Project Structure

server.py   # the main flask server
app.py      # the flask app wrapper that can be started via wsgi
scripts/    # user add/deletion scripts used for usermanagement
static/     # static files of the flask webserver (js/css etc.)
templates/  # jinja html templates used by the webserver (the actual webpages)
setup.sh    # remote setup script
aws/        # aws templates/files

Local Requirements

setup.sh

• ssh
• rsync

AWS

• awscli

Remote Requirements

Packages (APT)

• vsftpd
• python3
• pip

Python Requirements

• flask
• flask-sqlalchemy
• waitress

Setup-Script

./setup.sh TARGET_IP_OR_DNS

The start script (setup.sh) performs the following task in this order:

• run apt update and install relevant packages (CMD_APT)
• install the python packages via the python package manager pip (CMD_PIP)
• add a user for flask to run as (CMD_FLASK_USER)
• add sudoers lines to allow flask user to add and delete users (CMD_SUDOERS_ADD/DEL)
• transfer the web-server files (rsync)
• change FTP configuration to allow writes (CMD_SET_FTP_WRITE_YES)
• restart the FTP to apply the new configuration server (CMD_RESTART_FTP)
• lock out any ssh but root just to be safe (CMD_LOCK_SSH)

AWS

• create a keypair called "flask-ftp" or change the value of "KeyName" in aws/template.yml to an existing key pair (see "AWS Network & Security -> Key Pairs" for details)
• create a new stack (CloudFormation -> Stacks -> Create Stack) and upload the template (aws/template.yml)
• goto Instances, select Security and click the security group, add inbound for the ports you want to use (e.g. FTP Ports, 80, 443 or 5000, allowing all for simplicity, is reasonably safe too in this case, since there's nothing running on the server except the public services)