Setup python app in centos from scratch (centos 6.9+uwsgi+nginx+flask+mysql)

Initial setup

$ sudo yum update
$ sudo yum install epel-release
$ sudo yum groupinstall "Development tools"
$ sudo yum install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel telnet htop
$ sudo yum install python-devel python-virtualenv
$ sudo yum install mysql-connector-python mysql-devel mysql-server

Install Python

Download and install Python :

./configure && make && make altinstall

Install uWSGI

$ wget
$ which python2.7
$ sudo /usr/local/bin/python2.7
$ which pip2.7
$ sudo /usr/local/bin/pip2.7 install uWSGI
$ which uwsgi
$ uwsgi --version

Setup vassels

$ sudo mkdir -p /etc/uwsgi/vassels

Setup Emperor service

$ sudo vim /etc/init.d/emperor
# chkconfig: 2345 99 10
# Description: Starts and stops the emperor-uwsgi
# See how we were called.

RUNEMPEROR="/usr/local/bin/uwsgi --emperor=/etc/uwsgi/vassels"


start() {
  if [ -f /var/run/$PIDNAME ] && kill -0 $(cat /var/run/$PIDNAME); then
    echo 'Service emperor-uwsgi already running' >&2
    return 1
  echo 'Starting Emperor...' >&2
  local CMD="$RUNEMPEROR &> \"$LOGFILE\" & echo \$!"
  su -c "$CMD" > "$PIDFILE"
  echo 'Service started' >&2

stop() {
  if [ ! -f "$PIDFILE" ] || ! kill -0 $(cat "$PIDFILE"); then
    echo 'Service emperor-uwsgi not running' >&2
    return 1
  echo 'Stopping emperor-uwsgi' >&2
  kill -7 $(cat "$PIDFILE") && rm -f "$PIDFILE"
  echo 'Service stopped' >&2

status() {
    if [ ! -f "$PIDFILE" ]; then
	echo "Emperor is not running." >&2
	return 1
    	echo "Emperor (pid  `cat ${PIDFILE}`) is running..."
    	ps -ef |grep `cat $PIDFILE`| grep -v grep

case "$1" in
    echo "Usage: emperor {start|stop|restart}"
    exit 1

 Setup app user & environment

$ useradd foobar
$ usermod -md /srv/foobar foobar
$ chmod 755 /srv/foobar
$ sudo su - foobar
foobar@local~$ virtualenv --python=python2.7 ~/venv
foobar@local~$ mkdir www
foobar@local~$ mkdir logs
foobar@local~$ touch logs/uwsgi.log
foobar@local~$ touch uwsgi.ini
foobar@local~$ echo "source ~/venv/bin/activate" >> ~/.bashrc
foobar@local~$ source ~/venv/bin/activate
(venv)foobar@local~$ vim uwsgi.ini
master = true
processes = 2
socket = /tmp/foobar.sock

chdir = /srv/foobar/www
virtualenv = /srv/foobar/venv
module = app:app

uid = foobar
chown-socket = foobar:nginx
chmod-socket = 660
vacuum = true

die-on-term = true
python-autoreload = 3
py-autoreload = 1
logger = file:/srv/foobar/logs/uwsgi.log

Exit from foobar user & create uwsgi symlink

(venv)foobar@local~$ exit
$ sudo ln -s /srv/foobar/uwsgi.ini /etc/uwsgi/vassels/foobar.ini

Start emperor service & setup set the startup

$ sudo service emperor start
$ sudo chkconfig emperor on

How to move your old repo to github

Before you begin, you might want to add your ssh key into your github account.

// push master branch
$ cd /repo-directory
$ git remote rename origin bitbucket
$ git remote add origin
$ git push origin master
$ git remote rm bitbucket

// push another branch
$ git checkout develop
$ git push origin -u develop

Setup read and write samba share in vagrant centos

Tested on vagrant centos 6.9
In your vagrant machine:

$ sudo yum install samba samba-common samba-client

Setup samba config, place this config at the bottom of the file:

$ sudo vim /etc/samba/smb.conf
browseable = yes
path = /srv/foobar
guest ok = yes
public = yes
read only = no
create mask = 0644
directory mask = 0755
force user = foobar
valid users = foobar
writable = yes
$ sudo /etc/init.d/smb restart

Setup your samba user password, this password will be used for mount the directory from your local machine:

$ sudo smbpasswd -a foobar

In your local machine:

Mount the foobar project directory, enter your samba password here:

$ sudo mount -t cifs -o username=foobar,uid=1003,gid=1003 // /tmp/foobar

Explanations command line above:

1003 is the user local id, you can check it by type:

$ id
uid=1003(mylocaluser) gid=1003(mylocaluser) is the vagrant ip address

tmp/foobar is a mounted folder from original directory in vagrant

Renew ssl certificate let’s encrypt with nginx

When you hate to see your website has ssl invalid certificate and it crossed out like this:

That means you need to update ssl certificate, in this case I use let’s encrypt. I just want to get rid of the invalid ssl certificate logo that make your website looks very unprofessional 🙂

Navigate to path where you place let’s encrypt directory:

$ cd ~/letsencrypt
~/letsencrypt$ sudo ./certbot-auto renew

Finally, restart the nginx, This is using centos, so it’s gonna be like this:

$ sudo /etc/init.d/nginx restart