问题:现在有一个flask项目,默认采用http方式访问,为了安全使用,要求采用https方式进行访问,在不改动代码的前提下,可以直接将http过度到https
解决办法: 采用nginx作为web服务器,flask项目使用uwsgi启动
安装nginx
yum -y install nginx
安装uwsgi
pip install uwsgi
编写ini文件
cat uwsgi.ini
[uwsgi]
socket = 127.0.0.1:6000
chdir = 项目路径
wsgi-file = app.py
#编写flask代码的py文件
callable = app
master = true
#启动主进程,来管理其他进程
vacuum = true
chmod-socket = 664
stats = 0.0.0.0:6001
buffer-size = 21573
processes = 5
#超时时间(秒)
daemonize = /data/log/uwsgi.log
#进程会在后台运行,并输出日志
pidfile = 项目路径/uwsgi.pid
flask的目录结构
[root@VM_154_76_centos ~]# ll /data/flask
total 3720
-rw-r--r-- 1 1000 1000 15391 Jan 15 14:55 app.py
-rw-r--r-- 1 1000 1000 6144 Jul 22 2016 data.sqlite
drwxr-xr-x 7 1000 1000 4096 Jul 22 2016 static
drwxr-xr-x 2 1000 1000 4096 Jan 15 11:24 templates
-rw-r--r-- 1 root root 433 Jan 15 14:37 uwsgi.ini
-rw-rw-rw- 1 root root 6 Jan 15 14:39 uwsgi.pid
nginx的配置文件
[root@VM_154_76_centos version_release1]# cat /etc/nginx/conf.d/default.conf
server {
#监听端口
listen 443;
#配置域名为servername
server_name xxx.xxx.xxx;
#配置ssl
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_certificate /usr/local/ssl/Nginx/xxx.crt;
ssl_certificate_key /usr/local/ssl/Nginx/xxx.key;
ssl_session_timeout 60m;
ssl_prefer_server_ciphers on;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
add_header Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type;
location / {
# proxy_pass http://127.0.0.1:6000;
uwsgi_pass 127.0.0.1:6000;
include uwsgi_params;
proxy_http_version 1.1;
proxy_read_timeout 3600s;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'Upgrade';
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
项目启动
[root@VM_154_76_centos ~]# /etc/init.d/nginx start
[root@VM_154_76_centos ~]# cd /data/flask && uwsgi uwsgi.ini
完成