's good.
4:16 And then the other thing is
4:17 if you ever try to push back, do a push from your server
4:20 it won't let you unless you set these two things.
4:22 Let's go ahead and set your email
4:24 like firstname.lastname@example.org
4:28 And we also have to set our name.
4:33 Here we go, those two are set, that's good.
4:34 So now, get is up and ready to go.
4:38 We're also going to want to have a place
4:40 where we put out web app of course
4:42 so we're going to make this structure here
4:44 under /apps/.
4:47 We're going to do a clone there.
4:49 We're also going to have a log section.
4:50 We didn't actually set up logging in our server
4:54 so it's not. I'm putting them here for you
4:57 to add logging to your server and write them there.
4:59 We're not going to make too much use of 'em.
5:01 But over here, we now in this little section, like so.
5:05 That's cool. The other thing is we're going to want
5:08 to create a virtual directory.
5:10 Now, the server is dedicated to singularly dedicated
5:14 at the moment to running this web app.
5:16 So you could say, maybe we could just
5:18 update the system Python and system packages
5:22 by using a virtual environment.
5:23 If something goes wrong, it's easy for us
5:26 to delete that environment, recreate it
5:28 rerun the dependencies, pip install -r requirements.txt.
5:32 Things like that and it will just come back to life.
5:34 So this means it's easier if we do something wrong
5:37 to recreate what what we need.
5:39 So let's go ahead and create this virtual environment here.
5:44 Let's activate it. Like so.
5:48 Notice our prompt changes.
5:50 And if we ask which Python it's now this one
5:52 so that's good.
5:55 And we can go ahead and install some tools like so.
6:01 All right, so we want to make sure that we have the latest pip
6:04 and setuptools because notice we
6:07 had a incredibly out of date pip 9
6:10 and now we're in pip 19.
6:12 How ridiculous is that I really just don't get
6:14 why Python doesn't upgrade this for us
6:17 when we're creating a virtual environments.
6:18 But it doesn't, so make sure you don't forget that.
6:20 That way, we're all good.
6:22 Now, we're going to install a couple of utilities
6:25 that are Python based
6:26 so they go in our virtual environment
6:27 not through app one, is httpie.
6:30 This is kind of replacement of recurral, or wget.
6:32 It let's us test our web app and it's just nicer
6:35 and it happens to be Python based so we put it over here.
6:38 Glances is a cool GUI light program
6:41 that let's us understand the apps
6:42 that are running our server.
6:44 So now we have this, we can run Glances
6:47 and have a better look at our server.
6:48 This is cool.
6:49 So here you can see the cp load.
6:51 Looks high, like Glances was, figuring out what's up.
6:53 But now it's super low.
6:55 Our memory usage is really good.
6:57 We're releasing 280 megs. We got 700.
6:59 We can sort by memory, by person m's, c, cpu
7:02 by pressing c.
7:04 And over here we have things like Glances, Fail2Ban.
7:06 Stuff that you would expect.
7:07 Our web app is not here, of course.
7:09 We haven't started it.
7:11 We'll get there in a little bit.
7:12 We also need to install uWSGI.
7:14 This is a Python thing.
7:16 When you install it, it actually takes a little awhile.
7:19 It does a bunch of compilation and stuff
7:20 in the setup.py.
7:22 So this takes awhile, but then eventually it will be
7:24 set up inside our virtual environment.
7:27 And there you have it.
7:28 The server is ready to go.
7:29 You can type WSGI just to make sure that it's there.
7:32 Obviously it won't start.
7:33 It's like, give me no configuration.
7:35 I don't know what to do.
7:36 But it looks like we can run it and everything we need
7:40 is now on the server.
7:41 It's just up to us to get our code there
7:43 and configure micro isky and Nginx and get them running.