Django on AWS Lightsail

Create an Instance

  • You can also automate snapshots by using “Enable Automatic Snapshots”. It will be useful if you want to change your instance with better specifications or move your project to EC2.
  • Remember to create an SSH key pair and save it in a safe place. You won’t be able to download it again. It will help you to connect to your instance remotely. However, LightSail also has an option to connect to your instance using Web SSH. It is quite useful when you want to make some small changes and you don’t have your computer with you.

Initial Setup

ssh -i ozan.pem ubuntu@18.244.234.42
# Virtual Environment Directory
/home/ubuntu/env

# Django Application Directory
/home/ubuntu/ozan

# Public IP Address of Instance
18.244.234.42
# Update Ubuntu
sudo apt-get update
sudo apt-get upgrade
# Install Python and Virtualenv
sudo apt install python3-pip
pip3 install virtualenv
# Install apache and wsgi
sudo apt install apache2 libapache2-mod-wsgi-py3
# Optional: Install git if you want to track your project
sudo apt install git-all
# Reboot the instance and upgrade fully
sudo reboot
sudo apt full-upgrade
# Create a New Virtual Environment
python3 -m virtualenv env
source env/bin/activate
python -m pip install --upgrade pip
# Locate your requirements file and install
pip install -r requirements.txt

Bring Your Project via Git

git clone https://github.com/ozntel/Django-Blog-Application.git# Navigate to your project folder and complete migrations
python manage.py makemigrations
python manage.py migrate

# Optional: If you are using caching through database, create the table:
python manage.py createcachetable
# Edit hosts in Settings.py and add public ip of your instance:
ALLOWED_HOSTS = ['18.244.234.42']
# Optional: comment out the below settings from your settings.py if
you have in your project since we will first deploy HTTP:
SECURE_SSL_REDIRECT = True
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True
sudo vim ~/.bashrc 
# add the line below
source /home/ubuntu/env/bin/activate

Apache HTTP Setup

# Create a configuration file for Django in Apache sudo nano /etc/apache2/sites-available/django.conf
<VirtualHost *:80>	
ServerAdmin admin@18.244.234.42
ServerName 18.244.234.42
ServerAlias www.18.244.234.42
DocumentRoot /home/ubuntu/ozan
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ubuntu/ozan/ozan>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIDaemonProcess ozan python-path=/home/ubuntu/ozan python-home=/home/ubuntu/env
WSGIProcessGroup ozan
WSGIScriptAlias / /home/ubuntu/ozan/ozan/wsgi.py
</VirtualHost>
cd /etc/apache2/sites-available 
sudo a2ensite django.conf
sudo systemctl reload apache2 
#If apache doesn't reload, you might want to try to start:
sudo systemctl start apache2
sudo ufw allow 'Apache Full'
sudo chmod 664 /home/ubuntu/ozan/db.sqlite3
sudo chown www-data:www-data /home/ubuntu/ozan/db.sqlite3
sudo chown www-data:www-data /home/ubuntu/ozan
sudo chmod 777 /home/ubuntu/ozan

SSL Setup HTTPS

www     14400     A      18.244.234.42
sudo nano /etc/apache2/sites-available/django.conf
<VirtualHost *:80>	
ServerAdmin admin@ozan.pl
ServerName www.ozan.pl
ServerAlias www.ozan.pl
DocumentRoot /home/ubuntu/ozan
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ubuntu/ozan/ozan>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIDaemonProcess ozan python-path=/home/ubuntu/ozan python-home=/home/ubuntu/env
WSGIProcessGroup ozan
WSGIScriptAlias / /home/ubuntu/ozan/ozan/wsgi.py
</VirtualHost>
sudo apt install certbot
sudo apt-get install python3-certbot-apache
#WSGIDaemonProcess ozan python-path=/home/ubuntu/ozan  python-home=/home/ubuntu/env
sudo certbot --authenticator standalone \
--installer apache \
-d www.ozan.pl \
--pre-hook "apachectl stop" \
--post-hook "apachectl start"
Congratulations! You have successfully enabled https://www.ozan.pl

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=www.ozan.pl
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/www.ozan.pl/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/www.ozan.pl/privkey.pem
Your cert will expire on 2021-03-19. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

- We were unable to subscribe you the EFF mailing list because your
e-mail address appears to be invalid. You can try again later by
visiting https://act.eff.org.
WSGIDaemonProcess ozan python-path=/home/ubuntu/ozan  python-home=/home/ubuntu/env
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store