CentOS7 Apache + Django + Mysql + phpMyAdmin

# CentOS7 Apache + Django + Mysql + phpMyAdmin ###### tags: `Server` `Django` `Apache` `Mysql` `phpMyAdmin` [TOC] ## 環境 1. OS:CentOS7 2. Python:python3.9.4 3. pip: pip3 4. apache:hpptd(Apache/2.4.6 (CentOS)) 5. php:PHP 7.4.29 6. SQL:mysql Ver 8.0.28 for Linux on x86_64 (MySQL Community Server - GPL) 7. Django: version 4.0.3 ## 關閉selinux ```shell= sudo yum update #更新套件 sudo yum install vim #安裝vim sudo setenforce 0 #關閉selinux(暫時性關機會重置) sudo vim /etc/sysconfig/selinux #將 SELINUX=enforcing修改為SELINUX=disable sudo reboot #上方為永久性關閉但需要重開機才會生效 ``` ## 安裝基本套件 ```shell= sudo yum install epel-release sudo yum install \ https://repo.ius.io/ius-release-el7.rpm \ https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm sudo yum groupinstall "Development tools" sudo yum install zlib-devel bzip2-devel openssl-devel ncurses-devel xz-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel sudo yum install wget mlocate tree bind-utils lynx ``` ## python & pip 1. 安裝python(可以去官網找自己需要的版本) ```shell= sudo wget https://www.python.org/ftp/python/3.9.4/Python-3.9.4.tar.xz --no-check-certificate #去官往找自己需要的版本 sudo tar xf Python-3.9.4.tar.xz #記得更改為下載下來的版本 sudo cd Python-3.9.4 #進到資料夾中 #下列兩行程式碼我也不曉得哪個是成功的 sudo ./configure --prefix=/usr/local --with-ensurepip=install --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib" --enable-optimizations #分隔線------------------- sudo ./configure --prefix=/usr/local --with-ensurepip=install --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib" #分隔線------------------- sudo make #應該會有一些錯誤不過沒關係先往下做看看 sudo make altinstall #應該會有一些錯誤不過沒關係先往下做看看 ``` 2. 測試有沒有成功 ```shell= sudo cd /usr/local/bin/ sudo ls -al #查看有無python 以及 pip 有的話就成功了沒有的話回去查看make那行所產生的錯誤並想辦法解決 ``` 3. 設定別名方便利用 ```shell= #進入使用者家目錄 sudo cd vim .bash_profile #新增下列幾行並存檔 alias pip="/usr/local/bin/pip3.9" alias python="/usr/local/bin/python3.9" #使剛才設定的生效 sudo source ~/.bash_profile #目前使用起來每次登入使用者都需要打一次 sudo alias #查看剛剛設定的有無生效 ``` 4. 更新 pip ```shell= sudo pip install --upgrade pip ``` ## 安裝Apache 1. 安裝httpd ```shell= sudo yum install httpd httpd-devel ``` 2. 常見指令 ```shell= sudo systemctl start httpd #開啟Apache sudo systemctl restart httpd #重啟Apache sudo systemctl enable httpd #預設開機後重啟Apache sudo systemctl status httpd #查看Apache狀態 sudo systemctl stop httpd #關閉Apache ``` 3. 於瀏覽器輸入主機IP應能看到以下畫面 - ![](https://i.imgur.com/QYwMCpz.png) 4. 如果看不見上述畫面需要去設定防火牆 ## 設定防火牆 1. Centos內建firewalld 2. 查詢防火牆狀態 ```shell= sudo systemctl status firewalld ``` - ![](https://i.imgur.com/1ZKLmAk.png) 3. 允許使用http協定連線 ```shell= sudo firewall-cmd --zone=public --add-service=http --permanent ``` 4. 重啟 ```shell= sudo firewall-cmd --reload ``` 5. 列出防火牆條件 ```shell= sudo firewall-cmd --list-all ``` ## Mysql 1. 安裝Mysql ```shell= sudo rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7-5.noarch.rpm #可以去官網找想要版本 sudo yum repolist enabled | grep mysql #確認mysql有安裝成功 ``` 2. 新增Remi repository ```shell= sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm sudo yum install epel-release yum-utils ``` 3. 安裝php7.4 ```shell= sudo yum-config-manager --enable remi-php74 sudo yum install php sudo yum install php-mysqlnd sudo yum install mysql-server mysql-community-devel #安裝mysql伺服器 sudo systemctl start mysqld sudo systemctl enable mysqld sudo cat /var/log/mysqld.log | grep password -> 取得mysql root pw #那一串無規律的就是密碼 sudo mysql -u root -p #新設定時需要加入才能正常使用 alter user 'root'@'localhost' identified by '自行設定高強度密碼'; ``` ## Django 1. 安裝所需套件 ```shell= sudo pip django #如需指定版本 #sudo pip Django==版本號 sudo pip pymysql sudo pip mod_wsgi ``` 2. 導出 mod_wsgi模組 ```shell= sudo /usr/local/bin/mod_wsgi-express install-module ``` - ![](https://i.imgur.com/KlCnX9y.png) - 將LoadModule 、 WSGIPythonHome記下來備用 3. 建立django專案 - 專案名稱叫myproject(可自訂) ```shell= sudo mkdir -p /var/www/html/django sudo cd /var/www/html/django sudo django-admin startproject myproject ``` 4. 建置static路徑以及新增限制存取IP ```shell= sudo cd myproject sudo vim myproject/settings.py ``` - 新增『STATIC_ROOT = os.path.join(BASE_DIR, “static/”)』 - 新增限制存取網段 ```python= ALLOWED_HOSTS = ['*'] ``` 5. 遷移資料庫 - 可能會因為sqlite3版本問題發生錯誤 ```shell= sudo python manage.py makemigrations sudo python manage.py migrate ``` 6. 執行測試 ```shell= sudo python manage.py runserver ``` ## 利用wsgi串接Apache和Django 1. 配置Apache文件 ```shell= sudo vim /etc/httpd/conf/httpd.conf ``` - 修改連線IP - (白框處加入連線使用IP，例如我今天要允許使用127.0.0.1:80連線則輸入Listen 127.0.0.1:80) - ![](https://i.imgur.com/hmhT2xf.png) - 將剛剛取得的LoadModule加入 - ![](https://i.imgur.com/nhS5sbI.png) - 在最下方加入下列程式碼 ```xml= WSGIPythonHome "/usr" #寫剛剛得到的 <VirtualHost *:80> DocumentRoot "/var/www/html/django/myproject" #這些路徑都要改為自己的專案路徑 WSGIScriptAlias / "/var/www/html/django/myproject/myproject/wsgi.py" Alias /media/ /usr/local/lib/python3.9/site-packages/django/contrib/admin/media/ Alias /static/ /var/www/html/django/myproject/static/ <Directory /var/www/html/django/myproject/static> Require all granted </Directory> <Directory "/var/www/html/django/myproject"> AllowOverride All Require all granted </Directory> </VirtualHost> ``` - 修改完記得存檔 2. 配置django wsgi.py文件 ```shell= sudo vim /var/www/html/django/myproject/myproject/wsgi.py ``` ```python= import os import sys from django.core.wsgi import get_wsgi_application os.environ.setdefault("DJANGO_SETTINGS_MODULE", "myproject.settings") sys.path.append('/var/www/html/django/myproject') #修改為自己的路徑 application = get_wsgi_application() ``` 3. 修改檔案權限 ```shell= sudo chmod -R 755 /var/www/html sudo chown -R apache:apache /var/www/html ``` ## phpMyAdmin(選配，不熟悉SQL語法的人可以使用) ```shell= sudo yum --enablerepo=epel install phpMyAdmin sudo yum -y install phpmyadmin ``` - 配置conf檔案 ```shell= sudo vim /etc/httpd/conf.d/phpMyAdmin.conf ``` - 找到“Require ip” 及 “Allow from” 的設定，將 127.0.0.1 改成同意連線的IP - 重啟Apache ```shell= sudo systemctl restart httpd ``` - 在瀏覽器輸入 http://server-ip/phpmyadmin 應該就有了 ## google reCATPACHA 如果你的網站有使用到google reCATPACHA 需要去google reCATPACHA console將連線網址或連線domain加入例如我現在是透過在網址列輸入127.0.0.1來連線網站則輸入127.0.0.1 ![](https://i.imgur.com/V3KODtU.png) ## 將網站上https - 建立憑證 1. 安裝產生SSL憑證的軟體 ```shell= yum install mod_ssl openssl ``` * 注意,mod_ssl會根據你安裝httpd時所使用repo不同而配置不同 * 我的話就是需要下 ```shell= yum install mod_ssl --enablerepo=ius ``` 2. 建立私鑰 ```shell= openssl req -new -key ca.key -out ca.csr --- Country Name (2 letter code) [XX]: TW State or Province Name (full name) []: Taiwan Locality Name (eg, city) [Default City]: Taichung Organization Name (eg, company) [Default Company Ltd]: Testing CO. Organizational Unit Name (eg, section) []: Common Name (eg, your name or your servers hostname) []: Testing.com Email Address []: 按enter Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: 按enter An optional company name []: 按enter ``` 3. 產生CA憑證 ```shell= openssl x509 -req -days 3650 -in ca.csr -signkeyca.key -out ca.crt ``` 4. 搬移檔案(搬到自己記得的地方) ```shell= cp ca.key /etc/mySSL/ca.key cp ca.csr /etc/mySSL/ca.csr cp ca.crt /etc/mySSL/ca.crt ``` 5. 修改apache設定檔(將上面所設定的:80直接改成443) ```shell= <VirtualHost *:443> DocumentRoot "/var/www/html/django/myproject" #這些路徑都要改為自己的專案路徑 WSGIScriptAlias / "/var/www/html/django/myproject/myproject/wsgi.py" Alias /media/ /usr/local/lib/python3.9/site-packages/django/contrib/admin/media/ Alias /static/ /var/www/html/django/myproject/static/ <Directory /var/www/html/django/myproject/static> Require all granted </Directory> <Directory "/var/www/html/django/myproject"> AllowOverride All Require all granted </Directory> </VirtualHost> ``` 7. 設定防火允許https通過並關閉http ```shell= sudo firewall-cmd --zone=public --add-service=https --permanent sudo firewall-cmd --zone=public --remove-service=http --permanent sudo firewall-cmd --reload ``` 8. 重新啟動httpd ```shell= sudo systemctl restart httpd ```