Website setup: verschil tussen versies

Uit MakerSpace Leiden
Ga naar: navigatie, zoeken
(Om production -- update)
Regel 191: Regel 191:
== Backup ==
== Backup ==
To be done / written
This is done by the /etc/duplicity/ setup (along with everything else). It does a dump of the MySQL database
and captures the whole directory -- which includes var/media -- the uploads.

Versie van 22 jan 2019 om 13:01

On a demo/local laptop

   git clone
   cd makerspaceleiden-crm

then visit http://localhost:8000/.

Prepare for restarts when editing code with:

 source venv/bin/activate

and then do :

 python3 runsever

as needed (most changes will be picked up automatically).

Om production -- update

Check that you are in the 'crmadmin' group. Then:

 cd /usr/local/makerspaceleiden-crm
 git pull <right version and branch>

Activate the right vertual environment (rebuild with python3 -menv venv):

 source venv/bin/activate

If needed - make a backup of the database with either

 python3 dumpdata:

or (passowrd in makerspaceleiden/my.cnf):

 mysqldump -u mslcrmuser  -p mslcrm

Check for any new static stuff & updates:

 pip3 install -r requirements.txt 

Next migrate the database if needed:

 python3 makemigrations
 python3 migrate

If the asset changes - then also run the collect static:

 python3 collectstatic --dry-run --noinput

examine the output and then either rerun the command or manually adjust.

And finally restart the webserver:

  sudo apachectl restart

NOTE: var/media contains the images.

So while you can actually wack & redo the entire setup - you will need to preserve var/media. (Perhaps we should move var/media to /var/media - fully outside the tree - as it is also the only thing that 'www-data' can write to.

In production - setup from zero

Note: pretty much everything below is stock/totally-standard django/python Standard Operating Procedure (except for the chmod/chgrp on the var/media upload).

Make sure the baseline tools are present:

  sudo apt-get install python3 libmysqlclient  default-libmysqlclient-dev msmtp-mta apache2 libapache2-mod-uwsgi

The default-libmysqlclient-dev module is needed as pip3 wants mysqlconfig - which is not in the baseline libmysqlclient.

Initial checkout of code:

   cd /usr/local
   git clone

Make evertyin group owned (crmadmin) and add that group to the accounts of those that need to maintain it.

Create random seed

   openssl rand 128 > /etc/crm_secret_key.txt
   chmod 640 /etc/crm_secret_key.txt
   chgrp www-data /etc/crm_secret_key.txt

Allow storing of uploads in media by the suid that the webserver runs as:

   mkdir -p var/media
   chown www-data var/media

Allow server to rotate/recreate logfiles on the fly

   mkdir /var/log/crm
   chown www-data:crmadmin /var/log/crm
   chmod 770 /var/log/crm

Prepare env for python and pull in the various dependencies.

   python3 -mvenv venv
   source ./venv/bin/activate
   pip3 install -r requirements

Set up the framework

   cd makerspaceleiden
   ln -s
   cat > makerspaceledien/my.cnf <<EOM
   database = mslcrm
   user = mslcrmuser
   password = XXXX-passowrd-XXX
   default-character-set = utf8

Create database & user

   mysql (suply database admin arguments as and when needed)
   create database mslcrm;
   create user 'mslcrmuser'@'localhost' identified by 'XXXX-passowrd-XXX';
   grant all priveleges on mslcrm.* to 'mslcrmuser'@'localhost';
   flush priveleges;

Check for issues, init and build database & site

   python3 check --deploy
   python3 makemigrations
   python3 migrate
   python3 collectstatic

Check that email works:

  python3 sendtestemail

Create temp super user so you can log into complete the setup

   python3 createsuperuser

Create apache config

   cat > /etc/apache2/sites-available/crm.conf <<EOM
   WSGIScriptAlias /crm /usr/local/makerspaceleiden-crm/makerspaceleiden/  process-group=crm
   WSGIDaemonProcess crm python-home=/usr/local/makerspaceleiden-crm/venv python-path=/usr/local/makerspaceleiden-crm/
   WSGIProcessGroup  crm 
   Alias /crm-static/ /usr/local/makerspaceleiden-crm/static/
   Alias /media/      /usr/local/makerspaceleiden-crm/var/media/
   <Directory /usr/local/makerspaceleiden-crm/>
        Require all granted
   <Directory /usr/local/makerspaceleiden-crm/static>
           Options None
           order deny,allow
           allow from all
           Require all granted
   <Directory /usr/local/makerspaceleiden-crm/var/media>
           Options None
           order deny,allow
           allow from all
           Require all granted

Activate this setup

   ln -s /etc/apache2/sites-available/crm.conf  /etc/apache2/sites-active/crm.conf 

Start server and keep an eye on the log:

   apacheclt configtest
   apachectl restart
   tail -F /var/log/apache2/error.log

Now go to and create the initial members/structure. Assign the trustees the super user permission; then delete the temporary admin you made.

Logfile retention

Configured in 'prod' settings - few MBs/days of logs is kept & then rotated out/deleted using the standard RotatingLogging handler.

See for details.

Cleanup and reminder crons

To be configured/written


This is done by the /etc/duplicity/ setup (along with everything else). It does a dump of the MySQL database and captures the whole directory -- which includes var/media -- the uploads.