Target Architecture

This system is created with the following target architecture in mind:

Jezus lives!


Enable and configure sysstat

Sysstat is a utility that includes a number of useful programs for monitoring system resources, performance, et cetera. It contains 'sar' (system activity reporter) that gathers and keeps performance and activity data. Install:
sudo apt install sysstat
Enable sar by setting "ENABLED" to 'true' in /etc/default/sysstat and enabling and starting data collection:
sudo systemctl enable sysstat
sudo systemctl start sysstat

Create a Python Virtual Environment

To create a virtual environment, decide where you want to place it, and run the venv with the desired directory path:
python3 -m venv  <venv-name>
This will create the <venv-name> directory if it doesn’t exist and also directories inside it containing a copy of the Python interpreter and various supporting files. Once you’ve created a virtual environment, you need enable it:
source <venv-name>/bin/activate
To leave the virtual environment run:
deactivate

Running Flask in a Python Virtual Environment

After activating a virtual environment it is possible to install Flask, a micro web framework written in Python, in the environment:
pip install Flask

Running the flask app

There is some network magic here: the flask app will be listening on a different port than the apache webserver.
Enable mod_proxy on Apache2
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo systemctl restart apache2

Enable Cross Origin Requests

Here I don't fully understand what I am doïng but... This works.
I tried to make my Google blog (from blogspot.com) make use from my homebrew analytics. >>> HOW ?? <<<<
This resulted in browser errors (Firefox console):
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jvdm.info/logger. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jvdm.info/logger. (Reason: CORS request did not succeed). Status code: (null).

Uncaught (in promise) TypeError: NetworkError when attempting to fetch resource. 
On my apache2 I then added:
    Header add Access-Control-Allow-Origin *
    Header add Access-Control-Allow-Methods: "POST, GET"
    Header add Access-Control-Allow-Headers: "Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers"
ran:
a2enmod headers
systemctl restart apache2
and the eroors disappear... but why? .... .... ....

Some links:

Initial Server Setup with Ubuntu 20.04 By Brian Boucheron
How To Install the Apache Web Server on Ubuntu 20.04 By Erin Glass
How To Use Apache as a Reverse Proxy with mod_proxy on Ubuntu 16.04 By Mateusz Papiernik
Information on 'sysstat'

Additional security

And now... I ran:
https://developer.mozilla.org/en-US/observatory/analyze?host=jvdm.info
And it complains about Content Security Policy (CSP)... A reasonable amount of information can be found here: https://www.invicti.com/blog/web-security/content-security-policy/.
/etc/apache2/sites-available First thing is to add
Header always set Content-Security-Policy "default-src 'self'
to the sites 'conf' file in '/etc/apache2/sites-available' to prevent any cross site content (lets be blunt) and restart apache. Then also add:
Header always set Strict-Transport-Security max-age=31536000
To this config file and restart apache.
Remains:
Header always set X-Content-Type-Options nosniff
And:
Header always append X-Frame-Options SAMEORIGIN
Now the site gets 'A+ 100+' on https://developer.mozilla.org/en-US/observatory/analyze?host=jvdm.info.