Difference between revisions of "PYTHONAPP"
| (2 intermediate revisions by the same user not shown) | |||
| Line 33: | Line 33: | ||
== Configure the Database == | == Configure the Database == | ||
'''Open phpMyAdmin in your browser. Make sure the user in your .env file has privileges on the | '''Open phpMyAdmin in your browser. Make sure the user in your .env file has privileges on the dbasename database. If not, in phpMyAdmin run:''' | ||
GRANT ALL PRIVILEGES ON dbasename.* TO 'YourUser'@'localhost'; | GRANT ALL PRIVILEGES ON dbasename.* TO 'YourUser'@'localhost'; | ||
| Line 39: | Line 39: | ||
'''Verify your .env file on the server has the correct values:''' | '''Verify your .env file on the server has the correct values:''' | ||
cat /var/www/html/ | cat /var/www/html/myapp/.env | ||
''' It should contain ''' | ''' It should contain ''' | ||
| Line 57: | Line 57: | ||
'''You should see "Karaoke app running on http://localhost:3001". In another SSH window test''' | '''You should see "Karaoke app running on http://localhost:3001". In another SSH window test''' | ||
sudo nano /etc/systemd/system/ | sudo nano /etc/systemd/system/myapp.service | ||
== Create the systemd Service == | == Create the systemd Service == | ||
| Line 164: | Line 164: | ||
'''Cert auto-renewal is already enabled by certbot's systemd timer — verify with''' | '''Cert auto-renewal is already enabled by certbot's systemd timer — verify with''' | ||
sudo systemctl list-timers | grep certbot | sudo systemctl list-timers | grep certbot | ||
=Database Optimization= | |||
<pre> | |||
CREATE INDEX idx_songs_title ON songs(Title(100)); | |||
CREATE INDEX idx_songs_artists ON songs(Artists(100)); | |||
CREATE INDEX idx_favorite_name ON Favorite(Name(80), Tag(20)); | |||
CREATE INDEX idx_queue_status ON queue(Status(20)); | |||
CREATE INDEX idx_queue_timestamp ON queue(TimeStamp(20)); | |||
CREATE INDEX idx_archive_name ON Archive_Singers(Name(80)); | |||
</pre> | |||
Latest revision as of 20:25, 21 April 2026
Karaoke app Deployment
Prerequisite Check
- ssh into the server
- verify what is installed
apache2 -v python3 --version mysql --version which certbot
- if certbot isn't installed
sudo apt update sudo apt install certbot python3-certbot-apache -y
- Install Python venv if needed:
sudo apt install python3-venv python3-pip -y
Create the App Directory
sudo mkdir -p /var/www/html/myapp cd /var/www/html/myapp
Upload App Files
- Upload the .env file (hidden, so it won't be picked up by scp -r)
If you don't see .env in Finder, press Cmd+Shift+. to toggle hidden files.
Set up the Python Environment
cd /var/www/html/myapp python3 -m venv venv source venv/bin/activate pip install flask pymysql cryptography gunicorn DBUtils deactivate
The cryptography package is required for MySQL caching_sha2_password auth.
Configure the Database
Open phpMyAdmin in your browser. Make sure the user in your .env file has privileges on the dbasename database. If not, in phpMyAdmin run:
GRANT ALL PRIVILEGES ON dbasename.* TO 'YourUser'@'localhost'; FLUSH PRIVILEGES;
Verify your .env file on the server has the correct values:
cat /var/www/html/myapp/.env
It should contain
DB_HOST=localhost DB_USER=YourUser DB_PASS=YourPassword DB_NAME=dbasename SECRET_KEY=some-random-string HOST_NAME= name for the host side PORT=3001
Important: Use a different port from any other apps you have running. I'm using 3001 here — pick whatever's free.
Test App Manually
cd /var/www/html/myapp source venv/bin/activate python3 app.py
You should see "Karaoke app running on http://localhost:3001". In another SSH window test
sudo nano /etc/systemd/system/myapp.service
Create the systemd Service
Paste
[Unit] Description=My App mydir (Gunicorn) After=network.target [Service] User=www-data Group=www-data WorkingDirectory=/var/www/html/myapp Environment="PATH=/var/www/html/myapp/venv/bin" ExecStart=/var/www/html/myapp/venv/bin/gunicorn --workers 3 --bind 127.0.0.1:3001 app:app Restart=always [Install] WantedBy=multi-user.target
Save (Ctrl+O, Enter, Ctrl+X).
Set permissions:
sudo chown -R www-data:www-data /var/www/html/myapp
Enable and start
sudo systemctl daemon-reload sudo systemctl enable myapp sudo systemctl start myapp sudo systemctl status myapp
You should see active (running). If not:
sudo journalctl -u myapp -n 50
Configure Apache Reverse Proxy
Enable required modules (only needed once on the server):
sudo a2enmod proxy proxy_http ssl rewrite headers
Create the HTTP vhost (which certbot will upgrade later):
sudo nano /etc/apache2/sites-available/mydomain.conf
'Paste — replace yourdomain.com with your actual domain
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/
ErrorLog ${APACHE_LOG_DIR}/mydomain-error.log
CustomLog ${APACHE_LOG_DIR}/mydomain-access.log combined
</VirtualHost>
Enable and reload
sudo a2ensite mydomain.conf sudo apache2ctl configtest sudo systemctl reload apache2
Test in your browser: http://yourdomain.com — you should see the login page.
Enable HTTPS with Certbot
Make sure your domain's DNS A record points to your server IP first.
Run certbot:
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com
Choose 2 (Redirect) when asked, so HTTP automatically redirects to HTTPS.
Certbot will create /etc/apache2/sites-available/rb222-le-ssl.conf and enable it.
sudo apache2ctl configtest sudo systemctl reload apache2
Visit https://yourdomain.com — you should see the lock icon and the app.
If certbot fails to auto-configure (it sometimes does), create the SSL vhost manually:
sudo nano /etc/apache2/sites-available/mydomain-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ErrorLog ${APACHE_LOG_DIR}/rb222-ssl-error.log
CustomLog ${APACHE_LOG_DIR}/rb222-ssl-access.log combined
</VirtualHost>
</IfModule>
then
sudo a2ensite mydomain-le-ssl.conf sudo systemctl reload apache2
Cert auto-renewal is already enabled by certbot's systemd timer — verify with
sudo systemctl list-timers | grep certbot
Database Optimization
CREATE INDEX idx_songs_title ON songs(Title(100)); CREATE INDEX idx_songs_artists ON songs(Artists(100)); CREATE INDEX idx_favorite_name ON Favorite(Name(80), Tag(20)); CREATE INDEX idx_queue_status ON queue(Status(20)); CREATE INDEX idx_queue_timestamp ON queue(TimeStamp(20)); CREATE INDEX idx_archive_name ON Archive_Singers(Name(80));