The following assumes your server is running Ubuntu 20.04 and you have a user account named 'ubuntu'. However the procedure for other Linux distributions will be similar.
Docker:
Install Docker and Docker Compose as per https://docs.docker.com/
Enable IPv6 in docker as per https://docs.docker.com/
Docker Containers:
$ sudo mkdir /opt/btt $ sudo chown -R ubuntu:ubuntu /opt/btt $ cd /opt/btt $ wget --no-cache https://raw.githubusercontent.com/galojix/bank-transaction-tracker/master/docker-compose.yml $ wget --no-cache https://raw.githubusercontent.com/galojix/bank-transaction-tracker/master/docker-compose.production.yml $ mv docker-compose.production.yml docker-compose.override.yml $ touch .env_prod_db
Add the following to .env_prod_db:
POSTGRES_DB=postgres POSTGRES_USER=postgres POSTGRES_PASSWORD=<insert DB password here>
$ touch .env_prod_web
Add the following to .env_prod_web:
FLASK_APP=app.py FLASK_DEBUG=0 FLASK_ENV=production FLASK_CONFIG=production DEV_DATABASE_URL=postgresql://postgres:<insert DB password here>@db:5432/postgres SECRET_KEY=<insert any text here for now> MAIL_SERVER=localhost MAIL_PORT=25
Start docker containers:
$ docker-compose up -d
Flask:
$ cd /opt/btt $ docker-compose exec web flask db upgrade $ docker-compose exec web flask newdb
Secret key:
Generate secret key:
$ cd /opt/btt $ docker exec -it btt_web_1 bash /btt# python >>> import os >>> os.urandom(24) '<secret key will appear here>' Ctrl-D exit
Add new secret key to .env_prod_web
Restart docker containers:
$ docker-compose down $ docker-compose up -d
Nginx:
$ sudo apt install nginx $ sudo systemctl enable nginx.service $ sudo touch /etc/nginx/conf.d/<insert full domain name of site here>.conf
Add to /etc/nginx/conf.d/<insert full domain name of site here>.conf:
upstream gunicorn { server [::1]:8000; } server { listen 80; listen [::]:80; server_name <insert full domain name of site here>; location / { proxy_bind ::1; proxy_pass http://gunicorn; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_redirect off; }
$ sudo rm /etc/nginx/sites-enabled/default $ sudo nginx -t $ sudo systemctl restart nginx.service
$ sudo snap install --classic certbot $ sudo certbot --nginx
Browser:
Navigate to https://<insert_full_domain_name_of_site_here>.
Application:
Log in using the demo account (password is demo)
Change the demo password immediately !!!!