Deployments
Berikut adalah cara melakukan Deployment secara manual, tanpa menggunakan container.
Prerequisites
- Virtual Machine 2vCPU 2GB RAM
- Debian 12
Introdution
- HTTP requests first hit Nginx (a web server)
- Nginx handles static files directly
- For dynamic content, requests are passed to WSGI (Web Server Gateway Interface)
- WSGI standardizes communication between the web server and Python
- Python processes the request and returns values
- The response flows back through WSGI and Nginx to the client
Setup Firewall
UFW (Uncomplicated Firewall) is a simplified firewall management interface for Linux systems, particularly popular on Ubuntu and Debian-based distributions. It acts as a user-friendly layer on top of the more complex iptables firewall system.
sudo apt update
sudo apt install ufw
sudo ufw allow ssh
sudo ufw allow 8000/tcp
Setup SSH Local and Server
SSH (Secure Shell) is a cryptographic network protocol that provides a secure way to access and manage network devices and servers remotely.
ssh-keygen -t rsa -b 4096
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub
Setup Postgres dan Redis
sudo apt install -y python3-dev python3-pip python3-venv
python3 --version
pip3 --version
sudo apt install -y postgresql postgresql-contrib
sudo systemctl start postgresql
sudo systemctl enable postgresql
sudo systemctl status postgresql
sudo apt install -y redis-server
sudo systemctl start redis-server
sudo systemctl enable redis-server
sudo systemctl status redis-server
Setup Postgres User and Database
CREATE USER newuser WITH PASSWORD 'your_secure_password';
ALTER USER newuser WITH SUPERUSER;
CREATE DATABASE newdatabase;
GRANT ALL PRIVILEGES ON DATABASE newdatabase TO newuser;
ALTER DATABASE newdatabase OWNER TO newuser;
\q
exit
Setup Gunicorn
pip install gunicorn
gunicorn --workers 3 --bind 0.0.0.0:8000 core.wsgi:application
Systemd file setup
The initialization system and service manager for Linux that starts first during boot (PID 1), controls the entire boot process, and manages system services throughout operation.
Systemctl
The command-line tool used to control SystemD, allowing users to start, stop, restart, enable, and check status of system services with simple commands.
[Unit]
Description=App name
After=network.target
[Service]
User=your_user
Group=your_group
WorkingDirectory=/home/username/app
ExecStart=/home/username/app/.venv/bin/gunicorn --workers 3 --bind 0.0.0.0:8000 core.wsgi:application
Restart=always
[Install]
WantedBy=multi-user.target
[Unit]
Description=App name worker
After=network.target
[Service]
User=your_user
Group=your_group
WorkingDirectory=/home/username/app
ExecStart=/home/username/app/.venv/bin/python manage.py run_huey --workers 8
Restart=always
[Install]
WantedBy=multi-user.target
sudo systemctl enable app-web
sudo systemctl start app-web
sudo systemctl status app-web
sudo systemctl enable app-worker
sudo systemctl start app-worker
sudo systemctl status app-worker
Settings up Nginx as Reverse Proxy
sudo apt install nginx
Setup server block
server {
listen 80;
server_name your-domain.com www.your-domain.com;
location /static/ {
root /path/to/your/django/project;
}
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
sudo ln -s /etc/nginx/sites-available/devscaleid.dev /etc/nginx/sites-enabled
sudo nginx -t
sudo systemctl restart nginx
Setup Certbot
sudo apt update
sudo apt install certbot
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com