Bank Transaction Tracker Installation

How to Install Bank Transaction Tracker

How to Install a Bank Transaction Tracker Production Environment

The following assumes your server is running Ubuntu 20.04 and you have a user account named 'ubuntu'. However the procedure for other Linux distributions will be similar.

Docker:

Install Docker and Docker Compose as per https://docs.docker.com/

Enable IPv6 in docker as per https://docs.docker.com/

Docker Containers:

sudo mkdir /opt/btt
sudo chown -R ubuntu:ubuntu /opt/btt
cd /opt/btt
wget --no-cache https://raw.githubusercontent.com/galojix/bank-transaction-tracker/master/docker-compose.yml
wget --no-cache https://raw.githubusercontent.com/galojix/bank-transaction-tracker/master/docker-compose.production.yml
mv docker-compose.production.yml docker-compose.override.yml
touch .env_prod_db

Add the following to .env_prod_db:

POSTGRES_DB=postgres
POSTGRES_USER=postgres
POSTGRES_PASSWORD=<insert DB password here>
touch .env_prod_web

Add the following to .env_prod_web:

FLASK_APP=app.py
FLASK_DEBUG=0
FLASK_ENV=production
FLASK_CONFIG=production
DATABASE_URL=postgresql://postgres:<insert DB password here>@db:5432/postgres
SECRET_KEY=<insert any text here for now>
MAIL_SERVER=localhost
MAIL_PORT=25

Start docker containers:

docker compose up -d

Flask:

cd /opt/btt
docker compose exec web flask db upgrade
docker compose exec web flask newdb

Secret key:

Generate secret key:

cd /opt/btt
docker exec -it btt_web_1 bash
python
import os
os.urandom(24)
'<secret key will appear here>'
Ctrl-D
exit

Add new secret key to .env_prod_web

Restart docker containers:

docker compose down
docker compose up -d

Nginx:

sudo apt install nginx
sudo systemctl enable nginx.service
sudo touch /etc/nginx/conf.d/<insert full domain name of site here>.conf

Add to /etc/nginx/conf.d/<insert full domain name of site here>.conf:

upstream gunicorn {
    server [::1]:8000;
}
 
server {
 
    listen 80;
    listen [::]:80;
    server_name <insert full domain name of site here>;
 
    location / {
        proxy_bind ::1;
        proxy_pass http://gunicorn;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_redirect off;
    }
sudo rm /etc/nginx/sites-enabled/default
sudo nginx -t
sudo systemctl restart nginx.service

Certbot:

This will make nginx SSL only

Install certbot as per https://certbot.eff.org/instructions:

sudo snap install --classic certbot
sudo certbot --nginx

Browser:

Navigate to https://<insert_full_domain_name_of_site_here>.

Application:

Log in using the demo@demo.demo account (password is demo)

Change the demo password immediately !!!!