Server Setup

This document assumes the server is running the following OS :

Debian GNU/Linux 6.0 (Squeeze) / AMD64

We also assume to have a user called web which handles the Django application.

First deployement

Make sure the web user can access the main git repository on the developement server using a RSA key.

To install for the first time on a production environement, run:

fab prodenv meta_full_bootstrap

Web servers configuration

Apache

We run Django using Apache2/WSGI.

The following changes are still needed by hand before deploying, in ‘ports.conf’. Replace:

NameVirtualHost *:80
Listen 80

by:

NameVirtualHost *:8281
Listen 8281

Production configuration file

<VirtualHost *:8281>

    ServerAdmin     contact@si7v.fr
    ServerName      www.imaginationforpeople.org
    ServerAlias     prod.imaginationforpeople.com imaginationforpeople.com www.imaginationforpeople.com imaginationforpeople.org admin.imaginationforpeople.org i4p-prod.imaginationforpeople.org

    RewriteEngine on
    RewriteCond %{HTTP_HOST} imaginationforpeople.com
    RewriteRule ^(.*)$ http://imaginationforpeople.org$1 [L]

    RewriteCond %{HTTP_HOST} admin.imaginationforpeople.org
    RewriteRule ^(.*)$ http://imaginationforpeople.org/admin/$1 [L]

    CustomLog       /var/log/apache2/www.imaginationforpeople.org.log combined env=!dontlog
    ErrorLog        /var/log/apache2/www.imaginationforpeople.org.error.log
    LogLevel warn
    
    WSGIScriptAlias / /home/www/virtualenvs/imaginationforpeople.org/imaginationforpeople/apache/prod.wsgi
    WSGIProcessGroup prodwebapp
    WSGIDaemonProcess prodwebapp
    WSGIPassAuthorization On

    # wiki
    Alias /wiki /home/www/wiki/

    <Location "/wiki">
        SetHandler None
        Options -Indexes FollowSymLinks
    </Location>

</VirtualHost>


Staging configuration file

<VirtualHost *:80>

    ServerAdmin     guillaumelibersat@imaginationforpeople.org

    ServerName staging.imaginationforpeople.org

    WSGIProcessGroup webapp
    WSGIDaemonProcess webapp
    WSGIPassAuthorization On


    WSGIScriptAlias / /home/webapp/virtualenvs/imaginationforpeople.org/imaginationforpeople/apache/staging.wsgi/

    <Location "/">
        Order Allow,Deny
        Allow from all
    </Location>


    <Directory /home/webapp/virtualenvs/imaginationforpeople.org/imaginationforpeople/media/>
        Options -Indexes FollowSymLinks
    </Directory>

    <Location "/site_media">
        SetHandler None
    </Location>

    Alias /site_media /home/webapp/virtualenvs/imaginationforpeople.org/imaginationforpeople/media/

    # Static
    <Directory /home/webapp/virtualenvs/imaginationforpeople.org/imaginationforpeople/static/>
        Options -Indexes FollowSymLinks
    </Directory>

    <Location "/static">
        SetHandler None
    </Location>

    Alias /static /home/webapp/virtualenvs/imaginationforpeople.org/imaginationforpeople/static/



    <Location "/admin_media">
        SetHandler None
        Options -Indexes FollowSymLinks
    </Location>

    Alias /admin_media /home/webapp/virtualenvs/imaginationforpeople.org/lib/python2.6/site-packages/django/contrib/admin/media/

    ErrorLog /var/log/apache2/staging.imaginationforpeople.org.error.log
    CustomLog /var/log/apache2/staging.imaginationforpeople.org.access.log combined
    LogLevel warn

</VirtualHost>


Ngnix

Static files are handled by Nginx.

Database server configuration

Postgresql

Access control

From the file /etc/postgresql/8.4/main/pg_hba.conf, update the following line:

# "local" is for Unix domain socket connections only
local   all         all                       ident

with:

# "local" is for Unix domain socket connections only
local   all         all                       md5

User password

Change the ‘imaginationforpeople’ user password using the following commands:

web@i4p-prod:~$ sudo su postgres -c psql template1
postgres=# ALTER USER imaginationforpeople with PASSWORD 'THE-NEW-PASSWORD';

Setting-up the app

As web:

web@i4p-prod:~$ mkdir virtualenvs
web@i4p-prod:~$ cd virtualenvs/
web@i4p-prod:~/virtualenvs$ virtualenv --no-site-packages imaginationforpeople.org

then clone the app:

web@i4p-prod:~/virtualenvs$ cd imaginationforpeople.org/
web@i4p-prod:~/virtualenvs/imaginationforpeople.org$ git clone ssh://webapp@code.imaginationforpeople.com/var/repositories/imaginationforpeople.git