假设django5网站部署在根目录/website下,且目录对www-data用户有读权限。通过python3 manage.py runserver 0.0.0.0:80可以正常打开网页。
安装apache2和wsgi库,使能wsgi、ssl、rewrite等功能,启动apache2服务器。这时应该可以通过浏览器打开apache2的默认页面。
apt install apache2 libapache2-mod-wsgi-py3
a2enmod wsgi ssl rewrite
systemctl start apache2
准备好申请的SSL证书,yourdomain.com.key是私钥文件,yourdomain.com.crt是证书文件,root_bundle.crt是证书链文件。而yourdomain.com.csr用不到。
在/etc/apache2/sites-available下新建yoursite_ssl.conf,并编写以下内容:
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
Redirect permanent / https://yourdomain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
ServerAdmin webmaster@localhost
DocumentRoot /website/myproject
#ssl setting
SSLEngine on
SSLCertificateFile /website/myproject/SSL/yourdomain.com.crt
SSLCertificateKeyFile /website/myproject/SSL/yourdomain.com.key
SSLCertificateChainFile /website/myproject/SSL/root_bundle.crt
#ssl option
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:!aNULL:!MD5
#staic file setting
Alias /static /website/myproject/static
<Directory /website/myproject/static>
Require all granted
</Directory>
# wsgi setting
WSGIDaemonProcess myproject python-path=/website/myproject processes=5 threads=15
WSGIProcessGroup myproject
WSGIScriptAlias / /website/myproject/myproject/wsgi.py process-group=myproject
<Directory /website/myproject/myproject>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
</VirtualHost>
检查配置文件的语法,使能yoursite_ssl.conf,重启服务器。
apache2ctl -S
apache2ctl configtest
a2ensite yoursite_ssl.conf
systemctl restart apache2
最后,测试网站的连接,带不带s,带不带www都要测试一下。
curl -I http://yourdomain.com
curl -I http://www.yourdomain.com
curl -I https://yourdomain.com
curl -I https://www.yourdomain.com
