Last project of Udacity's Full Stack Web Developer NanoDegree

You will take a baseline installation of a Linux server and prepare it to host your web applications. You will secure your server from a number of attack vectors, install and configure a database server, and deploy one of your existing web applications onto it.

You will learn how to access, secure, and perform the initial configuration of a bare-bones Linux server. You will then learn how to install and configure a web and database server and actually host a web application.

• Public IP Address : http://13.126.217.180/
• SSH Port : 2200

To complete this project, you'll need a Linux server instance. It is recommended using Amazon Lightsail for this. If you don't already have an Amazon Web Services account, you'll need to set one up. Once you've done that, here are the steps to complete this project :

Start a new Ubuntu Linux server instance on Amazon Lightsail.To get started with lightsail follow the following instructions :

• First, log in to Lightsail. If you don't already have an Amazon Web Services account, you'll be prompted to create one
• Once you're logged in create an instance.
• Choose an instance type.For this project, you'll need to select Ubuntu.
• Choose your instance plan.
• Give your instance a hostname.
• Wait for it to start up.It may take a few minutes for your instance to start up.
• Once your instance has started up, you can log into it with SSH from your browser

• Update all currently installed packages using sudo apt-get update command
• Upgrade all packages sudo apt-get upgrade
• Change SSH port from 22 to 2200. First add custom port 2200 on Lightsail. Login with port 22 using the command ssh ubuntu@public_ip -i private key -p 22 , Run sudo nano /etc/ssh/sshd_config.Change the port from 22 to 2200. Once you're done restart sshd : sudo service sshd restart . Exit and try to ssh again without specifying a port, if all went well you should get an error. Then ssh using port -p 2200
• Configure the Uncomplicated Firewall (UFW) to only allow incoming connections for SSH (port 2200), HTTP (port 80), and NTP (port 123)
  • To allow port 2200 sudo ufw allow 2200/tcp
  • To allow port 80 sudo ufw allow 80/tcp
  • To allow port 123 sudo ufw allow 123/tcp
  • To enable firewall sudo ufw enable
  • To check status of firewall sudo ufw status

• Create a new user account named grader using the command sudo adduser grader
• Give grader the permission to sudo using sudo usermod -aG sudo grader
• Setup An ssh key for user grader. Follow the instructions given :
  • Switch to user grader using the command su grader
  • Now create a .ssh directory using mkdir ~/.ssh
  • To copy the key into our new folder run sudo cp /home/ubuntu/.ssh/authorized_keys ~/.ssh/
  • Change ownership rights using sudo chown grader:grader /home/grader/.ssh/authorized_keys
  • For additional security run sudo chmod 700 /home/grader/.ssh .

• Run sudo timedatectl set-timezone UTC to Configure the local timezone to UTC.

• Install Apache: sudo apt-get install apache2

  Install the libapache2-mod-wsgi package: sudo apt-get install libapache2-mod-wsgi

• Install and configure PostgreSQL using command sudo apt-get install postgresql
• Install python-pip using sudo apt-get install python-pip
• Install other dependancies like psycopg2, sqlalchemy, oauth2client, flask, requests, bleach using sudo pip install flask bleach oauth2client psycopg2 sqlalchemy requests command, each seperated by a space.
• Create a new database user named xyz using postgresql that has limited permissions to your catalog application database.
• Install git using sudo apt-get install git

• Clone and setup your Item Catalog project from the Github repository you created earlier in this Nanodegree program
• Carefully check and change all the dependencies to postgresql from sqlite.
• Set it up in your server so that it functions correctly when visiting your server’s IP address in a browser. Make sure that your .git directory is not publicly accessible via a browser!

The content of this program is licensed under a Creative Common Attribution