Skip to content

Server Deployment#

Check server specs#

nproc
free -h
df -h

Update system#

apt update && apt upgrade -y

Install required software#

apt install -y python3 python3-pip python3-venv nginx git ufw certbot python3-certbot-nginx

Configure firewall#

ufw allow OpenSSH
ufw allow 'Nginx Full'
ufw --force enable

Create project directory#

mkdir -p /var/www/hospital-backend
chown -R www-data:www-data /var/www/hospital-backend

Upload files via SCP (from local)#

scp -r api core deployment docs static .env.production .gitignore manage.py README.md requirements.txt standards.md root@185.216.75.81:/var/www/hospital-backend/

Create virtual environment#

python3 -m venv venv

Activate virtual environment#

source venv/bin/activate

Upgrade pip#

pip install --upgrade pip

Install dependencies#

pip install -r requirements.txt

Generate Django SECRET_KEY#

python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'

Copy environment file#

cp .env.production .env

Edit environment file#

nano .env

Create required directories#

mkdir -p logs staticfiles media

Set Django settings module#

export DJANGO_SETTINGS_MODULE=core.settings.prod

Run Django security check#

python manage.py check --deploy

Run migrations#

python manage.py migrate

Create superuser#

python manage.py createsuperuser

Collect static files#

python manage.py collectstatic --noinput

Copy systemd service files#

cp deployment/hospital-backend.socket /etc/systemd/system/
cp deployment/hospital-backend.service /etc/systemd/system/

Reload systemd#

systemctl daemon-reload

Enable and start socket#

systemctl enable hospital-backend.socket
systemctl start hospital-backend.socket

Enable and start service#

systemctl enable hospital-backend.service
systemctl start hospital-backend.service

Check service status#

systemctl status hospital-backend.service

Fix permissions#

chown -R www-data:www-data /var/www/hospital-backend
chmod 755 /var/www/hospital-backend
chmod 750 logs

Restart service#

systemctl restart hospital-backend.service

Copy nginx config#

cp deployment/nginx.conf /etc/nginx/sites-available/hospital-backend

Enable nginx site#

ln -s /etc/nginx/sites-available/hospital-backend /etc/nginx/sites-enabled/

Test nginx configuration#

nginx -t

Restart nginx#

systemctl restart nginx

Check nginx status#

systemctl status nginx

Check DNS resolution#

dig +short api.fishtailhospital.com.np A

Obtain SSL certificate#

certbot --nginx -d api.fishtailhospital.com.np

Test API locally#

curl http://localhost/api/

Test API via domain#

curl https://api.fishtailhospital.com.np/api/

View Gunicorn error logs#

tail -f /var/www/hospital-backend/logs/gunicorn-error.log

View Gunicorn access logs#

tail -f /var/www/hospital-backend/logs/gunicorn-access.log

View Nginx error logs#

tail -f /var/log/nginx/hospital-backend-error.log

View Nginx access logs#

tail -f /var/log/nginx/hospital-backend-access.log

View systemd journal#

journalctl -u hospital-backend.service -f

Reload nginx (config changes only)#

systemctl reload nginx

Update application#

cd /var/www/hospital-backend
source venv/bin/activate
pip install -r requirements.txt
python manage.py migrate
python manage.py collectstatic --noinput
systemctl restart hospital-backend.service