I’ve wanted to create a blog for a while, and now I’ve finally done it! It wasn’t without a few obstacles, however.
I decided to use the Django framework, mostly based on my familiarity with Python. My server’s Linux distribution doesn’t officially support a sufficiently recent version of Python 3 for use with the latest version of Django (2.1 at the time of writing). Me, being stubborn, refused to accept that I couldn’t have the latest versions. I want to share my experiences in attaining my goal!
Django 2.1 requires Python version 3.5 and newer. My server linux distribution, Debian 8, provides only Python 3.4.
Furthermore, Python 3.7 requires OpenSSL 1.0.2 or newer. I’m stuck with version 1.0.1.
In all, both OpenSSL and Python needs to be built. Django and uWSGI (used to interface Django with nginx, my web server of choice) can be installed using pip.
Furthermore, I use git to download the source for both OpenSSL and Python. OpenSSL requires Perl 5.1 with core modules. Both of these are provided by my distribution.
I’ve chosen to build from source. In this writeup I set the compilation prefix to /home/oskar/local. On my server I have the prefix at /opt/django. You can set it to anything you like, really, as long as you have the right permissions.
Let’s make a build directory.
mkdir /home/oskar/build
Checkout the OpenSSL source code, and switch to the latest stable release.
cd /home/oskar/build
git clone git://git.openssl.org/openssl.git
cd openssl
git checkout OpenSSL_1_1_0
Now we need to configure the build with our chosen prefix.
./config --prefix=/home/oskar/local
make
make install
To make the configuration see the newly built OpenSSL, we’ll need to carefully craft some environment variables. Make a file environment.sh in the build directory:
PREFIX="/home/oskar/local"
export LDFLAGS="-L$PREFIX/lib/ -Wl,-rpath=$PREFIX/lib/"
export LD_LIBRARY_PATH="$PREFIX/lib/"
export CFLAGS="-I$PREFIX/include -I$PREFIX/include/openssl"
export CPPFLAGS="$CFLAGS"
Now download cpython. Choose the version that you want. I didn’t do the git checkout part, leaving me with a development build of Python 3.8. I recommend that you choose a stable version. See what tags are available with git tag.
cd /home/oskar/build
git clone https://github.com/python/cpython.git
cd cpython
git checkout v3.7.0
Now we load the environment variables, then configure and compile.
source ../environment.sh
./configure --prefix=/home/oskar/local
make
make install
There are a couple of flags that you can throw in to the configure script to make a more optimized build of Python. --with-lto uses link-time optimization and --enable-optimizations does a bunch of optimizations and does some profiling. However, link-time optimizations caused some problems for me when installing uWSGI, and --enable-optimizations froze my home computer..!
Now that we have a fresh version of Python, we should make a virtual environment. This way we avoid confusion with any existing version of Python, and we can install packages without polluting the system.
/home/oskar/local/bin/python3 -m venv /home/oskar/local/venv
The virtual environment needs to be activated for each terminal that uses it.
Let’s activate it and upgrade pip to the latest version.
source /home/oskar/local/venv/bin/activate
python -m ensurepip
pip install --upgrade pip
Installing Django is the easiest part; pip takes care of everything.
source /home/oskar/local/venv/bin/activate
pip install django
uWSGI is a link between nginx and Django. Use pip to install it.
The install process is somewhat unusual in that it triggers some compilations. It is important to load environment.sh before installing it.
source /home/oskar/local/venv/bin/activate
source /home/oskar/build/environment.sh
pip install uwsgi
If it’s your first time with Django, I recommend reading the official documentation’s Getting Started and following the tutorial. Make sure that you’re reading the documentation for the Django version you’re using, checked by python -m django --version.
I left you at uWSGI. In a future post I might share my experiences in setting up a (secure) nginx configuration..!
See you
Oskar