安装EPEL源
yum -y install epel-release
更新系统
yum clean all && yum makecache && yum update -y && yum upgrade -y
安装依赖包
yum -y install MySQL-python mysql-devel python-devel python-setuptools libjpeg-devel vim curl
安装Python3
Python3_Version=3.7.3 && \
TmpDir=/tmp/python3 && \
URL=https://www.python.org/ftp/python && \
yum install -y gcc gcc-c++ make zlib-devel readline-devel sqlite-devel openssl-devel libffi-devel && \
mkdir -p ${TmpDir} && \
curl -Lks "${URL}"/$(curl -Lks "${URL}"|awk -F'[/"]' '$2~/^'"$Python3_Version"'/{a=$2}END{print a}')/$(curl -Lks "${URL}"/$(curl -Lks "${URL}"|awk -F'[/"]' '$2~/^'"$Python3_Version"'/{a=$2}END{print a}')| awk -F'[>
./configure --prefix=/usr/local/python3 && \
make -j$(getconf _NPROCESSORS_ONLN) && \
make install && \
echo 'export PATH=/usr/local/python3/bin:$PATH' > /etc/profile.d/py3.sh && \
. /etc/profile.d/py3.sh && \
curl https://bootstrap.pypa.io/get-pip.py | python3 && \
cd - && \rm -rf ${TmpDir}
安装需要的 python 模块
pip3 install rq python-memcached Pillow exifread
一键安装数据库
bash -c "$(curl -Lk onekey.sh/mariadb_galera)"
安装Supervisor Nginx memcached redis
yum -y install nginx supervisor memcached redis
设置Memcached redis nginx supervisor开机启动和立即启动
systemctl enable redis memcached nginx supervisord
systemctl start redis memcached nginx supervisord
创建DCRM数据库和数据库用户
mysql -uroot -e "CREATE DATABASE DCRM DEFAULT CHARSET UTF8;"
mysql -uroot -e "GRANT ALL ON DCRM.* TO 'dcrm'@'%' IDENTIFIED BY 'NjJmNTU3YWY2NWY0NzQ5ZmJk';"
mysql -uroot -e "FLUSH PRIVILEGES;"
部署代码
mkdir -p /data/wwwroot && cd /data/wwwroot
git clone https://github.com/82Flex/DCRM.git
cd /data/wwwroot/DCRM
pip3 install -r requirements.txt
cp DCRM/settings.default.py DCRM/settings.py
#开始编辑配置文件
vi DCRM/settings.py
我的配置参考
# THEME
THEME = 'DefaultStyle'
# FEATURES
ENABLE_REDIS = True # redis-server, rq are required.
ENABLE_CACHE = True # memcached, python-memcached are required.
ENABLE_API = True # restful api
# SECURITY
# WARNING: keep the secret key used in production secret!
SECRET_KEY = 'YmI2YzMyNTJiZGYzYTRhZjA1M2Y3ODk5YWY5YmQwNThlOWJjZGZmZjEwMjVjYWMwNGEyY2E2MDI0YmNhODM3M2E3NGFmNmFj'
# SECURITY
# WARNING: don't run with debug turned on in production!
DEBUG = True
SECURE_SSL = True # https -> True
# SECURITY
ALLOWED_HOSTS = [
'apt.xyztech.org',
'127.0.0.1',
'localhost'
]
print("[DCRM] Host: " + ALLOWED_HOSTS[0])
# INTERNATIONAL
USE_I18N = True
USE_L10N = True
USE_TZ = True # pytz is required.
#LANGUAGE_CODE = 'en' # zh-Hans for Simplified Chinese
LANGUAGE_CODE = 'zh-Hans' # zh-Hans for Simplified Chinese
TIME_ZONE = 'Asia/Shanghai' # Asia/Shanghai, etc.
# Database
# You cannot use SQLite3 due to the lack of advanced database supports.
# !!! Change the 'NAME' here if you have multiple DCRM installed !!!
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'DCRM',
'USER': 'dcrm', # mysql user name here
'PASSWORD': 'NjJmNTU3YWY2NWY0NzQ5ZmJk', # mysql user password here
'HOST': '127.0.0.1',
'PORT': '3306',
'OPTIONS': {
'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"
}
}
}
同步静态文件:
python3 manage.py collectstatic
同步数据库结构并创建超级用户:
python3 manage.py migrate
python3 manage.py createsuperuser
创建uwsgi配置文件
cat >/data/wwwroot/DCRM/uwsgi.ini<
[uwsgi]
chdir = /data/wwwroot/DCRM
module = DCRM.wsgi
master = true
processes = 4
socket = :8001
vaccum = true
uid = nginx
gid = nginx
EOF
创建supervisor配置文件
cat >/etc/supervisord.d/dcrm.ini<
[supervisord]
nodaemon=false
[program:uwsgi]
priority=1
directory=/data/wwwroot/DCRM
command=/usr/local/python3/bin/uwsgi --ini uwsgi.ini
[program:high]
priority=2
directory=/data/wwwroot/DCRM
command=/usr/local/python3/bin/python3 ./manage.py rqworker high
[program:default]
priority=3
directory=/date/wwwroot/DCRM
command=/usr/local/python3/bin/python3 ./manage.py rqworker default
EOF
配置memcache
cat > /etc/sysconfig/memcached<
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1"
EOF
配置nginx
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
log_format upstream3 '$proxy_add_x_forwarded_for $remote_user [$time_local] "$request" $http_host'
'$body_bytes_sent "$http_referer" "$http_user_agent" $ssl_protocol $ssl_cipher'
'$request_time [$status] [$upstream_status] [$upstream_response_time] "$upstream_addr"';
log_format upstream2 '$proxy_add_x_forwarded_for $remote_user [$time_local] "$request" $http_host'
' [$body_bytes_sent] $request_body "$http_referer" "$http_user_agent" [$ssl_protocol] [$ssl_cipher]'
' [$request_time] [$status] [$upstream_status] [$upstream_response_time] [$upstream_addr]';
upstream django {
server 127.0.0.1:8001; # to match your uwsgi configuration
}
server {
listen 80;
server_name apt.xyztech.org; # your domain
client_max_body_size 1000M;
rewrite ^/(.*)$ https://apt.xyztech.org/$1 permanent; # redirect to https
}
server {
listen 443 ssl;
ssl_certificate /data/ssl/xyztech.org.crt; # your ssl cert
ssl_certificate_key /data/ssl/xyztech.org.key; # your ssl key
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_prefer_server_ciphers on;
server_name apt.xyztech.org; # your domain
root /data/wwwroot/DCRM; # specify a web root, not the DCRM directory
error_page 497 https://$host$uri?$args;
server_name_in_redirect off;
index index.html index.htm;
access_log /data/wwwlogs/apt.xyztech.org.access.log upstream2;
client_max_body_size 1000M;
location = / {
# only enable this section if you want to use DCRM as your home page
rewrite ^ /index/ last;
}
location / {
# only enable this section if you want to use DCRM as your default pages
try_files $uri $uri/ @djangosite;
}
location ~^/resources/(.*)$ {
# resources for DCRM, including debian packages and icons, you can change it in WEIPDCRM > Settings in admin panel
alias /data/wwwroot/DCRM/resources/$1; # make an alias for resources
# Aliyun CDN/OSS:
# you can mount '/wwwdata/DCRM/resources' to oss file system
# then rewrite this path to oss/cdn url for a better performance
}
location ~^/((CydiaIcon.png)|(Release(.gpg)?)|(Packages(.gz|.bz2)?))$ {
# Cydia meta resources, including Release, Release.gpg, Packages and CydiaIcon
# Note:
# 'releases/(\d)+/$1' should contain `active_release.id`, which is set in Settings tab.
alias /data/wwwroot/DCRM/resources/releases/1/$1; # make an alias for Cydia meta resources
}
location @djangosite {
uwsgi_pass django;
include /etc/nginx/uwsgi_params;
}
location ~* .(ico|gif|bmp|jpg|jpeg|png|swf|js|css|mp3|m4a|m4v|mp4|ogg|aac)$ {
expires 7d;
}
location ~* .(gz|bz2)$ {
expires 12h;
}
}
}
重启服务使之生效
systemctl restart nginx memcached supervisord
检查业务启动端口
[root@DT_Node-103_4_30_102 ~]# ss -tnl|awk '$4~/80$/{print "Nginx Running!"}'
Nginx Running!
[root@DT_Node-103_4_30_102 ~]# ss -tnl|awk '$4~/11211$/{print "Memcached Running!"}'
Memcached Running!
[root@DT_Node-103_4_30_102 ~]# ss -tnl|awk '$4~/6379$/{print "Redis Running!"}'
Redis Running!
[root@DT_Node-103_4_30_102 ~]# ss -tnl|awk '$4~/3306$/{print "MariaDB Running!"}'
MariaDB Running!
[root@DT_Node-103_4_30_102 ~]# ss -tnl|awk '$4~/8001$/{print "uwsgi Running!"}'
uwsgi Running!