centos部署django:nginx+gunicorn+su
2017-04-16 本文已影响0人
brother阿张
[toc]
基础环境
添加一个非root管理员
useradd -m jin
passwd jin
# 添加sudo权限
chmod u+w /etc/sudoers
vim /etc/sudoers
chmod u-w /etc/sudoers
允许ssh登陆
vim /etc/ssh/sshd_config
PasswordAuthentication yes # 默认
AllowUsers jin
sudo /sbin/service sshd restart
python环境的安装
安装pyenv
1)安装环境
sudo yum install update
sudo yum install zlib-devel bzip2 bzip2-devel readline-devel sqlite sqlite-devel openssl-devel
2)安装pyenv
# 安装git
sudo yum install git
sudo curl -L https://raw.githubusercontent.com/yyuu/pyenv-installer/master/bin/pyenv-installer | bash
3)添加pyenv到环境变量
~ 目录下面的 .bashrc
export PATH="/home/jin/.pyenv/bin:$PATH"eval "$(pyenv init -)"eval "$(pyenv virtualenv-init -)"
4)重新加载shell配置
~ 目录下面的 .bashrc
source .bashrc
5)python 版本的替换和虚拟环境的安装
先安装 yum install gcc,
把下载的文件放入 .pyenv/cache/
sudo yum install gcc
pyenv install --list
pyenv install 2.7.12
pyenv global 2.7.12
pyenv vietualenv 2.7.12 blog_env
pyenv versions
pyenv activate blog_env
pyenv deactivate
安装 配置git
sudo yum install git
ssh-keygen -t rsa -C "jinzhang_hotline@163.com"
#/home/jin/.ssh/id_rsa 生成的位置
安装MySQL-python ,PILLOW
###MySQL-python
yum install MariaDB-develpip install MySQL-python
### PILLOW
sudo yum install python-devel
sudo yum install zlib-devel
sudo yum install libjpeg-turbo-devel
pip install pillow
安装 mysql
https://downloads.mariadb.org/mariadb/repositories/#mirror=neusoft&distro=CentOS&distro_release=centos7-amd64--centos7&version=10.1
将下列代码加入
/etc/yum.repos.d/MariaDB.repo
# MariaDB 10.1 CentOS repository list - created 2016-10-25 07:54 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
#安装
sudo yum install MariaDB-server MariaDB-client
sudo systemctl start mysqld.service
# 进入数据库
mysql -u root
use mysql;
update user set password=PASSWORD("root") where User='root';
flush privileges;
# 重启数据库
service mysql restart
#建立数据库
create database if not exists sell default charset utf8 collate utf8_general_ci;
开发模式跑起来
# 同步数据库
python manage.py migrate
# 收集静态文件
python manage.py collectstatic
安装ftp服务
# 停用防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
# 启用iptables
systemctl start iptables.service
systemctl enable iptables.service
# 安装vsftpd
sudo yum install vsftpd
systemctl start vsftpd.service
systemctl enable vsftpd.service
- 1 安装
sudo yum install vsftpd
- 2 配置
sudo vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
chroot_list_enable=YES
# 安装完成vsftpd后就有有个ftp用户
sudo passwd ftp
# selinux临时设置
setenforce 0
# selinux永久设置
semanage fcontext -a -t public_content_t /var/ftp
restorecon -R -v /var/ftp/
ls -dZ /var/ftp/ # 查看是否有public_content_t
semanage fcontext -a -t public_content_rw_t "/var/ftp/pub(/.*)?"
restorecon -R -v /var/ftp/pub
setsebool -P allow_ftpd_anon_write on
getsebool -a|grep ftp #查看
安装配置 gunicorn
在项目根目录下新建gunicorn.conf.py
vim gunicorn.conf.py
import multiprocessing
bind = "127.0.0.1:8000"
workers = 2
errorlog = "/home/jin/sell/gunicorn.error.log"
#accsessing = "./gunicorn.access.log"
#loglevel = "debug"
proc_name = "gunicorn_sell"
安装配置 nginx
- 添加源
新建/etc/yum.repos.d/nginx.repo
# Replace “OS” with “rhel” or “centos”, depending on the distribution used, and “OSRELEASE” with “5”, “6”, or “7”, for 5.x, 6.x, or 7.x versions, respectively
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/rhel/7/$basearch/
gpgcheck=0
enabled=1
sudo yum install nginx
- 添加权限
/etc/nginx/ngnix.conf
修改 user www; 为 user jin;
- 在项目根目录下新建nginx.conf
vim nginx.conf
server {
listen 80;
server_name 101.201.238.27;
access_log /home/jin/sell/nginx.access.log;
error_log /home/jin/sell/nginx.error.log;
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#location /robots.txt {
#alias /home/jin/sell/static/robots.txt;
#}
#location /favicon.ico {
# alias /home/jin/sell/static/img/favicon.ico;
#}
location /static {
alias /home/jin/sell/site_static;
expires 30d;
}
# this prevents hidden files (beginning with a period) from being served
location ~ /\. {
access_log off; log_not_found off; deny all;
}
}
将其链接到 /etc/nginx/conf.d/blog_project.conf
sudo ln -s /home/jin/sell/nginx.conf /etc/nginx/conf.d/sell_nignx.conf
django配置
django setting
ALLOWED_HOSTS = ['localhost','101.201.238.27']
配置wsgi 在django的目录下修改
import sys
import site
import os
# site-packages
site.addsitedir('~/.pyenv/versions/healthydoc_env/lib/python2.7/site-packages') # changed to your env
PROJECT_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
sys.path.insert(0, PROJECT_DIR)
# activate env
activate_env = os.path.expanduser("~/.pyenv/versions/healthydoc_env/bin/activate_this.py") # changed to your env
execfile(activate_env, dict(__file__=activate_env))
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "healthy_doc.settings") # changed to your settings
application = get_wsgi_application()
### 如果要外部访问,则打开80端口:
可以选择临时关闭防火墙
sudo service iptables stop
# 查看开放端口
# iptables -L -n --line-numbe 或者开放一些需要的端口,比如 80
sudo iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
sudo /sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
# sudo service iptatbles save
在/home/jin/sell 运行一下gunicorn: 用django的wsgi
sudo nohup gunicorn sell.wsgi:application -c /home/jin/sell/gunicorn.conf.py&
supervisor
supervisor就是用Python开发的一套通用的进程管理程序,能将一个普通的命令行进程变为后台daemon,并监控进程状态,异常退出时能自动重启。
- 安装
sudo yum install supervisor
# ubuntu
sudo apt-get install supervisor
- 配置
然后,给我们自己开发的应用程序编写一个配置文件,让supervisor来管理它。每个进程的配置文件都可以单独分拆,放在/etc/supervisor/conf.d/目录下,以.conf作为扩展名,例如,app.conf定义了一个gunicorn的进程
[program:app]
command=/usr/bin/gunicorn -w 1 wsgiapp:application
directory=/srv/www
user=www-data
其中,进程app定义在[program:app]中,command是命令,directory是进程的当前目录,user是进程运行的用户身份。
- 启用
sudo systemctl restart supervisord
重启supervisor,让配置文件生效,然后运行命令supervisorctl启动进程
supervisorctl start app
supervisorctl stop app
- 在命令使用变量
如果要在命令行中使用变量,就需要自己先编写一个shell脚本
#!/bin/sh
/usr/bin/gunicorn -w `grep -c ^processor /proc/cpuinfo` wsgiapp:application
然后,加上x权限,再把command指向该shell脚本即可。
