关于【django】的问题- 第1页

David

Asked: 2022-03-29 14:20:48 +0800 CST

如何将 .env 文件调用到在 K8s 服务器上的 Docker 容器中运行的 Django 项目中？

0

我很可能只需要一个正确方向的提示。

我有一个使用 gunicorn 和 nginx 运行 Django 应用程序的 docker 容器。此 Django 应用程序当前正在从 .env 文件中获取其环境变量。

FROM python:alpine
EXPOSE 8000

RUN apk update
RUN apk add --no-cache git gcc musl-dev libffi-dev libxml2-dev libxslt-dev gcc swig g++
RUN apk add --no-cache jpeg-dev zlib-dev freetype-dev lcms2-dev openjpeg-dev tiff-  dev tk-dev tcl-dev
RUN apk add --no-cache bash ffmpeg libmagic
RUN python3 -m pip install --upgrade pip
RUN python3 -m pip install --upgrade setuptools

RUN mkdir /opt/app
WORKDIR /opt/app
COPY . .
RUN python3 -m pip install /root/d12f/

RUN pip3 install -r requirements.txt
RUN pip3 install gunicorn
CMD sh -c 'gunicorn --conf python:app.gunicorn_conf app.wsgi --bind 0.0.0.0:8000 --reload --log-level info --access-logfile - --timeout 360 --error-logfile -'

当然，repo 中没有 .env 文件，因为这会带来安全风险。

Docker 映像由 github 创建并存储在私有 GitHub 包中。稍后，这个 docker 镜像被用于在 Kubernetes 上运行。

我正在尝试找到将 .env 文件放入的最佳解决方案

/opt/app/app/.env

作为本地文件。

如果可能的话，我宁愿不使用全局环境变量。

感谢您的任何建议。

Wishper

Asked: 2022-03-02 12:25:20 +0800 CST

通过过滤 AWS 中的攻击者来减少网络流量

1

刚刚在 AWS EC2 实例中安装了一个简单的 django Web 应用程序。该实例始终处于打开状态，但目前未被任何人使用（它仍在开发中）。最近由于网络流量，AWS 记账了很多钱。当 apache2 服务打开时，端口 80 上有很多流量，查看 netstat 看起来像是暴力攻击进入 django 应用程序。

我想我不能简单地关闭端口 80，因为当应用程序运行时，该端口应该是打开的。

关于如何防止这种网络流量的任何想法？

非常感谢

Ixion Chowdhury

Asked: 2022-02-17 05:12:26 +0800 CST

在具有不同子域（NGINX、Gunicorn、ubuntu）的同一个 Droplet 中托管两个不同的 django 项目

0

正如标题所说，我想在具有不同子域的同一个 Droplet（NGINX、Gunicorn、ubuntu）中托管两个不同的 django 项目。其中一个是我们的主站点 example.com。它已启动并运行并完美运行。我们希望在同一个 Droplet 中托管临时站点 staging.example.com。

我们已经为暂存站点创建了新的套接字和服务文件并激活并启用了它们，但问题是 nginx 仍然指向主域目录中的文件而不是暂存目录，因此即使已添加这些域，我们也会在下面收到此错误在暂存站点的 settings.py 允许的主机中

DisallowedHost at / 无效的 HTTP_HOST 标头：“staging.example.com”。您可能需要将 >'staging.example.com' 添加到 ALLOWED_HOSTS

这是我们的 staging.guinicorn.service 文件

[Unit]
Description=staging.gunicorn daemon
Requires=staging.gunicorn.socket
After=network.target

[Service]
User=admin
Group=www-data
WorkingDirectory=/home/admin/example1staging
ExecStart=/home/admin/example1staging/venv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/run/staging.gunicorn.sock djangoproject.wsgi:application

[Install]
WantedBy=multi-user.target

这是我们的 staging.guicorn.socket 文件

[Unit]
Description=staging.gunicorn socket

[Socket]
ListenStream=/run/staging.gunicorn.sock

[Install]
WantedBy=sockets.target

最后是我们的 nginx 配置

server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 302 https://$server_name$request_uri;
}

server {
    # SSL configuration

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl_certificate         /etc/ssl/cert.pem;
    ssl_certificate_key     /etc/ssl/key.pem;
    ssl_client_certificate /etc/ssl/cloudflare.crt;
    ssl_verify_client on;

    root /var/www/html;
    index index.html index.htm index.nginx-debian.html;    

    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/admin/example1;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/run/gunicorn.sock;
    }
}

server {
    listen 80;
    listen [::]:80;
    server_name staging.example.com www.staging.example.com;
    return 302 https://$server_name$request_uri;
}

server {
    # SSL configuration

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl_certificate         /etc/ssl/cert.pem;
    ssl_certificate_key     /etc/ssl/key.pem;
    ssl_client_certificate /etc/ssl/cloudflare.crt;
    ssl_verify_client on;

    root /var/www/html;
    index index.html index.htm index.nginx-debian.html;    

    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/admin/example1staging;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/run/staging.gunicorn.sock;
    }
}

任何形式的帮助将不胜感激！

Gaetan GR

Asked: 2021-12-29 10:38:06 +0800 CST

主管没有使用 Django 项目正确重新加载 Gunicorn

1

在将Django项目推向生产时，我正在使用Supervisor重新加载Gunicorn ：

工作流程：

          " && python manage.py migrate"\
          " && python manage.py collectstatic --noinput"\
          " && supervisorctl restart frontdesk-gunicorn"\
          " && exit"

主管配置：

   [program:project-gunicorn]
    command=/home/gaetangr/project/myprojectenv/bin/gunicorn config.wsgi:application
    user = gaetangr
    directory = /home/gaetangr/project
    autostart = true
    autorestart = true

但大多数时候，为了传播所有的变化，我必须做一个 sudo ：

systemctl restart gunicorn

据我了解，主管的命令应该完全相同。

任何想法？

Bob

Asked: 2021-12-01 16:56:20 +0800 CST

Apache：将服务图像限制为经过身份验证的用户

1

我正在尝试找出一种方法来限制对我的 apache 配置中的媒体文件夹的访问。该文件夹从 Django 站点进行上传，并且图像/pdf 上传显示在站点中以向经过身份验证的用户显示。问题是，任何未经身份验证的 schmo 都可以导航到mysite.com/media/images/pic1.jpg. 这应该是不可能的；我已经尝试了一些方法来限制这种行为，但我认为我需要一两个指针。

第一次尝试：XSendfile

Xsendfile 似乎工作，但它（顾名思义）发送文件以供下载，然后我应该显示图像的页面没有加载。所以看来这不是我的用例所需要的。

第二次尝试：重写规则

我在 apache 配置中添加了一些重写规则：

RewriteCond "%{HTTP_REFERER}" "!^$"
RewriteCond "%{HTTP_REFERER}" "!mysite.com/priv/" [NC]
RewriteRule "\.(gif|jpg|png|pdf)$"    "-"   [F,NC]

需要身份验证的站点的所有部分都在/priv/路径后面，所以我的想法是，如果这可行，那么导航到/media/images/pic1.jpg将被重写。但这不起作用，mysite.com/media/images/pic1.jpg仍然显示图像。

第三次尝试：环境

我在虚拟主机内的环境中尝试了类似的东西：

<VirtualHost *:80>
    ...
    SetEnvIf Referer "mysite\.com\/priv" localreferer
    SetEnvIf Referer ^$ localreferer
    <FilesMatch "\.(jpg|png|gif|pdf)$">
        Require env localreferer
    </FilesMatch>
    ...
</VirtualHost>

但这也没有用；我仍然可以直接导航到图像。

第四次尝试：需要有效用户

我添加Require valid-user到 v-host，但我不知道如何根据 Django 用户模型检查它。在此更改之后，每次加载显示图像的页面时，我都会收到登录提示（但没有 htaccess 等，没有什么可验证的，并且网站上也没有显示图像。

然后我尝试实现此处描述的内容（https://docs.djangoproject.com/en/3.2/howto/deployment/wsgi/apache-auth/），但我的 django 项目不喜欢WSGIHandler（与默认值相反get_wsgi_application()）。我得到一个raise AppRegistryNotReady("Apps aren't loaded yet.")错误。看起来这可能是最合理的方法，但我不知道如何开始WSGIHandler工作，或者使用get_wsgi_application().

我知道我可以给文件一个难以猜测的类似 uuid 的名称，但这似乎是一个半途而废的解决方案。那么，限制对媒体文件夹的访问以使这些图像仅在用户通过身份验证的站点部分内链接的最佳策略是什么？

Ubuntu 20.04、阿帕奇 2.4

| 编辑，遵循一些建议 |

授权文件

def check_password(environ, username, password):
    print("---->>>---->>>---->>>---->>>---->>> check_password() has been called  <<<----<<<----<<<----<<<----<<<----")

    return True

#from django.contrib.auth.handlers.modwsgi import check_password

Apache 日志显示该脚本已加载，但该函数显然未执行，因为打印语句未出现在日志中。我在这个文件和 wsgi.py 文件中放置了一个杂散的打印语句，以确保该策略进入日志，只有 wsgi.py 文件中的策略进入日志。

虚拟主机：

<VirtualHost *:80>
    ServerName mysite.com
    ServerAlias mysite.com
    DocumentRoot /path/to/docroot/
    
    Alias /static/ /path/to/docroot/static/

    # Not sure if I need this
    Alias /media/ /path/to/docroot/media/

    <Directory /path/to/docroot/static/>
        Require all granted
    </Directory>

    <Directory /path/to/docroot/media/>
        Require all granted
    </Directory>

    # this is my restricted access directory
    <Directory /path/to/docroot/media/priv/>
        AuthType Basic
        AuthName "Top Secret"
        AuthBasicProvider wsgi
        WSGIAuthUserScript /path/to/docroot/mysite/auth.py
        Require valid-user
    </Directory>

    <Directory /path/to/docroot/mysite/>
        <Files "wsgi.py">
            Require all granted
        </Files>
    </Directory>

    WSGIDaemonProcess open-ancestry-web python-home=/path/to/ENV/ python-path=/path/to/docroot/ processes=10 threads=10
    WSGIProcessGroup mysite-pgroup
    WSGIScriptAlias / /path/to/docroot/mysite/wsgi.py

    LogLevel trace8
    ErrorLog "|/bin/rotatelogs -l /path/to/logs/%Y%m%d-%H%M%S_443errors.log 30"
    CustomLog "|/bin/rotatelogs -l /path/to/logs/%Y%m%d-%H%M%S_443access.log 30" combined
</VirtualHost>

|另一个编辑 |

我接受了答案，因为现在一切正常。有很多活动部件，这导致了答案的最初问题。(1) 测试 check_password 函数没有出现在 apache 日志中......好吧，它出现在/var/log/apache2/error.log而不是设置的自定义日志中。不知道为什么，但是好吧...

(2) 我的 venv 没有正确激活，我实际上并没有注意到这一点，因为 django 也安装在系统 Python 上。我从 virtualenv 复制activate_this.py脚本并将其添加到我的 venv 并将这样的东西添加到我的 wsgi 文件中

activate_this = '/path/to/ENV/bin/activate_this.py'
with open(activate_this) as f:
    exec(f.read(), {'__file__': activate_this})

修复这些问题后，从 wsgi.py 文件调用 check_password 函数即可工作。这里的“有效”意味着它限制对未经身份验证的用户不应访问的文件夹的访问。用户仍然需要提供两次凭据——一次在常规 django 视图中，一次在浏览器提示中。这很烦人，但实际上我的问题是关于限制访问的，所以我将它留到另一天。

从 auth.py 调用 check_password 的答案建议与我的项目不合作。我收到的错误提示它是在 wsgi.py 之前调用的——似乎在调用 check_password 时未加载 venv 或未加载设置。

Madhav

Asked: 2021-09-29 20:21:23 +0800 CST

Urls.py 未在使用 nginx 和 gunicorn 的 Django 生产服务器上更新

2

我目前在 AWS EC2 实例上托管 Django Webapp，为了在生产模式下运行它，我使用 NGINX 和 gunicorn。

我面临的错误是：

无论我做什么，生产服务器似乎都不会更新 urls.py

用于将文件从本地文件传输到实例的应用程序：FileZilla

我为解决该问题而采取的步骤：

删除 urls.py 并重写它
检查其他文件是否也拒绝更新

第二步的结果：其他文件已成功更新，我使用静态文件和 index.html 进行了测试
使用纳米编辑器检查文件是否在实例中更新

第 3 步的结果：文件在实例中正确更新，所有更改都被反映
使用（用于开发目的）在实例上运行它python manage.py runserver，并发现使用 runserver 时 urls.py 正在正确更新

其他信息：

1.昨天一切都在正常更新，但突然决定叛逆

我已经使用更新了所有软件包sudo yum install
我已经重新启动了 nginx 和 gunicorn：使用以下命令：

sudo systemctl start gunicorn

sudo systemctl enable gunicorn

sudo systemctl restart nginx
我尝试使用检查错误sudo nginx -t，但没有出现错误
我已经检查了错误日志，使用sudo tail -f /var/log/nginx/error.log，但
这里也没有显示错误

我该如何解决这个问题？

谢谢

CADENTIC

Asked: 2021-09-15 05:11:54 +0800 CST

django.db.utils.DatabaseError: ORA-12154: TNS: 无法解析 OCI 中指定的连接标识符

0

django.db.utils.DatabaseError: ORA-12154: TNS:could not resolve the connect identifier specified

在 OCI 中反复收到错误连接数据库 ADW（自治数据库仓库 19c）以在 Oracle 云基础架构中部署 Django 项目

 uname -a
Linux instance-20210913-1957 5.4.17-2102.204.4.4.el7uek.x86_64 #2 SMP Tue Aug 17 20:25:28 PDT 2021 x86_64 x86_64 x86_64 GNU/Linux

pip freeze
asgiref==3.4.1
cx-Oracle==8.0.0
Django==3.2.7
pytz==2021.1
sqlparse==0.4.2
typing-extensions==3.10.0.2

我在 /usr/lib/oracle/21/client64/lib/network/admin 中解压了区域钱包文件

我的sttings.py

DATABASES={
    'default':
    {
    'ENGINE':'django.db.backends.oracle',
    'NAME':'potatodbname',
    'USER':'ADMIN',
    'PASSWORD':'wieredpassword',#Please provide the db password here
    }
}

完全错误：

 python manage.py migrate
Traceback (most recent call last):
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/base/base.py", line 219, in ensure_connection
    self.connect()
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/utils/asyncio.py", line 26, in inner
    return func(*args, **kwargs)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/base/base.py", line 200, in connect
    self.connection = self.get_new_connection(conn_params)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/utils/asyncio.py", line 26, in inner
    return func(*args, **kwargs)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/oracle/base.py", line 233, in get_new_connection
    **conn_params,
cx_Oracle.DatabaseError: ORA-12154: TNS:could not resolve the connect identifier specified

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "manage.py", line 22, in <module>
    main()
  File "manage.py", line 18, in main
    execute_from_command_line(sys.argv)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/core/management/__init__.py", line 419, in execute_from_command_line
    utility.execute()
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/core/management/__init__.py", line 413, in execute
    self.fetch_command(subcommand).run_from_argv(self.argv)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/core/management/base.py", line 354, in run_from_argv
    self.execute(*args, **cmd_options)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/core/management/base.py", line 398, in execute
    output = self.handle(*args, **options)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/core/management/base.py", line 89, in wrapped
    res = handle_func(*args, **kwargs)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/core/management/commands/migrate.py", line 92, in handle
    executor = MigrationExecutor(connection, self.migration_progress_callback)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/migrations/executor.py", line 18, in __init__
    self.loader = MigrationLoader(self.connection)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/migrations/loader.py", line 53, in __init__
    self.build_graph()
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/migrations/loader.py", line 220, in build_graph
    self.applied_migrations = recorder.applied_migrations()
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/migrations/recorder.py", line 77, in applied_migrations
    if self.has_table():
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/migrations/recorder.py", line 55, in has_table
    with self.connection.cursor() as cursor:
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/utils/asyncio.py", line 26, in inner
    return func(*args, **kwargs)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/base/base.py", line 259, in cursor
    return self._cursor()
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/base/base.py", line 235, in _cursor
    self.ensure_connection()
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/utils/asyncio.py", line 26, in inner
    return func(*args, **kwargs)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/base/base.py", line 219, in ensure_connection
    self.connect()
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/utils.py", line 90, in __exit__
    raise dj_exc_value.with_traceback(traceback) from exc_value
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/base/base.py", line 219, in ensure_connection
    self.connect()
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/utils/asyncio.py", line 26, in inner
    return func(*args, **kwargs)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/base/base.py", line 200, in connect
    self.connection = self.get_new_connection(conn_params)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/utils/asyncio.py", line 26, in inner
    return func(*args, **kwargs)
  File "/var/www/cgi-bin/trydjango-dev/lib64/python3.6/site-packages/django/db/backends/oracle/base.py", line 233, in get_new_connection
    **conn_params,
django.db.utils.DatabaseError: ORA-12154: TNS:could not resolve the connect identifier specified

我错过了什么来得到那个错误？

Paul

Asked: 2021-08-07 04:47:32 +0800 CST

如何使用 Supervisor（包括 Gunicorn 和 Nginx）设置多个 Django 应用程序？bind() to [::]:8090 失败（98：地址已在使用中）

1

我已经使用 Supervisor、Gunicorn 和 Nginx（在 Debian Buster 上）部署了一个 Django/Wagtail 应用程序，所以我可以通过http://xx.xxx.xxx.xxx:8090访问它。

/etc/nginx/sites-available/cms

server {
    server_name xx.xxx.xxx.xxx;
    listen 8090;
    listen [::]:8090 ipv6only=on;
    error_log /home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/var/log/gunicorn-error.log;
    access_log /home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/var/log/gunicorn-access.log;

    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/www.mysite.com/www/my-site/cms/admin_panel;
    }
        location /media/ {
        root /home/www.mysite.com/www/my-site/cms/admin_panel;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/run/gunicorn.sock;
    }
}

/etc/supervisor/conf.d/guni-mysite-admin.conf

[program:guni-mysite-admin]
command=/home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/bin/gunicorn admin_panel.wsgi:application --config /home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/etc/gunicorn/conf.py
user=www.mysite.com
autostart=true
autorestart=true

/etc/supervisor/conf.d/nginx-mysite-admin.conf

[program:nginx-mysite-admin]
command=/usr/sbin/nginx -g "daemon off;"
autostart=true
autorestart=true
stderr_logfile=/home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/var/log/nginx-error.log
stdout_logfile=/home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/var/log/nginx-access.log
stderr_logfile_maxbytes=2MB
stdout_logfile_maxbytes=2MB

/home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/etc/gunicorn/conf.py

workers = 3
keepalive = 5
user = 'www.mysite.com'
proc_name = 'admin_panel'
loglevel = 'error'
errorlog = '/home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/var/log/gunicorn-error.log'
accesslog = '/home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/var/log/gunicorn-access.log'
bind = 'unix:/home/www.mysite.com/.local/share/virtualenvs/cms-WqsZ9qOt/run/gunicorn.sock'
raw_env = ['DJANGO_SETTINGS_MODULE=admin_panel.settings.production']
pythonpath = '/home/www.mysite.com/www/mysite/cms/admin_panel'

现在我以同样的方式添加了另外 2 个 Django 应用程序。不幸的是，主管无法提出他们。有时 3 次运行中有 1 次运行，但大多数时候它们都不起作用。如果它有效，它会创建 3 个进程（idk，如果它应该是这样的话）。

$ sudo lsof -i:8090

COMMAND  PID     USER   FD   TYPE    DEVICE SIZE/OFF NODE NAME
nginx   3631     root   16u  IPv4 961301189      0t0  TCP *:8090 (LISTEN)
nginx   3631     root   17u  IPv6 961301190      0t0  TCP *:8090 (LISTEN)
nginx   3632 www-data   16u  IPv4 961301189      0t0  TCP *:8090 (LISTEN)
nginx   3632 www-data   17u  IPv6 961301190      0t0  TCP *:8090 (LISTEN)
nginx   3633 www-data   16u  IPv4 961301189      0t0  TCP *:8090 (LISTEN)
nginx   3633 www-data   17u  IPv6 961301190      0t0  TCP *:8090 (LISTEN)

Nginx 错误日志给出98: Address already in use，即使在端口 81 上（将其作为默认端口，因为 Apache 正在使用 80），未使用。Apache 应该不是问题，因为它不起作用，即使 Apache 已关闭。

/var/log/nginx/error.log

...
2021/08/06 12:41:54 [emerg] 24927#24927: bind() to [::]:4020 failed (98: Address already in use)
2021/08/06 12:41:54 [emerg] 24927#24927: bind() to [::]:8090 failed (98: Address already in use)
2021/08/06 12:41:54 [emerg] 24927#24927: bind() to [::]:81 failed (98: Address already in use)
2021/08/06 12:41:54 [emerg] 24927#24927: bind() to [::]:8070 failed (98: Address already in use)
2021/08/06 12:41:54 [emerg] 24927#24927: bind() to [::]:8080 failed (98: Address already in use)
2021/08/06 12:41:54 [emerg] 24927#24927: bind() to [::]:4030 failed (98: Address already in use)
2021/08/06 12:41:54 [emerg] 24928#24928: still could not bind()
...

输出 - # nginx -T

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
    worker_connections 768;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}


#mail {
#   # See sample authentication script at:
#   # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
#   # auth_http localhost/auth.php;
#   # pop3_capabilities "TOP" "USER";
#   # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
#   server {
#       listen     localhost:110;
#       protocol   pop3;
#       proxy      on;
#   }
#
#   server {
#       listen     localhost:143;
#       protocol   imap;
#       proxy      on;
#   }
#}

# configuration file /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf:
load_module modules/ngx_http_auth_pam_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf:
load_module modules/ngx_http_dav_ext_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-echo.conf:
load_module modules/ngx_http_echo_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-geoip.conf:
load_module modules/ngx_http_geoip_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-image-filter.conf:
load_module modules/ngx_http_image_filter_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf:
load_module modules/ngx_http_subs_filter_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf:
load_module modules/ngx_http_upstream_fair_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf:
load_module modules/ngx_http_xslt_filter_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-mail.conf:
load_module modules/ngx_mail_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-stream.conf:
load_module modules/ngx_stream_module.so;

# configuration file /etc/nginx/mime.types:

types {
    text/html                             html htm shtml;
    text/css                              css;
    text/xml                              xml;
    image/gif                             gif;
    image/jpeg                            jpeg jpg;
    application/javascript                js;
    application/atom+xml                  atom;
    application/rss+xml                   rss;

    text/mathml                           mml;
    text/plain                            txt;
    text/vnd.sun.j2me.app-descriptor      jad;
    text/vnd.wap.wml                      wml;
    text/x-component                      htc;

    image/png                             png;
    image/tiff                            tif tiff;
    image/vnd.wap.wbmp                    wbmp;
    image/x-icon                          ico;
    image/x-jng                           jng;
    image/x-ms-bmp                        bmp;
    image/svg+xml                         svg svgz;
    image/webp                            webp;

    application/font-woff                 woff;
    application/java-archive              jar war ear;
    application/json                      json;
    application/mac-binhex40              hqx;
    application/msword                    doc;
    application/pdf                       pdf;
    application/postscript                ps eps ai;
    application/rtf                       rtf;
    application/vnd.apple.mpegurl         m3u8;
    application/vnd.ms-excel              xls;
    application/vnd.ms-fontobject         eot;
    application/vnd.ms-powerpoint         ppt;
    application/vnd.wap.wmlc              wmlc;
    application/vnd.google-earth.kml+xml  kml;
    application/vnd.google-earth.kmz      kmz;
    application/x-7z-compressed           7z;
    application/x-cocoa                   cco;
    application/x-java-archive-diff       jardiff;
    application/x-java-jnlp-file          jnlp;
    application/x-makeself                run;
    application/x-perl                    pl pm;
    application/x-pilot                   prc pdb;
    application/x-rar-compressed          rar;
    application/x-redhat-package-manager  rpm;
    application/x-sea                     sea;
    application/x-shockwave-flash         swf;
    application/x-stuffit                 sit;
    application/x-tcl                     tcl tk;
    application/x-x509-ca-cert            der pem crt;
    application/x-xpinstall               xpi;
    application/xhtml+xml                 xhtml;
    application/xspf+xml                  xspf;
    application/zip                       zip;

    application/octet-stream              bin exe dll;
    application/octet-stream              deb;
    application/octet-stream              dmg;
    application/octet-stream              iso img;
    application/octet-stream              msi msp msm;

    application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
    application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;

    audio/midi                            mid midi kar;
    audio/mpeg                            mp3;
    audio/ogg                             ogg;
    audio/x-m4a                           m4a;
    audio/x-realaudio                     ra;

    video/3gpp                            3gpp 3gp;
    video/mp2t                            ts;
    video/mp4                             mp4;
    video/mpeg                            mpeg mpg;
    video/quicktime                       mov;
    video/webm                            webm;
    video/x-flv                           flv;
    video/x-m4v                           m4v;
    video/x-mng                           mng;
    video/x-ms-asf                        asx asf;
    video/x-ms-wmv                        wmv;
    video/x-msvideo                       avi;
}

# configuration file /etc/nginx/conf.d/timeout.conf:
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;

# configuration file /etc/nginx/sites-enabled/admin.mysite_2:
server {
    server_name xx.xxx.xxx.xxx;
    listen 4020;
    listen [::]:4020 ipv6only=on;
    error_log /home/www.mysite_2/.local/share/virtualenvs/cms-CiomF2CE/var/log/gunicorn-error.log;
    access_log /home/www.mysite_2/.local/share/virtualenvs/cms-CiomF2CE/var/log/gunicorn-access.log;

    # add_header 'Access-Control-Allow-Origin' '*';
    # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    # add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';

    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/mysite_2/www/translator-app-python/cms/wagtail_cms;
    }
        location /media/ {
        root /home/mysite_2/www/translator-app-python/cms/wagtail_cms;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/home/mysite_2/.local/share/virtualenvs/cms-CiomF2CE/run/gunicorn.sock;
    }
}
# configuration file /etc/nginx/proxy_params:
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

# configuration file /etc/nginx/sites-enabled/cms:
server {
    server_name xx.xxx.xxx.xxx;
    listen 8090;
    listen [::]:8090 ipv6only=on;
    error_log /home/mysite_1/.local/share/virtualenvs/cms-WqsZ9qOt/var/log/gunicorn-error.log;
    access_log /home/mysite_1/.local/share/virtualenvs/cms-WqsZ9qOt/var/log/gunicorn-access.log;

    # add_header 'Access-Control-Allow-Origin' '*';
    # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    # add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';

    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/mysite_1/www/kc-site/cms/admin_panel;
    }
        location /media/ {
        root /home/wmysite_1/www/kc-site/cms/admin_panel;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/home/mysite_1/.local/share/virtualenvs/cms-WqsZ9qOt/run/gunicorn.sock;
    }
}
# configuration file /etc/nginx/sites-enabled/default:
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
    # alte Syntax
    listen 81 default_server;
    listen [::]:81 ipv6only=on default_server;

    # SSL configuration
    #
    # listen 443 ssl default_server;
    # listen [::]:443 ssl default_server;
    #
    # Note: You should disable gzip for SSL traffic.
    # See: https://bugs.debian.org/773332
    #
    # Read up on ssl_ciphers to ensure a secure configuration.
    # See: https://bugs.debian.org/765782
    #
    # Self signed certs generated by the ssl-cert package
    # Don't use them in a production server!
    #
    # include snippets/snakeoil.conf;

    root /var/www/html/Nginx;

    # Add index.php to the list if you are using PHP
    index index.html index.htm index.nginx-debian.html index.php ;

    server_name _;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }

    # pass PHP scripts to FastCGI server ( neu )
    #
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        include /etc/nginx/conf.d/*.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    }

    # pass PHP scripts to FastCGI server
    #
    #location ~ \.php$ {
    #   include snippets/fastcgi-php.conf;
    #
    #   # With php-fpm (or other unix sockets):
    #   fastcgi_pass unix:/run/php/php7.3-fpm.sock;
    #   # With php-cgi (or other tcp sockets):
    #   # fastcgi_pass 127.0.0.1:9000;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #   deny all;
    #}
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#   listen 80;
#   listen [::]:80;
#
#   server_name example.com;
#
#   root /var/www/example.com;
#   index index.html;
#
#   location / {
#       try_files $uri $uri/ =404;
#   }
#}

# configuration file /etc/nginx/snippets/fastcgi-php.conf:
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+?\.php)(/.*)$;

# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;

# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;

fastcgi_index index.php;
include fastcgi.conf;

# configuration file /etc/nginx/fastcgi.conf:

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

# configuration file /etc/nginx/sites-enabled/kcanalytics:
server {
    server_name xx.xxx.xxx.xxx;
    listen 8070;
    listen [::]:8070 ipv6only=on;
    root /home/mysite_1/www/kc-site/Open-Web-Analytics;
    index index.php index.html index.htm;
    location / {
        try_files $uri $uri/ =404;
    }
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        include /etc/nginx/conf.d/*.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    }
    error_log /var/log/nginx/kcanalyticslog/kcanalytics-error.log;
    access_log /var/log/nginx/kcanalyticslog/kcanalytics-access.log;
}

# configuration file /etc/nginx/sites-enabled/kcclient:
server {
    server_name xx.xxx.xxx.xxx;
    listen 8080;
    listen [::]:8080 ipv6only=on;
    root /var/www/html/Nginx;
    index index.nginx-debian.html;

    location / {
    proxy_pass http://localhost:3000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    }
}

# configuration file /etc/nginx/sites-enabled/phrases-api.mysite_2:
server {
    server_name xx.xxx.xxx.xxx;
    listen 4030;
    listen [::]:4030 ipv6only=on;
    error_log /home/mysite_2/.local/share/virtualenvs/api-dAF0CRIW/var/log/gunicorn-error.log;
    access_log /home/mysite_2/.local/share/virtualenvs/api-dAF0CRIW/var/log/gunicorn-access.log;

    # add_header 'Access-Control-Allow-Origin' '*';
    # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    # add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';

    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/mysite_2/www/translator-app-python/api/translator_rest_api;
    }
        location /media/ {
        root /home/mysite_2/www/translator-app-python/api/translator_rest_api;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/home/mysite_2/.local/share/virtualenvs/api-dAF0CRIW/run/gunicorn.sock;
    }
}

user977828

Asked: 2021-05-18 04:21:51 +0800 CST

Docker-compose 数据库的 IP 地址

2

我找到了一个 Django 项目，但未能通过以下方式在 Docker 容器中运行：

git clone https://github.com/hotdogee/django-blast.git
$ cat requirements.txt在此文件中，必须更新以下依赖项：
- 海带==3.0.30
- psycopg2==2.8.6

我有以下 Dockerfile：

FROM python:2
ENV PYTHONUNBUFFERED=1
WORKDIR /code
COPY requirements.txt /code/
RUN pip install -r requirements.txt
COPY . /code/

因为docker-compose.yml我使用：

version: "3"

services:
  db:
    image: postgres
    volumes:
      - ./data/db:/var/lib/postgresql/data
    environment:
      - POSTGRES_DB=postgres
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=postgres
  web:
    build: .
    command: python manage.py runserver 0.0.0.0:8000
    volumes:
      - .:/code
    ports:
      - "8000:8000"
    depends_on:
      - db

docker-compose 使用哪个 IP 地址，因为我必须更改以下硬编码地址：

$ grep -ir "127.0.0.1" 
i5k/settings_prod.py:    'HOST': '127.0.0.1',
i5k/settings.py:    'HOST': '127.0.0.1',
i5k/settings.py:        'LOCATION': '127.0.0.1:11211',
Binary file i5k/settings.pyc matches
example/blastdb/AGLA_new_ids.faa.phd:13312790801051
grep: data/db: Permission denied
blast/static/blast/components/code-mirror/codemirror-4.0/mode/nginx/index.html:    fastcgi_pass   127.0.0.1:9000;
blast/static/blast/components/code-mirror/codemirror-4.0/mode/nginx/index.html:    fastcgi_pass 127.0.0.1:9000;
axes/tests.py:        reset(ip='127.0.0.1')
axes/decorators.py:            ip_address = '127.0.0.1'

先感谢您

user977828

Asked: 2021-05-17 15:41:54 +0800 CST

django.db.utils.OperationalError：无法连接到服务器：连接被拒绝

-1

我找到了一个 Django 项目，但未能通过以下方式在 Docker 容器中运行：

git clone https://github.com/hotdogee/django-blast.git
$ cat requirements.txt在此文件中，必须更新以下依赖项：
- 海带==3.0.30
- psycopg2==2.8.6

我有以下 Dockerfile：

FROM python:2
ENV PYTHONUNBUFFERED=1
WORKDIR /code
COPY requirements.txt /code/
RUN pip install -r requirements.txt
COPY . /code/

因为docker-compose.yml我使用：

version: "3"

services:
  db:
    image: postgres
    volumes:
      - ./data/db:/var/lib/postgresql/data
    environment:
      - POSTGRES_DB=postgres
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=postgres
  web:
    build: .
    command: python manage.py runserver 0.0.0.0:8000
    volumes:
      - .:/code
    ports:
      - "8000:8000"
    depends_on:
      - db

接下来，我遇到了这个错误：

$ docker-compose build
...

web_1  | System check identified no issues (0 silenced).
web_1  | Unhandled exception in thread started by <function wrapper at 0x7f265ed26850>
web_1  | Traceback (most recent call last):
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/utils/autoreload.py", line 223, in wrapper
web_1  |     fn(*args, **kwargs)
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/core/management/commands/runserver.py", line 112, in inner_run
web_1  |     self.check_migrations()
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/core/management/commands/runserver.py", line 164, in check_migrations
web_1  |     executor = MigrationExecutor(connections[DEFAULT_DB_ALIAS])
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/migrations/executor.py", line 19, in __init__
web_1  |     self.loader = MigrationLoader(self.connection)
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/migrations/loader.py", line 47, in __init__
web_1  |     self.build_graph()
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/migrations/loader.py", line 180, in build_graph
web_1  |     self.applied_migrations = recorder.applied_migrations()
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/migrations/recorder.py", line 59, in applied_migrations
web_1  |     self.ensure_schema()
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/migrations/recorder.py", line 49, in ensure_schema
web_1  |     if self.Migration._meta.db_table in self.connection.introspection.table_names(self.connection.cursor()):
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/backends/base/base.py", line 162, in cursor
web_1  |     cursor = self.make_debug_cursor(self._cursor())
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/backends/base/base.py", line 135, in _cursor
web_1  |     self.ensure_connection()
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/backends/base/base.py", line 130, in ensure_connection
web_1  |     self.connect()
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/utils.py", line 97, in __exit__
web_1  |     six.reraise(dj_exc_type, dj_exc_value, traceback)
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/backends/base/base.py", line 130, in ensure_connection
web_1  |     self.connect()
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/backends/base/base.py", line 119, in connect
web_1  |     self.connection = self.get_new_connection(conn_params)
web_1  |   File "/usr/local/lib/python2.7/site-packages/django/db/backends/postgresql_psycopg2/base.py", line 172, in get_new_connection
web_1  |     connection = Database.connect(**conn_params)
web_1  |   File "/usr/local/lib/python2.7/site-packages/psycopg2/__init__.py", line 127, in connect
web_1  |     conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
web_1  | django.db.utils.OperationalError: could not connect to server: Connection refused
web_1  |    Is the server running on host "127.0.0.1" and accepting
web_1  |    TCP/IP connections on port 5432?

我错过了什么？

先感谢您

如何将 .env 文件调用到在 K8s 服务器上的 Docker 容器中运行的 Django 项目中？

通过过滤 AWS 中的攻击者来减少网络流量

在具有不同子域（NGINX、Gunicorn、ubuntu）的同一个 Droplet 中托管两个不同的 django 项目

主管没有使用 Django 项目正确重新加载 Gunicorn

Apache：将服务图像限制为经过身份验证的用户

第一次尝试：XSendfile

第二次尝试：重写规则

第三次尝试：环境

第四次尝试：需要有效用户

Ubuntu 20.04、阿帕奇 2.4

| 编辑，遵循一些建议 |

|另一个编辑 |

Urls.py 未在使用 nginx 和 gunicorn 的 Django 生产服务器上更新

django.db.utils.DatabaseError: ORA-12154: TNS: 无法解析 OCI 中指定的连接标识符

如何使用 Supervisor（包括 Gunicorn 和 Nginx）设置多个 Django 应用程序？bind() to [::]:8090 失败（98：地址已在使用中）

输出 - # nginx -T

Docker-compose 数据库的 IP 地址

django.db.utils.OperationalError：无法连接到服务器：连接被拒绝

新安装后 postgres 的默认超级用户用户名/密码是什么？

SFTP 使用什么端口？

命令行列出 Windows Active Directory 组中的用户？

什么是 Pem 文件，它与其他 OpenSSL 生成的密钥文件格式有何不同？

如何确定bash变量是否为空？

问题[django](server)

第一次尝试：XSendfile

第二次尝试：重写规则

第三次尝试：环境

第四次尝试：需要有效用户

Ubuntu 20.04、阿帕奇 2.4

| 编辑，遵循一些建议 |

|另一个编辑 |

输出 - # nginx -T