NEW

Deploy Django to DreamCompute on Ubuntu with Apache – Part 5

In the final part of this tutorial, we’ll talk about how to set up a secure HTTPS connection on Apache with an SSL certificate from Let’s Encrypt.

Deploy Django to DreamCompute on Ubuntu with Apache – Part 4

In the previous part of this tutorial, we set up and configured Django. With everything now set up, it is time to install and configure Apache.

Deploy Django to DreamCompute on Ubuntu with Apache – Part 3

In the previous tutorial we got PuTTY and FileZilla set up. In this tutorial, we’ll be focusing on using the Shell terminal to get Django installed and set up.

Deploy Django to DreamCompute on Ubuntu with Apache – Part 2

In the first part of this tutorial, we set up a DreamCompute Instance. In this part, we’ll walk through connecting to the system Shell and SFTP.

Deploy Django to DreamCompute on Ubuntu with Apache – Part 1

In this five-part tutorial, I’m going to show you how to deploy a Django application to DreamCompute on Ubuntu with Apache and an SSL certificate.

The Google Pop-up Experience

When I've first heard about Google opening up a hardware store in Chicago's Bucktown during mid-October, I was very excited. I've been following Google's development for quite some time now in the industry. I, myself, am a big fan of smart devices and find the concept...

VO Manager Pro – Released

You can now purchase the VO Manager Pro on the Unity Asset Store at http://u3d.as/1ee5 for $14.99!

View My Map

View My Map is an online web application that gathers Facebook user’s checked-in location data and places them on a Google Map. The app also allows the user to export screenshots of their map as well as share them online via a generated link.

Balancing School and Work

It’s no joke when it comes to balancing school and work. It can be difficult, and I have a hard time myself. How do any of us do it? Sheer willpower of course! As true as that may sound, there’s more to it than sheer willpower.

Deploy Django to DreamCompute on Ubuntu with Apache – Part 5

In the final part of this tutorial, we will talk about how to set up a secure HTTPS connection for our Django project on Apache as well as install a free SSL certificate provided by Let’s Encrypt.


Generating The SSL Certificate

Installing Certbot

To generate our certificate, we’re going to need Certbot. Boot up PuTTY and log into the system’s Shell and run the following commands to install Certbot.

ubuntu@instance_name:~$ sudo wget https://dl.eff.org/certbot-auto -O /usr/sbin/certbot-auto
ubuntu@instance_name:~$ sudo chmod a+x /usr/sbin/certbot-auto

That’s it! Certbot is now on our system.

Generating The Certificate

With Certbot now installed, we can proceed to generate our certificate.

First, we’d need to shut down Apache momentarily to generate our certificate. Since Certbot runs off of port 80, we’d want to make sure there are no conflicts. To shut down Apache use the following command:

ubuntu@instance_name:~$ sudo service apache2 stop

Once down, run the following command to begin generating our certificate:

ubuntu@instance_name:~$ sudo certbot-auto certonly --standalone -d domain.com -d www.domain.com

Replace domain.com and www.domain.com with your domain.

You’ll be prompted to answer a few questions and enter your email. After you’ve completed this step, your SSL certificate will be generated.

Your SSL certificate can be found at the following path:

/etc/letsencrypt/live/domain.com

You’ll notice four files got created.

  • cert.pem
  • chain.pem
  • fullchain.pm
  • Privkey.pm

Configuring The VirtualHost

Back in Part 4 of this tutorial, Deploy Django to DreamCompute on Ubuntu with Apache – Part 4, we’ve edited a file called 000-default.conf to set up our VirtualHost for our Django project to run on HTTP port 80. This time around we’re going to do the following:

  • Redirect all traffic coming in through our HTTP version of the site to HTTPS
  • Set up our HTTPS connection with our SSL certificate

To do that, edit the 000-default.conf file by running:

/etc/letsencrypt/live/domain.com

Delete everything within the file and use the new template below:

<VirtualHost *:80>
    ServerName domain.com
    ServerAdmin name@domain.com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

   RewriteEngine On
   RewriteCond %{SERVER_PORT} !^443$
   RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>

<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/domain.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/domain.com/chain.pem

    Alias /assets /home/ubuntu/domain.com/public/assets
   <Directory /home/ubuntu/domain.com/public/assets>
       Require all granted
   </Directory>

   <Directory /home/ubuntu/domain.com/projectname/projectname>
       <Files wsgi.py>
           Require all granted
       </Files>
   </Directory>

   WSGIDaemonProcess projectname python-path=/home/ubuntu/domain.com/projectname python-home=/home/ubuntu/domain.com/env
   WSGIProcessGroup projectname
   WSGIScriptAlias / /home/ubuntu/domain.com/projectname/projectname/wsgi.py
</VirtualHost>

Press Ctrl + X, Y, then Enter to save.

You’ll notice we’ve moved around a few things and added a new VirtualHost rule for port 443 for our HTTPS connection.

Before we can turn Apache back on, there are two things we have to enabled to have Apache running without errors. That is Apache’s SSL mod and the Rewrite mod. To do that run the following:

ubuntu@instance_name:~$ sudo a2enmod ssl
ubuntu@instance_name:~$ sudo a2enmod rewrite

That’s it; both mods are installed. All we have left to do is start our Apache server again by running:

ubuntu@instance_name:~$ sudo service apache2 start

If you load up your website using HTTP, it should now redirect to the HTTPS version.

Auto Renewing The Certificate

With our SSL certificate now installed and our HTTPS connection currently working, the last thing we’d want to set up is a way for the SSL certificates to auto-renew because Let’s Encrypt certificates are only valid for 90 days.

To renew our certificate, we’ll be leveraging cron jobs. To edit our cron jobs run the following:

ubuntu@instance_name:~$ crontab -e

Note: If this is your first time running the above command, you may be prompt to choose a way to open the file.

Once you are in the file, navigate to the bottom and enter the following:

0 0,12 * * * sudo /usr/sbin/certbot-auto -q renew

Press Ctrl + X,Y, then Enter to save.

Note: The above will make Certbot run at noon and midnight every day.

That’s it!

Previous

Submit a Comment

Your email address will not be published. Required fields are marked *