Installing the Back-end from Source

Due to how Django/DRF works, and how the project has been developed there is an interlock_backend folder inside the repository. This is not a mistake.

Installing the Requirements

First things first, install the necessary dependencies and packages, and create the installation directory.

Below you’ll also need to set your backendURL, this is very important in production.

workpath="/var/lib/interlock"
backendPath="/var/lib/interlock/interlock_backend"
backendURL=""
# Example: interlock-be.example.com

# Install deps
apt-get update -y
apt-get install git python3 python3-virtualenv python3-pip postgresql nginx libpq-dev -y

# Create the install directory parent and the sslcerts directory
mkdir -p "$workpath/sslcerts"

Once you’ve installed all the requirements, you can pull the latest version of the repo.

git clone https://github.com/dblanque/interlock_backend $backendPath

Creating the Database (PostgreSQL)

After you’ve cloned the Git repo you need to create your PSQL database.

Don’t forget to change the example database password if you’re in production

# SHELL CONSOLE
su postgres
psql

/* PSQL */
CREATE ROLE interlockadmin WITH PASSWORD 'password';
CREATE DATABASE interlockdb;
ALTER ROLE interlockadmin WITH LOGIN;
ALTER DATABASE interlockdb OWNER to interlockadmin;

# SHELL CONSOLE
psql_ver=$(sudo -u postgres psql -V|awk -F " " '{print $3}'|awk -F "." '{print $1}')
echo "# Database Administrative Login for interlockadmin user with MD5" >> "/etc/postgresql/$psql_ver/main/pg_hba.conf"
echo -e "local\tall\tinterlockadmin\tmd5" >> "/etc/postgresql/$psql_ver/main/pg_hba.conf"

echo "
DATABASES = {
    \"default\": {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': 'interlockdb',
        'USER': 'interlockadmin',
        'PASSWORD': 'password', # Change the password!
        'HOST': '127.0.0.1',  # Or an IP Address that your DB is hosted on
        'PORT': '5432',
    }
}" > "$backendPath/interlock_backend/local_django_settings.py"

Setting up the Virtual Environment

Once the database has been created and setup you can install the python requirements, inside the virtual environment that we’ll create below.

# Create the Virtual Env
virtualenv -p python3 $backendPath

# Activate the Virtual Env
source "$backendPath/bin/activate"

# Install the requirements inside the Virtual Env
pip install -r "$backendPath/requirements.txt"

Creating an SSL Certificate

Once the requirements are installed you’ll need to create an SSL Certificate (or use your own in the corresponding path) to run the application.

You can also change the systemd service unit file to use HTTP without any certificates

sudo openssl req -x509 -subj "/CN=$(hostname)/" -nodes -days 36500 -newkey rsa:2048 -keyout "$workpath/sslcerts/privkey.pem" -out "$workpath/sslcerts/fullchain.pem"

Setting up the systemd service

After this has been completed successfully, you can create a link of the Systemd service unit and start it:

# Create a symbolic link
ln -s "$backendPath/interlock_backend/install/interlock_backend.service" /etc/systemd/system/interlock_backend.service

# Restart Daemon
systemctl daemon-reload

# Enable the service
systemctl enable interlock_backend

# Start the service
systemctl start interlock_backend

Creating an NGINX Reverse Proxy Site

You do not need to do this in a development environment, it’s only needed in a production setting.

Finally you’ll need a public api endpoint for your clients. For this you’ll need to create an NGINX Site and publish it.

echo \
"server {
    listen 80;
    server_name $backendURL;
    return 301 https://$backendURL\$request_uri;
}

server {
    listen 443 ssl;
    server_name $backendURL;
    server_name_in_redirect off;
    access_log  /var/log/nginx/access.log;
    error_log  /var/log/nginx/error.log debug;

    ssl_certificate $workpath/sslcerts/fullchain.pem;
    ssl_certificate_key $workpath/sslcerts/privkey.pem;

    add_header Allow \"GET, POST, HEAD, PUT, DELETE, OPTIONS\" always;
    add_header Cache-Control no-cache;
    if (\$request_method !~ ^(GET|POST|HEAD|PUT|DELETE|OPTIONS)\$) {
        return 405;
    }

    location / {
        proxy_pass https://127.0.0.1:8000;
        proxy_set_header Host \$host;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto \$scheme;
    }
}" > "$workpath/interlock-backend.conf"

# Copy the file
ln -s "$workpath/interlock-backend.conf" "/etc/nginx/sites-enabled/interlock-backend.conf"

# Test nginx config
nginx -t

# Restart and Enable nginx
systemctl enable nginx && systemctl restart nginx

Last modified at Jun 8, 2023

Installing the Back-end from Source

Installing the Requirements #

Creating the Database (PostgreSQL) #

Setting up the Virtual Environment #

Creating an SSL Certificate #

Setting up the systemd service #

Creating an NGINX Reverse Proxy Site #