nginx和uwsgi配置
flask项目:主程序文件名main.py
安装nginx和uwsgi
sudo apt-get install nginx
pip install uwsgi
创建文件: /etc/uwsgi.ini
[uwsgi]
chdir=/home/项目名
module=main
wsgi-file=/home/项目名/main.py
callable=app
master=true
processes=2
socket=127.0.0.1:7070
chmod-socket=666
logfile-chmod=644
daemonize=%(chdir)/uwsgi.log
rocname-prefix-spaced=项目名
读取配置重启uwsgi
uwsgi --ini /etc/uwsgi.ini
nginx配置:修改etc/nginx/site-available 目录下default文件
server {
listen 80;
server_name www.xxx.com; # 域名
charset utf-8;
client_max_body_size 75M;
location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:7070;
uwsgi_param UWSGI_CHDIR /home/项目名;
uwsgi_param UWSGI_SCRIPT manage:app;
}
location /static {
alias /home/项目名/static; # 项目的static文件夹
}
}
重启:nginx restart
配置Https
阿里云申请免费证书,半小时内通过审核即可
将审核通过的证书推送到域名,或者将证书添加到cdn解析
把系统生成的CSR文件,包括.pem和.key,放到cert文件夹,放到nginx目录下,即为etc/nginx/cert
重新配置nginx
server {
listen 80;
server_name xxx.com www.xxx.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
server_name www.xxx.com;# 域名
charset utf-8;
client_max_body_size 75M;
ssl on;
ssl_certificate cert/公钥.pem;
ssl_certificate_key cert/私钥.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:7070;
uwsgi_param UWSGI_CHDIR /home/项目名;
uwsgi_param UWSGI_SCRIPT manage:app;
}
location /static {
alias /home/项目名/static;# 项目的static文件夹
}
}
检查nginx配置: nginx -t
重启nginx:service nginx restart