Bank Transaction Tracker Installation

How to Install Bank Transaction Tracker

How to Install a Bank Transaction Tracker Production Environment

The following assumes your server is running Ubuntu 20.04 and you have a user account named 'ubuntu'. However the procedure for other Linux distributions will be similar.

Docker:

Install Docker and Docker Compose as per https://docs.docker.com/

Enable IPv6 in docker as per https://docs.docker.com/

Docker Containers:

$ sudo mkdir /opt/btt
$ sudo chown -R ubuntu:ubuntu /opt/btt
$ cd /opt/btt
$ wget --no-cache https://raw.githubusercontent.com/galojix/bank-transaction-tracker/master/docker-compose.yml
$ wget --no-cache https://raw.githubusercontent.com/galojix/bank-transaction-tracker/master/docker-compose.production.yml
$ mv docker-compose.production.yml docker-compose.override.yml
$ touch .env_prod_db

Add the following to .env_prod_db:

POSTGRES_DB=postgres
POSTGRES_USER=postgres
POSTGRES_PASSWORD=<insert DB password here>
$ touch .env_prod_web

Add the following to .env_prod_web:

FLASK_APP=app.py
FLASK_DEBUG=0
FLASK_ENV=production
FLASK_CONFIG=production
DEV_DATABASE_URL=postgresql://postgres:<insert DB password here>@db:5432/postgres
SECRET_KEY=<insert any text here for now>
MAIL_SERVER=localhost
MAIL_PORT=25

Start docker containers:

$ docker-compose up -d

Flask:

$ cd /opt/btt
$ docker-compose exec web flask db upgrade
$ docker-compose exec web flask newdb

Secret key:

Generate secret key:

$ cd /opt/btt
$ docker exec -it btt_web_1 bash
/btt# python
>>> import os
>>> os.urandom(24)
'<secret key will appear here>'
Ctrl-D
exit

Add new secret key to .env_prod_web

Restart docker containers:

$ docker-compose down
$ docker-compose up -d

Nginx:

$ sudo apt install nginx
$ sudo systemctl enable nginx.service
$ sudo touch /etc/nginx/conf.d/<insert full domain name of site here>.conf

Add to /etc/nginx/conf.d/<insert full domain name of site here>.conf:

upstream gunicorn {
    server [::1]:8000;
}
 
server {
 
    listen 80;
    listen [::]:80;
    server_name <insert full domain name of site here>;
 
    location / {
        proxy_bind ::1;
        proxy_pass http://gunicorn;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_redirect off;
    }
$ sudo rm /etc/nginx/sites-enabled/default
$ sudo nginx -t
$ sudo systemctl restart nginx.service

Certbot:

This will make nginx SSL only

Install certbot as per https://certbot.eff.org/instructions:

$ sudo snap install --classic certbot
$ sudo certbot --nginx

Browser:

Navigate to https://<insert_full_domain_name_of_site_here>.

Application:

Log in using the demo account (password is demo)

Change the demo password immediately !!!!