diff --git a/Pythia Instructions - Ubuntu 18.04.1 Server.txt b/Pythia Instructions - Ubuntu 18.04.1 Server.txt new file mode 100644 index 0000000..5396a22 --- /dev/null +++ b/Pythia Instructions - Ubuntu 18.04.1 Server.txt @@ -0,0 +1,125 @@ +1. Start with fresh install of Ubuntu Server 18.04.1 LTS + +2. ** instructions to uninstall Python 3.6 + +3. ** instructions to install Python 2 + +4. ** Instructions to install Mongodb + +5. ** Install Instructions for django for Python 2 + +5. ** Instructions to install Ngnix + +6. Fork the latest Pythia source from GitHub + +7. Transfer the source code to dir on Ubuntu ## Recommend to use system wide available location like /opt + +8. Install Python pip + a. Update the apt sources list by opening /etc/apt/sources.list file and adding 'universe' at the end of each line. Your sources list sould look like this: + deb http://archive.ubuntu.com/ubuntu bionic main universe + deb http://archive.ubuntu.com/ubuntu bionic-security main universe + deb http://archive.ubuntu.com/ubuntu bionic-updates main universe + b. run apt update as a root + -> sudo apt update + c. Install Python pip + -> sudo apt install python-pip + +9. Run Python server to make sure everything is configured correctly and we can create django app + a. Update the /opt/pythia/django/cryptoService/urls.py file ** Note: this is assuming that you transferred pythia folder to /opt and did not download the latest commit from BitHub + b. Your /opt/pythia/django/cryptoService/urls.py should look like this after taking out entry from patterns: + """ + URLs configured for our remote cryptographic services. + """ + from django.conf.urls import include, url + from django.contrib import admin + + urlpatterns = [ + url(r'^pythia/', include('pythiaPrfService.urls')), + ] + c. run the Python server + -> python manage.py runserver ** Note: Run this command from /opt/pythia/django folder, once again, assuming you are working of /opt directory + d. you should see output similar to this: + **** Insert Picture of Terminal ***** + Django version 1.11.16, using settings 'cryptoService.settings' + Starting development server at http://127.0.0.1:8000/ + Quit the server with CONTROL-C. + **** Insert Picture from the Browser *** + +10. Configure the crpto service so that it allowed connections from our machine + a. Edit the /opt/pythia/django/cryptoService/settings.py and add followin line + -> ALLOWED_HOSTS=[''] + +11. Configure uwsgi ****WORK ON MAKING IT PART OF SYSTEMD Servive, so it starts at system start up **** + a. Edit Paths in /opt/pythia/config/django-uwsgi.ini + set chdir to /opt/pythia/django + set socket to /opt/pythia/django/app-server.sock + b. Create a socket + -> mkfifo /opt/pythia/django/app-server.sock + c. Start the uwsgi service + -> uwsgi --ini /opt/pythia/config/django-uwsgi.ini + *** Add screen shot of spanned processes *** + +12. Configure nginx and point it to uwsgi instance created in step 10. + a. Edit /opt/pythia/config/nginx.conf and make sure all paths are correct. ** Basically you want to make sure they relate to your environment ** + b. Edit /opt/pythia/config/django-nginx.conf. This is where we point nginx to our socket created in step 10. So that it is used by django + set server to unix:///opt/pythia/django/app-server.sock + +13. Configure the nginx. Edit /opt/pythia/config/django-nginx.conf file + a. Set server_name to the ip address of your server. ***Note: This needs to be done for two server_name entries*** + b. Generate self signed certificates: + -> /usr/bin/openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes + c. Move the cert.pem to /etc/ssl/certs dir + -> sudo mv cert.pem /etc/ssl/certs/ + d. Move the key.pem to /etc/ssl/private dir + -> sudo mv cert.pem /etc/ssl/private/ + e. Edit /opt/pythia/config/django-nginx.conf file once again and set the following values for ssl + ssl_certificate /etc/ssl/certs/cert.pem; + ssl_certificate_key /etc/ssl/private/key.pem; + +14. Configure the nginx so that it is run with our nginx configuration file + a. Make a backup of original nginx configuration file + -> cd /etc/nginx + -> sudo mv nginx.conf nginx.conf.orig + b. Create a link from our nginx.conf file + -> sudo ln -s /opt/pythia/config/nginx.conf nginx.conf + c. Remove the default from nginx + -> sudo rm /etc/nginx/default + d. Finally add our django app + -> ln -s /opt/pythia/config/django-nginx.conf django.conf + e. And ask nginx to reload our configuration + -> nginx -s reload + d. If and only if nginx was not running at point e above, start it + -> service nginx start + +15. Configure the nginx to display our static page as default page. The pythia comes with simple default page that you use + a. Create a root diretory for our web server + -> sudo mkdir /wwwrooot + -> ln -s /opt/pythia/static-html/ /www/static + b. (Optional) Open the default html page, /www/static/index.html, and fix the link pointing to romote-crypto eval location to the IP address of your server. + +16. Open your browser and point it to the IP address of your server. + + ****Add Image of default Page**** + +17. Click on Remote Crypto-crypto.pythia.eval link and if you did not fix the link location in step 15 b above, fix the url in address bar of browser and point to the ip address of your server !!! + + + + + + + + + + + + + + + + + + + + + diff --git a/config/django-nginx.conf b/config/django-nginx.conf index 37b9349..b7d907a 100644 --- a/config/django-nginx.conf +++ b/config/django-nginx.conf @@ -1,7 +1,7 @@ # upstream app-server upstream django { - server unix:///home/ubuntu/pythia-server/django/app-server.sock; + server unix://opt/pythia/django/app-server.sock; } # Convert HTTP requests into HTTPS requests @@ -9,14 +9,14 @@ server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; - server_name 52.53.223.245 localhost; + server_name 192.168.200.71 localhost; rewrite ^ https://$server_name$request_uri? permanent; } server { listen 443 default_server ssl; - server_name 52.53.223.245 localhost; + server_name 192.168.200.71 localhost; # listen 80 default_server; # ssl on; @@ -31,8 +31,8 @@ server ssl_session_cache shared:SSL:1m; ssl_session_timeout 1m; - ssl_certificate /etc/ssl/certs/unified.remote-crypto.io.crt; - ssl_certificate_key /etc/ssl/private/remote-crypto.io.key; + ssl_certificate /etc/ssl/certs/cert.pem; + ssl_certificate_key /etc/ssl/private/key.pem; charset utf-8; client_max_body_size 250K; diff --git a/config/django-uwsgi.ini b/config/django-uwsgi.ini index 79b66f1..609d417 100644 --- a/config/django-uwsgi.ini +++ b/config/django-uwsgi.ini @@ -1,7 +1,7 @@ [uwsgi] # the base directory (full path) -chdir = /home/ubuntu/pythia-server/django +chdir = /opt/pythia/django # Django's wsgi file as python module # e.g. crypo.wsgi maps to the file: DIR/crypto/wsgi.py where DIR is the chdir above @@ -13,7 +13,7 @@ master = true processes = 10 # the socket (use the full path to be safe). uWSGI will create this when it starts. -socket = /home/ubuntu/pythia-server/django/app-server.sock +socket = /opt/pythia/django/app-server.sock # permissions chmod-socket = 666 diff --git a/django/cryptoService/__init__.pyc b/django/cryptoService/__init__.pyc new file mode 100644 index 0000000..52c18f4 Binary files /dev/null and b/django/cryptoService/__init__.pyc differ diff --git a/django/cryptoService/settings.py b/django/cryptoService/settings.py index 8028e85..22b2eed 100644 --- a/django/cryptoService/settings.py +++ b/django/cryptoService/settings.py @@ -16,3 +16,4 @@ MIDDLEWARE_CLASSES = () ROOT_URLCONF = 'cryptoService.urls' WSGI_APPLICATION = 'cryptoService.wsgi.application' +ALLOWED_HOSTS = ['192.168.200.71'] diff --git a/django/cryptoService/settings.pyc b/django/cryptoService/settings.pyc new file mode 100644 index 0000000..ef039a4 Binary files /dev/null and b/django/cryptoService/settings.pyc differ diff --git a/django/cryptoService/urls.py b/django/cryptoService/urls.py index 3e14a27..d2703dc 100644 --- a/django/cryptoService/urls.py +++ b/django/cryptoService/urls.py @@ -1,9 +1,9 @@ """ URLs configured for our remote cryptographic services. """ -from django.conf.urls import patterns, include, url +from django.conf.urls import include, url from django.contrib import admin -urlpatterns = patterns('', +urlpatterns = [ url(r'^pythia/', include('pythiaPrfService.urls')), -) +] diff --git a/django/cryptoService/urls.pyc b/django/cryptoService/urls.pyc new file mode 100644 index 0000000..cbdc213 Binary files /dev/null and b/django/cryptoService/urls.pyc differ diff --git a/django/cryptoService/wsgi.pyc b/django/cryptoService/wsgi.pyc new file mode 100644 index 0000000..9968ee7 Binary files /dev/null and b/django/cryptoService/wsgi.pyc differ diff --git a/django/pythiaPrfService/crypto.pyc b/django/pythiaPrfService/crypto.pyc new file mode 100644 index 0000000..17101ee Binary files /dev/null and b/django/pythiaPrfService/crypto.pyc differ diff --git a/django/pythiaPrfService/datastore.pyc b/django/pythiaPrfService/datastore.pyc new file mode 100644 index 0000000..7548176 Binary files /dev/null and b/django/pythiaPrfService/datastore.pyc differ diff --git a/django/pythiaPrfService/response.pyc b/django/pythiaPrfService/response.pyc new file mode 100644 index 0000000..5b62e96 Binary files /dev/null and b/django/pythiaPrfService/response.pyc differ diff --git a/django/pythiaPrfService/settings.pyc b/django/pythiaPrfService/settings.pyc new file mode 100644 index 0000000..52400ef Binary files /dev/null and b/django/pythiaPrfService/settings.pyc differ diff --git a/django/pythiaPrfService/urls.pyc b/django/pythiaPrfService/urls.pyc new file mode 100644 index 0000000..1f4bfb7 Binary files /dev/null and b/django/pythiaPrfService/urls.pyc differ diff --git a/django/pythiaPrfService/views.pyc b/django/pythiaPrfService/views.pyc new file mode 100644 index 0000000..ea15b3e Binary files /dev/null and b/django/pythiaPrfService/views.pyc differ