{"id":17241268,"url":"https://github.com/sid597/setting-up-server","last_synced_at":"2026-04-19T06:33:44.208Z","repository":{"id":108964797,"uuid":"269880134","full_name":"sid597/Setting-up-Server","owner":"sid597","description":"Setting up new flask-gunicorn-nginx server is time consuming so wrote a customised script to serve my needs.","archived":false,"fork":false,"pushed_at":"2021-01-07T16:26:51.000Z","size":52,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-26T03:13:41.780Z","etag":null,"topics":["flask","gunicorn","nginx"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sid597.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-06T05:33:56.000Z","updated_at":"2021-01-07T16:26:54.000Z","dependencies_parsed_at":"2023-03-13T14:19:49.390Z","dependency_job_id":null,"html_url":"https://github.com/sid597/Setting-up-Server","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/sid597/Setting-up-Server","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sid597%2FSetting-up-Server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sid597%2FSetting-up-Server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sid597%2FSetting-up-Server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sid597%2FSetting-up-Server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sid597","download_url":"https://codeload.github.com/sid597/Setting-up-Server/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sid597%2FSetting-up-Server/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263166507,"owners_count":23424176,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["flask","gunicorn","nginx"],"created_at":"2024-10-15T06:08:32.963Z","updated_at":"2026-04-19T06:33:44.166Z","avatar_url":"https://github.com/sid597.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"I wrote this script to ease the process of setting up my virtual server. \nThe script creates a new non-sudo user, logs in as new user, enables ssh login, disables root login,\nsets up firewall, Installs Vim, Zsh and terminator.\n# Setting up server to deploy Flask app \n\nNOTE : I am using Ubuntu to set up this server\n\nI followed the following steps to set up my server for flask app this guide is for future reference.\n\n## Hosting Options\nOne can host websites on their own bare-metal hardware or on virtualized \nservers I decided to go with the latter option.\n\nNow here also ther are multiple options to choose from : Linode, Digital Ocean,\nAWS, GCE etc. I went with digital ocean because I got $100 free credit and \nI found options from AWS and GCE confusing with their naming scheme.\n\nIf you want to set up your server on digital ocean with $100 credit, here is \nmy referal link https://m.do.co/c/55d364734c11. Go spend \u003e$25 only then I will\nget another $25 credit :)\n\n\nOnce decided to go with Digital ocean then:\n    - Sign in\n    - Click on create -\u003e droplets\n    - All the info will be on the page to help you decide your setup\n    - I set up the server with password not ssh so had to convert to ssh login\n      later.\n    - My tip go with the backup options it will be worth it, more so if you \n      decided to develop on server directly\n\n## Initial Server set up with Ubuntu 18.04\n    \nThere are a few steps that should be done as a basic setup to increase the\nsecurity and usability of server.\n\n\n#### Login as root\n\n- Connect you droplet with ssh from your machine\n\n -  To connect with ssh as root one needs to know the IP of their droplet\n    grab that then do `ssh root@ip_address`\n - Accept warnings that are displayed\n - ##### Set up ssh key insted of password authentication \n\n    - Go to your machine terminal \n    - If you already have ssh key \n        - Copy your **public key** `ssh-copy-id username@remote_host`\n    - Else \n        - Generate ssh key using `ssh keygen`\n        - Copy your **public key** `ssh-copy-id username@remote_host`\n    - Try logging to serve with `ssh username@remote_host`\n    - If successful continue else go figure why this happend\n    - Disable password authentication for server \n        - `sudo vi /etc/ssh/sshd_config`\n        - Learn vim commands if you find yourself stuck\n        - Search for `PasswordAuthentication` uncomment if this is commented out\n          and set it to no.\n        - Pro tip: exit vi by following the steps: \n          press `esc` -\u003e type `:wq`-\u003e Give a pat on back  Phew! \n    - restart `sshd` service `sudo systemctl restart ssh`\n\n Now once logged in as a root user, use your great power to create a new \n sudo user\n\n## Using my script \n- Clone this repo\n- `cd Setting-up-server`\n- `./setup.sh`\n\nThere will be some prompts asking for username, password. Also this script is \nsetup to use my config files and installs vim, zsh, terminator on the server\n\n## Doing it manually\n\n#### Create New User\n\n- `adduser Kenzo_Tenma`\n- Skip or enter the details asked\n- Grant the new user sudo privileges `usermod -aG sudo Kenzo_Tenma`\n- ##### Enabling external access for this regular user\n    - Why ? So that I can directly ssh into this account\n    - Copy the ssh key to this users authorized keys from root\n    - `rsync --archive --chown=Kenzo_Tenma:Kenzo_Tenma ~/.ssh /home/Kenzo_Tenma\n\n\n#### Set up basic firewall \n\nIn digital ocean there is an option to set up firewall( create -\u003e cloud firewalls)\nI tried that option but later I was not able get my nginx working so\nI reverted back to using ufw(uncomplicated firewall) also if something does\nnot workout there are tons of articles and support where you can find \nsolution to ufw related issue. \n\n- Allow ssh through firewall \n\n    - `ufw allow OpenSSH`\n    - `ufw enable` =\u003e enables the firewall check the status using `ufw status`\n\n    NOTE: This is a basic server setup as of this point only ssh is possible\n          for Nginx server we will also need to allow http and https.\n\n#### Set up the working environment (Optional)\n\nAt this point I would like to install a few programs:\nvim, zsh, terminator, oh-my-zsh and update their necessary config files\n\n\n\nNOTE : You have to do all the work now in user account not root\n\n## Install Nginx and update firewall \n- `sudo apt update`\n- `sudo apt install nginx`\n- `sudo ufw app list` will show all the application configurations that ufw knows\n- `sudo ufw allow 'Nginx HTTP'` allow http requests, if you have ssl then also \n    allow HTTPS\n- `sudo ufw enable nginx` -\u003e Will enable nginx, so if you go to your ip in browser\n    you will see nginx installed html page\n\n## Install python, pip etc. on server\n    \nNow its time to install dependencies to run you python virtual environment\n - `sudo apt update`\n - `sudo apt install python3-pip python3-dev build-essential libssl-dev libffi-dev python3-setuptoolsi `\n - `sudo apt install python3-venv` install package to make virtual environment,\n    there are many packages for python to make virtual env but I use python3 \n    because thats what all the tutorial makers used :D\n - Make or copy the project you want in server to `/var/www/`\n - `python3.6 -m venv venv` creates a virtual env called venv(the latter one)\n - `source venv/bin/activate`\n\n\n## Setting up flask \n    \nIf copying project from local to server install all the packages for the project\n - In you local machine create a requirements.txt file which will contain all the\n   packages required for the project `pip freeze \u003e requirements.txt` will create the\n   file\n - create a virtual environment\n - `pip install wheel` this is necessary dependency for some packages that does not \n    have wheel archives\n - Install the packages from requirements.txt using command `pip install -r requirements.txt`\n #### Create a WSGI entry point \n\n- `vim /path-toproject/wsgi.py`\n\n```\n from __init__ import app\n\n  if __name__ == \"__main__\":\n      app.run()\n\n ``` \n - `deactivate`\n\n     \n## Configuring Gunicorn\n\n\n- `sudo vim /etc/systemd/system/projectname.service` \n```\n[Unit]\nDescription=Gunicorn instance to serve myproject\nAfter=network.target\n\n[Service]\nUser=sammy\nGroup=www-data\nWorkingDirectory=/var/www/myproject\nEnvironment=\"PATH=/var/www/myproject/venv/bin\"\nExecStart=/var/www/myproject/venv/bin/gunicorn --workers 3 --bind unix:myproject.sock -m 007 wsgi:app\n\n[Install]\nWantedBy=multi-user.target\n```\n\n- `sudo systemctl start myproject`\n- `sudo systemctl enable myproject`\n    \n## Configuring Nginx to Proxy Requests\n\n- `sudo vim /etc/nginx/sites-available/myproject`\n\n```\nserver {\n\n    listen 80;\n    server_name 206.189.134.65;\n\n    location /static {\n        alias /var/www/myproject/static;\n    }\n\n    location / {\n        proxy_pass http://unix:/var/www/myproject/myproject.sock;\n        include /etc/nginx/proxy_params;\n        proxy_redirect off;\n    }\n\n\n}\n```\n\n- `sudo ln -s /etc/nginx/sites-available/myproject /etc/nginx/sites-enabled`\n- `sudo nginx -t`  check nginx for errors\n- `sudo systemctl restart nginx`\n\n\n\n## Conclusion \n\nIn this guide, you created and secured a simple Flask application within a Python virtual environment. You created a WSGI entry point so that any WSGI-capable application server can interface with it, and then configured the Gunicorn app server to provide this function. Afterwards, you created a systemd service file to automatically launch the application server on boot. You also created an Nginx server block that passes web client traffic to the application server, relaying external requests, and secured traffic to your server with Let’s Encrypt.\n\nFlask is a very simple, but extremely flexible framework meant to provide your applications with functionality without being too restrictive about structure and design. You can use the general stack described in this guide to serve the flask applications that you design.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsid597%2Fsetting-up-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsid597%2Fsetting-up-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsid597%2Fsetting-up-server/lists"}