# Personal-site | Production [Tested on server with Hyperbola GNU + Linux-libre]

# Python dependencies

- Django
- Pillow
- psycopg2-binary
- pytz

# Production Installation

1. Clone **Personal-site**

        git clone https://gitlab.com/heckyel-ng/personal-site /path/to/site

2. Run `virtualenv`.

        cd /path/to/site && virtualenv ./venv/

3. Activate the virtualenv.

        source ./env/bin/activate

4. Install dependencies through `pip`.

        pip install -r requirements_prod.txt

# Configuration Postgres

1. Logion as postgres

        sudo su - postgres

2. Create base

        createdb namebase

3. Create User (place a password for our user)

        createuser -P username

4. Inside the database

        psql -d namebase

5. Give permissions to the created user

        GRANT ALL PRIVILEGES ON DATABASE namebase TO username;

# Conecting to Postgres

1. Copy `settings.py.example` to `settings.py` and modify.
   Make sure to uncomment the appropriate database section (either sqlite or
   PostgreSQL).

   Replace sqlite configuartion to postgres, example:

        DATABASES = {
            'default': {
                'ENGINE': 'django.db.backends.postgresql',
                'NAME': 'namebase',
                'USER': 'username',
                'PASSWORD': 'pass',
                'HOST': '127.0.0.1',
                'PORT': '5432',
            }
        }

2. Check syntax.

        ./manage.py check --deploy

3. Migrate changes.

        ./manage.py migrate

4. Create superUSER

        ./manage.py createsuperuser


# Run with Apache server and wsgi

1. Install WSGI for Apache

        sudo pacman -S mod_wsgi

2. To install mod_wsgi, add the following line in `httpd.conf`, example:

        sudo nano /etc/httpd/conf/httpd.conf

   Added line:

        LoadModule wsgi_module modules/mod_wsgi.so

3. Create vhosts, for example:

        sudo emacs /etc/httpd/conf/extra/httpd-vhosts.conf

   and inside write the configuration, example:

        <IfModule ssl_module>
            <VirtualHost *:80>
                ServerAdmin example@dominio.com
                ServerName example.com
                ServerAlias example.com

                Alias /media /path/to/site/media/
                Alias /static /path/to/site/core/static/
            <Directory /path/to/site/core/static>
                Require all granted
            </Directory>

            <Directory /path/to/site/media>
                Require all granted
            </Directory>

            <Directory /path/to/site/personalsite>
                <Files wsgi.py>
                    Require all granted
                </Files>
            </Directory>

            WSGIDaemonProcess personalsite python-home=/path/to/site/venv python-path=/path/to/site
            WSGIProcessGroup personalsite
            WSGIScriptAlias / /path/to/site/wsgi.py

            </VirtualHost>
        </IfModule>

4. Replace `ALLOWED_HOSTS = []`

   on setting.py to:

        ALLOWED_HOSTS = ["example.com", "localhost"]

5. Added on setting.py:

        STATIC_ROOT = '/path/to/site/core/static'

6. Generated files static of Admin Django (you must be inside the virtualenv).

        ./manage.py collectstatic

7. Create the media/ directory

        ```
        cd /path/to/personalsite
        ```

        ```
        mkdir media/
        ```

8. Change Permition to media/ at group http

        sudo chown -R http:http media/

9. Restart Apache server

        sudo service httpd restart

10. Done!

# Security on settings.py [SSL, HTTPS, COOKIE, etc]

```
# security.W004
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True

# security.W006
SECURE_CONTENT_TYPE_NOSNIFF = True

# security.W007
SECURE_BROWSER_XSS_FILTER = True

# security.W008
SECURE_SSL_REDIRECT = True

# security.W012
SESSION_COOKIE_SECURE = True

# security.W016、security.W017
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True

# security.W019
X_FRAME_OPTIONS = 'DENY'
```