the fact of real shit

SSL implementation for Django project in custom port

Here I’m going to implement SSL in Django project which will access through custom port. To do this I’m going to use Apache, for SSL I’m going to use letsencrypt and my Django project containerize in docker. I’m going to bring content through Apache proxy technique.

First of all we need to execute (any) Django project. Please follow Create Docker Container for Hello World with Django and uWsgi Server to create a simple Hello World Django project. We are going to uwsgi socket instead of http server. So, in Dockerfile last line need to change as follows –

ENTRYPOINT ["uwsgi", "--socket", ":9000", "--workers", "4", "--master", "--enable-threads", "--module", "helloworlddjango.wsgi"]

Now we have our project up and running. Now in Apache create entry for our domain and using certbot of letsencrypt install SSL. Please point document root in any safe location, we will use that document root to install SSL and then we will point our uWsgi server to bring content from our project. There has a lot of resource in internet to achieve this. Please configure such way that domain will redirect non-ssl to ssl url automatically.

After successfully access of domain securely we can move to change SSL port. To do this we need to change listen of Apache configuration. In my server I need to change /etc/apache2/ports.conf (it may vary server to server). Following commands need to use to access custom port –

<IfModule ssl_module>
	Listen 443
	Listen 59222
</IfModule>

Now we need to install “libapache2-mod-proxy-uwsgi” module to access content through Apache proxy technique.

sudo apt-get install libapache2-mod-proxy-uwsgi

Also we need to enable proxy at apache2

sudo a2enmod proxy
sudo a2enmod proxy_uwsgi

We are ready to access our Django project content. We need to append following configuration into our domain configuration of Apache server. In my case file location is /etc/apache2/sites-enabled/helpabodessltest.shahadathossain.com-le-ssl.conf

SSLProxyEngine on
SSLProxyVerify none 
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off

ProxyRequests Off
ProxyPreserveHost On
ProxyPass / uwsgi://127.0.0.1:9000/ keepalive=On
ProxyPassReverse / uwsgi://127.0.0.1:9000/

Please note, we need to put these code inside “VirtualHost” block. Also need to change “VirtualHost” tag like as follows –

<VirtualHost *:59222>

Also we can put redirect code in Apache from http to https with custom port like following code. Note that we need to put this code into general (80) configuration of the domain (also inside VirtualHost block)

RewriteEngine on
RewriteCond %{SERVER_NAME} =helpabodessltest.shahadathossain.com
RewriteRule ^ https://%{SERVER_NAME}:59222%{REQUEST_URI} [END,NE,R=permanent]

That’s all, we need to restart Apache server. If everything goes fine we can visit our domain with custom port to see “Hello World” output in browser. Thanks.

Posted in apache, PythonTagged ,

Create Docker Container for Hello World with Django and uWsgi Server

I was searching a Hello World implementation for Django of Python in Docker container, but can’t find any good resource at online. So, I plan to code it myself and document it.

This is pure Docker implementation, you don’t need to create any project for Django. You just need Dockerfile to see “Hello World” at browser which powered by Django and uWsgi module.

Here is high level explanation that I’m going TODO –

  • Python, Pip and setuptools installation and upgrade
  • Create requirement.txt file
  • Execute requirement.txt file with Pip
  • Create Django project
  • Modify project settings to allow our domain in Django
  • Replace project’s urls.py to send “Hello World” string to output
  • Code to run server through uWsgi module

Entire steps I’ll do into a single Dockerfile, which we need to build and run through Docker. Here is step by step implementation of Dockerfile.

FROM python:3.11.3
WORKDIR /code
RUN pip install --upgrade pip
RUN pip install setuptools
RUN pip install -U setuptools

Its pretty straight forward, we are using Python 3.11.3 and install Pip and setuptools here.

RUN echo "Django==4.2" >> requirements.txt
RUN echo "uWSGI==2.0.25" >> requirements.txt
RUN pip install -r requirements.txt

Here we create requirement.txt file where we instruct to install Django version 4.2 and uWSGI module version 2.0.25 and then we execute the newly created requirements.txt through Pip.

RUN django-admin startproject helloworlddjango
WORKDIR /code/helloworlddjango
RUN echo "ALLOWED_HOSTS = ['127.0.0.1', 'localhost', 'helpabodessltest.shahadathossain.com']" >> helloworlddjango/settings.py

In this stage we created helloworld project with django-admin (we already Django installed) also we append our project’s settings.py to allow our domain. For this we just append “ALLOWED_HOSTS” variable value.

RUN echo "from django.urls import path" > helloworlddjango/urls.py
RUN echo "from django.shortcuts import HttpResponse" >> helloworlddjango/urls.py
RUN echo "def home_page_view_hello_world(request):" >> helloworlddjango/urls.py
RUN echo "    return HttpResponse('Hello World')" >> helloworlddjango/urls.py
RUN echo "urlpatterns = [path('', home_page_view_hello_world, name='helloworld'),]" >> helloworlddjango/urls.py

This part actually pure Python code we (re)writing our urls.py file where we actually put “Hello World” string when user visit home page of our project.

RUN adduser --disabled-password --no-create-home django
USER django
ENTRYPOINT ["uwsgi", "--http", ":9000", "--workers", "4", "--master", "--enable-threads", "--module", "helloworlddjango.wsgi"]

This is another part where we run our project through uwsgi module. We can run straightly by Django’s builtin server by “manage.py” but here I covered to run uwsgi server.

Here is link https://github.com/razonklnbd/django-hello-world-with-docker where you found complete Dockerfile

To build docker container you have to have docker in your system. After ensuring docker into system you can use following commands to build and run –

sudo docker build -t django-hello-world-mshk .
sudo docker run --name djangohelloworldmshk -d --network=host django-hello-world-mshk:latest

You need to execute into the location where you put your Dockerfile. Please feel free to change container tag and name. You may like following command of docker to see the log and to delete running container (in case you are debugging something)

sudo docker logs djangohelloworldmshk
sudo docker rm $(sudo docker stop $(sudo docker ps -a -q --filter ancestor=django-hello-world-mshk --format="{{.ID}}"))
sudo docker rmi django-hello-world-mshk

That’s all for today! Thanks.

Posted in linux, Python, webdevelopmentTagged , , , ,

Install secured Proftpd w/o database w/ virtual jailed user

Recently I need to install simple ftp server to provide access. I used Proftpd which is I believe is good (I used in small project). When I starting install, I faced some technical problem and overcome it. So, I think I should write my experience for my personal future reference.

  1. Install proftpd-basic (follow https://mtxserv.com/vps-server/doc/how-to-install-a-ftp-server-with-proftpd-debian-ubuntu or any other good document available by searching internet)
    1.a) Configure to use virtual user
    1.b) Add virtual user using “ftpasswd” command
  2. Configure jail option of proftpd configuration (read – https://portal.hostingcontroller.com/kb/a222/how-to-jail-ftp-users-using-proftpd-server.aspx)
    Remove # (uncomment) in front of below line
    DefaultRoot ~
  3. Configure passive ports
    3.a) At firewall allow 20, 21 and those passive ports (example below)
    ufw allow 49xxx:49999/tcp
    ufw reload
  4. Restart proftpd

-> Test ftp connection

Secure ftp connection with self-signed TLS:

  1. Follow TLS configuration part only from https://www.makeuseof.com/install-proftpd-on-ubuntu/ or any other good document available to configure TLS
  2. Replace “TLSProtocol” settings (follow https://serverfault.com/a/1023382)
    TLSProtocol TLSv1 TLSv1.1 TLSv1.2
  3. Restart proftpd

Now test using FTP client, you may see that host name different than server. As because we used self-signed this type of warning we can ignore.

Posted in linux, ubuntuTagged , , , ,

Apache Python3 Gunicorn

My journey to install Gunicorn to server Python project is not pleasant because of old Ubuntu system where Python version 3.5 installed but default Gunicorn not compatible with this version.

So, as suggested from gunicorn.org I need to install Gunicorn version 3 for Python 3 … The point is, I need to install this Gunicorn 3 at outside of my virtual environment.

First of all we need to change wsgi.py file in Python project in my case – “<project root>/helloworld/wsgi.py”

import os, sys
# add the hellodjango project path into the sys.path
sys.path.append('/home/django-helloworld/helloworld')

# add the virtualenv site-packages path to the sys.path
sys.path.append('/home/django-helloworld/myvenv/lib/python3.5/site-packages')

from django.core.wsgi import get_wsgi_application
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'helloworld.settings')
application = get_wsgi_application()

Above file I added two lines because while executing from gunicorn 3 (which installed outside of virtual environment i.e. into OS) Python can’t find Django or other project related package.

Posted in apache, linux, PythonTagged , , , ,

Changing ZF2 core

Following file I need to change for PHP latest version compatibility.

Zend/View/Model/ViewModel.php
Zend/View/Helper/HeadLink.php
Zend/Db/ResultSet/AbstractResultSet.php

I’m maintaining a repository of ZF2 that I made change here https://github.com/razonklnbd/zf2

Posted in php, zf2

Execute React JS in ntfs partition

I do development in mounted hard drive which is different than OS partition, also I like to use that mounted drive within different OS like windows and linux simultaneously. Which allow me portability of my code backup in different system.

Challenge is, I have to use such file system for that mounted drive which can accessible in most of the OS like windows, linux or iOS. And in this case NTFS is the best file system which is really portable. Problem for this FS is, it can’t support executable bit of linux which lead to raise many problem in React development. Like if you put any React project into that mounted drive, you can’t execute that code.

To solve this problem I take Docker as a solution. Simply, I create docker image of React project and execute that image. Here is the simple Dockerfile for React project –

FROM node:18
WORKDIR /app
COPY package.json ./
RUN npm install
RUN npm install -g npm@9.7.2
COPY . ./
EXPOSE 3000
CMD ["npm", "start"]

You just need to build this docker image and need to run. You can see docker log for any output for your React project.

Posted in ubuntu, windowsTagged , , , ,

Changing ZF2 core 2.4.13 \Zend\Stdlib\Hydrator\AbstractHydrator::hasStrategy

class: Zend\Stdlib\Hydrator\AbstractHydrator
function: hasStrategy
php version: 7.4

public function hasStrategy($name)
{
if(is_array($this->strategies))
return array_key_exists($name, $this->strategies)
|| array_key_exists(‘*’, $this->strategies);
if(is_object($this->strategies)) return property_exists($this->strategies, $name);
return false;
}

new change / new code

Deprecated: array_key_exists(): Using array_key_exists() on objects is deprecated. Use isset() or property_exists() instead in /media/shkr-home-wifi/works/workspace/vendor/ZF2/library/ Zend\Stdlib\Hydrator\AbstractHydrator on line 87

reason of change

public function hasStrategy($name)
{
return array_key_exists($name, $this->strategies)
|| array_key_exists(‘*’, $this->strategies);
}

previous code
Posted in php, zf2Tagged , , , , ,

Changing ZF2 Core 2.4.13 /Zend/I18n/Translator/Loader/Gettext::load

class: Zend\I18n/Translator/Loader/Gettext
function: load
php version: 7.4

Last portion change …….

if ($textDomain->offsetExists(”)) {
$rawHeaders = explode(“\n”, trim($textDomain->offsetGet(”)));
foreach ($rawHeaders as $rawHeader) {
list($header, $content) = explode(‘:’, $rawHeader, 2);
if (trim(strtolower($header)) === ‘plural-forms’) {
$textDomain->setPluralRule(PluralRule::fromString($content));
}
}
$textDomain->offsetUnset(”);
}

………….. end of change ………………..

Reason to change: Deprecated: array_key_exists(): Using array_key_exists() on objects is deprecated. Use isset() or property_exists() instead in …/Zend/I18n/Translator/Loader/Gettext.php on line 142

///////// previous code ///////////////////

if (array_key_exists(”, $textDomain)) {
$rawHeaders = explode(“\n”, trim($textDomain[”]));
foreach ($rawHeaders as $rawHeader) {
list($header, $content) = explode(‘:’, $rawHeader, 2);
if (trim(strtolower($header)) === ‘plural-forms’) {
$textDomain->setPluralRule(PluralRule::fromString($content));
}
}
unset($textDomain[”]);
}

Posted in php, zf2Tagged , , , ,

Copy large amount of file to remote server using nohup tar and ssh

This command will copy large amount of file to remote server by compressing and decompressing on the fly. It saves time and bandwidth. It will execute in background, so you can detach current login session.

nohup sh -c “tar -c /any/directory/at/source/server/ | gzip -2 | ssh server-alias ‘cat | tar xz -C /target/directory/of/target/server/'” > /dev/null 2>&1 &

here nohup output sent to /dev/null that means i don’t want any nohup output. you can adjust its behavior.

I use the command for millions of file that occupied more than 500 GB.

Posted in linuxTagged , , ,