|
1
|
源码下载:git clone https://github.com/oldtian/Oliver.git
|
1、安装以下软件
1.1 安装nginx
安装过程略
1.2 安装mysql
安装过程略
1.3 安装python2.7.10
升级安装python2.7.10
|
1
2
3
4
5
6
7
8
|
wget https://www.python.org/ftp/python/2.7.10/Python-2.7.10.tgz
tar -zxf Python-2.7.10.tgz
cd Python-2.7.10
./configure
make all
make install
make clean
make distclean
|
查看版本
|
1
|
/usr/local/bin/python2.7 -V
|
建议软链接
|
1
2
|
mv /usr/bin/python /usr/bin/python2.6.6
ln -s /usr/local/bin/python2.7 /usr/bin/python
|
重新验证版本
|
1
|
python -V |
1.4 安装setuptools
|
1
2
3
4
|
wget https://pypi.python.org/packages/source/s/setuptools/setuptools-19.2.tar.gz
tar -zxf setuptools-19.2.tar.gz
cd setuptools-19.2
python setup.py install
|
1.5 安装pip8.1.1
|
1
2
3
4
|
wget https://pypi.python.org/packages/source/p/pip/pip-8.1.1.tar.gz
tar -zxf pip-8.1.1.tar.gz
cd pip-8.1.1
python setup.py install
|
2、关闭selinux并开放iptables的80端口
|
1
2
3
4
5
|
setenforce 0sed -i '/^SELINUX=/{s/enforcing/disabled/}' /etc/sysconfig/selinux
sed -i '/^SELINUX=/{s/enforcing/disabled/}' /etc/selinux/config
iptables -I INPUT 4 -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT/etc/init.d/iptables save
|
3、pip安装如下包
|
1
2
3
4
5
6
7
|
pip install supervisor
pip install uwsgi
pip install ansible==1.9.4
pip install Django==1.8.3
pip install django-users2
pip install MySQL-python
pip install rpyc
|
4、创建uwsgi.ini
建议放置在项目所在目录下
|
1
2
3
4
5
6
7
8
9
|
[uwsgi]socket = /tmp/oliver.sock #nginx需要使用到的socket文件
chdir=/opt/www/oliver #切换到项目所在目录
wsgi-file = Oliver/wsgi.py #wsgi.py主程序入口,加载相应环境
touch-reload=/opt/www/oliver/reload #touch一个空白的reload文件,项目重启
processes = 2 #初始启动进程数
threads = 4chmod-socket = 664#socket文件的属性
chown-socket = nginx:nginx#socket文件的属主和属组
|
5、创建supervisor配置文件
|
1
|
echo_supervisord_conf > /etc/supervisord.conf
|
6、编辑supervisor配置文件
在/etc/supervisord.conf末尾追加
|
1
2
3
4
5
6
7
|
[program:oliver] #oliver是supervisor管理的进程名
command=/usr/local/bin/uwsgi --ini /www/oliver/uwsgi.ini
directory=/www/oliver
startsecs=0stopwaitsecs=0autostart=true
autorestart=true
|
7、启动supervisor
|
1
|
supervisord -c /etc/supervisord.conf
|
查看/tmp/oliver.sock文件是否存在,如果不存在可先将/tmp目录下文件删除,然后再一次执行上面的命令
supervisor管理进程命令:
停止进程:
|
1
|
supervisorctl -c /etc/supervisord.conf stop oliver
|
启动进程:
|
1
|
supervisorctl -c /etc/supervisord.conf start oliver
|
重启进程:
|
1
|
supervisorctl -c /etc/supervisord.conf restart oliver
|
8、修改nginx配置
nginx的配置文件中添加虚拟主机配置:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
server { listen 80;
server_name localhost;
charset utf-8;
client_max_body_size 8M;
location /media {
alias /www/oliver/media;
}
location /static {
alias /www/oliver/static;
}
location / {
uwsgi_pass unix:///tmp/oliver.sock;
include /opt/application/nginx/conf/uwsgi_params;
}
} |
django仅在开发模式可加载setting.py配置中指定目录下的静态文件,在生产环境要 通过nginx配置来加载静态文件,创建static和media目录。
9、添加网站监控脚本到定时任务
|
1
|
*/5 * * * * /usr/local/bin/python /www/oliver/webapi/sniffer.py >/dev/null 2>&1
|
10、在需要做安全审计的主机的/etc/profile文件中添加如下配置
|
1
2
3
4
5
6
7
8
9
10
|
HISTSIZE=1200export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE
export HISTCONTROL=ignoredups
export HISTFILE=$HOME/.bash_history
export HISTFILESIZE=1200
export HISTTIMEFORMAT="`whoami` %F %T "
export PROMPT_COMMAND="history -a; history -c; history -r;"'/www/OMAudit/OMAudit_agent.py $(history 1)'
shopt -s histappend
typeset -r PROMPT_COMMANDtypeset -r HISTTIMEFORMAT |
11、搜集静态文件到指定目录
在setting.py中配置STATIC_ROOT来指定搜集静态文件存放目录:
|
1
|
python manage.py collectstatic |
每次修改静态文件内容,也需要执行一次以上命令,否则修改后的内容nginx加载不到
12、同步数据库
|
1
2
|
python manage.py makemigrationspython manage.py migrate |
13、启动OliverServer主进程
|
1
|
python OliverServer.py & |
13、重启nginx和supervisor
|
1
2
|
service nginx restartsupervisorctl -c /etc/supervisord.conf restart oliver
|