文章目录
Linux部署基于Django的博客系统
项目仓库:github.com/liangliangyy/DjangoBlog
集群架构
准备工作
| 角色 | 域名/IP | 主机名 | 源 |
|---|---|---|---|
| mysql | 10.0.0.105/172.16.1.105 | db01 | 默认源+epel |
| nginx+djangoblog | 10.0.0.103/172.16.1.103 | web01 | 默认源+epel |
| nfs01 | 10.0.0.102/172.16.1.102 | nfs01 | 默认源+epel |
db01部署mysql8.4
部署MySql8.4.6(Kylinv10sp3、Ubuntu2204、Rocky9.3)_银河麒麟服务器版yum装mysql8.4.6-CSDN博客
shell
#1.下载源到本地并安装
mkdir -p /download ;yum install -y wget && cd /download ; wget https://dev.mysql.com/get/mysql84-community-release-el7-2.noarch.rpm && yum localinstall -y mysql84-community-release-el7-2.noarch.rpm
#2.安装
yum install -y mysql-community-server
#3.开启mysql
systemctl enable mysqld --now
#4.从日志中获取登录密码
grep -i password /var/log/mysqld.log
#5.修改root密码
mysqladmin -u root -p'旧密码' password '新密码'
#6.登录数据库
mysql -uroot -p
#7.创建djangoblog库
CREATE DATABASE djangoblog;
#8.创建djangoblog用户并设置密码
create user djangoblog@'172.16.1.%' identified with caching_sha2_password by 'Abc@1234';
create user djangoblog@'localhost' identified with caching_sha2_password by 'Abc@1234';
#查看用户是否创建成功
SELECT user, host FROM mysql.user;
#9.授权用户数据库权限
GRANT ALL ON djangoblog.* TO 'djangoblog'@'localhost';
GRANT ALL ON djangoblog.* TO 'djangoblog'@'172.16.1.%';
#查看是否授权成功
SELECT user, host FROM mysql.user WHERE user = 'djangoblog';
#防火墙放行端口
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="172.16.1.0/24" port protocol="tcp" port="3306" accept'
firewall-cmd --reloadnfs01部署NFS
shell
#1.在kylinv10sp3中安装服务端软件包,nfs-utils包含了rpcbind
yum install -y nfs-utils && systemctl enable --now rpcbind && systemctl enable --now nfs
#2.修改配置文件
cat > /etc/exports <<EOF
/uploads 172.16.1.0/24(rw,all_squash,anonuid=1999,anongid=1999)
EOF
#3.创建用户
groupadd -g 1999 www
useradd -u 1999 -g www -M -s /sbin/nologin www
#4.给共享目录属主和属组设置为www
mkdir /uploads
chown -R www:www /uploads
#5.生效共享目录配置
exportfs -arv
#6.查看共享目录
showmount -e localhost设置nfs固定端口
shell
#1.设置nfs固定端口,并防火墙放行端口
cat >> /etc/sysconfig/nfs <<EOF
RQUOTAD_PORT=875
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
EOF
#2.给lockd、statd设置端口
vim /etc/nfs.conf
[lockd]
port=32803
udp-port=32769
[statd]
# debug=0
port=662
#重启相关服务
systemctl restart rpcbind && systemctl restart nfs && systemctl restart nfs-lock
#放行端口
cat > open_port.sh <<'EOF'
#!/bin/bash
##############################################################
# File Name:open_port.sh
# Version:V1.0
# Author:csq
# Organization: www.chenshiquan.xyz
# Desc:
##############################################################
no_open_port=`rpcinfo -p |awk 'NR>1{print $(NF-1)}' | sort | uniq`
for i in ${no_open_port}
do
open_port=`firewall-cmd --list-all | grep $i | wc -l`
if [ ${open_port} -eq 0 ];then
if firewall-cmd --add-port=$i/tcp --permanent >/dev/null 2>&1;then
echo "端口$i放行成功"
else
echo "端口放行失败"
fi
else
echo "端口$i已经放行"
fi
done
firewall-cmd --reload >/dev/null 2>&1
firewall-cmd --list-all
EOF
[root@nfs01 ~]# bash open_port.sh
端口111放行成功
端口20048放行成功
端口2049放行成功
端口34801放行成功
端口44395放行成功
端口662放行成功
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33 ens34
sources:
services: cockpit dhcpv6-client mdns ssh
ports: 111/tcp 20048/tcp 2049/tcp 34801/tcp 44395/tcp 662/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules: web01部署Djangoblog
安装python3.11
shell
#1.安装编译依赖
yum install -y wget gcc-c++ openssl-devel bzip2-devel libffi-devel zlib-devel make python3-virtualenv
#安装mysql84源仓库
wget https://dev.mysql.com/get/mysql84-community-release-el7-2.noarch.rpm && yum localinstall -y mysql84-community-release-el7-2.noarch.rpm
#安装mysqlclient依赖
yum install -y python3-mysqlclient mysql-community-devel
#2.下载Python3.11并解压
tar xf Python-3.11.14.tar.xz
cd Python-3.11.14/
#3.进入编译目录,编译安装-配置,生成Makefile
./configure --enable-optimizations --with-ssl
#--enable-optimizations自动进行优化(python)
#--with-ssl支持ssl模块,功能。
#4.编译,根据Makefile文件检查依赖环境,进行构建应用程序
make -j `nproc`
#5.安装 复制文件到对应路径
make install
#6.验证是否安装成功
python3.11 --version
pip3.11 --version
#7.升级pip
python3 -m pip install -i https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple --upgrade pip
#8.pip源(加速pip下载软件)
pip3 config set global.index-url https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple部署Djangoblog(使用虚拟环境)
shell
#1.创建站点目录
mkdir -p /app/code/
cd /app/code/
#2.下载git,拉取Djangoblog仓库代码
yum install -y git
git clone https://github.com/liangliangyy/DjangoBlog.git
#3.设置python虚拟化环境
virtualenv -p /usr/local/bin/python3 djangoblog
source djangoblog/bin/activate
python3 -m pip install -i https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple --upgrade pip
#5.切换版本,并安装djangoblog运行所需要的依赖
cd DjangoBlog/
git checkout 1.0.0.7
pip3 install -Ur requirements.txt
#6.修改djangoblog配置,修改djangoblog/settings.py中的DATABASES配置
vim djangoblog/settings.py
#修改如下配置
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': os.environ.get('DJANGO_MYSQL_DATABASE') or 'djangoblog',
'USER': os.environ.get('DJANGO_MYSQL_USER') or 'djangoblog',
'PASSWORD': os.environ.get('DJANGO_MYSQL_PASSWORD') or 'Abc@1234',
'HOST': os.environ.get('DJANGO_MYSQL_HOST') or '172.16.1.105',
'PORT': int(
os.environ.get('DJANGO_MYSQL_PORT') or 3306),
'OPTIONS': {
'charset': 'utf8mb4'},``
}}
#关闭时区支持
USE_TZ = False
#7.接下来开始执行数据库迁移 终端下执行:
#生成数据库迁移文件
./manage.py makemigrations
#执行数据库迁移
./manage.py migrate
#创建一个 Django 后台管理员账户
./manage.py createsuperuser
#将项目中所有分散的静态文件收集到一个统一的目录中
./manage.py collectstatic --no-input
#压缩和合并静态文件
./manage.py compress --force
#启动网站,终端下执行
nohup ./manage.py runserver 0.0.0.0:8000 >./blog.log 2>&1 &
#防火墙放行8000端口
firewall-cmd --add-port=8000/tcp --permanent
firewall-cmd --reload部署nginx
部署Nginx1.28(Kylinv10sp3、Ubuntu2204、Rocky9.3)_kylin 10sp3安装nginx教程-CSDN博客
shell
#1.添加nginx源
cat > /etc/yum.repos.d/nginx.repo <<'EOF'
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/8/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/8/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
EOF
#2.安装nginx,可以使用 yum provides nginx 来查看官方源有哪些nginx版本
yum install -y nginx-1:1.28.0-1.el8.ngx.x86_64
#3.设置nginx站点配置文件
cat > /etc/nginx/conf.d/pythonblog.chenshiquan.xyz.conf <<'EOF'
server {
listen 80;
server_name pythonblog.chenshiquan.xyz;
root /app/code/DjangoBlog;
access_log /var/log/nginx/access_pythonblog.chenshiquan.xyz.log;
error_log /var/log/nginx/error_pythonblog.chenshiquan.xyz.log;
location /static/ {
alias /app/code/DjangoBlog/collectedstatic/;
expires max;
access_log off;
log_not_found off;
}
location /media/ {
# 静态文件配置
alias /app/code/DjangoBlog/uploads/;
expires max;
}
location ~ \.py$ {
return 403;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://127.0.0.1:8000/;
break;
}
}
}
EOF
#4.启动nginx
systemctl enable --now nginx.service
#5.防火墙放行80端口
firewall-cmd --add-port=80/tcp --permanent
firewall-cmd --reload博客首页
后台管理页面
发布文章放入图片
接入NFS
shell
#1.设置uploads目录权限
#2.将uploads下用户上传的图片先移动到/backup下
mkdir /backup
mv /app/code/DjangoBlog/uploads/* /backup/
#3.永久挂载
echo "172.16.1.103:/uploads /app/code/DjangoBlog/uploads/ nfs defaults 0 0" >> /etc/fstab
mount -a
df -h /app/code/DjangoBlog/uploads/
#输出如下
文件系统 容量 已用 可用 已用% 挂载点
172.16.1.102:/uploads 46G 2.4G 44G 6% /app/code/DjangoBlog/uploads
#4.创建www用户
groupadd -g 1999 www
useradd -u 1999 -g www -M -s /sbin/nologin www
#5.将用户上传的图片重新放回来
mv /backup/* /app/code/DjangoBlog/uploads/网站接入https
shell
#1.将证书文件下载到本机,解压到/etc/nginx/keys下
unzip 21636108_pythonblog.chenshiquan.xyz_nginx.zip -d /etc/nginx/keys/
#修改nginx配置文件
cat > /etc/nginx/conf.d/pythonblog.chenshiquan.xyz.conf <<'EOF'
server {
listen 80;
server_name pythonblog.chenshiquan.xyz;
return 302 https://pythonblog.chenshiquanx.xyz$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/nginx/keys/pythonblog.chenshiquan.xyz.pem;
ssl_certificate_key /etc/nginx/keys/pythonblog.chenshiquan.xyz.key;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5:!aNULL:!eNULL:!EXPORT:!IDES:!RC4:!MD5;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
server_name pythonblog.chenshiquan.xyz;
root /app/code/DjangoBlog;
access_log /var/log/nginx/access_pythonblog.chenshiquan.xyz.log;
error_log /var/log/nginx/error_pythonblog.chenshiquan.xyz.log;
location /static/ {
alias /app/code/DjangoBlog/collectedstatic/;
expires max;
access_log off;
log_not_found off;
}
location /media/ {
# 静态文件配置
alias /app/code/DjangoBlog/uploads/;
expires max;
}
location ~ \.py$ {
return 403;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://127.0.0.1:8000;
break;
}
}
}
EOF
#3.重新加载nginx配置文件
systemctl reload nginx
#4.放行443端口
firewall-cmd --add-port=443/tcp --permanent
firewall-cmd --reload
#5.修改/app/code/DjangoBlog/djangoblog/settings.py,
#用于告诉 Django 哪些主机名(域名或 IP 地址)可以访问你的网站
ALLOWED_HOSTS = ['*', '0.0.0.0', 'pythonblog.chenshiquan.xyz']
#CSRF_TRUSTED_ORIGINS 用于告诉 Django,哪些外部域名是受信任的,可以安全地发起跨站请求
CSRF_TRUSTED_ORIGINS = ['https://pythonblog.chenshiquan.xyz']
#6.kill掉网站后台进程,重新启动
kill -9 25428
nohup ./manage.py runserver 0.0.0.0:8000 >./blog.log 2>&1 &