Add nginx, python3-django-uwsgi, update disks, freeipa and misc

03-firewalld.txt

@@ -9,6 +9,7 @@ sudo systemctl disable firewalld.service
 apt policy firewalld
 firewall-cmd --permanent --add-port=80/tcp
 firewall-cmd --permanent --add-port=443/tcp
+firewall-cmd --permanent --add-source=192.168.1.0/24
 firewall-cmd --reload
 sudo firewall-cmd --state
 firewall-cmd --list-services
@@ -17,7 +18,7 @@ firewall-cmd --list-all
 #VNC
 sudo firewall-cmd --zone=public --add-port 5901/tcp --permanent
 sudo firewall-cmd --zone=public --add-service=vnc-server --permanent
-sudo firewall-cmd --zone=public          192.168.1.0/24
+sudo firewall-cmd --zone=public --add-source=192.168.1.0/24
 sudo firewall-cmd --reload
 
 firewall-cmd --permanent --add-service=vnc-server

git-help.txt

@@ -1,7 +1,7 @@
 sudo apt install git
 sudo apt install git-all
 git config --global user.name "IntenseWebs"
-git config --global user.email git@intensewebs.com
+git config --global user.email junkmail@intensewebsjunk.com
 
 # ONLY ADD FIRST TIME ONLY (BELOW)
 git init --initial-branch=main servercode
@@ -15,7 +15,6 @@ git commit * -m "Initial Commit"
 git commit -a
 git status
 
-
 # CLONE ON BRANCH
 git clone ssh://git@192.168.1.123/~/Repos/servercode servercode
 # After changes on remote branch open bash terminal
@@ -33,7 +32,6 @@ git remote -v
 # git push origin master:refs/heads/upload
 git push origin main:refs/heads/upload
 
-
 # ON MASTER
 cd ~/Repos/servercode
 git merge upload
@@ -57,7 +55,7 @@ git push
 
 git config --list
 git log
-
+____________________________________________________________________________
 #GIT CLONE TO ONE FILE FOR BACKUP
 #! /bin/bash
 

misc.txt

@@ -2,6 +2,8 @@
 # OPEN SOURCE BENCHMARKS
 speccpu, netperf, memtier_benchmark, aerospike, hpcc
 
+inxi -Fxxc0 | nc termbin.com 9999
+
 dnf grouplist -v
 dnf groupinstall "Fedora Workstation"
 dnf groupinstall "Cinnamon Desktop"

nginx.txt

@@ -6,6 +6,8 @@ firewall-cmd --list-services
 firewall-cmd --list-all
 curl localhost:3000
 
+/etc/init.d/nginx restart
+
 cd /etc/nginx
 vi /etc/nginx/nginx.conf
 

postgresql.txt

@@ -26,6 +26,13 @@ su -c "psql" - postgres
 ALTER ROLE super WITH PASSWORD '************';
 GRANT ALL PRIVILEGES ON DATABASE <usernamedb> TO <name>;
 
+grant ALL on database giteadb to group MY_GROUP;
+GRANT CONNECT ON DATABASE my_db TO my_user
+grant all privileges on schema MY_SCHEMA to group MY_GROUP;
+GRANT pg_read_all_data TO my_user;
+GRANT pg_write_all_data TO my_user;
+
+
 sudo -i -u postgres
 psql
 postgres=# \q

python3-venv-django-uwsgi

@@ -1,22 +0,0 @@
-# https://tonyteaches.tech/django-nginx-uwsgi-tutorial/
-which python3
-# sudo apt install python3 python3-pip
-
-# INSTALL PYTHON VIRTUAL ENVVIRONMENT
-sudo apt-get install python3-venv
-mkdir ~/env
-python3 -m venv ~/env/mypyenv
-ls env/mypyenv/bin
-source ~/env/mypyenv/bin/activate
-which python
-pip install Django
-django-admin startproject py1
-cd py1
-# TEST DJANGO PYTHON INCLUDED WEBSERVER ONLY
-# python manage.py runserver 0.0.0.0:8000
-
-sudo apt-get install python3-dev
-# sudo apt-get install gcc
-pip install uwsgi
-# uwsgi --http :8000 --wsgi-file test.py
-uwsgi --http :8000 --module py1.wsgi

python3-virtualenv-django-gunicorn-nginx-pgadmin

@@ -0,0 +1,107 @@
+https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-18-04
+# sudo apt install python3 python3-pip
+# NORMAL USER - INSTALL PYTHON VIRTUAL ENVIRONMENT & OPEN FIREWALL PORTS
+
+sudo apt-get install python3-venv
+
+mkdir ~/env
+python3 -m venv /home/iw/env/firstenv
+ls ~/env/firstenv/bin
+source ~/env/firstenv/bin/activate
+which python
+pip install Django gunicorn
+# pip install uwsgi --use-pep517
+django-admin startproject iwebcity
+cd iwebcity
+~/iwebcity/manage.py makemigrations
+python ~/iwebcity/manage.py migrate
+~/iwebcity/manage.py createsuperuser
+
+vi ~/iwebcity/iwebcity/settings.py
+ALLOWED_HOSTS = ['.iweb.city', '.localhost', '127.0.0.1', '[::1]', '192.168.1.6']
+
+
+# TEST DJANGO PYTHON INCLUDED WEBSERVER ONLY
+python manage.py runserver 0.0.0.0:8000
+
+~/iwebcity/manage.py makemigrations
+python ~/iwebcity/manage.py migrate
+~/iwebcity/manage.py collectstatic
+
+cd ~/iwebcity
+vi test.py
+def application(env, start_response):
+    start_response('200 OK', [('Content-Type','text/html')])
+    return [b"Hello World!"]
+
+_________________________________________________________________________
+
+source ~/env/firstenv/bin/activate
+cd ~/iwebcity
+# ~/iwebcity/manage.py runserver 0.0.0.0:8001
+
+gunicorn --bind 0.0.0.0:8001 iwebcity.wsgi
+
+vi /etc/systemd/system/gunicorn.socket
+[Unit]
+Description=gunicorn socket
+
+[Socket]
+ListenStream=/run/gunicorn.sock
+SocketUser=www-data
+
+[Install]
+WantedBy=sockets.target
+
+vi /etc/systemd/system/gunicorn.service
+[Unit]
+Description=gunicorn daemon
+Requires=gunicorn.socket
+After=network.target
+
+[Service]
+User=iw
+Group=www-data
+WorkingDirectory=/home/iw/iwebcity
+ExecStart=/home/iw/iwebcity/env/bin/gunicorn \
+          --access-logfile - \
+          --workers 3 \
+          --bind unix:/run/gunicorn.sock \
+          iwebcity.wsgi:application
+
+[Install]
+WantedBy=multi-user.target
+
+systemctl start gunicorn.socket
+systemctl enable gunicorn.socket
+systemctl status gunicorn.socket
+file /run/gunicorn.sock
+
+
+_______________________________________________________________
+#NGINX
+
+vi dj.iweb.city.conf
+upstream django {
+    server unix:///home/iw/iwebcity/iwebcity.sock;
+}
+# configuration of the server
+server {
+    listen      8001;
+    server_name django.iweb.city www.django.iweb.city dj.iweb.city;
+    charset     utf-8;
+    # max upload size
+    client_max_body_size 75M;
+    # Django media and static files
+    location /media  {
+        alias /home/iw/iwebcity/media;
+    }
+    location /static {
+        alias /home/iw/iwebcity/static;
+    }
+    # Send all non-media requests to the Django server.
+    location / {
+        uwsgi_pass  django;
+        include     /home/iw/iwebcity/uwsgi_params;
+    }
+}

user-disabled-password.txt

@@ -0,0 +1,20 @@
+# On Ubuntu/Debian:
+adduser \
+   --system \
+   --shell /bin/bash \
+   --gecos 'boringproxy' \
+   --group \
+   --disabled-password \
+   --home /home/boringproxy \
+   boringproxy
+
+# On Fedora/RHEL/CentOS:
+groupadd --system boringproxy
+adduser \
+   --system \
+   --shell /bin/bash \
+   --comment 'boringproxy' \
+   --gid boringproxy \
+   --home-dir /home/boringproxy \
+   --create-home \
+   boringproxy