Installing the Back-end from Source
Installing the Requirements
First things first, install the necessary dependencies and packages, and create the installation directory.
Below you’ll also need to set your backendURL, this is very important in production.
workpath="/var/lib/interlock"
backendPath="/var/lib/interlock/interlock_backend"
backendURL=""
# Example: interlock-be.example.com
# Install deps
apt-get update -y
apt-get install git python3 python3-virtualenv python3-pip postgresql nginx libpq-dev -y
# Create the install directory parent and the sslcerts directory
mkdir -p "$workpath/sslcerts"
Once you’ve installed all the requirements, you can pull the latest version of the repo.
git clone https://github.com/dblanque/interlock_backend $backendPath
Creating the Database (PostgreSQL)
After you’ve cloned the Git repo you need to create your PSQL database.
# SHELL CONSOLE
su postgres
psql
/* PSQL */
CREATE ROLE interlockadmin WITH PASSWORD 'password';
CREATE DATABASE interlockdb;
ALTER ROLE interlockadmin WITH LOGIN;
ALTER DATABASE interlockdb OWNER to interlockadmin;
# SHELL CONSOLE
psql_ver=$(sudo -u postgres psql -V|awk -F " " '{print $3}'|awk -F "." '{print $1}')
echo "# Database Administrative Login for interlockadmin user with MD5" >> "/etc/postgresql/$psql_ver/main/pg_hba.conf"
echo -e "local\tall\tinterlockadmin\tmd5" >> "/etc/postgresql/$psql_ver/main/pg_hba.conf"
echo "
DATABASES = {
\"default\": {
'ENGINE': 'django.db.backends.postgresql',
'NAME': 'interlockdb',
'USER': 'interlockadmin',
'PASSWORD': 'password', # Change the password!
'HOST': '127.0.0.1', # Or an IP Address that your DB is hosted on
'PORT': '5432',
}
}" > "$backendPath/interlock_backend/local_django_settings.py"
Setting up the Virtual Environment
Once the database has been created and setup you can install the python requirements, inside the virtual environment that we’ll create below.
# Create the Virtual Env
virtualenv -p python3 $backendPath
# Activate the Virtual Env
source "$backendPath/bin/activate"
# Install the requirements inside the Virtual Env
pip install -r "$backendPath/requirements.txt"
Creating an SSL Certificate
Once the requirements are installed you’ll need to create an SSL Certificate (or use your own in the corresponding path) to run the application.
sudo openssl req -x509 -subj "/CN=$(hostname)/" -nodes -days 36500 -newkey rsa:2048 -keyout "$workpath/sslcerts/privkey.pem" -out "$workpath/sslcerts/fullchain.pem"
Setting up the systemd service
After this has been completed successfully, you can create a link of the Systemd service unit and start it:
# Create a symbolic link
ln -s "$backendPath/interlock_backend/install/interlock_backend.service" /etc/systemd/system/interlock_backend.service
# Restart Daemon
systemctl daemon-reload
# Enable the service
systemctl enable interlock_backend
# Start the service
systemctl start interlock_backend
Creating an NGINX Reverse Proxy Site
Finally you’ll need a public api endpoint for your clients. For this you’ll need to create an NGINX Site and publish it.
echo \
"server {
listen 80;
server_name $backendURL;
return 301 https://$backendURL\$request_uri;
}
server {
listen 443 ssl;
server_name $backendURL;
server_name_in_redirect off;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
ssl_certificate $workpath/sslcerts/fullchain.pem;
ssl_certificate_key $workpath/sslcerts/privkey.pem;
add_header Allow \"GET, POST, HEAD, PUT, DELETE, OPTIONS\" always;
add_header Cache-Control no-cache;
if (\$request_method !~ ^(GET|POST|HEAD|PUT|DELETE|OPTIONS)\$) {
return 405;
}
location / {
proxy_pass https://127.0.0.1:8000;
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
}
}" > "$workpath/interlock-backend.conf"
# Copy the file
ln -s "$workpath/interlock-backend.conf" "/etc/nginx/sites-enabled/interlock-backend.conf"
# Test nginx config
nginx -t
# Restart and Enable nginx
systemctl enable nginx && systemctl restart nginx