I have built a simple flask app on ubuntu server and have placed the code in the following directories: Main app code: /home/user/flaskapp WSGI Config: www/flaskapp/app.wsgi
My questions are:
- Is the placement of the app's code in my home directory okay in production?
- What should I have my Folder Permissions be to run a safe/secure site?
- My Ubuntu Users name is 'flask_user', should i give it any special permissions or groups?
Thanks in advanced!
I understand you're using Apache or Nginx as your web server. If that's correct, I would place both your apps code and the app.wsgi file in your home directory.
Placing a file in /var/www allows it to be seen by the outside world in some cases (that it, unless you specifically specified it to be ignored by your webserver/deny access by the webserver). Placing it /home/user doesn't allow it to be seen by the outside world, unless explicitly specified.
As for permissions, You would need to give the web server user (usually
www-data
in Apache, unlessflask_user
is your web server user as well) read permission to the WSGI file, and probably also execute permissions. Not sure about permissions to the other python files, but that's easy to test. Start off with denying your web server user all permissions to the file. If that doesn't work, give it read permissions, and so on until the site works. That would be the minimum needed permission.