Django 的多次安装 - 如何通过网络服务器(Lighttpd)配置透明多路复用?
这个问题的答案是:如何在一台服务器上为 Django 设置多个具有单独数据库的帐户?
我在 Google 或其他地方没有看到类似的内容(也许我的词汇有误),所以我认为输入可以成为互联网讨论的宝贵补充。
如何像这样配置服务器:
- 一次安装 Lighttpd
- 多个 Django 项目作为 FastCGI 运行
- Django 项目可以随意添加/删除,并且不需要重新启动 Web 服务器
- 透明重定向对特定 Django 安装的所有请求/响应,具体取决于在当前用户上
,即 给定 Django 项目(具有相应的 FastCGI 套接字):
- Bob (/tmp/bob.fcgi)
- Sue (/tmp/sue.fcgi)
- Joe (/tmp/joe.fcgi)
Django 项目使用一个(过于简化的)脚本启动,如下所示:
#!/bin/sh
NAME=bob
SOCKET=/tmp/$NAME.fcgi
PROTO=fcgi
DAEMON=true
/django_projects/$NAME/manage.py runfcgi protocol=$PROTO socket=$SOCKET
daemonize=$DAEMON
我希望流量到达 http://www.example.com/ 以将请求定向到正确的 Django 应用程序取决于登录的用户。
换句话说, http://www.example.com 应该出现"be" /tmp/bob.fcgi 如果 bob 登录,/tmp/joe.fcgi 如果 joe 登录,/tmp/sue.fcgi 如果 sue 登录。如果没有人登录,则应该重定向到登录页面。
我考虑了使用以下算法的多路分解“plexer”FastCGI 脚本:
如果设置了 cookie $PLEX,则通过管道将请求发送到 /tmp/$PLEX.fcgi
否则重定向到登录页面(根据用户名 => PLEX 的多对一映射设置 cookie PLEX)
当然,出于安全考虑,应该对 $PLEX 进行污点检查,并且 $PLEX 不应引起任何信任假设。
Lighttpd 配置如下(尽管 Apache、Nginx 等也可以轻松使用):
fastcgi.server = ( "plexer.fcgi" =>
( "localhost" =>
(
"socket" => "/tmp/plexer.fcgi",
"check-local" => "disable"
)
)
)
输入和想法、有用的链接以及了解如何正确实现 FastCGI plexer 都将受到赞赏。
谢谢。
This question flows from the answer to:How does one set up multiple accounts with separate databases for Django on one server?
I haven't seen anything like this on Google or elsewhere (perhaps I have the wrong vocabulary), so I think input could be a valuable addition to the internet discourse.
How could one configure a server likeso:
- One installation of Lighttpd
- Multiple Django projects running as FastCGI
- The Django projects may be added/removed at will, and ought not to require restarting the webserver
- Transparent redirection of all requests/responses to a particular Django installation depending on the current user
I.e. Given Django projects (with corresponding FastCGI socket):
- Bob (/tmp/bob.fcgi)
- Sue (/tmp/sue.fcgi)
- Joe (/tmp/joe.fcgi)
The Django projects being started with a (oversimplified) script likeso:
#!/bin/sh
NAME=bob
SOCKET=/tmp/$NAME.fcgi
PROTO=fcgi
DAEMON=true
/django_projects/$NAME/manage.py runfcgi protocol=$PROTO socket=$SOCKET
daemonize=$DAEMON
I want traffic to http://www.example.com/ to direct the request to the correct Django application depending on the user that is logged in.
In other words, http://www.example.com should come "be" /tmp/bob.fcgi if bob is logged in, /tmp/joe.fcgi if joe is logged in, /tmp/sue.fcgi if sue is logged in. If no-one is logged in, it should redirect to a login page.
I've contemplated a demultiplexing "plexer" FastCGI script with the following algorithm:
If the cookie $PLEX is set, pipe request to /tmp/$PLEX.fcgi
Otherwise redirect to login page (which sets the cookie PLEX based on a many-to-one mapping of Username => PLEX)
Of course as a matter of security $PLEX should be taint checked, and $PLEX shouldn't give rise to any presumption of trust.
A Lighttpd configuration would be likeso (though Apache, Nginx, etc. could be used just as easily):
fastcgi.server = ( "plexer.fcgi" =>
( "localhost" =>
(
"socket" => "/tmp/plexer.fcgi",
"check-local" => "disable"
)
)
)
Input and thoughts, helpful links, and to know how to properly implement the FastCGI plexer would all be appreciated.
Thank you.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我大致是这样解决这个问题的:
在lighttpd.conf
和相应的lighttpd_conf.py中:
其中ACCOUNT_LIST_FILE包含多个帐户,例如
服务器将映射http://example.com/abc1 到 /tmp/user-socket-abc1.scgi,其中可能是用户 abc1 的 Django 实例正在谈论 SCGI。
显然,必须对帐户名称(我生成这些帐户)执行某种污点检查。
Here's roughly how I solved this:
In lighttpd.conf
And corresponding lighttpd_conf.py:
Where ACCOUNT_LIST_FILE contains a number of accounts, e.g.
The server will map http://example.com/abc1 to /tmp/user-socket-abc1.scgi, where presumably a Django instance for user abc1 is talking SCGI.
One must obviously perform some sort of taint checking on the names of accounts (I generate these).