Installation of Django and configuration of Gunicorn

Owned by Luke Clarke
Last updated: 12 Mar, 2019
3 min read

  1. First update and upgrade the system so you are working with the latest packages;

    sudo apt-get update && sudo apt-get upgrade -y

  2. Next we will need to install all the packages we will use in NearBeach

    sudo apt install python3-dev libpq-dev nginx curl build-essential python3-setuptools libcairo2 libpango-1.0-0 libpangocairo-1.0-0 libgdk-pixbuf2.0-0 libffi-dev shared-mime-info

  3. Install pip
    curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
    sudo python3 get-pip.py

  4. After installing the required packages, you will need to update pip
    sudo pip3 install --upgrade pip
  5. Once pip is upgraded, you will need to create a virtual environment
    sudo pip3 install virtualenv
  6. Navigate to a directory where you would like to store your project. We would recommend /var/www/, if you require adding permission to /var/www/ please consult Ubuntu Help - https://askubuntu.com/questions/19898/whats-the-simplest-way-to-edit-and-add-files-to-var-www#51337
    If you need to create your own project folder, then use the following commands
    mkdir <<project_folder>>
    Then navigate into it
    cd <<project_folder>>
  7. Create your own virtual environment for python
    virtualenv <<project_environment>>
    This will create a directory called "<<project_environment>>", this will store NearBeach's libraries for python
  8. Activate the virtual environment using the following command
    source ./<<project_environment>>/bin/activate
    You terminal prompt will change to indicate that it is working in the virtual environment now. It should look like the following
    (<<project_environment>>)user@computer:
  9. Install Django along with several other required packages
    pip install django gunicorn
  10. Django and gunicorn is now installed - we will now configure the webserver to server the pages.
    Use the cd command to navigate to the directory where you would like to store the django project
  11. Create a new django project
    django-admin.py startproject <<django_project>>
  12. Adjust the project's settings to allow debugging and accept ALL allowed hosts
    nano ./<<django_project>>/<<django_project>>/settings.py
  13. Change the following lines to reflect the following

    This will allow us to test the web server. We will be modifying this file later to be more security conscience
    Save the settings file and exit
  14. Test the django project can interact with gunicorn
    cd ./<<django_project>>
    sudo ufw allow 8000
    gunicorn --bind 0.0.0.0:8000 <<django_project>>.wsgi
  15. Now open up a new tab in your browser and go to;
    https://<<your_domain_or_IP>>:8000
    You should see the following page load - note there will be no styling, that is fine as Gunicorn does not know how to find it.

    If not, please check your error logs

Installation of systemd Socket and Service files

Gunicorn will need both socket and service files to be created to run automatically when the system starts.

  1. Edit a gunicorn.socket file

    sudo nano /etc/systemd/system/gunicorn.socket

    Inside the file you will need the following code

    [Unit]
Description=gunicorn socket

[Socket]
ListenStream=/run/gunicorn.sock

[Install]
WantedBy=sockets.target


  2. Save and close the file when you are finished

  3. Edit a gunicorn.service file
    sudo nano /etc/systemd/system/gunicorn.service
    Inside the file you will need the following code

    [Unit]
    Description=gunicorn daemon
    Requires=gunicorn.socket
    After=network.target

    [Service]
User=www-data
Group=www-data
WorkingDirectory=<<django_project_location>>
ExecStart=<<virtualenv_location>>/bin/gunicorn \
          --access-logfile - \
          --workers 3 \
          --bind unix:/run/gunicorn.sock \
          <<django_project>>.wsgi:application
    [Install]
WantedBy=multi-user.target

  4. Save the file and exit

  5. Run and test the socket
    sudo systemctl start gunicorn.socket
    sudo systemctl enable gunicorn.socket

  6. You will need to test the status of the gunicorn socket
    sudo systemctl status gunicorn.socket

  7. If gunicorn's status is active, you will need to configure nginx to proxy pass to gunicorn

  8. Add your project file to sites-enabled
    sudo nano /etc/nginx/sites-available/<<django_project>>
    Copy in the following text

    server
    {
      listen 80;
      server_name <<your_domain_or_IP>>;
      location = /favicon.ico { access_log off; log_not_found off; }
      location /static/ { root <<django_project_location>>; }
      location / {
        include proxy_params;
        proxy_pass http://unix:/run/gunicorn.sock;
      }
    }

  9. Create a soft link
    sudo ln -s /etc/nginx/sites-available/<<django_project>> /etc/nginx/sites-enabled

  10. Test nginx
    sudo nginx -t

  11. If there are errors at this point, consult the internet for a solution, or check the logs

  12. If no errors are reported, restart nginx
    sudo systemctl restart nginx

  13. Fix up the firewall
    sudo ufw delete allow 8000
    sudo ufw allow 'Nginx Full'

  14. Edit the settings file to limit the security
    nano ./<<django_project>>/settings.py
    Fill out the Allowed host with an appropriate value(s), and turn off debug

  15. Restart gunicorn
    sudo service gunicorn restart

More information on this install can be found on digital ocean's documentation https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-18-04

Installation of Certbot

Certbot is recommended by NearBeach to supply free certified SSL certificates.

  1. Install certbox
    sudo apt-get install python-certbot-nginx

  2. Once installed, run certbot
    sudo certbot --nginx

Follow the prompts to install certbot. This will enable https to your NearBeach site.