HACKING.md 4.6 KB

Personal-site

Production [Tested on server with Hyperbola GNU + Linux-libre]

Python dependencies

  • Django
  • Pillow
  • psycopg2-binary
  • pytz

Production Installation

  • Clone Personal-site
$ git clone https://git.sr.ht/~heckyel/personal-site
  • Run virtualenv.
$ cd personal-site && virtualenv ./venv/
  • Activate the virtualenv.
$ source ./venv/bin/activate
  • Install dependencies through pip.
$ pip install -r django/requirements_prod.txt

Configuration Postgres

  • Login as postgres
$ sudo su - postgres
  • Create base
$ createdb namebase
  • Create User (place a password for our user)
$ createuser -P username
  • Inside the database
$ psql -d namebase
  • Give permissions to the created user
$ GRANT ALL PRIVILEGES ON DATABASE namebase TO username;

Tips of Postgres

  • List database
$ psql -l
  • Delete database
$ dropdb namebase

Conecting to Postgres

  • Copy settings.py.example to settings.py and modify. Make sure to uncomment the appropriate database section (either sqlite or PostgreSQL).
$ cp -v django/personalsite/settings.py.example django/personalsite/settings.py

Replace sqlite configuartion to postgres, example:

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': 'namebase',
        'USER': 'username',
        'PASSWORD': 'pass',
        'HOST': '127.0.0.1',
        'PORT': '5432',
    }
}
  • Check syntax.
$ python django/manage.py check --deploy
  • Make migrations
$ python django/manage.py makemigrations
  • Migrate changes.
$ python django/manage.py migrate
  • Create superUSER
$ python django/manage.py createsuperuser

Run with Apache server and wsgi

  • Install WSGI for Apache
$ sudo pacman -S mod_wsgi
  • To install mod_wsgi, add the following line in httpd.conf, example:
$ sudo nano -w /etc/httpd/conf/httpd.conf

Added line:

LoadModule wsgi_module modules/mod_wsgi.so
  • Create vhosts, for example:
$ sudo nano -w /etc/httpd/conf/extra/httpd-vhosts.conf

and inside write the configuration, example:

<IfModule ssl_module>
    <VirtualHost *:80>
        ServerAdmin example@dominio.com
        ServerName example.com
        ServerAlias example.com

        Alias /media /path/to/site/media/
        Alias /static /path/to/site/core/static/
        <Directory /path/to/site/core/static>
            Require all granted
        </Directory>

        <Directory /path/to/site/media>
            Require all granted
        </Directory>

        <Directory /path/to/site/personalsite>
            <Files wsgi.py>
                Require all granted
            </Files>
        </Directory>

        WSGIDaemonProcess personalsite python-home=/path/to/site/venv python-path=/path/to/site
        WSGIProcessGroup personalsite
        WSGIScriptAlias / /path/to/site/wsgi.py

    </VirtualHost>
</IfModule>
  • Replace ALLOWED_HOSTS = []

on setting.py to:

ALLOWED_HOSTS = ["example.com", "localhost"]
  • Added on setting.py:
STATIC_ROOT = '/path/to/site/core/static'
  • Generated files static of Admin Django (you must be inside the virtualenv).
$ python django/manage.py collectstatic
  • Create the media/ directory
$ cd /path/to/personalsite
$ mkdir media/
  • Change Permition to media/ at group http
$ sudo chown -R http:http media/
  • Restart Apache server
$ sudo rc-service httpd restart
  • Done!

Security on settings.py [SSL, HTTPS, COOKIE, etc]

# security.W004
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True

# security.W006
SECURE_CONTENT_TYPE_NOSNIFF = True

# security.W007
SECURE_BROWSER_XSS_FILTER = True

# security.W008
SECURE_SSL_REDIRECT = True

# security.W012
SESSION_COOKIE_SECURE = True

# security.W016、security.W017
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True

# security.W019
X_FRAME_OPTIONS = 'DENY'

Validation subdomain in eepsite

Uncomment in project/urls.py

from django.urls import path
from . import views

urlpatterns = [
    path('', views.home, name="home"),
    path('filename', views.i2pfile, name='i2pfile') # eepsite
]

also project/views.py

def i2pfile(request):
    return render(request, 'trabajo/filename')

and add project/templates/trabajo/filename