Installing the Back-end from Source

Installing the Requirements

First things first, install the necessary dependencies and packages, and create the installation directory.

Below you’ll also need to set your backendURL, this is very important in production.

# Example:

# Install deps
apt-get update -y
apt-get install git python3 python3-virtualenv python3-pip postgresql nginx libpq-dev -y

# Create the install directory parent and the sslcerts directory
mkdir -p "$workpath/sslcerts"

Once you’ve installed all the requirements, you can pull the latest version of the repo.

git clone $backendPath

Creating the Database (PostgreSQL)

After you’ve cloned the Git repo you need to create your PSQL database.

su postgres
/* PSQL */
CREATE ROLE interlockadmin WITH PASSWORD 'password';
CREATE DATABASE interlockdb;
ALTER ROLE interlockadmin WITH LOGIN;
ALTER DATABASE interlockdb OWNER to interlockadmin;
psql_ver=$(sudo -u postgres psql -V|awk -F " " '{print $3}'|awk -F "." '{print $1}')
echo "# Database Administrative Login for interlockadmin user with MD5" >> "/etc/postgresql/$psql_ver/main/pg_hba.conf"
echo -e "local\tall\tinterlockadmin\tmd5" >> "/etc/postgresql/$psql_ver/main/pg_hba.conf"

echo "
    \"default\": {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': 'interlockdb',
        'USER': 'interlockadmin',
        'PASSWORD': 'password', # Change the password!
        'HOST': '',  # Or an IP Address that your DB is hosted on
        'PORT': '5432',
}" > "$backendPath/interlock_backend/"

Setting up the Virtual Environment

Once the database has been created and setup you can install the python requirements, inside the virtual environment that we’ll create below.

# Create the Virtual Env
virtualenv -p python3 $backendPath

# Activate the Virtual Env
source "$backendPath/bin/activate"

# Install the requirements inside the Virtual Env
pip install -r "$backendPath/requirements.txt"

Creating an SSL Certificate

Once the requirements are installed you’ll need to create an SSL Certificate (or use your own in the corresponding path) to run the application.

sudo openssl req -x509 -subj "/CN=$(hostname)/" -nodes -days 36500 -newkey rsa:2048 -keyout "$workpath/sslcerts/privkey.pem" -out "$workpath/sslcerts/fullchain.pem"

Setting up the systemd service

After this has been completed successfully, you can create a link of the Systemd service unit and start it:

# Create a symbolic link
ln -s "$backendPath/interlock_backend/install/interlock_backend.service" /etc/systemd/system/interlock_backend.service

# Restart Daemon
systemctl daemon-reload

# Enable the service
systemctl enable interlock_backend

# Start the service
systemctl start interlock_backend

Creating an NGINX Reverse Proxy Site

Finally you’ll need a public api endpoint for your clients. For this you’ll need to create an NGINX Site and publish it.

echo \
"server {
    listen 80;
    server_name $backendURL;
    return 301 https://$backendURL\$request_uri;

server {
    listen 443 ssl;
    server_name $backendURL;
    server_name_in_redirect off;
    access_log  /var/log/nginx/access.log;
    error_log  /var/log/nginx/error.log debug;

    ssl_certificate $workpath/sslcerts/fullchain.pem;
    ssl_certificate_key $workpath/sslcerts/privkey.pem;

    add_header Allow \"GET, POST, HEAD, PUT, DELETE, OPTIONS\" always;
    add_header Cache-Control no-cache;
    if (\$request_method !~ ^(GET|POST|HEAD|PUT|DELETE|OPTIONS)\$) {
        return 405;

    location / {
        proxy_set_header Host \$host;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto \$scheme;
}" > "$workpath/interlock-backend.conf"

# Copy the file
ln -s "$workpath/interlock-backend.conf" "/etc/nginx/sites-enabled/interlock-backend.conf"

# Test nginx config
nginx -t

# Restart and Enable nginx
systemctl enable nginx && systemctl restart nginx