So basically deploying straight into the ie an cloud server with open 22, 80 and 443 port. Prerequisite is a signed certificate for the DNS server name (YOUR_SERVER DNS entry from below). One can use a self signed, etc, not covering those. Also, Python installed and sudo access (or root for Linux). I have no idea at all about the MS Servers, sorry.
The App is in read only mode. You can access admin.html page, but can’t change anything. Took me some fiddling with Google Cloud server, this is a micro Ubuntu instance, plain apache2 install with apt-get.
Install wsgi module for Apache :
apt-get install libapache2-mod-wsgi
Enable ssl, wsgi module for apache:
a2enmod ssl wsgi
Create a custom file for jam-py app, ie /etc/apache2/sites-available/test.conf, for example (still wip):
<IfModule mod_ssl.c>
<VirtualHost YOUR_IP:443>
ServerName YOUR_SERVER
ServerAlias
ServerAdmin YOUR_EMAIL
ErrorLog ${APACHE_LOG_DIR}/test-error-sec.log
CustomLog ${APACHE_LOG_DIR}/test-access-sec.log combined
#below is for cx_Oracle
SetEnv LD_LIBRARY_PATH /u01/app/oracle/product/11.2.0/xe/lib
SetEnv ORACLE_SID XE
SetEnv ORACLE_HOME /u01/app/oracle/product/11.2.0/xe
#finish cx_Oracle
DocumentRoot /var/www/html/simpleassets
SSLEngine on
SSLCertificateFile "/etc/ssl/private/your.crt"
SSLCertificateKeyFile "/etc/ssl/private/your.key"
SSLCertificateChainFile "/etc/ssl/private/your_chain.crt"
SSLCACertificateFile "/etc/ssl/private/your_CA.crt"
WSGIDaemonProcess web user=www-data group=www-data processes=1 threads=5
WSGIScriptAlias / /var/www/html/simpleassets/wsgi.py
<Directory /var/www/html/simpleassets>
Options +ExecCGI
SetHandler wsgi-script
AddHandler wsgi-script .py
Order deny,allow
Allow from all
Require all granted
<Files wsgi.py>
Order deny,allow
Allow from all
# comment the following for ubuntu <13
Require all granted
</Files>
</Directory>
<Directory /var/www/html/simpleassets/static>
# comment the following for ubuntu < 13
Require all granted
</Directory>
</VirtualHost>
</IfModule>
The above file is using signed certificate your.crt with your.key, and CA, chain file obtained from CA. Please review resources on the net about certificates and the dns. You’ll need to obtain and copy those files in /etc/ssl/private folder. Change YOUR_xyz with your preference.
The /var/www/html is the default Ubuntu folder for serving web pages.
Install jam-py as usual.
I created the /var/www/html/simpleassets folder where unzipped jam-py SimpleAssets project. Follow procedure explained there how to deploy these:
Basically, Export your project, save the zip file and copy it to your web hosting server desired folder. Copy admin.sqlite and your database as well (providing you’re using sqlite3 database). If using some other database ie mysql, you’ll need to export/import the database.
Enable test.conf (the above file name with no extension):
a2ensite test; systemctl restart apache2
That is it. At the moment, I’ve left port 80 as is, and jam-py is running only on https port. To debug problems, I would start with SeLinux or apparmor. With Ubuntu this might help:
sudo /etc/init.d/apparmor stop
Now, here is the question of how to run TWO jam-py instances on one https server?
One possible answer to this problem is the DNS. You might decide to set your DNS to ie second_instance.YOUR_SERVER name (the above live example would be jam2.research…).
So the above test.conf file would be almost the same except YOUR_SERVER is now called second_instance.YOUR_SERVER
The /etc/apache2/sites-available/test3.conf file:
<IfModule mod_ssl.c>
<VirtualHost YOUR_IP:443>
ServerName second_instance.YOUR_SERVER
ServerAlias
ServerAdmin YOUR_EMAIL
ErrorLog ${APACHE_LOG_DIR}/test3-error-sec.log
CustomLog ${APACHE_LOG_DIR}/test3-access-sec.log combined
#below is for cx_Oracle
SetEnv LD_LIBRARY_PATH /u01/app/oracle/product/11.2.0/xe/lib
SetEnv ORACLE_SID XE
SetEnv ORACLE_HOME /u01/app/oracle/product/11.2.0/xe
#finish cx_Oracle
DocumentRoot /var/www/html/simpleassets3
SSLEngine on
SSLCertificateFile "/etc/ssl/private/your.crt"
SSLCertificateKeyFile "/etc/ssl/private/your.key"
SSLCertificateChainFile "/etc/ssl/private/your_chain.crt"
SSLCACertificateFile "/etc/ssl/private/your_CA.crt"
WSGIDaemonProcess assets3 user=www-data group=www-data processes=1 threads=5
WSGIScriptAlias / /var/www/html/simpleassets3/wsgi.py
<Directory /var/www/html/simpleassets3>
Options +ExecCGI
SetHandler wsgi-script
AddHandler wsgi-script .py
Order deny,allow
Allow from all
Require all granted
<Files wsgi.py>
Order deny,allow
Allow from all
# comment the following for ubuntu <13
Require all granted
</Files>
</Directory>
<Directory /var/www/html/simpleassets3/static>
# comment the following for ubuntu < 13
Require all granted
</Directory>
</VirtualHost>
</IfModule>
The jam-py application second_instance lives now in ie /var/www/html/simpleassets3, and WSGIDaemonProcess is adjusted to new daemon, called assets3. Everything else is almost the same.
This is possible because the SSL certificate is a * (star, or wildcard) certificate, enabling you to run multiple services on one DNS domain.
This was initialy published by Dražen Babić on https://github.com/jam-py/jam-py/issues/35