diff --git a/.gitignore b/.gitignore index 5d947ca..b19c5c0 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,6 @@ bin-release/ # Project files, i.e. `.project`, `.actionScriptProperties` and `.flexProperties` # should NOT be excluded as they contain compiler settings and other important # information for Eclipse / Flash Builder. +docker_env/mysql/data/ +docker_env/redis/data/ +*/.idea diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..da6bb7b --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,129 @@ +# start django command +# local domain +# saas-local.anthembj.com +# ceshi-local.anthembj.com +# docker-compose run --entrypoint '/backend/docker_start.sh' -p 8000:8000 docker_django + +version: "3" +services: + + dvadmin-redis: + image: redis:latest + container_name: dvadmin-redis + ports: + - "6380:6379" + expose: + - "6379" + volumes: + - ./docker_env/redis/data:/data + - ./docker_env/redis/redis.conf:/etc/redis/redis.conf + command: redis-server /etc/redis/redis.conf + networks: + - dvadmin_net + + + dvadmin-mysql: + image: mysql:5.7 + container_name: dvadmin-mysql + #使用该参数,container内的root拥有真正的root权限,否则,container内的root只是外部的一个普通用户权限 + #设置为true,不然数据卷可能挂载不了,启动不起 + privileged: true + restart: always + ports: + - "3307:3306" + environment: + MYSQL_ROOT_PASSWORD: "q1w2e3r4T%Y^U&MYSQL" + MYSQL_DATABASE: "django-vue-admin" + TZ: Asia/Shanghai + command: + --wait_timeout=31536000 + --interactive_timeout=31536000 + --max_connections=1000 + --default-authentication-plugin=mysql_native_password + volumes: + #映射mysql的数据目录到宿主机,保存数据 + - "./docker_env/mysql/data:/var/lib/mysql" + #根据宿主机下的配置文件创建容器 + - "./docker_env/mysql/conf.d:/etc/mysql/conf.d" + - "./docker_env/mysql/logs:/logs" + networks: + - dvadmin_net + + dvadmin-django: + build: + context: . + dockerfile: ./docker_env/django/Dockerfile + # image: django:2.2 + container_name: dvadmin-django + working_dir: /dvadmin-backend + # command: bash -c "python manage.py makemigrations && python manage.py migrate && python manage.py collectstatic --noinput && python manage.py runserver" + # command: bash + depends_on: + - dvadmin-mysql + - dvadmin-redis + environment: + - REDIS_HOST=dvadmin-redis + - DATABASE_HOST=dvadmin-mysql + volumes: + - ./dvadmin-backend:/dvadmin-backend + - ./logs/log:/var/log + ports: + - "8000:8000" + expose: + - "8000" + restart: always + networks: + - dvadmin_net + + +# docker-celery: +# build: +# context: . +# dockerfile: ./docker_env/celery/Dockerfile +# # image: celery:1.0 +# container_name: docker-celery +# working_dir: /dvadmin-backend +# # command: bash +# depends_on: +# - dvadmin-mysql +# - dvadmin-redis +# - dvadmin-django +# volumes: +# - ./dvadmin-backend:/dvadmin-backend +# - ./logs/log:/var/log +# ports: +# - "5672:5672" +# expose: +# - "5672" +# restart: always +# networks: +# - dvadmin_net + + + dvadmin-nginx: + image: nginx:latest + container_name: dvadmin-nginx + # build: ./docker_env/nginx + restart: always + ports: + - "80:80" + - "443:443" + expose: + - "80" + - "443" + volumes: + - ./docker_env/nginx/nginx.conf:/etc/nginx/nginx.conf + - ./docker_env/nginx/sites-enabled:/etc/nginx/sites-enabled + - ./docker_env/nginx/keys:/nginx/keys + - ./dvadmin-backend:/dvadmin-backend + - ./dvadmin-doc:/dvadmin-doc + - ./dvadmin-ui:/dvadmin-ui + - ./logs/nginx:/var/log/nginx + depends_on: + - dvadmin-django + networks: + - dvadmin_net + +networks: + dvadmin_net: + driver: bridge diff --git a/docker_env/celery/Dockerfile b/docker_env/celery/Dockerfile new file mode 100644 index 0000000..a45c4a1 --- /dev/null +++ b/docker_env/celery/Dockerfile @@ -0,0 +1,16 @@ +FROM python:3.7 +# ENV PYTHONUNBUFFERED 1 +# RUN sed -i s/deb.debian.org/mirrors.163.com/g /etc/apt/sources.list +# RUN cat /etc/apt/sources.list +# RUN apt-get clean +RUN apt-get update +RUN apt-get install -y build-essential +RUN apt-get install -y python3.7-dev libpq-dev libopencv-dev python-opencv +RUN apt-get install -y redis-tools + +COPY ./docker_env/celery/requirement.txt / +RUN mkdir /backend +WORKDIR /backend +RUN python3.7 -m pip install -i https://mirrors.aliyun.com/pypi/simple/ -r /requirement.txt --use-feature=2020-resolver +CMD ["celery", "-A", "azcrm", "worker", "-B", "--loglevel=info"] + diff --git a/docker_env/celery/build.sh b/docker_env/celery/build.sh new file mode 100755 index 0000000..b5b233d --- /dev/null +++ b/docker_env/celery/build.sh @@ -0,0 +1,2 @@ +cd ../../backend/ +docker build -f docker_env/celery/Dockerfile -t celery:1.0 . diff --git a/docker_env/django/Dockerfile b/docker_env/django/Dockerfile new file mode 100644 index 0000000..c34b9aa --- /dev/null +++ b/docker_env/django/Dockerfile @@ -0,0 +1,16 @@ +FROM python:3.7 +# ENV PYTHONUNBUFFERED 1 +RUN sed -i s/deb.debian.org/mirrors.163.com/g /etc/apt/sources.list +RUN cat /etc/apt/sources.list +RUN apt-get clean +RUN apt-get update +RUN apt-get install -y build-essential +RUN apt-get install -y python3.7-dev libpq-dev libopencv-dev python-opencv +RUN apt-get install -y redis-tools +RUN mkdir /dvadmin-backend +WORKDIR /dvadmin-backend +COPY ./dvadmin-backend/requirements.txt / +COPY ./dvadmin-backend/conf/env.example.py ./dvadmin-backend/conf/env.py +RUN python3 -m pip install -i https://mirrors.aliyun.com/pypi/simple/ -r /requirements.txt +CMD ["/dvadmin-backend/docker_start.sh"] +# ENTRYPOINT [ "uwsgi --ini /backend/azcrm/uwsgi.ini" ] diff --git a/docker_env/django/build.sh b/docker_env/django/build.sh new file mode 100755 index 0000000..bd37117 --- /dev/null +++ b/docker_env/django/build.sh @@ -0,0 +1,3 @@ +cd ../../dvadmin-backend/ + +docker build -f docker_env/django/Dockerfile -t django:2.2 . diff --git a/docker_env/mysql/conf.d/my.cnf b/docker_env/mysql/conf.d/my.cnf new file mode 100644 index 0000000..440b39e --- /dev/null +++ b/docker_env/mysql/conf.d/my.cnf @@ -0,0 +1,33 @@ +[mysql] +#设置mysql客户端默认字符集 +default-character-set=utf8 +socket=/var/run/mysql/mysql.sock + + +[mysqld] +# skip-grant-tables +#mysql5.7以后的不兼容问题处理 +sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES +datadir=/var/lib/mysql +socket=/var/run/mysql/mysql.sock + +# Disabling symbolic-links is recommended to prevent assorted security risks +symbolic-links=0 +# Settings user and group are ignored when systemd is used. +# If you need to run mysqld under a different user or group, +# customize your systemd unit file for mariadb according to the +# instructions in http://fedoraproject.org/wiki/Systemdd +#允许最大连接数 +max_connections=200 +#服务端使用的字符集默认为8比特编码的latin1字符集 +character-set-server=utf8 +#创建新表时将使用的默认存储引擎 +default-storage-engine=INNODB +lower_case_table_names=1 +max_allowed_packet=16M +#设置时区 +default-time_zone='+8:00' + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid diff --git a/docker_env/mysql/launch.sh b/docker_env/mysql/launch.sh new file mode 100755 index 0000000..31b3687 --- /dev/null +++ b/docker_env/mysql/launch.sh @@ -0,0 +1,5 @@ +cur_path=`pwd` +docker rm mysql +# docker pull mysql:5.7 +# docker pull mysql:5.5 +docker run -p 3306:3306 --privileged=true --name mysql -v $cur_path/logs:/logs -v $cur_path/data:/var/lib/mysql -v $cur_path/conf.d/my.cnf:/etc/mysql/mysql.conf.d/mysqld.cnf -v $cur_path/run/:/var/run/mysql -e MYSQL_ROOT_PASSWORD=q1w2e3r4 -d mysql:5.7 diff --git a/docker_env/nginx/Dockerfile b/docker_env/nginx/Dockerfile new file mode 100644 index 0000000..c5159e8 --- /dev/null +++ b/docker_env/nginx/Dockerfile @@ -0,0 +1,6 @@ +FROM nginx:latest + +COPY nginx.conf /etc/nginx/nginx.conf + +CMD ["nginx", "-g", "daemon off;"] + diff --git a/docker_env/nginx/keys/api.django-vue-admin.com.crt b/docker_env/nginx/keys/api.django-vue-admin.com.crt new file mode 100755 index 0000000..39c35e7 --- /dev/null +++ b/docker_env/nginx/keys/api.django-vue-admin.com.crt @@ -0,0 +1,59 @@ +-----BEGIN CERTIFICATE----- +MIIFiTCCBHGgAwIBAgIQCSthZmB3qh7J8+SexO9NvzANBgkqhkiG9w0BAQsFADBu +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg +RFYgVExTIENBIC0gRzEwHhcNMjEwMzA2MDAwMDAwWhcNMjIwMzA2MjM1OTU5WjAj +MSEwHwYDVQQDExhhcGkuZGphbmdvLXZ1ZS1hZG1pbi5jb20wggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDjV1vx/gUbM4FAS0jL+8EomI8l71vooU1NOaHp +oAeEOFEaVOLwmB7ObPWhsl4bb2z+pA6081360bzu4d46ZsRV45IY5YafMLaSF+Fn +sKZHc1db18yp60GSITJoEIrqDV+cmwaBlcdgvOi0MzcHpoAv5yJrarwYj2sruNfb ++Whu6yPGY+ZEmJVKPcOxS67ckkBFyf0yfBci+0sYh1cTNxGx/oISnu8b290d2G0H +cIIB8GmpZBcrQtvHXq59jTwhL0soX3s4ZsMIQZlHVnUVYfEGyl90i3pt9WGraDcI +H3C1l4nG5+u7XsiBtPAhdLHUIp6+KAcXX+OeSP5Xv+Cn2IN7AgMBAAGjggJsMIIC +aDAfBgNVHSMEGDAWgBRVdE+yck/1YLpQ0dfmUVyaAYca1zAdBgNVHQ4EFgQU5DlU +Ojy2nTlzZ4fxjtbaHX+IoLkwIwYDVR0RBBwwGoIYYXBpLmRqYW5nby12dWUtYWRt +aW4uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB +BQUHAwIwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDov +L3d3dy5kaWdpY2VydC5jb20vQ1BTMIGABggrBgEFBQcBAQR0MHIwJAYIKwYBBQUH +MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBKBggrBgEFBQcwAoY+aHR0cDov +L2NhY2VydHMuZGlnaWNlcnQuY29tL0VuY3J5cHRpb25FdmVyeXdoZXJlRFZUTFND +QS1HMS5jcnQwCQYDVR0TBAIwADCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1ACl5 +vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABeAh+/14AAAQDAEYwRAIg +YaqOZibfJ+3YCZ0J2J+nOKAcDcOnGLLLBG7DkU+T+EgCIEmuNiy7gZRDUBHQxCht +329qSdpzeGnKUNczDUzxtxe+AHUAIkVFB1lVJFaWP6Ev8fdthuAjJmOtwEt/XcaD +XG7iDwIAAAF4CH7/QwAABAMARjBEAiB9i6rk7/0JQ3WB2Cktkt8UHbs2SSTQKcbY +71Pjr2gHNAIgLZbdCE34ldSfcH9ZQzer8T6bGNNZ5ARDA8Cjyh5ABM8wDQYJKoZI +hvcNAQELBQADggEBAG2T1E+mZTcRge0ivp1mTLdhy2qKd4tw8WosFCU7wv8U6D8f +DQV4OBOj/n0jXArAUHCcUhNNkxuwT1n9H1AOxVqrIqqUASIyqwCRukQudXBVI7rG +bCSdjP8bmlFodBqpfbXnccwgzTzB4DGJrV44NGD0lJEUE/890EP+1Ay++y8k71jw +Ns9dMdA+GKTmj6YxCI0BJnldpKN8dxNN/XGdAPJaf8u3zHgUN/CXLNbnwQTUWlSv +1qeFNBMMeUypWtpy4V9jJrqzvKKQQv8vbZgmZBIGhjq72fBK3DR2OofWjYT/ckIz +tGbJfoef3qjhNeTxty+S5WoVwtHPr+3MUmk3j7o= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH +MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc +oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo +lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj +pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h +yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n +wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M +pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf +BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C +AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp +Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu +Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG +/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT +MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B +SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW +M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV +4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ +sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy +rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg== +-----END CERTIFICATE----- diff --git a/docker_env/nginx/keys/api.django-vue-admin.com.key b/docker_env/nginx/keys/api.django-vue-admin.com.key new file mode 100755 index 0000000..cb52a7c --- /dev/null +++ b/docker_env/nginx/keys/api.django-vue-admin.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA41db8f4FGzOBQEtIy/vBKJiPJe9b6KFNTTmh6aAHhDhRGlTi +8Jgezmz1obJeG29s/qQOtPNd+tG87uHeOmbEVeOSGOWGnzC2khfhZ7CmR3NXW9fM +qetBkiEyaBCK6g1fnJsGgZXHYLzotDM3B6aAL+cia2q8GI9rK7jX2/lobusjxmPm +RJiVSj3DsUuu3JJARcn9MnwXIvtLGIdXEzcRsf6CEp7vG9vdHdhtB3CCAfBpqWQX +K0Lbx16ufY08IS9LKF97OGbDCEGZR1Z1FWHxBspfdIt6bfVhq2g3CB9wtZeJxufr +u17IgbTwIXSx1CKevigHF1/jnkj+V7/gp9iDewIDAQABAoIBAFH6kAjQ2WWIKp0V +KMCJ3Yr2jHQY/rMB636kACtfTiaTKkfNAXLR4BX++4pd6AqLoSmn3jfJJIQMOs2H +fFvh7/2qzOWWavefmM5QtzLtY+CTCpbvV/mUAHah6uvUv0sMHIS78FotORK8vEsy +xq7HDyV2+xXyDLbsjLBc/NXxd4O7L9i6+6VrFFX4efowedLdudWG2GXyrq/6xT6E +0G1aDI1ViYoCYiP/Rm1ET8qVhtHBiQ2rHIYsTdUhkMubT29AvDBaxyi+syyeXmLu +W/ZafdP37hm2f0DQXmlRr7Wr0Cni8oOSFAZj7IFhxuWKCaMVPxTeAUSJfFqiUN2X +cm9Tv7kCgYEA/gOAt3zrMezkqSWr+S5m5/i8ClBJvZJ6Yp/tMg6AR+W0GH94hFZC +u/dtFPI7nPNHTp19YNq2/TTfA81PmQMOVvQbg9eH2016XY+x0Z6i1vKdMEqddkcW +36hslgmY3cyXDL0WzZgX2aCl8uy8XViHkMaf1RPL10hqdXXcNoOOSPkCgYEA5R52 +T8bn3spBSfaKooTwrHj2Varxxo9KbypJo0OzOFF5zPwJdypj9BCI9ajVnkIVjsSv +snBdB4qoM/IYluXc2E801Ub+SbY+jx6HJemTy/zKqr1nJABlZcp1KgyQfMhUa4cA +iqMJX3ggR7xdph73kW3s4eKeGLc5kkUQMQUpIRMCgYAVWS4EPdd2hrZhEO13L9Mu +Q9Vp+H16FUl76H0C6/0UDdYpCO2UEbviGFVuoT0pX7jqfon/DeK7PSpRI3xBG+Sk +ojd9ySt93vEd0+nZ+D8vWYykdmDtg+QEQB+ALKZQXdWEGJBGDzZR8BKCbCsYnUwn +esoMGnHTUh7AaHttiXj34QKBgQCu4bR+qhz74bc55FPnPr+RdfbYZtWKsH6pIUb5 +tkgKua3Vd58l9RY8CY7wq4D5/gkEYz6UXc20XvKKS8TXEPajqLlz/W9FBjTz+uI/ +Xu0v63EqJ82dHixHKOSLRvHWPPaq6G3SZCVYWJGTD8UPcl2XBKelttrjlJ799Xcp +Y34EPwKBgQDrPDgphCWQos/62qQ2NW0qpxphItlCM/w/j0s8Ff2qT82NKIM3Nr7U +Ol9Fm0m4FepvryunWiAF+pD7m+SDAI1abm3MN7QB653w+2zu9B8mY0jU+uFjGCUQ +5uFXsTgbnAYev5V9fCKGRPwHXEIJsidg1jOpc5pGnOvvlTZ+uno6Gg== +-----END RSA PRIVATE KEY----- diff --git a/docker_env/nginx/keys/daily.api.django-vue-admin.com.crt b/docker_env/nginx/keys/daily.api.django-vue-admin.com.crt new file mode 100755 index 0000000..469702c --- /dev/null +++ b/docker_env/nginx/keys/daily.api.django-vue-admin.com.crt @@ -0,0 +1,59 @@ +-----BEGIN CERTIFICATE----- +MIIFlzCCBH+gAwIBAgIQDXgUgr0IFkhSkGrfB3BoCzANBgkqhkiG9w0BAQsFADBu +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg +RFYgVExTIENBIC0gRzEwHhcNMjEwMzA2MDAwMDAwWhcNMjIwMzA2MjM1OTU5WjAp +MScwJQYDVQQDEx5kYWlseS5hcGkuZGphbmdvLXZ1ZS1hZG1pbi5jb20wggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIoHO8FAq7byt+gDDP2/QjOm/8YSFO +s+AC0iyhMLx6NDRh9cIJE4U/VVpUrbXKspgO2lVN9c3Z28EhimgTj8wLl4uBXAHg +mYS6KZSY1qewN6zagijo0uhI6qSuc+Qr4hZkTrVHhhdIM7G7z7+nMDovLcfZheyT ++0emMhqrO5Oroq/+Ym0jbqBY7tLp7ODxdiG7ONNkIgR/t0cK1P5j16h97LUTHvJS +QbXd9JpGROWQArwB7bthyW+BjOc8y/z5jyiE0wrrzcDoc707T2855VzeYnoJ/1t/ +zNdTpJ/VtM6jk5NjqlqHZE7IPNUPdRQ3ysftVAgoHh/R+UtUs1LheUMbAgMBAAGj +ggJ0MIICcDAfBgNVHSMEGDAWgBRVdE+yck/1YLpQ0dfmUVyaAYca1zAdBgNVHQ4E +FgQUtkEWynD115BC1cCt+dVbYMINNIEwKQYDVR0RBCIwIIIeZGFpbHkuYXBpLmRq +YW5nby12dWUtYWRtaW4uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr +BgEFBQcDAQYIKwYBBQUHAwIwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEF +BQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGABggrBgEFBQcBAQR0 +MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBKBggrBgEF +BQcwAoY+aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0VuY3J5cHRpb25FdmVy +eXdoZXJlRFZUTFNDQS1HMS5jcnQwCQYDVR0TBAIwADCCAQQGCisGAQQB1nkCBAIE +gfUEgfIA8AB2ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABeAiA +1B4AAAQDAEcwRQIgJNPwwa2Ckt6jT4iZkg+j7K4dx7Ilg6eo9lITNtas+jwCIQDU +6aY1CbJZQJCfgPbx61LGz6we0rSmw9KLukq2TFJlZgB2ACJFRQdZVSRWlj+hL/H3 +bYbgIyZjrcBLf13Gg1xu4g8CAAABeAiA1HAAAAQDAEcwRQIhANyqViocLYtbkecx +QnhZyr8LIHPq9Uw3RuiN21RPxY84AiBACIPopJaybo6lQhgQGFVwKayEP3ba+QTK +E0REYDfHAzANBgkqhkiG9w0BAQsFAAOCAQEAHaYxBQYKYOpdJ3vEGX7ExR+kTjNM +83r74xAwV2nhbXIsTE0fwuwK7wGPzVyjVpqypIs93/18ehLhTF2Nr4dwloMMfsC+ +HWM3mvtb6Y8v5xZ5duZuOeUUlSPlAniygFWB7XuBHJti01YtiwyRxtvELLk3pv3T +W2B0NNajfWPqhSm2IShnOL2sxD2OKvDXIKwAjbDRjOTQlkZgH6UocvtKE0REXym7 +RHaujJ+fhWwtOqhkshmtWQSha9J4r2/X4v2uS8VyvJ1Lr+UwnxWeYlQ0Zz6Xgqtc +b0SD3GvHsA1mxnZJ0oPj3VA8MQkpMJtUjiNPypEjN4YH7UK+B5zXhoAB2A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH +MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc +oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo +lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj +pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h +yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n +wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M +pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf +BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C +AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp +Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu +Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG +/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT +MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B +SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW +M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV +4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ +sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy +rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg== +-----END CERTIFICATE----- diff --git a/docker_env/nginx/keys/daily.api.django-vue-admin.com.key b/docker_env/nginx/keys/daily.api.django-vue-admin.com.key new file mode 100755 index 0000000..f1c62ce --- /dev/null +++ b/docker_env/nginx/keys/daily.api.django-vue-admin.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAyKBzvBQKu28rfoAwz9v0Izpv/GEhTrPgAtIsoTC8ejQ0YfXC +CROFP1VaVK21yrKYDtpVTfXN2dvBIYpoE4/MC5eLgVwB4JmEuimUmNansDes2oIo +6NLoSOqkrnPkK+IWZE61R4YXSDOxu8+/pzA6Ly3H2YXsk/tHpjIaqzuTq6Kv/mJt +I26gWO7S6ezg8XYhuzjTZCIEf7dHCtT+Y9eofey1Ex7yUkG13fSaRkTlkAK8Ae27 +YclvgYznPMv8+Y8ohNMK683A6HO9O09vOeVc3mJ6Cf9bf8zXU6Sf1bTOo5OTY6pa +h2ROyDzVD3UUN8rH7VQIKB4f0flLVLNS4XlDGwIDAQABAoIBAATB2TyydPaw0iUz +wPSM0KMtNY6Udwe4uC0Y8rn3v+Bd8IgKHcm9TsGLspKjc9YUmgpwHum0VGdAELpM +397m3/2+YC53EgxTV5RafA2LuXoyN8UOpQ2wQpXICpOgZ96qg8FpJF9HzLGHmEVN +zcuXFyobOcvsowl3QeGs+njo9r1xGVCZVo/c+XT95vU+o4bIeao5MyseVg7LLgXC +EsTJIVLaRK3WDCaZAegXoiVJQlgLR6qWrY+97E2yxCIAVZejdiPiejwT3i5XEsxT +w11FdaZXrCKYktid1b74tDwpHTSekevKWrzrT2QkgGv3VJfGHcvDeeQpyYGE13nd +IsyTynECgYEA+8JfXOL3hXRBOSZJYysLkIYXhiPw/P8Ao69pgRDEKaA2YSoojHnE +Rzo+v4cHw0x47WzLkjs/xf1ON3jBEEZ/2KG+FDpRXieC19xfvlEe1tf9RaFfdU0E +R2n059d8R3CC7M+nMEwfkYZ9OtV1SSeQlf6GyhBT3XmLlnRMKWbwRh8CgYEAzAGW +edCFYmTyzFBjxq8GARzvptCU/sAZBBFF18mz7jsFJhidxZ2nMS0tFZIy+yvg1dpE +ElkILAzMt4v0lmHWBTRcHCllnAwu+o5JsBR1pqzj+Q84iWurgkWI+MG0g56CjyBS +exJn8RL7JNt7QNUiiz1WB8oWa/knXXM/L8kui4UCgYEAsGWlabDBm2k0VfWkj+5W +IQJDM0K1lJ6bdRTvyHXV7BCMaZIfbSXYR8vgsVPMNaO8Sybij+ghq/jqt+VM6Lls +1H2ncAbYgi8O9246S2ANSp11oTcLamX3LI5qAZOzSV7k7UYlr6p2qAFidzme/w3Q +ubfn+2ZrTI/gJSABSTUN/yMCgYEAq7UWa1dIPWYMOk3bfSppmlw5liVvkvAq3hKP +v62kxXplvgfwG5mzVJ/al5JjWKc46aZ5rxvC1hi74i1pY33bfqvwbz+kp3BVxkwm +146Q7AYPJ91Yz8mRJOfT/tRDVJkA+OjSo4X9eJpqSj52Aj6igaHRnGLK9nxSVsSe +xWDGzWUCgYEAsk02rZvSc0XiddlQQ5vGNVezikbqtmrwQf32EUuxI8jklY6Ry7/M +BQA46J4psF0xtH93MV5Dsz5HqyJM6OPeQ4ONlCYrhZ1yHHti+YFivKtUdeZCPkn7 +ygz3P8kQhLlNtFomXqFK787jlC1rZuTC5IXA4SL5zq4ThWh7vnb65Sw= +-----END RSA PRIVATE KEY----- diff --git a/docker_env/nginx/keys/daily.demo.django-vue-admin.com.crt b/docker_env/nginx/keys/daily.demo.django-vue-admin.com.crt new file mode 100755 index 0000000..f586596 --- /dev/null +++ b/docker_env/nginx/keys/daily.demo.django-vue-admin.com.crt @@ -0,0 +1,59 @@ +-----BEGIN CERTIFICATE----- +MIIFmTCCBIGgAwIBAgIQCzI6tyKHzyI4bN6BJiBWZzANBgkqhkiG9w0BAQsFADBu +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg +RFYgVExTIENBIC0gRzEwHhcNMjEwMzA2MDAwMDAwWhcNMjIwMzA2MjM1OTU5WjAq +MSgwJgYDVQQDEx9kYWlseS5kZW1lLmRqYW5nby12dWUtYWRtaW4uY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwd2udVfp+a/7oaVwqOxQeu6hqcLY +78tdYoz20XJZN9/LmTFxRoOm/FT773gJ90Ot/TfiAVuxfhfNXSS6fVGdRi0DIMW8 +OReUwmLtDCD87xz2LNjMz73/am1FYchUEIXc1R9mME2DOHozGuK1qhF9T2YM9jkU +JL92OQ4eJ2EzbPLrXYoWFJIr050OT21xtgoTNlzi/+JqE8xuEDihjtsziT7KzgZl +5cSsJ7WAEio68oEXHhxPF4Xp/ziRDnmNA1Qd5+BZU/jUsQmDsMWAOpkV8EYG8GYI +AVSr2TegtSgrS7eXxFh0JsfpSbY2x1Og15IwU3WIo18kEnUz5jNpfL7miQIDAQAB +o4ICdTCCAnEwHwYDVR0jBBgwFoAUVXRPsnJP9WC6UNHX5lFcmgGHGtcwHQYDVR0O +BBYEFNIBagOABbLoxHlUOLebkahQPO5tMCoGA1UdEQQjMCGCH2RhaWx5LmRlbWUu +ZGphbmdvLXZ1ZS1hZG1pbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG +CCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHSAENzA1MDMGBmeBDAECATApMCcGCCsG +AQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYAGCCsGAQUFBwEB +BHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEoGCCsG +AQUFBzAChj5odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRW5jcnlwdGlvbkV2 +ZXJ5d2hlcmVEVlRMU0NBLUcxLmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIE +AgSB9QSB8gDwAHUARqVV63X6kSAwtaKJafTzfREsQXS+/Um4havy/HD+bUcAAAF4 +CIG3RgAABAMARjBEAiB5Ba4CnxlhBvIQo3CPXbMhIxpT+Z4ujAD87mL4yD+rSgIg +WYu1d9u1lEIzth9PXL1U1O2H6gMK1pO+tLhUmkBIt6kAdwAiRUUHWVUkVpY/oS/x +922G4CMmY63AS39dxoNcbuIPAgAAAXgIgbdSAAAEAwBIMEYCIQD2rqMSWMVQSyep +vkZ39MuKoNfZ3nfKYAJ1XB8awJLj6QIhAJEIOcdX9QhVH8pB8jr/HrInLzTt/BOT +ArfsR+J/aqyVMA0GCSqGSIb3DQEBCwUAA4IBAQAcH2NGwZ4yAiOvXXP5W5+/9CHw +EA9uyDx8LY0UoPzxUEuk6zHtZ+0nj9JvitH6UUhfP5qV+gzzSEIPnZePCf9VI6Y4 +F6yCYU5baV/vv2w+ccZSADY7YMm/NadECWX4hhvhZRLRyShSuN2GceWj1hTWrT7S +o9ZQ35KH5JcTL47VgoXgNNwIEqaJfAsTuFlAAn96DXzfS4KicNhBoAUTPW/VZn18 +hG+G23tAWSwBkN2PTkLOnHMV+qmEKRIjH+eTxe5+XWY5KrmYH2am3eK92DiMAaI4 +qaOAEhIN1RmIITZxgFfChaTadwR7jY27hG5HkvwRuV+fhsYnfYMiJUnoN34j +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH +MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc +oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo +lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj +pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h +yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n +wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M +pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf +BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C +AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp +Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu +Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG +/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT +MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B +SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW +M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV +4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ +sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy +rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg== +-----END CERTIFICATE----- diff --git a/docker_env/nginx/keys/daily.demo.django-vue-admin.com.key b/docker_env/nginx/keys/daily.demo.django-vue-admin.com.key new file mode 100755 index 0000000..a817bef --- /dev/null +++ b/docker_env/nginx/keys/daily.demo.django-vue-admin.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAwd2udVfp+a/7oaVwqOxQeu6hqcLY78tdYoz20XJZN9/LmTFx +RoOm/FT773gJ90Ot/TfiAVuxfhfNXSS6fVGdRi0DIMW8OReUwmLtDCD87xz2LNjM +z73/am1FYchUEIXc1R9mME2DOHozGuK1qhF9T2YM9jkUJL92OQ4eJ2EzbPLrXYoW +FJIr050OT21xtgoTNlzi/+JqE8xuEDihjtsziT7KzgZl5cSsJ7WAEio68oEXHhxP +F4Xp/ziRDnmNA1Qd5+BZU/jUsQmDsMWAOpkV8EYG8GYIAVSr2TegtSgrS7eXxFh0 +JsfpSbY2x1Og15IwU3WIo18kEnUz5jNpfL7miQIDAQABAoIBABHmSOxWsKi4IfCb +2NoP76JaFB0be3Iwga/Ouh8+gpRRGnhLg1zyXOGhax2CJNFqs07U8Q4VDD9LLU/z +SzC072OCVm6ZMzbGQZrtDVv4U8I0F1qurcJklYebDTPpDjH0Wh5nZsUA8yOszLkn +w4QvVzWUg4/cV0rJTr4X2priM6BUaAKGWe8BH1DX69K7jgSyvEZhSLN/aSxLJpwy +hfL8OSBeVAwciyr0MqoqSoVgcYdcxtGt5dePezpQi6glXf2bMhxYv3692EsbOgh4 +eR24CO0xZJkp6AZN7BY4OaKwf3TmnJtIKg+ZhRwHTAMwHg9LDidsc/P1zMyvecPD +RcRBYo0CgYEA/UqadAgNEmcoe8on9S0UtmPp1hXnh+z8EmvFHmZfSt/FxW1DHM0y +c0hxsst/zIG8Q8B5W1HsLYbbBCvfG3RJDICbjBSRm+Aimz2HhIEtQl75YmXZ4srq +jaiRsvXsbBjwr5Syol4XvZQH7TAYuZKKZbNTKayFVo6ADJMwgxBBe5MCgYEAw/Bl +8kpUAnPOiAAzIr+sANd11trUUDRsTk0KCN6GJHWK8Q1O7ec5xjRjdffkOhKUloJJ +UuarxJoNKwrAbfa63aOP8h5jqqqXk41+Trj94qlbzCjL+o7hfezGQeY8HxdxmDAf +cBCLFGroND9aU7pCKATtIft5A7C09Gs1mpZTPvMCgYEAyFbFq5jinfex8ZeH20h4 +5XpJbeeNZdlv1zIei1j1bkdoKiuttY4npT9bjsuenabPvdbzJeO6JphPixEYOqLT +VGw0m6t5MA0r0hXspkV2AtUT81wT5moQ81KtSxtwkF95n6bBU+OQa4Y2bshoBf9+ +L8qSsJegL0IuzcNtz3yADrkCgYEAo0qAG4j4NEcA0vSfqRDlrpnhWdpq4CCgNi0b +9MJGNrJCxZsasUdnLZhRX2nkqMT9UeVoaA9XDPR5jupZ7gqWNsnt15Cd7QhYZB6i +KccfxrrvhthlDf3vTDt8CkVuy1aFU5ifSoxu6+ggdhJqG6b5JVLdsNlbQ8kLNTr3 +pEotPCMCgYBmM0K9U1j4zO0L+/cpdDT8sYPpFUMdcEXCvLb/J9+v3kndbWhQbTyG +UYulGyvmkTGpmYnwG5TEZbHroEI3qNG593Ae6AiUciKaTenH9f9HkWhIldJEua5g +lKAA+18wOv5LbDFV4hUIaX4iDKBaKPiQu/Vi0HFy2SikiS+RUV10kQ== +-----END RSA PRIVATE KEY----- diff --git a/docker_env/nginx/keys/demo.django-vue-admin.com.crt b/docker_env/nginx/keys/demo.django-vue-admin.com.crt new file mode 100755 index 0000000..3bb36db --- /dev/null +++ b/docker_env/nginx/keys/demo.django-vue-admin.com.crt @@ -0,0 +1,59 @@ +-----BEGIN CERTIFICATE----- +MIIFizCCBHOgAwIBAgIQAn/QNFyusvPyPREjg5iJWzANBgkqhkiG9w0BAQsFADBu +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg +RFYgVExTIENBIC0gRzEwHhcNMjEwMzA2MDAwMDAwWhcNMjIwMzA2MjM1OTU5WjAk +MSIwIAYDVQQDExlkZW1lLmRqYW5nby12dWUtYWRtaW4uY29tMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk06Sqv+Al94VYBy4mKn4S/BYDxMdZxqC9YXM +1o4h4JB3bnpV2r9SFIcWu16uHs3RqSMMoR8+fhoaXRZLMZExV98nKkeAUhKWA5TJ +kQ+GMe3+XFmzeB+TJJmXDeIJZyAPc8wfqWLZLjvAfkMPzCHyxmf6k+sN0bfT7kFr +0xhzDUhIpQp218BCUm4hyW2bqzwjHgzeg/TkHpaHNO7o0pR5/JEJs3jr3Hwsu0s0 +kfuAlBnf7BcJIh65BmVxXVFrW4qytPUk1d6Zt76nWy5AZtTw33cqUtKH7HcDHNgT +ICsP8ozKaQ23Tb62kCMPwskvXIFuFOgwYKkHTMhXKefglhYGiwIDAQABo4ICbTCC +AmkwHwYDVR0jBBgwFoAUVXRPsnJP9WC6UNHX5lFcmgGHGtcwHQYDVR0OBBYEFL0O +PlBNqYf3I4ypNWFDpJ1U2G3pMCQGA1UdEQQdMBuCGWRlbWUuZGphbmdvLXZ1ZS1h +ZG1pbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr +BgEFBQcDAjA+BgNVHSAENzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRw +Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYAGCCsGAQUFBwEBBHQwcjAkBggrBgEF +BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEoGCCsGAQUFBzAChj5odHRw +Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRW5jcnlwdGlvbkV2ZXJ5d2hlcmVEVlRM +U0NBLUcxLmNydDAJBgNVHRMEAjAAMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUA +KXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAF4CH/v+AAABAMARjBE +AiAB+AshGhA6yvyvSV/q3jkTAyHxHKZACFnpAYEonFjS6gIgKayzGSgNkJbGJ1qp +JqlVtA6dG53dG8bdUTmIiGF34k0AdQAiRUUHWVUkVpY/oS/x922G4CMmY63AS39d +xoNcbuIPAgAAAXgIf+/JAAAEAwBGMEQCIC0/8V0lWjiV37EeIKAkH5zzvCpqO96s +lLY5/FKsXLplAiBOPzyGwXNAZ4HoFYAhGcd1jZE9eb0esgYUCq5d16njDDANBgkq +hkiG9w0BAQsFAAOCAQEAldgl6ApHK14DitAxzT0ejbu2E87d0tcQy7TOJTMEZs5p +UokcBd54SEgt2COh73MUmTBU1DVdOtkY9Ok1mDPQdWQvu3P90KRsIEPYLIEh0w6O +3SJmE0hXIcvC8u8ku36HyQnj1spHG9wKQBfH9Qdq9zti2wo2cAtmvF477H+a+wzD +Y2iNY1ucgc1vDxwD6VVRg3iETqL7t8e1KHBMqDZ2EQvr0YHnms+D4VaFXA9WtRRg +coSbdko2h+voGNuyJ3zvywN6zLnAfEqoyGEf9tzPDZbrkkp8BJGbGLvbc0PhPX6Q +++r7ty7YFDzX+XDiGu2y+X+BVTqiP+FpP0C0Zqhnng== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH +MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc +oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo +lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj +pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h +yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n +wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M +pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf +BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C +AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp +Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu +Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG +/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT +MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B +SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW +M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV +4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ +sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy +rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg== +-----END CERTIFICATE----- diff --git a/docker_env/nginx/keys/demo.django-vue-admin.com.key b/docker_env/nginx/keys/demo.django-vue-admin.com.key new file mode 100755 index 0000000..5f61121 --- /dev/null +++ b/docker_env/nginx/keys/demo.django-vue-admin.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAk06Sqv+Al94VYBy4mKn4S/BYDxMdZxqC9YXM1o4h4JB3bnpV +2r9SFIcWu16uHs3RqSMMoR8+fhoaXRZLMZExV98nKkeAUhKWA5TJkQ+GMe3+XFmz +eB+TJJmXDeIJZyAPc8wfqWLZLjvAfkMPzCHyxmf6k+sN0bfT7kFr0xhzDUhIpQp2 +18BCUm4hyW2bqzwjHgzeg/TkHpaHNO7o0pR5/JEJs3jr3Hwsu0s0kfuAlBnf7BcJ +Ih65BmVxXVFrW4qytPUk1d6Zt76nWy5AZtTw33cqUtKH7HcDHNgTICsP8ozKaQ23 +Tb62kCMPwskvXIFuFOgwYKkHTMhXKefglhYGiwIDAQABAoIBAACotbtFUI8qLTC0 +fP1VDu+4CYzRUKzCnGdgy91oRJQh0VPEzfGGlzI3g7O4fre6KZmQg8cmW283ZEea +VYfJPU4S74GFUSumbaL8EJ+XhDAty/+Gkmj59/yOVPPfWQKfGbKY7TAiz+BT4Btj +s9Ewx0p5i9A+Ziqg04MZw9O6V9/TuzkKd0HoSNNEnTueEb4IZgvEbNQRWyvkBiY5 +X2o5keDUIQY1/Psrd+HqCq6BngV+2p+dlmTtzkFm4SX5pVptvkasdj/GPQHCTIU+ +DpS/dYV0T43pm7VpGz/3XSkPXPiIBkcAofY3VcMF4YV1CW1YnWDuuP8VMFoeG5B9 +g4MrHzECgYEAw1ATxKZ3SB/PbnkaHRiwhh/tLXP/0SZokMRABsTcVFpK1xqOlX8i +1wYKk52XvV5LyYZQNiKgRGlSda3lv0H9nfibPo/EDbH/UerHnKAztas5vnHNeAAK +LGq4QK8kJ/pplqi8C+bWmgA22Rx/kYaiCrtZUG/IRFUge4bCDp949BUCgYEAwRPt +AX7eg9f0hxsmpqWhjBV2InzDGN2j+V3kSLwuzUZqTH6JQL9x6UgA5O3XmhMp1hMr +ZkedM/7rvGxeo02t/l51CKSsjLkrW21zt1Rj4KY98Ay1ajAqmmMB2cE/G8AWRbbL +EKRKRRyiC+umcX7fdCjsiSXNWQ1BzjFmFGx0mB8CgYAPAt+SFK1ESNWbiwk7xUMD ++/4xqSG3RHly7vJw0r6QaSQpZiwhR1U5K4iykcEw18eBZKZTktO4jlO9IbFvwrWo +Z4wfAdOyrcSO2jmfSxzOUKuufHarS218vnMM3aksvW1SHAPf8kz6JxwQEcWoPK3F +n2Kc8Qp2XgiSFehiUVVthQKBgQCp1Uwhh6ZVFK179i7+YS0DmpEqbtHx2mv02lkG +fbkxSWIRXTB/6qZZS8O1m1yNo5OmQYBoXE/0P6S+PhjUzmxhFlcdvjQlKG/x4Qnr +Vejw32oV8CfXevzOho5HK4vGbiVpNwvR3KGTv0bu816Z8L6/X4wIa18AmP+sTpl7 +F5dLgwKBgHymEzm+tzUetW6JX3zK38TwSqBp5oExano91yQrnl9DNnx1umojKrGr +jmkYdvJbOXYGi9qo0cJeX/1bycA0ISEBFItWPp23WDK6rKKypC2kY2nYZKIQNWZl +jYUrCYxu9KqMmpYPQfIpnjbWzjKN6OnFD1VJJDczEFqLUm1q79ba +-----END RSA PRIVATE KEY----- diff --git a/docker_env/nginx/keys/www.django-vue-admin.com.crt b/docker_env/nginx/keys/www.django-vue-admin.com.crt new file mode 100755 index 0000000..d74726e --- /dev/null +++ b/docker_env/nginx/keys/www.django-vue-admin.com.crt @@ -0,0 +1,60 @@ +-----BEGIN CERTIFICATE----- +MIIFnzCCBIegAwIBAgIQDULdZ8Ko3AktSKrXM0T8azANBgkqhkiG9w0BAQsFADBu +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg +RFYgVExTIENBIC0gRzEwHhcNMjEwMzA2MDAwMDAwWhcNMjIwMzA2MjM1OTU5WjAf +MR0wGwYDVQQDExRkamFuZ28tdnVlLWFkbWluLmNvbTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBALPsn57ttIHmQQQSdtdOP+f07zelzXk6Y2Ta6mLdBx0z +HZjoCH3CieDGyLs19B6dphURjI8TtRd6KkclUKwYHL4gzP1AzDOCNzOtizMRm/ad +3hS2H10oZHxOI6fec/ytb7b0Nu4EhZ8/GLsIGvs/hXBaadk8DP5gOLHsm28rlROT +EGYraXYi5CTM/auRJcndTNp/v6VhQblqWxojAzlTxlcjwXkreqzhk3y9IN+1VYiV +AEk2srVdbfjk6yB5tnKGErAxKPOBzrkzWvh3lIEwrZ/0wRsb/NFGW9g5QDCa8oXV +HaJ8qq2dW4X7HOm88QO6xqZiFLldYoYv9psdrrNHd58CAwEAAaOCAoYwggKCMB8G +A1UdIwQYMBaAFFV0T7JyT/VgulDR1+ZRXJoBhxrXMB0GA1UdDgQWBBR6M6BtHZ13 +MWMDkoP/lLyUfEAcezA5BgNVHREEMjAwghRkamFuZ28tdnVlLWFkbWluLmNvbYIY +d3d3LmRqYW5nby12dWUtYWRtaW4uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE +FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAn +BggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGABggrBgEF +BQcBAQR0MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBK +BggrBgEFBQcwAoY+aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0VuY3J5cHRp +b25FdmVyeXdoZXJlRFZUTFNDQS1HMS5jcnQwCQYDVR0TBAIwADCCAQYGCisGAQQB +1nkCBAIEgfcEgfQA8gB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceE +AAABeAiEftAAAAQDAEgwRgIhALoCVuRcMRqM2wwuEsGGCy2mno/3t4qi3RZR2l4B +sWZ2AiEApyQ2yCgb2UsEx0YAnjrejgPgj7tsCmwBAi5Vsl/vmccAdwAiRUUHWVUk +VpY/oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXgIhH8pAAAEAwBIMEYCIQCpvmUS +hv244dpidw1cD6BNu3MPp7xii+63D0OtQa5cJgIhAMAS6PWmwy0g5naWQBj028Qt +mh/UdGFSQhgQsPfyAjZUMA0GCSqGSIb3DQEBCwUAA4IBAQBVCd2ZGxA01PyIUokC +1rsjxPCtdvzdj4jcIBiXQw1AVSRrkq9L6TkQfF12wYLzTzLbiW/JmenIdVUC1O2N +mc1Zd8jxqr/gC3RhdnzxV1ABA6jn44MYfdK5ZGXyG8wTBXMczfHRJhlhLsfdK78U +BHkBbsKq3Q4rjOf/hV2TDBa77Grd66m0zfaTYcidja6wIZvnrzNl7Tf6rIgRnx8O +/vo/IJhfkQzT9ZfyOfLMiiZUMzwKPQPpHBbJ3C3JSLq9fPeTm4/soN/4aKn1hU3m +qJvfqBtzg4vafmj3p7BZD0LdSmYn8to+xq5gkt57/4Bfn+RAX7/dqx8pBjHXOj98 +rjQN +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH +MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc +oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo +lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj +pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h +yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n +wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M +pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf +BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C +AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp +Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu +Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG +/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT +MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B +SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW +M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV +4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ +sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy +rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg== +-----END CERTIFICATE----- diff --git a/docker_env/nginx/keys/www.django-vue-admin.com.key b/docker_env/nginx/keys/www.django-vue-admin.com.key new file mode 100755 index 0000000..9dab0b1 --- /dev/null +++ b/docker_env/nginx/keys/www.django-vue-admin.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAs+yfnu20geZBBBJ2104/5/TvN6XNeTpjZNrqYt0HHTMdmOgI +fcKJ4MbIuzX0Hp2mFRGMjxO1F3oqRyVQrBgcviDM/UDMM4I3M62LMxGb9p3eFLYf +XShkfE4jp95z/K1vtvQ27gSFnz8Yuwga+z+FcFpp2TwM/mA4seybbyuVE5MQZitp +diLkJMz9q5Elyd1M2n+/pWFBuWpbGiMDOVPGVyPBeSt6rOGTfL0g37VViJUASTay +tV1t+OTrIHm2coYSsDEo84HOuTNa+HeUgTCtn/TBGxv80UZb2DlAMJryhdUdonyq +rZ1bhfsc6bzxA7rGpmIUuV1ihi/2mx2us0d3nwIDAQABAoIBADEzNl7eP2r6DLNR +XT/4/M6wEq4T38ETr1RH7KoGKMjaTnCempvRE6Tslr1ivpOUpnLCbr49NFrsJB16 +XboBifKPw55JFs3LAM9X2GWpng1tE+pz9tWhkwDO2T8xPGRPBOpxk4e4otVuCpQy +XjZwI0wa3TDzE9aHd1loCwT2VPiZ3As8rr0+4kIN6EyzneNb5Uys0LHMzHGHVBUl +JY0fAwqrt7wi+AXSufcxX6uhwJOY0LAU0iiT3Y1CYP6IdTtwpyWW2DcYeuHtLK9Y +oSnkHRXaJOcUHytDdRSXyJVD174r1wfSPCZ6DjXGc9ydwTQQg3ibTJrdn5gnaLZ9 +/Lrk80ECgYEA3CrP4NlbfBestRuU2LfEQvyzVVfiVWv7NjHDbryVTQ3hu5dR2hr8 +Q9acWwvg2virQVzSnECk4QsNydcaRriU0kq2Nf9Vzs8oTDZl7+K203L+Ry3bguUe +r4q9v7mY6cCOIgE19H+BR2T21NVHHK3acR6WVO+95rlD0Aqe0FXmZmECgYEA0TUa +y3Pbp7+kcUQIqdKwrYVCSgKQeco3VqtqlXDHjoD49tBP/WHJqJaGJ582bW3ozIYs +1Iol3wInjOy6iOIvRK2tJibb7tor/WxMO4R5NbMYSswyOwyO+gaz3hoQbu+m/S12 +8BwM9JN1QHq3mYqT0QHvamPW9asU2auONRq+nf8CgYBREeKh5Odu9ji+J33TnzdB +g1N1pXrOAYjrF7/i0sYXLXllXf7h1PX29Nt2GxWdC9vjoY5bwuHzi+Jz5CTkzarf +FGurzm2GTXmFNrKqdkzj54ACLbyaokt+UBQ2uNy5lhHAK7n2Ycz0wRSyoiYhRVMe +PCkW9YBzqNxzirWX+UlxgQKBgGhZlajffDOa2noIlk2moquaaWsjBk9JNvsK+1nY +7CC/Ye8yDoPzL7PgiL/goTRJ+zFwx5Gn6qXmnDWlqpE2SJ94BYKfJVppBkIcr5WM +SS0ozLgaS/+6DuLVTwg8de/vp5pnAAlZ5HhlyLlFvKhgP8Sjs3icng7hq7+6227P +jT6fAoGBAMyPW7voNx29oPT04MMgAKdwyjR5sZv6vWhOW6KBOPkLUKPDfSfrVN0B +H6JfetLZryHXgJioxBfLoLqIW+iMvW7UcCFD53I6nWpOzBtcPTjgeeIK0W4+f113 +RrXOS29rrxKr0NXvnYx26v5deQ9+KlxAUgTuC+EjqsX8NnGW21Cv +-----END RSA PRIVATE KEY----- diff --git a/docker_env/nginx/nginx.conf b/docker_env/nginx/nginx.conf new file mode 100644 index 0000000..dad006a --- /dev/null +++ b/docker_env/nginx/nginx.conf @@ -0,0 +1,15 @@ +events { + worker_connections 1024; +} +http { + include mime.types; + default_type application/octet-stream; + sendfile on; + client_max_body_size 100m; + include /etc/nginx/sites-enabled/*;#主要是这个地方,把新建的两配置文件包含进来 + server { + listen 80 default_server; + server_name _; + return 404; + } +} diff --git a/docker_env/nginx/sites-enabled/api.conf b/docker_env/nginx/sites-enabled/api.conf new file mode 100644 index 0000000..f198ca3 --- /dev/null +++ b/docker_env/nginx/sites-enabled/api.conf @@ -0,0 +1,46 @@ +## 将HTTP请求全部重定向至HTTPS +server { + listen 80; + server_name api.django-vue-admin.com; + charset utf-8; + access_log /var/log/nginx/api-80.access.log; + error_log /var/log/nginx/api-80.error.log; + rewrite ^(.*)$ https://${server_name}$1 permanent; +} +server { + listen 443 ssl; + server_name api.django-vue-admin.com; + root /dvadmin-backend/;#项目路径 + charset utf-8; + ssl_certificate /nginx/keys/api.django-vue-admin.com.crt;#.pem证书路径 + ssl_certificate_key /nginx/keys/api.django-vue-admin.com.key;#.key证书路径 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + error_page 497 https://$host$request_uri; + proxy_set_header Host $proxy_host; + proxy_set_header X-DTS-SCHEMA api; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + location / { + root html/www; + include uwsgi_params; + uwsgi_pass dvadmin-django:8000; + uwsgi_param UWSGI_SCRIPT home.wsgi; + uwsgi_param UWSGI_CHDIR /dvadmin-backend/;#项目路径 + + } + # Django media + location /media { + alias /dvadmin-backend/media; # your Django project's media files - amend as required + } + # Django static + location /static { + alias /dvadmin-backend/static; # your Django project's static files - amend as required + } + + access_log /var/log/nginx/api-443.access.log; + error_log /var/log/nginx/api-443.error.log; + } diff --git a/docker_env/nginx/sites-enabled/daily.api.conf b/docker_env/nginx/sites-enabled/daily.api.conf new file mode 100644 index 0000000..f198ca3 --- /dev/null +++ b/docker_env/nginx/sites-enabled/daily.api.conf @@ -0,0 +1,46 @@ +## 将HTTP请求全部重定向至HTTPS +server { + listen 80; + server_name api.django-vue-admin.com; + charset utf-8; + access_log /var/log/nginx/api-80.access.log; + error_log /var/log/nginx/api-80.error.log; + rewrite ^(.*)$ https://${server_name}$1 permanent; +} +server { + listen 443 ssl; + server_name api.django-vue-admin.com; + root /dvadmin-backend/;#项目路径 + charset utf-8; + ssl_certificate /nginx/keys/api.django-vue-admin.com.crt;#.pem证书路径 + ssl_certificate_key /nginx/keys/api.django-vue-admin.com.key;#.key证书路径 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + error_page 497 https://$host$request_uri; + proxy_set_header Host $proxy_host; + proxy_set_header X-DTS-SCHEMA api; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + location / { + root html/www; + include uwsgi_params; + uwsgi_pass dvadmin-django:8000; + uwsgi_param UWSGI_SCRIPT home.wsgi; + uwsgi_param UWSGI_CHDIR /dvadmin-backend/;#项目路径 + + } + # Django media + location /media { + alias /dvadmin-backend/media; # your Django project's media files - amend as required + } + # Django static + location /static { + alias /dvadmin-backend/static; # your Django project's static files - amend as required + } + + access_log /var/log/nginx/api-443.access.log; + error_log /var/log/nginx/api-443.error.log; + } diff --git a/docker_env/nginx/sites-enabled/daily.demo.conf b/docker_env/nginx/sites-enabled/daily.demo.conf new file mode 100644 index 0000000..181bca7 --- /dev/null +++ b/docker_env/nginx/sites-enabled/daily.demo.conf @@ -0,0 +1,34 @@ +## 将HTTP请求全部重定向至HTTPS +server { + listen 80; + server_name daily.demo.django-vue-admin.com; + charset utf-8; + access_log /var/log/nginx/daily.demo-80.access.log; + error_log /var/log/nginx/daily.demo-80.error.log; + rewrite ^(.*)$ https://${server_name}$1 permanent; +} +server { + listen 443 ssl; + server_name daily.demo.django-vue-admin.com; + root /vadmin-doc/;#项目路径 + charset utf-8; + ssl_certificate /nginx/keys/daily.demo.django-vue-admin.com.crt;#.pem证书路径 + ssl_certificate_key /nginx/keys/daily.demo.django-vue-admin.com.key;#.key证书路径 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + error_page 497 https://$host$request_uri; + proxy_set_header Host $proxy_host; + proxy_set_header X-DTS-SCHEMA daily.demo; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + location / { + root /dvadmin-ui/dist/; + index index.html index.php index.htm; + } + + access_log /var/log/nginx/daily.demo-443.access.log; + error_log /var/log/nginx/daily.demo-443.error.log; + } diff --git a/docker_env/nginx/sites-enabled/demo.conf b/docker_env/nginx/sites-enabled/demo.conf new file mode 100644 index 0000000..ddf324d --- /dev/null +++ b/docker_env/nginx/sites-enabled/demo.conf @@ -0,0 +1,34 @@ +## 将HTTP请求全部重定向至HTTPS +server { + listen 80; + server_name demo.django-vue-admin.com; + charset utf-8; + access_log /var/log/nginx/demo-80.access.log; + error_log /var/log/nginx/demo-80.error.log; + rewrite ^(.*)$ https://${server_name}$1 permanent; +} +server { + listen 443 ssl; + server_name demo.django-vue-admin.com; + root /vadmin-doc/;#项目路径 + charset utf-8; + ssl_certificate /nginx/keys/demo.django-vue-admin.com.crt;#.pem证书路径 + ssl_certificate_key /nginx/keys/demo.django-vue-admin.com.key;#.key证书路径 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + error_page 497 https://$host$request_uri; + proxy_set_header Host $proxy_host; + proxy_set_header X-DTS-SCHEMA demo; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + location / { + root /dvadmin-ui/dist/; + index index.html index.php index.htm; + } + + access_log /var/log/nginx/demo-443.access.log; + error_log /var/log/nginx/demo-443.error.log; + } diff --git a/docker_env/nginx/sites-enabled/www.conf b/docker_env/nginx/sites-enabled/www.conf new file mode 100644 index 0000000..9aa0e2f --- /dev/null +++ b/docker_env/nginx/sites-enabled/www.conf @@ -0,0 +1,34 @@ +## 将HTTP请求全部重定向至HTTPS +server { + listen 80; + server_name www.django-vue-admin.com; + charset utf-8; + access_log /var/log/nginx/www-80.access.log; + error_log /var/log/nginx/www-80.error.log; + rewrite ^(.*)$ https://${server_name}$1 permanent; +} +server { + listen 443 ssl; + server_name www.django-vue-admin.com; + root /vadmin-doc/;#项目路径 + charset utf-8; + ssl_certificate /nginx/keys/www.django-vue-admin.com.crt;#.pem证书路径 + ssl_certificate_key /nginx/keys/www.django-vue-admin.com.key;#.key证书路径 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + error_page 497 https://$host$request_uri; + proxy_set_header Host $proxy_host; + proxy_set_header X-DTS-SCHEMA www; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + location / { + root /dvadmin-doc/dist/; + index index.html index.php index.htm; + } + + access_log /var/log/nginx/www-443.access.log; + error_log /var/log/nginx/www-443.error.log; + } diff --git a/docker_env/redis/launch.sh b/docker_env/redis/launch.sh new file mode 100755 index 0000000..a6010a1 --- /dev/null +++ b/docker_env/redis/launch.sh @@ -0,0 +1,9 @@ +cur_path=`pwd` +# docker pull redis:latest +docker run -d \ + -p 6379:6379 \ + -v $cur_path/redis.conf:/etc/redis/redis.conf \ + --privileged=true \ + --name docker-redis \ + redis:latest \ + redis-server /etc/redis/redis.conf diff --git a/docker_env/redis/redis.conf b/docker_env/redis/redis.conf new file mode 100644 index 0000000..861a134 --- /dev/null +++ b/docker_env/redis/redis.conf @@ -0,0 +1,1373 @@ +# Redis configuration file example. +# +# Note that in order to read the configuration file, Redis must be +# started with the file path as first argument: +# +# ./redis-server /path/to/redis.conf + +# Note on units: when memory size is needed, it is possible to specify +# it in the usual form of 1k 5GB 4M and so forth: +# +# 1k => 1000 bytes +# 1kb => 1024 bytes +# 1m => 1000000 bytes +# 1mb => 1024*1024 bytes +# 1g => 1000000000 bytes +# 1gb => 1024*1024*1024 bytes +# +# units are case insensitive so 1GB 1Gb 1gB are all the same. + +################################## INCLUDES ################################### + +# Include one or more other config files here. This is useful if you +# have a standard template that goes to all Redis servers but also need +# to customize a few per-server settings. Include files can include +# other files, so use this wisely. +# +# Notice option "include" won't be rewritten by command "CONFIG REWRITE" +# from admin or Redis Sentinel. Since Redis always uses the last processed +# line as value of a configuration directive, you'd better put includes +# at the beginning of this file to avoid overwriting config change at runtime. +# +# If instead you are interested in using includes to override configuration +# options, it is better to use include as the last line. +# +# include /path/to/local.conf +# include /path/to/other.conf + +################################## MODULES ##################################### + +# Load modules at startup. If the server is not able to load modules +# it will abort. It is possible to use multiple loadmodule directives. +# +# loadmodule /path/to/my_module.so +# loadmodule /path/to/other_module.so + +################################## NETWORK ##################################### + +# By default, if no "bind" configuration directive is specified, Redis listens +# for connections from all the network interfaces available on the server. +# It is possible to listen to just one or multiple selected interfaces using +# the "bind" configuration directive, followed by one or more IP addresses. +# +# Examples: +# +# bind 192.168.1.100 10.0.0.1 +# bind 127.0.0.1 ::1 +# +# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the +# internet, binding to all the interfaces is dangerous and will expose the +# instance to everybody on the internet. So by default we uncomment the +# following bind directive, that will force Redis to listen only into +# the IPv4 loopback interface address (this means Redis will be able to +# accept connections only from clients running into the same computer it +# is running). +# +# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES +# JUST COMMENT THE FOLLOWING LINE. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# bind 127.0.0.1 +bind 0.0.0.0 + +# Protected mode is a layer of security protection, in order to avoid that +# Redis instances left open on the internet are accessed and exploited. +# +# When protected mode is on and if: +# +# 1) The server is not binding explicitly to a set of addresses using the +# "bind" directive. +# 2) No password is configured. +# +# The server only accepts connections from clients connecting from the +# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain +# sockets. +# +# By default protected mode is enabled. You should disable it only if +# you are sure you want clients from other hosts to connect to Redis +# even if no authentication is configured, nor a specific set of interfaces +# are explicitly listed using the "bind" directive. +protected-mode yes + +# Accept connections on the specified port, default is 6379 (IANA #815344). +# If port 0 is specified Redis will not listen on a TCP socket. +port 6379 + +# TCP listen() backlog. +# +# In high requests-per-second environments you need an high backlog in order +# to avoid slow clients connections issues. Note that the Linux kernel +# will silently truncate it to the value of /proc/sys/net/core/somaxconn so +# make sure to raise both the value of somaxconn and tcp_max_syn_backlog +# in order to get the desired effect. +tcp-backlog 511 + +# Unix socket. +# +# Specify the path for the Unix socket that will be used to listen for +# incoming connections. There is no default, so Redis will not listen +# on a unix socket when not specified. +# +# unixsocket /tmp/redis.sock +# unixsocketperm 700 + +# Close the connection after a client is idle for N seconds (0 to disable) +timeout 0 + +# TCP keepalive. +# +# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence +# of communication. This is useful for two reasons: +# +# 1) Detect dead peers. +# 2) Take the connection alive from the point of view of network +# equipment in the middle. +# +# On Linux, the specified value (in seconds) is the period used to send ACKs. +# Note that to close the connection the double of the time is needed. +# On other kernels the period depends on the kernel configuration. +# +# A reasonable value for this option is 300 seconds, which is the new +# Redis default starting with Redis 3.2.1. +tcp-keepalive 300 + +################################# GENERAL ##################################### + +# By default Redis does not run as a daemon. Use 'yes' if you need it. +# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. +daemonize no + +# If you run Redis from upstart or systemd, Redis can interact with your +# supervision tree. Options: +# supervised no - no supervision interaction +# supervised upstart - signal upstart by putting Redis into SIGSTOP mode +# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET +# supervised auto - detect upstart or systemd method based on +# UPSTART_JOB or NOTIFY_SOCKET environment variables +# Note: these supervision methods only signal "process is ready." +# They do not enable continuous liveness pings back to your supervisor. +supervised no + +# If a pid file is specified, Redis writes it where specified at startup +# and removes it at exit. +# +# When the server runs non daemonized, no pid file is created if none is +# specified in the configuration. When the server is daemonized, the pid file +# is used even if not specified, defaulting to "/var/run/redis.pid". +# +# Creating a pid file is best effort: if Redis is not able to create it +# nothing bad happens, the server will start and run normally. +pidfile /var/run/redis_6379.pid + +# Specify the server verbosity level. +# This can be one of: +# debug (a lot of information, useful for development/testing) +# verbose (many rarely useful info, but not a mess like the debug level) +# notice (moderately verbose, what you want in production probably) +# warning (only very important / critical messages are logged) +loglevel notice + +# Specify the log file name. Also the empty string can be used to force +# Redis to log on the standard output. Note that if you use standard +# output for logging but daemonize, logs will be sent to /dev/null +logfile "" + +# To enable logging to the system logger, just set 'syslog-enabled' to yes, +# and optionally update the other syslog parameters to suit your needs. +# syslog-enabled no + +# Specify the syslog identity. +# syslog-ident redis + +# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. +# syslog-facility local0 + +# Set the number of databases. The default database is DB 0, you can select +# a different one on a per-connection basis using SELECT where +# dbid is a number between 0 and 'databases'-1 +databases 16 + +# By default Redis shows an ASCII art logo only when started to log to the +# standard output and if the standard output is a TTY. Basically this means +# that normally a logo is displayed only in interactive sessions. +# +# However it is possible to force the pre-4.0 behavior and always show a +# ASCII art logo in startup logs by setting the following option to yes. +always-show-logo yes + +################################ SNAPSHOTTING ################################ +# +# Save the DB on disk: +# +# save +# +# Will save the DB if both the given number of seconds and the given +# number of write operations against the DB occurred. +# +# In the example below the behaviour will be to save: +# after 900 sec (15 min) if at least 1 key changed +# after 300 sec (5 min) if at least 10 keys changed +# after 60 sec if at least 10000 keys changed +# +# Note: you can disable saving completely by commenting out all "save" lines. +# +# It is also possible to remove all the previously configured save +# points by adding a save directive with a single empty string argument +# like in the following example: +# +# save "" + +save 900 1 +save 300 10 +save 60 10000 + +# By default Redis will stop accepting writes if RDB snapshots are enabled +# (at least one save point) and the latest background save failed. +# This will make the user aware (in a hard way) that data is not persisting +# on disk properly, otherwise chances are that no one will notice and some +# disaster will happen. +# +# If the background saving process will start working again Redis will +# automatically allow writes again. +# +# However if you have setup your proper monitoring of the Redis server +# and persistence, you may want to disable this feature so that Redis will +# continue to work as usual even if there are problems with disk, +# permissions, and so forth. +stop-writes-on-bgsave-error yes + +# Compress string objects using LZF when dump .rdb databases? +# For default that's set to 'yes' as it's almost always a win. +# If you want to save some CPU in the saving child set it to 'no' but +# the dataset will likely be bigger if you have compressible values or keys. +rdbcompression yes + +# Since version 5 of RDB a CRC64 checksum is placed at the end of the file. +# This makes the format more resistant to corruption but there is a performance +# hit to pay (around 10%) when saving and loading RDB files, so you can disable it +# for maximum performances. +# +# RDB files created with checksum disabled have a checksum of zero that will +# tell the loading code to skip the check. +rdbchecksum yes + +# The filename where to dump the DB +dbfilename dump.rdb + +# The working directory. +# +# The DB will be written inside this directory, with the filename specified +# above using the 'dbfilename' configuration directive. +# +# The Append Only File will also be created inside this directory. +# +# Note that you must specify a directory here, not a file name. +dir ./ + +################################# REPLICATION ################################# + +# Master-Replica replication. Use replicaof to make a Redis instance a copy of +# another Redis server. A few things to understand ASAP about Redis replication. +# +# +------------------+ +---------------+ +# | Master | ---> | Replica | +# | (receive writes) | | (exact copy) | +# +------------------+ +---------------+ +# +# 1) Redis replication is asynchronous, but you can configure a master to +# stop accepting writes if it appears to be not connected with at least +# a given number of replicas. +# 2) Redis replicas are able to perform a partial resynchronization with the +# master if the replication link is lost for a relatively small amount of +# time. You may want to configure the replication backlog size (see the next +# sections of this file) with a sensible value depending on your needs. +# 3) Replication is automatic and does not need user intervention. After a +# network partition replicas automatically try to reconnect to masters +# and resynchronize with them. +# +# replicaof + +# If the master is password protected (using the "requirepass" configuration +# directive below) it is possible to tell the replica to authenticate before +# starting the replication synchronization process, otherwise the master will +# refuse the replica request. +# +# masterauth + +# When a replica loses its connection with the master, or when the replication +# is still in progress, the replica can act in two different ways: +# +# 1) if replica-serve-stale-data is set to 'yes' (the default) the replica will +# still reply to client requests, possibly with out of date data, or the +# data set may just be empty if this is the first synchronization. +# +# 2) if replica-serve-stale-data is set to 'no' the replica will reply with +# an error "SYNC with master in progress" to all the kind of commands +# but to INFO, replicaOF, AUTH, PING, SHUTDOWN, REPLCONF, ROLE, CONFIG, +# SUBSCRIBE, UNSUBSCRIBE, PSUBSCRIBE, PUNSUBSCRIBE, PUBLISH, PUBSUB, +# COMMAND, POST, HOST: and LATENCY. +# +replica-serve-stale-data yes + +# You can configure a replica instance to accept writes or not. Writing against +# a replica instance may be useful to store some ephemeral data (because data +# written on a replica will be easily deleted after resync with the master) but +# may also cause problems if clients are writing to it because of a +# misconfiguration. +# +# Since Redis 2.6 by default replicas are read-only. +# +# Note: read only replicas are not designed to be exposed to untrusted clients +# on the internet. It's just a protection layer against misuse of the instance. +# Still a read only replica exports by default all the administrative commands +# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve +# security of read only replicas using 'rename-command' to shadow all the +# administrative / dangerous commands. +replica-read-only yes + +# Replication SYNC strategy: disk or socket. +# +# ------------------------------------------------------- +# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY +# ------------------------------------------------------- +# +# New replicas and reconnecting replicas that are not able to continue the replication +# process just receiving differences, need to do what is called a "full +# synchronization". An RDB file is transmitted from the master to the replicas. +# The transmission can happen in two different ways: +# +# 1) Disk-backed: The Redis master creates a new process that writes the RDB +# file on disk. Later the file is transferred by the parent +# process to the replicas incrementally. +# 2) Diskless: The Redis master creates a new process that directly writes the +# RDB file to replica sockets, without touching the disk at all. +# +# With disk-backed replication, while the RDB file is generated, more replicas +# can be queued and served with the RDB file as soon as the current child producing +# the RDB file finishes its work. With diskless replication instead once +# the transfer starts, new replicas arriving will be queued and a new transfer +# will start when the current one terminates. +# +# When diskless replication is used, the master waits a configurable amount of +# time (in seconds) before starting the transfer in the hope that multiple replicas +# will arrive and the transfer can be parallelized. +# +# With slow disks and fast (large bandwidth) networks, diskless replication +# works better. +repl-diskless-sync no + +# When diskless replication is enabled, it is possible to configure the delay +# the server waits in order to spawn the child that transfers the RDB via socket +# to the replicas. +# +# This is important since once the transfer starts, it is not possible to serve +# new replicas arriving, that will be queued for the next RDB transfer, so the server +# waits a delay in order to let more replicas arrive. +# +# The delay is specified in seconds, and by default is 5 seconds. To disable +# it entirely just set it to 0 seconds and the transfer will start ASAP. +repl-diskless-sync-delay 5 + +# Replicas send PINGs to server in a predefined interval. It's possible to change +# this interval with the repl_ping_replica_period option. The default value is 10 +# seconds. +# +# repl-ping-replica-period 10 + +# The following option sets the replication timeout for: +# +# 1) Bulk transfer I/O during SYNC, from the point of view of replica. +# 2) Master timeout from the point of view of replicas (data, pings). +# 3) Replica timeout from the point of view of masters (REPLCONF ACK pings). +# +# It is important to make sure that this value is greater than the value +# specified for repl-ping-replica-period otherwise a timeout will be detected +# every time there is low traffic between the master and the replica. +# +# repl-timeout 60 + +# Disable TCP_NODELAY on the replica socket after SYNC? +# +# If you select "yes" Redis will use a smaller number of TCP packets and +# less bandwidth to send data to replicas. But this can add a delay for +# the data to appear on the replica side, up to 40 milliseconds with +# Linux kernels using a default configuration. +# +# If you select "no" the delay for data to appear on the replica side will +# be reduced but more bandwidth will be used for replication. +# +# By default we optimize for low latency, but in very high traffic conditions +# or when the master and replicas are many hops away, turning this to "yes" may +# be a good idea. +repl-disable-tcp-nodelay no + +# Set the replication backlog size. The backlog is a buffer that accumulates +# replica data when replicas are disconnected for some time, so that when a replica +# wants to reconnect again, often a full resync is not needed, but a partial +# resync is enough, just passing the portion of data the replica missed while +# disconnected. +# +# The bigger the replication backlog, the longer the time the replica can be +# disconnected and later be able to perform a partial resynchronization. +# +# The backlog is only allocated once there is at least a replica connected. +# +# repl-backlog-size 1mb + +# After a master has no longer connected replicas for some time, the backlog +# will be freed. The following option configures the amount of seconds that +# need to elapse, starting from the time the last replica disconnected, for +# the backlog buffer to be freed. +# +# Note that replicas never free the backlog for timeout, since they may be +# promoted to masters later, and should be able to correctly "partially +# resynchronize" with the replicas: hence they should always accumulate backlog. +# +# A value of 0 means to never release the backlog. +# +# repl-backlog-ttl 3600 + +# The replica priority is an integer number published by Redis in the INFO output. +# It is used by Redis Sentinel in order to select a replica to promote into a +# master if the master is no longer working correctly. +# +# A replica with a low priority number is considered better for promotion, so +# for instance if there are three replicas with priority 10, 100, 25 Sentinel will +# pick the one with priority 10, that is the lowest. +# +# However a special priority of 0 marks the replica as not able to perform the +# role of master, so a replica with priority of 0 will never be selected by +# Redis Sentinel for promotion. +# +# By default the priority is 100. +replica-priority 100 + +# It is possible for a master to stop accepting writes if there are less than +# N replicas connected, having a lag less or equal than M seconds. +# +# The N replicas need to be in "online" state. +# +# The lag in seconds, that must be <= the specified value, is calculated from +# the last ping received from the replica, that is usually sent every second. +# +# This option does not GUARANTEE that N replicas will accept the write, but +# will limit the window of exposure for lost writes in case not enough replicas +# are available, to the specified number of seconds. +# +# For example to require at least 3 replicas with a lag <= 10 seconds use: +# +# min-replicas-to-write 3 +# min-replicas-max-lag 10 +# +# Setting one or the other to 0 disables the feature. +# +# By default min-replicas-to-write is set to 0 (feature disabled) and +# min-replicas-max-lag is set to 10. + +# A Redis master is able to list the address and port of the attached +# replicas in different ways. For example the "INFO replication" section +# offers this information, which is used, among other tools, by +# Redis Sentinel in order to discover replica instances. +# Another place where this info is available is in the output of the +# "ROLE" command of a master. +# +# The listed IP and address normally reported by a replica is obtained +# in the following way: +# +# IP: The address is auto detected by checking the peer address +# of the socket used by the replica to connect with the master. +# +# Port: The port is communicated by the replica during the replication +# handshake, and is normally the port that the replica is using to +# listen for connections. +# +# However when port forwarding or Network Address Translation (NAT) is +# used, the replica may be actually reachable via different IP and port +# pairs. The following two options can be used by a replica in order to +# report to its master a specific set of IP and port, so that both INFO +# and ROLE will report those values. +# +# There is no need to use both the options if you need to override just +# the port or the IP address. +# +# replica-announce-ip 5.5.5.5 +# replica-announce-port 1234 + +################################## SECURITY ################################### + +# Require clients to issue AUTH before processing any other +# commands. This might be useful in environments in which you do not trust +# others with access to the host running redis-server. +# +# This should stay commented out for backward compatibility and because most +# people do not need auth (e.g. they run their own servers). +# +# Warning: since Redis is pretty fast an outside user can try up to +# 150k passwords per second against a good box. This means that you should +# use a very strong password otherwise it will be very easy to break. +# +requirepass q1w2e3r4T%Y^U& + +# Command renaming. +# +# It is possible to change the name of dangerous commands in a shared +# environment. For instance the CONFIG command may be renamed into something +# hard to guess so that it will still be available for internal-use tools +# but not available for general clients. +# +# Example: +# +# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 +# +# It is also possible to completely kill a command by renaming it into +# an empty string: +# +# rename-command CONFIG "" +# +# Please note that changing the name of commands that are logged into the +# AOF file or transmitted to replicas may cause problems. + +################################### CLIENTS #################################### + +# Set the max number of connected clients at the same time. By default +# this limit is set to 10000 clients, however if the Redis server is not +# able to configure the process file limit to allow for the specified limit +# the max number of allowed clients is set to the current file limit +# minus 32 (as Redis reserves a few file descriptors for internal uses). +# +# Once the limit is reached Redis will close all the new connections sending +# an error 'max number of clients reached'. +# +# maxclients 10000 + +############################## MEMORY MANAGEMENT ################################ + +# Set a memory usage limit to the specified amount of bytes. +# When the memory limit is reached Redis will try to remove keys +# according to the eviction policy selected (see maxmemory-policy). +# +# If Redis can't remove keys according to the policy, or if the policy is +# set to 'noeviction', Redis will start to reply with errors to commands +# that would use more memory, like SET, LPUSH, and so on, and will continue +# to reply to read-only commands like GET. +# +# This option is usually useful when using Redis as an LRU or LFU cache, or to +# set a hard memory limit for an instance (using the 'noeviction' policy). +# +# WARNING: If you have replicas attached to an instance with maxmemory on, +# the size of the output buffers needed to feed the replicas are subtracted +# from the used memory count, so that network problems / resyncs will +# not trigger a loop where keys are evicted, and in turn the output +# buffer of replicas is full with DELs of keys evicted triggering the deletion +# of more keys, and so forth until the database is completely emptied. +# +# In short... if you have replicas attached it is suggested that you set a lower +# limit for maxmemory so that there is some free RAM on the system for replica +# output buffers (but this is not needed if the policy is 'noeviction'). +# +# maxmemory + +# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory +# is reached. You can select among five behaviors: +# +# volatile-lru -> Evict using approximated LRU among the keys with an expire set. +# allkeys-lru -> Evict any key using approximated LRU. +# volatile-lfu -> Evict using approximated LFU among the keys with an expire set. +# allkeys-lfu -> Evict any key using approximated LFU. +# volatile-random -> Remove a random key among the ones with an expire set. +# allkeys-random -> Remove a random key, any key. +# volatile-ttl -> Remove the key with the nearest expire time (minor TTL) +# noeviction -> Don't evict anything, just return an error on write operations. +# +# LRU means Least Recently Used +# LFU means Least Frequently Used +# +# Both LRU, LFU and volatile-ttl are implemented using approximated +# randomized algorithms. +# +# Note: with any of the above policies, Redis will return an error on write +# operations, when there are no suitable keys for eviction. +# +# At the date of writing these commands are: set setnx setex append +# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd +# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby +# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby +# getset mset msetnx exec sort +# +# The default is: +# +# maxmemory-policy noeviction + +# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated +# algorithms (in order to save memory), so you can tune it for speed or +# accuracy. For default Redis will check five keys and pick the one that was +# used less recently, you can change the sample size using the following +# configuration directive. +# +# The default of 5 produces good enough results. 10 Approximates very closely +# true LRU but costs more CPU. 3 is faster but not very accurate. +# +# maxmemory-samples 5 + +# Starting from Redis 5, by default a replica will ignore its maxmemory setting +# (unless it is promoted to master after a failover or manually). It means +# that the eviction of keys will be just handled by the master, sending the +# DEL commands to the replica as keys evict in the master side. +# +# This behavior ensures that masters and replicas stay consistent, and is usually +# what you want, however if your replica is writable, or you want the replica to have +# a different memory setting, and you are sure all the writes performed to the +# replica are idempotent, then you may change this default (but be sure to understand +# what you are doing). +# +# Note that since the replica by default does not evict, it may end using more +# memory than the one set via maxmemory (there are certain buffers that may +# be larger on the replica, or data structures may sometimes take more memory and so +# forth). So make sure you monitor your replicas and make sure they have enough +# memory to never hit a real out-of-memory condition before the master hits +# the configured maxmemory setting. +# +# replica-ignore-maxmemory yes + +############################# LAZY FREEING #################################### + +# Redis has two primitives to delete keys. One is called DEL and is a blocking +# deletion of the object. It means that the server stops processing new commands +# in order to reclaim all the memory associated with an object in a synchronous +# way. If the key deleted is associated with a small object, the time needed +# in order to execute the DEL command is very small and comparable to most other +# O(1) or O(log_N) commands in Redis. However if the key is associated with an +# aggregated value containing millions of elements, the server can block for +# a long time (even seconds) in order to complete the operation. +# +# For the above reasons Redis also offers non blocking deletion primitives +# such as UNLINK (non blocking DEL) and the ASYNC option of FLUSHALL and +# FLUSHDB commands, in order to reclaim memory in background. Those commands +# are executed in constant time. Another thread will incrementally free the +# object in the background as fast as possible. +# +# DEL, UNLINK and ASYNC option of FLUSHALL and FLUSHDB are user-controlled. +# It's up to the design of the application to understand when it is a good +# idea to use one or the other. However the Redis server sometimes has to +# delete keys or flush the whole database as a side effect of other operations. +# Specifically Redis deletes objects independently of a user call in the +# following scenarios: +# +# 1) On eviction, because of the maxmemory and maxmemory policy configurations, +# in order to make room for new data, without going over the specified +# memory limit. +# 2) Because of expire: when a key with an associated time to live (see the +# EXPIRE command) must be deleted from memory. +# 3) Because of a side effect of a command that stores data on a key that may +# already exist. For example the RENAME command may delete the old key +# content when it is replaced with another one. Similarly SUNIONSTORE +# or SORT with STORE option may delete existing keys. The SET command +# itself removes any old content of the specified key in order to replace +# it with the specified string. +# 4) During replication, when a replica performs a full resynchronization with +# its master, the content of the whole database is removed in order to +# load the RDB file just transferred. +# +# In all the above cases the default is to delete objects in a blocking way, +# like if DEL was called. However you can configure each case specifically +# in order to instead release memory in a non-blocking way like if UNLINK +# was called, using the following configuration directives: + +lazyfree-lazy-eviction no +lazyfree-lazy-expire no +lazyfree-lazy-server-del no +replica-lazy-flush no + +############################## APPEND ONLY MODE ############################### + +# By default Redis asynchronously dumps the dataset on disk. This mode is +# good enough in many applications, but an issue with the Redis process or +# a power outage may result into a few minutes of writes lost (depending on +# the configured save points). +# +# The Append Only File is an alternative persistence mode that provides +# much better durability. For instance using the default data fsync policy +# (see later in the config file) Redis can lose just one second of writes in a +# dramatic event like a server power outage, or a single write if something +# wrong with the Redis process itself happens, but the operating system is +# still running correctly. +# +# AOF and RDB persistence can be enabled at the same time without problems. +# If the AOF is enabled on startup Redis will load the AOF, that is the file +# with the better durability guarantees. +# +# Please check http://redis.io/topics/persistence for more information. + +appendonly no + +# The name of the append only file (default: "appendonly.aof") + +appendfilename "appendonly.aof" + +# The fsync() call tells the Operating System to actually write data on disk +# instead of waiting for more data in the output buffer. Some OS will really flush +# data on disk, some other OS will just try to do it ASAP. +# +# Redis supports three different modes: +# +# no: don't fsync, just let the OS flush the data when it wants. Faster. +# always: fsync after every write to the append only log. Slow, Safest. +# everysec: fsync only one time every second. Compromise. +# +# The default is "everysec", as that's usually the right compromise between +# speed and data safety. It's up to you to understand if you can relax this to +# "no" that will let the operating system flush the output buffer when +# it wants, for better performances (but if you can live with the idea of +# some data loss consider the default persistence mode that's snapshotting), +# or on the contrary, use "always" that's very slow but a bit safer than +# everysec. +# +# More details please check the following article: +# http://antirez.com/post/redis-persistence-demystified.html +# +# If unsure, use "everysec". + +# appendfsync always +appendfsync everysec +# appendfsync no + +# When the AOF fsync policy is set to always or everysec, and a background +# saving process (a background save or AOF log background rewriting) is +# performing a lot of I/O against the disk, in some Linux configurations +# Redis may block too long on the fsync() call. Note that there is no fix for +# this currently, as even performing fsync in a different thread will block +# our synchronous write(2) call. +# +# In order to mitigate this problem it's possible to use the following option +# that will prevent fsync() from being called in the main process while a +# BGSAVE or BGREWRITEAOF is in progress. +# +# This means that while another child is saving, the durability of Redis is +# the same as "appendfsync none". In practical terms, this means that it is +# possible to lose up to 30 seconds of log in the worst scenario (with the +# default Linux settings). +# +# If you have latency problems turn this to "yes". Otherwise leave it as +# "no" that is the safest pick from the point of view of durability. + +no-appendfsync-on-rewrite no + +# Automatic rewrite of the append only file. +# Redis is able to automatically rewrite the log file implicitly calling +# BGREWRITEAOF when the AOF log size grows by the specified percentage. +# +# This is how it works: Redis remembers the size of the AOF file after the +# latest rewrite (if no rewrite has happened since the restart, the size of +# the AOF at startup is used). +# +# This base size is compared to the current size. If the current size is +# bigger than the specified percentage, the rewrite is triggered. Also +# you need to specify a minimal size for the AOF file to be rewritten, this +# is useful to avoid rewriting the AOF file even if the percentage increase +# is reached but it is still pretty small. +# +# Specify a percentage of zero in order to disable the automatic AOF +# rewrite feature. + +auto-aof-rewrite-percentage 100 +auto-aof-rewrite-min-size 64mb + +# An AOF file may be found to be truncated at the end during the Redis +# startup process, when the AOF data gets loaded back into memory. +# This may happen when the system where Redis is running +# crashes, especially when an ext4 filesystem is mounted without the +# data=ordered option (however this can't happen when Redis itself +# crashes or aborts but the operating system still works correctly). +# +# Redis can either exit with an error when this happens, or load as much +# data as possible (the default now) and start if the AOF file is found +# to be truncated at the end. The following option controls this behavior. +# +# If aof-load-truncated is set to yes, a truncated AOF file is loaded and +# the Redis server starts emitting a log to inform the user of the event. +# Otherwise if the option is set to no, the server aborts with an error +# and refuses to start. When the option is set to no, the user requires +# to fix the AOF file using the "redis-check-aof" utility before to restart +# the server. +# +# Note that if the AOF file will be found to be corrupted in the middle +# the server will still exit with an error. This option only applies when +# Redis will try to read more data from the AOF file but not enough bytes +# will be found. +aof-load-truncated yes + +# When rewriting the AOF file, Redis is able to use an RDB preamble in the +# AOF file for faster rewrites and recoveries. When this option is turned +# on the rewritten AOF file is composed of two different stanzas: +# +# [RDB file][AOF tail] +# +# When loading Redis recognizes that the AOF file starts with the "REDIS" +# string and loads the prefixed RDB file, and continues loading the AOF +# tail. +aof-use-rdb-preamble yes + +################################ LUA SCRIPTING ############################### + +# Max execution time of a Lua script in milliseconds. +# +# If the maximum execution time is reached Redis will log that a script is +# still in execution after the maximum allowed time and will start to +# reply to queries with an error. +# +# When a long running script exceeds the maximum execution time only the +# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be +# used to stop a script that did not yet called write commands. The second +# is the only way to shut down the server in the case a write command was +# already issued by the script but the user doesn't want to wait for the natural +# termination of the script. +# +# Set it to 0 or a negative value for unlimited execution without warnings. +lua-time-limit 5000 + +################################ REDIS CLUSTER ############################### + +# Normal Redis instances can't be part of a Redis Cluster; only nodes that are +# started as cluster nodes can. In order to start a Redis instance as a +# cluster node enable the cluster support uncommenting the following: +# +# cluster-enabled yes + +# Every cluster node has a cluster configuration file. This file is not +# intended to be edited by hand. It is created and updated by Redis nodes. +# Every Redis Cluster node requires a different cluster configuration file. +# Make sure that instances running in the same system do not have +# overlapping cluster configuration file names. +# +# cluster-config-file nodes-6379.conf + +# Cluster node timeout is the amount of milliseconds a node must be unreachable +# for it to be considered in failure state. +# Most other internal time limits are multiple of the node timeout. +# +# cluster-node-timeout 15000 + +# A replica of a failing master will avoid to start a failover if its data +# looks too old. +# +# There is no simple way for a replica to actually have an exact measure of +# its "data age", so the following two checks are performed: +# +# 1) If there are multiple replicas able to failover, they exchange messages +# in order to try to give an advantage to the replica with the best +# replication offset (more data from the master processed). +# Replicas will try to get their rank by offset, and apply to the start +# of the failover a delay proportional to their rank. +# +# 2) Every single replica computes the time of the last interaction with +# its master. This can be the last ping or command received (if the master +# is still in the "connected" state), or the time that elapsed since the +# disconnection with the master (if the replication link is currently down). +# If the last interaction is too old, the replica will not try to failover +# at all. +# +# The point "2" can be tuned by user. Specifically a replica will not perform +# the failover if, since the last interaction with the master, the time +# elapsed is greater than: +# +# (node-timeout * replica-validity-factor) + repl-ping-replica-period +# +# So for example if node-timeout is 30 seconds, and the replica-validity-factor +# is 10, and assuming a default repl-ping-replica-period of 10 seconds, the +# replica will not try to failover if it was not able to talk with the master +# for longer than 310 seconds. +# +# A large replica-validity-factor may allow replicas with too old data to failover +# a master, while a too small value may prevent the cluster from being able to +# elect a replica at all. +# +# For maximum availability, it is possible to set the replica-validity-factor +# to a value of 0, which means, that replicas will always try to failover the +# master regardless of the last time they interacted with the master. +# (However they'll always try to apply a delay proportional to their +# offset rank). +# +# Zero is the only value able to guarantee that when all the partitions heal +# the cluster will always be able to continue. +# +# cluster-replica-validity-factor 10 + +# Cluster replicas are able to migrate to orphaned masters, that are masters +# that are left without working replicas. This improves the cluster ability +# to resist to failures as otherwise an orphaned master can't be failed over +# in case of failure if it has no working replicas. +# +# Replicas migrate to orphaned masters only if there are still at least a +# given number of other working replicas for their old master. This number +# is the "migration barrier". A migration barrier of 1 means that a replica +# will migrate only if there is at least 1 other working replica for its master +# and so forth. It usually reflects the number of replicas you want for every +# master in your cluster. +# +# Default is 1 (replicas migrate only if their masters remain with at least +# one replica). To disable migration just set it to a very large value. +# A value of 0 can be set but is useful only for debugging and dangerous +# in production. +# +# cluster-migration-barrier 1 + +# By default Redis Cluster nodes stop accepting queries if they detect there +# is at least an hash slot uncovered (no available node is serving it). +# This way if the cluster is partially down (for example a range of hash slots +# are no longer covered) all the cluster becomes, eventually, unavailable. +# It automatically returns available as soon as all the slots are covered again. +# +# However sometimes you want the subset of the cluster which is working, +# to continue to accept queries for the part of the key space that is still +# covered. In order to do so, just set the cluster-require-full-coverage +# option to no. +# +# cluster-require-full-coverage yes + +# This option, when set to yes, prevents replicas from trying to failover its +# master during master failures. However the master can still perform a +# manual failover, if forced to do so. +# +# This is useful in different scenarios, especially in the case of multiple +# data center operations, where we want one side to never be promoted if not +# in the case of a total DC failure. +# +# cluster-replica-no-failover no + +# In order to setup your cluster make sure to read the documentation +# available at http://redis.io web site. + +########################## CLUSTER DOCKER/NAT support ######################## + +# In certain deployments, Redis Cluster nodes address discovery fails, because +# addresses are NAT-ted or because ports are forwarded (the typical case is +# Docker and other containers). +# +# In order to make Redis Cluster working in such environments, a static +# configuration where each node knows its public address is needed. The +# following two options are used for this scope, and are: +# +# * cluster-announce-ip +# * cluster-announce-port +# * cluster-announce-bus-port +# +# Each instruct the node about its address, client port, and cluster message +# bus port. The information is then published in the header of the bus packets +# so that other nodes will be able to correctly map the address of the node +# publishing the information. +# +# If the above options are not used, the normal Redis Cluster auto-detection +# will be used instead. +# +# Note that when remapped, the bus port may not be at the fixed offset of +# clients port + 10000, so you can specify any port and bus-port depending +# on how they get remapped. If the bus-port is not set, a fixed offset of +# 10000 will be used as usually. +# +# Example: +# +# cluster-announce-ip 10.1.1.5 +# cluster-announce-port 6379 +# cluster-announce-bus-port 6380 + +################################## SLOW LOG ################################### + +# The Redis Slow Log is a system to log queries that exceeded a specified +# execution time. The execution time does not include the I/O operations +# like talking with the client, sending the reply and so forth, +# but just the time needed to actually execute the command (this is the only +# stage of command execution where the thread is blocked and can not serve +# other requests in the meantime). +# +# You can configure the slow log with two parameters: one tells Redis +# what is the execution time, in microseconds, to exceed in order for the +# command to get logged, and the other parameter is the length of the +# slow log. When a new command is logged the oldest one is removed from the +# queue of logged commands. + +# The following time is expressed in microseconds, so 1000000 is equivalent +# to one second. Note that a negative number disables the slow log, while +# a value of zero forces the logging of every command. +slowlog-log-slower-than 10000 + +# There is no limit to this length. Just be aware that it will consume memory. +# You can reclaim memory used by the slow log with SLOWLOG RESET. +slowlog-max-len 128 + +################################ LATENCY MONITOR ############################## + +# The Redis latency monitoring subsystem samples different operations +# at runtime in order to collect data related to possible sources of +# latency of a Redis instance. +# +# Via the LATENCY command this information is available to the user that can +# print graphs and obtain reports. +# +# The system only logs operations that were performed in a time equal or +# greater than the amount of milliseconds specified via the +# latency-monitor-threshold configuration directive. When its value is set +# to zero, the latency monitor is turned off. +# +# By default latency monitoring is disabled since it is mostly not needed +# if you don't have latency issues, and collecting data has a performance +# impact, that while very small, can be measured under big load. Latency +# monitoring can easily be enabled at runtime using the command +# "CONFIG SET latency-monitor-threshold " if needed. +latency-monitor-threshold 0 + +############################# EVENT NOTIFICATION ############################## + +# Redis can notify Pub/Sub clients about events happening in the key space. +# This feature is documented at http://redis.io/topics/notifications +# +# For instance if keyspace events notification is enabled, and a client +# performs a DEL operation on key "foo" stored in the Database 0, two +# messages will be published via Pub/Sub: +# +# PUBLISH __keyspace@0__:foo del +# PUBLISH __keyevent@0__:del foo +# +# It is possible to select the events that Redis will notify among a set +# of classes. Every class is identified by a single character: +# +# K Keyspace events, published with __keyspace@__ prefix. +# E Keyevent events, published with __keyevent@__ prefix. +# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ... +# $ String commands +# l List commands +# s Set commands +# h Hash commands +# z Sorted set commands +# x Expired events (events generated every time a key expires) +# e Evicted events (events generated when a key is evicted for maxmemory) +# A Alias for g$lshzxe, so that the "AKE" string means all the events. +# +# The "notify-keyspace-events" takes as argument a string that is composed +# of zero or multiple characters. The empty string means that notifications +# are disabled. +# +# Example: to enable list and generic events, from the point of view of the +# event name, use: +# +# notify-keyspace-events Elg +# +# Example 2: to get the stream of the expired keys subscribing to channel +# name __keyevent@0__:expired use: +# +# notify-keyspace-events Ex +# +# By default all notifications are disabled because most users don't need +# this feature and the feature has some overhead. Note that if you don't +# specify at least one of K or E, no events will be delivered. +notify-keyspace-events "" + +############################### ADVANCED CONFIG ############################### + +# Hashes are encoded using a memory efficient data structure when they have a +# small number of entries, and the biggest entry does not exceed a given +# threshold. These thresholds can be configured using the following directives. +hash-max-ziplist-entries 512 +hash-max-ziplist-value 64 + +# Lists are also encoded in a special way to save a lot of space. +# The number of entries allowed per internal list node can be specified +# as a fixed maximum size or a maximum number of elements. +# For a fixed maximum size, use -5 through -1, meaning: +# -5: max size: 64 Kb <-- not recommended for normal workloads +# -4: max size: 32 Kb <-- not recommended +# -3: max size: 16 Kb <-- probably not recommended +# -2: max size: 8 Kb <-- good +# -1: max size: 4 Kb <-- good +# Positive numbers mean store up to _exactly_ that number of elements +# per list node. +# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size), +# but if your use case is unique, adjust the settings as necessary. +list-max-ziplist-size -2 + +# Lists may also be compressed. +# Compress depth is the number of quicklist ziplist nodes from *each* side of +# the list to *exclude* from compression. The head and tail of the list +# are always uncompressed for fast push/pop operations. Settings are: +# 0: disable all list compression +# 1: depth 1 means "don't start compressing until after 1 node into the list, +# going from either the head or tail" +# So: [head]->node->node->...->node->[tail] +# [head], [tail] will always be uncompressed; inner nodes will compress. +# 2: [head]->[next]->node->node->...->node->[prev]->[tail] +# 2 here means: don't compress head or head->next or tail->prev or tail, +# but compress all nodes between them. +# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail] +# etc. +list-compress-depth 0 + +# Sets have a special encoding in just one case: when a set is composed +# of just strings that happen to be integers in radix 10 in the range +# of 64 bit signed integers. +# The following configuration setting sets the limit in the size of the +# set in order to use this special memory saving encoding. +set-max-intset-entries 512 + +# Similarly to hashes and lists, sorted sets are also specially encoded in +# order to save a lot of space. This encoding is only used when the length and +# elements of a sorted set are below the following limits: +zset-max-ziplist-entries 128 +zset-max-ziplist-value 64 + +# HyperLogLog sparse representation bytes limit. The limit includes the +# 16 bytes header. When an HyperLogLog using the sparse representation crosses +# this limit, it is converted into the dense representation. +# +# A value greater than 16000 is totally useless, since at that point the +# dense representation is more memory efficient. +# +# The suggested value is ~ 3000 in order to have the benefits of +# the space efficient encoding without slowing down too much PFADD, +# which is O(N) with the sparse encoding. The value can be raised to +# ~ 10000 when CPU is not a concern, but space is, and the data set is +# composed of many HyperLogLogs with cardinality in the 0 - 15000 range. +hll-sparse-max-bytes 3000 + +# Streams macro node max size / items. The stream data structure is a radix +# tree of big nodes that encode multiple items inside. Using this configuration +# it is possible to configure how big a single node can be in bytes, and the +# maximum number of items it may contain before switching to a new node when +# appending new stream entries. If any of the following settings are set to +# zero, the limit is ignored, so for instance it is possible to set just a +# max entires limit by setting max-bytes to 0 and max-entries to the desired +# value. +stream-node-max-bytes 4096 +stream-node-max-entries 100 + +# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in +# order to help rehashing the main Redis hash table (the one mapping top-level +# keys to values). The hash table implementation Redis uses (see dict.c) +# performs a lazy rehashing: the more operation you run into a hash table +# that is rehashing, the more rehashing "steps" are performed, so if the +# server is idle the rehashing is never complete and some more memory is used +# by the hash table. +# +# The default is to use this millisecond 10 times every second in order to +# actively rehash the main dictionaries, freeing memory when possible. +# +# If unsure: +# use "activerehashing no" if you have hard latency requirements and it is +# not a good thing in your environment that Redis can reply from time to time +# to queries with 2 milliseconds delay. +# +# use "activerehashing yes" if you don't have such hard requirements but +# want to free memory asap when possible. +activerehashing yes + +# The client output buffer limits can be used to force disconnection of clients +# that are not reading data from the server fast enough for some reason (a +# common reason is that a Pub/Sub client can't consume messages as fast as the +# publisher can produce them). +# +# The limit can be set differently for the three different classes of clients: +# +# normal -> normal clients including MONITOR clients +# replica -> replica clients +# pubsub -> clients subscribed to at least one pubsub channel or pattern +# +# The syntax of every client-output-buffer-limit directive is the following: +# +# client-output-buffer-limit +# +# A client is immediately disconnected once the hard limit is reached, or if +# the soft limit is reached and remains reached for the specified number of +# seconds (continuously). +# So for instance if the hard limit is 32 megabytes and the soft limit is +# 16 megabytes / 10 seconds, the client will get disconnected immediately +# if the size of the output buffers reach 32 megabytes, but will also get +# disconnected if the client reaches 16 megabytes and continuously overcomes +# the limit for 10 seconds. +# +# By default normal clients are not limited because they don't receive data +# without asking (in a push way), but just after a request, so only +# asynchronous clients may create a scenario where data is requested faster +# than it can read. +# +# Instead there is a default limit for pubsub and replica clients, since +# subscribers and replicas receive data in a push fashion. +# +# Both the hard or the soft limit can be disabled by setting them to zero. +client-output-buffer-limit normal 0 0 0 +client-output-buffer-limit replica 256mb 64mb 60 +client-output-buffer-limit pubsub 32mb 8mb 60 + +# Client query buffers accumulate new commands. They are limited to a fixed +# amount by default in order to avoid that a protocol desynchronization (for +# instance due to a bug in the client) will lead to unbound memory usage in +# the query buffer. However you can configure it here if you have very special +# needs, such us huge multi/exec requests or alike. +# +# client-query-buffer-limit 1gb + +# In the Redis protocol, bulk requests, that are, elements representing single +# strings, are normally limited ot 512 mb. However you can change this limit +# here. +# +# proto-max-bulk-len 512mb + +# Redis calls an internal function to perform many background tasks, like +# closing connections of clients in timeout, purging expired keys that are +# never requested, and so forth. +# +# Not all tasks are performed with the same frequency, but Redis checks for +# tasks to perform according to the specified "hz" value. +# +# By default "hz" is set to 10. Raising the value will use more CPU when +# Redis is idle, but at the same time will make Redis more responsive when +# there are many keys expiring at the same time, and timeouts may be +# handled with more precision. +# +# The range is between 1 and 500, however a value over 100 is usually not +# a good idea. Most users should use the default of 10 and raise this up to +# 100 only in environments where very low latency is required. +hz 10 + +# Normally it is useful to have an HZ value which is proportional to the +# number of clients connected. This is useful in order, for instance, to +# avoid too many clients are processed for each background task invocation +# in order to avoid latency spikes. +# +# Since the default HZ value by default is conservatively set to 10, Redis +# offers, and enables by default, the ability to use an adaptive HZ value +# which will temporary raise when there are many connected clients. +# +# When dynamic HZ is enabled, the actual configured HZ will be used as +# as a baseline, but multiples of the configured HZ value will be actually +# used as needed once more clients are connected. In this way an idle +# instance will use very little CPU time while a busy instance will be +# more responsive. +dynamic-hz yes + +# When a child rewrites the AOF file, if the following option is enabled +# the file will be fsync-ed every 32 MB of data generated. This is useful +# in order to commit the file to the disk more incrementally and avoid +# big latency spikes. +aof-rewrite-incremental-fsync yes + +# When redis saves RDB file, if the following option is enabled +# the file will be fsync-ed every 32 MB of data generated. This is useful +# in order to commit the file to the disk more incrementally and avoid +# big latency spikes. +rdb-save-incremental-fsync yes + +# Redis LFU eviction (see maxmemory setting) can be tuned. However it is a good +# idea to start with the default settings and only change them after investigating +# how to improve the performances and how the keys LFU change over time, which +# is possible to inspect via the OBJECT FREQ command. +# +# There are two tunable parameters in the Redis LFU implementation: the +# counter logarithm factor and the counter decay time. It is important to +# understand what the two parameters mean before changing them. +# +# The LFU counter is just 8 bits per key, it's maximum value is 255, so Redis +# uses a probabilistic increment with logarithmic behavior. Given the value +# of the old counter, when a key is accessed, the counter is incremented in +# this way: +# +# 1. A random number R between 0 and 1 is extracted. +# 2. A probability P is calculated as 1/(old_value*lfu_log_factor+1). +# 3. The counter is incremented only if R < P. +# +# The default lfu-log-factor is 10. This is a table of how the frequency +# counter changes with a different number of accesses with different +# logarithmic factors: +# +# +--------+------------+------------+------------+------------+------------+ +# | factor | 100 hits | 1000 hits | 100K hits | 1M hits | 10M hits | +# +--------+------------+------------+------------+------------+------------+ +# | 0 | 104 | 255 | 255 | 255 | 255 | +# +--------+------------+------------+------------+------------+------------+ +# | 1 | 18 | 49 | 255 | 255 | 255 | +# +--------+------------+------------+------------+------------+------------+ +# | 10 | 10 | 18 | 142 | 255 | 255 | +# +--------+------------+------------+------------+------------+------------+ +# | 100 | 8 | 11 | 49 | 143 | 255 | +# +--------+------------+------------+------------+------------+------------+ +# +# NOTE: The above table was obtained by running the following commands: +# +# redis-benchmark -n 1000000 incr foo +# redis-cli object freq foo +# +# NOTE 2: The counter initial value is 5 in order to give new objects a chance +# to accumulate hits. +# +# The counter decay time is the time, in minutes, that must elapse in order +# for the key counter to be divided by two (or decremented if it has a value +# less <= 10). +# +# The default value for the lfu-decay-time is 1. A Special value of 0 means to +# decay the counter every time it happens to be scanned. +# +# lfu-log-factor 10 +# lfu-decay-time 1 + +########################### ACTIVE DEFRAGMENTATION ####################### +# +# WARNING THIS FEATURE IS EXPERIMENTAL. However it was stress tested +# even in production and manually tested by multiple engineers for some +# time. +# +# What is active defragmentation? +# ------------------------------- +# +# Active (online) defragmentation allows a Redis server to compact the +# spaces left between small allocations and deallocations of data in memory, +# thus allowing to reclaim back memory. +# +# Fragmentation is a natural process that happens with every allocator (but +# less so with Jemalloc, fortunately) and certain workloads. Normally a server +# restart is needed in order to lower the fragmentation, or at least to flush +# away all the data and create it again. However thanks to this feature +# implemented by Oran Agra for Redis 4.0 this process can happen at runtime +# in an "hot" way, while the server is running. +# +# Basically when the fragmentation is over a certain level (see the +# configuration options below) Redis will start to create new copies of the +# values in contiguous memory regions by exploiting certain specific Jemalloc +# features (in order to understand if an allocation is causing fragmentation +# and to allocate it in a better place), and at the same time, will release the +# old copies of the data. This process, repeated incrementally for all the keys +# will cause the fragmentation to drop back to normal values. +# +# Important things to understand: +# +# 1. This feature is disabled by default, and only works if you compiled Redis +# to use the copy of Jemalloc we ship with the source code of Redis. +# This is the default with Linux builds. +# +# 2. You never need to enable this feature if you don't have fragmentation +# issues. +# +# 3. Once you experience fragmentation, you can enable this feature when +# needed with the command "CONFIG SET activedefrag yes". +# +# The configuration parameters are able to fine tune the behavior of the +# defragmentation process. If you are not sure about what they mean it is +# a good idea to leave the defaults untouched. + +# Enabled active defragmentation +# activedefrag yes + +# Minimum amount of fragmentation waste to start active defrag +# active-defrag-ignore-bytes 100mb + +# Minimum percentage of fragmentation to start active defrag +# active-defrag-threshold-lower 10 + +# Maximum percentage of fragmentation at which we use maximum effort +# active-defrag-threshold-upper 100 + +# Minimal effort for defrag in CPU percentage +# active-defrag-cycle-min 5 + +# Maximal effort for defrag in CPU percentage +# active-defrag-cycle-max 75 + +# Maximum number of set/hash/zset/list fields that will be processed from +# the main dictionary scan +# active-defrag-max-scan-fields 1000 + diff --git a/dvadmin-backend/application/settings.py b/dvadmin-backend/application/settings.py index 5dd2189..66a4712 100644 --- a/dvadmin-backend/application/settings.py +++ b/dvadmin-backend/application/settings.py @@ -210,7 +210,7 @@ if DATABASE_TYPE == "MYSQL": DATABASES = { "default": { "ENGINE": "django.db.backends.mysql", - "HOST": DATABASE_HOST, + "HOST": os.getenv('DATABASE_HOST') or DATABASE_HOST, "PORT": DATABASE_PORT, "USER": DATABASE_USER, "PASSWORD": DATABASE_PASSWORD, @@ -226,9 +226,9 @@ else: } } -connect(MONGO_DATABASE_NAME, host=MONGO_HOST, port=MONGO_PORT, serverSelectionTimeoutMS=1000, connect=False) +connect(MONGO_DATABASE_NAME, host=os.getenv('MONGO_HOST') or MONGO_HOST, port=MONGO_PORT, serverSelectionTimeoutMS=1000, connect=False) # redis 缓存 -REDIS_URL = f'redis://:{REDIS_PASSWORD if REDIS_PASSWORD else ""}@{REDIS_HOST}:{REDIS_PORT}/{REDIS_DB}' +REDIS_URL = f'redis://:{REDIS_PASSWORD if REDIS_PASSWORD else ""}@{os.getenv("REDIS_HOST") or REDIS_HOST}:{REDIS_PORT}/{REDIS_DB}' CACHES = { "default": { "BACKEND": "django_redis.cache.RedisCache", diff --git a/dvadmin-backend/application/uwsgi.ini b/dvadmin-backend/application/uwsgi.ini new file mode 100644 index 0000000..fd86130 --- /dev/null +++ b/dvadmin-backend/application/uwsgi.ini @@ -0,0 +1,36 @@ +# uwsgi.ini file +# uwsgi --ini uwsgi.ini +[uwsgi] +# Django-related settings +# the base directory (full path) +chdir = /dvadmin-backend +# Django's wsgi file +wsgi-file = /dvadmin-backend/application/wsgi.py + + +# process-related settings +# master +master = true +# maximum number of worker processes +processes = 8 +# the socket (use the full path to be safe +# for nginx +# socket = app.sock +# socket = 127.0.0.1:8000 +socket = 0.0.0.0:8000 +# Django's wsgi file +module = application.wsgi:application + +# for http access directly (dev model) +# http = 0.0.0.0:8088 +vacuum = true +log-maxsize = 20000000 +;req-logger = file:/backend/logs/uwsgi-@(exec://date +%%Y-%%m-%%d)-cart-req.log +;logger = file:/backend/logs/uwsgi-@(exec://date +%%Y-%%m-%%d)-cart-err.log +log-reopen = true + + + +# chmod-socket=664 +# uid=www-data +# gid=www-data diff --git a/dvadmin-backend/conf/env.example.py b/dvadmin-backend/conf/env.example.py index f88c0f5..95a5da9 100644 --- a/dvadmin-backend/conf/env.example.py +++ b/dvadmin-backend/conf/env.example.py @@ -11,7 +11,7 @@ DATABASE_PORT = 3306 # 数据库用户名 DATABASE_USER = "root" # 数据库密码 -DATABASE_PASSWORD = "123456" +DATABASE_PASSWORD = "q1w2e3r4T%Y^U&MYSQL" # 数据库名 DATABASE_NAME = "django-vue-admin" @@ -28,7 +28,7 @@ MONGO_PORT = 27017 REDIS_DB = 1 REDIS_HOST = '127.0.0.1' REDIS_PORT = 6379 -REDIS_PASSWORD = 'q1w2e3r4T%Y^U&' +REDIS_PASSWORD = '' # ================================================= # # ************** 默认配置 ************** # diff --git a/dvadmin-backend/docker_celery.sh b/dvadmin-backend/docker_celery.sh new file mode 100755 index 0000000..35f5e42 --- /dev/null +++ b/dvadmin-backend/docker_celery.sh @@ -0,0 +1,3 @@ +#!/bin/bash +set +x +celery -A application worker -B --loglevel=debug diff --git a/dvadmin-backend/docker_start.sh b/dvadmin-backend/docker_start.sh new file mode 100755 index 0000000..989eb1b --- /dev/null +++ b/dvadmin-backend/docker_start.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +cd /dvadmin-backend + +python ./manage.py makemigrations +python ./manage.py migrate +#python ./manage.py initialization +#python ./manage.py runserver 0.0.0.0:8000 +uwsgi --ini application/uwsgi.ini +#if [[ $ENV == "preprod" ]] || [[ $ENV == "prod" ]]; then +# uwsgi --ini azcrm/uwsgi.ini +#else +# python ./manage.py runserver 0.0.0.0:8000 +#fi diff --git a/dvadmin-backend/requirements.txt b/dvadmin-backend/requirements.txt index 7a7a9d4..e13a9bf 100644 --- a/dvadmin-backend/requirements.txt +++ b/dvadmin-backend/requirements.txt @@ -21,3 +21,4 @@ six==1.15.0 sqlparse==0.4.1 xlwt==1.3.0 coreapi==2.3.3 +uwsgi==2.0.19.1 diff --git a/run-docker.sh b/run-docker.sh new file mode 100755 index 0000000..67a5cd3 --- /dev/null +++ b/run-docker.sh @@ -0,0 +1,52 @@ +#!/bin/bash +### init 初始化项目 +### start 启动项目 +### stop 停止项目 +### restart 重启项目 +### -h 显示帮助信息. +help() { + awk -F'### ' '/^###/ { print $2 }' "$0" +} + +if [[ $# == 0 ]] || [[ "$1" == "-h" ]] || [[ "$1" == "--help" ]]; then + help + exit 1 +fi + +#初始化方法 +init(){ + echo "正在初始化中..." + sudo find . -path "*/*/*/migrations/*.py" -not -name "__init__.py" -delete + sudo rm -rf docker_env/mysql/data + python ./manage.py initialization + echo "初始化完成..." +} + +#启动方法 +start(){ + echo "正在启动中..." + docker-compose up + echo "启动完成..." +} + +case "$1" in + + init) + echo "=== init " + init + start + ;; + start) + echo "=== start ";; + + stop) + echo "=== stop ";; + + restart) + echo "=== restart ";; + + *) + help + exit 1 + +esac