当前位置: 文江博客话题详情

Django 的多次安装 - 如何通过网络服务器(Lighttpd)配置透明多路复用?

发布于 2024-07-09 15:21:30 字数 1867 浏览 5 评论 0原文

这个问题的答案是:如何在一台服务器上为 Django 设置多个具有单独数据库的帐户?

我在 Google 或其他地方没有看到类似的内容(也许我的词汇有误),所以我认为输入可以成为互联网讨论的宝贵补充。

如何像这样配置服务器:

  • 一次安装 Lighttpd
  • 多个 Django 项目作为 FastCGI 运行
  • Django 项目可以随意添加/删除,并且不需要重新启动 Web 服务器
  • 透明重定向对特定 Django 安装的所有请求/响应,具体取决于在当前用户上

,即 给定 Django 项目(具有相应的 FastCGI 套接字):

  • Bob (/tmp/bob.fcgi)
  • Sue (/tmp/sue.fcgi)
  • Joe (/tmp/joe.fcgi)

Django 项目使用一个(过于简化的)脚本启动,如下所示:

#!/bin/sh
NAME=bob

SOCKET=/tmp/$NAME.fcgi

PROTO=fcgi
DAEMON=true

/django_projects/$NAME/manage.py runfcgi protocol=$PROTO socket=$SOCKET
  daemonize=$DAEMON

我希望流量到达 http://www.example.com/ 以将请求定向到正确的 Django 应用程序取决于登录的用户。

换句话说, http://www.example.com 应该出现"be" /tmp/bob.fcgi 如果 bob 登录,/tmp/joe.fcgi 如果 joe 登录,/tmp/sue.fcgi 如果 sue 登录。如果没有人登录,则应该重定向到登录页面。

我考虑了使用以下算法的多路分解“plexer”FastCGI 脚本:

  1. 如果设置了 cookie $PLEX,则通过管道将请求发送到 /tmp/$PLEX.fcgi

  2. 否则重定向到登录页面(根据用户名 => PLEX 的多对一映射设置 cookie PLEX)

当然,出于安全考虑,应该对 $PLEX 进行污点检查,并且 $PLEX 不应引起任何信任假设。

Lighttpd 配置如下(尽管 Apache、Nginx 等也可以轻松使用):

fastcgi.server = ( "plexer.fcgi" =>
                           ( "localhost" =>
                             (   
                               "socket" => "/tmp/plexer.fcgi",
                               "check-local" => "disable"
                             )
                           )   
                 )

输入和想法、有用的链接以及了解如何正确实现 FastCGI plexer 都将受到赞赏。

谢谢。

原文

This question flows from the answer to:How does one set up multiple accounts with separate databases for Django on one server?

I haven't seen anything like this on Google or elsewhere (perhaps I have the wrong vocabulary), so I think input could be a valuable addition to the internet discourse.

How could one configure a server likeso:

  • One installation of Lighttpd
  • Multiple Django projects running as FastCGI
  • The Django projects may be added/removed at will, and ought not to require restarting the webserver
  • Transparent redirection of all requests/responses to a particular Django installation depending on the current user

I.e. Given Django projects (with corresponding FastCGI socket):

  • Bob (/tmp/bob.fcgi)
  • Sue (/tmp/sue.fcgi)
  • Joe (/tmp/joe.fcgi)

The Django projects being started with a (oversimplified) script likeso:

#!/bin/sh
NAME=bob

SOCKET=/tmp/$NAME.fcgi

PROTO=fcgi
DAEMON=true

/django_projects/$NAME/manage.py runfcgi protocol=$PROTO socket=$SOCKET
  daemonize=$DAEMON

I want traffic to http://www.example.com/ to direct the request to the correct Django application depending on the user that is logged in.

In other words, http://www.example.com should come "be" /tmp/bob.fcgi if bob is logged in, /tmp/joe.fcgi if joe is logged in, /tmp/sue.fcgi if sue is logged in. If no-one is logged in, it should redirect to a login page.

I've contemplated a demultiplexing "plexer" FastCGI script with the following algorithm:

  1. If the cookie $PLEX is set, pipe request to /tmp/$PLEX.fcgi

  2. Otherwise redirect to login page (which sets the cookie PLEX based on a many-to-one mapping of Username => PLEX)

Of course as a matter of security $PLEX should be taint checked, and $PLEX shouldn't give rise to any presumption of trust.

A Lighttpd configuration would be likeso (though Apache, Nginx, etc. could be used just as easily):

fastcgi.server = ( "plexer.fcgi" =>
                           ( "localhost" =>
                             (   
                               "socket" => "/tmp/plexer.fcgi",
                               "check-local" => "disable"
                             )
                           )   
                 )

Input and thoughts, helpful links, and to know how to properly implement the FastCGI plexer would all be appreciated.

Thank you.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

行至春深 2024-07-16 15:21:30

我大致是这样解决这个问题的:

在lighttpd.conf

$SERVER["socket"] == "localhost:81" {
  include_shell "/opt/bin/lighttpd_conf.py"
}

和相应的lighttpd_conf.py中:

#!/usr/bin/python
import fileinput
ACCOUNT_LIST_FILE = "/opt/servers/account_list.txt"

for user in fileinput.input(ACCOUNT_LIST_FILE):
    print """
    $HTTP[\"url\"] =~ \"^/%s/\" {
        scgi.server = ( \"/\" => 
            (
            (
                \"socket\" => \"/tmp/user-socket-%s.scgi\",
                \"check-local\" => \"disable\",
            )
            )
        )
    }
    """ % (user, user)

其中ACCOUNT_LIST_FILE包含多个帐户,例如

abc1
abc2
abc3

服务器将映射http://example.com/abc1 到 /tmp/user-socket-abc1.scgi,其中可能是用户 abc1 的 Django 实例正在谈论 SCGI。

显然,必须对帐户名称(我生成这些帐户)执行某种污点检查。

Here's roughly how I solved this:

In lighttpd.conf

$SERVER["socket"] == "localhost:81" {
  include_shell "/opt/bin/lighttpd_conf.py"
}

And corresponding lighttpd_conf.py:

#!/usr/bin/python
import fileinput
ACCOUNT_LIST_FILE = "/opt/servers/account_list.txt"

for user in fileinput.input(ACCOUNT_LIST_FILE):
    print """
    $HTTP[\"url\"] =~ \"^/%s/\" {
        scgi.server = ( \"/\" => 
            (
            (
                \"socket\" => \"/tmp/user-socket-%s.scgi\",
                \"check-local\" => \"disable\",
            )
            )
        )
    }
    """ % (user, user)

Where ACCOUNT_LIST_FILE contains a number of accounts, e.g.

abc1
abc2
abc3

The server will map http://example.com/abc1 to /tmp/user-socket-abc1.scgi, where presumably a Django instance for user abc1 is talking SCGI.

One must obviously perform some sort of taint checking on the names of accounts (I generate these).

回复 原文
~没有更多了~

关于作者

傲世九天

暂无简介

0 文章
0 评论
22 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

不再见

文章 0 评论 0

真是无聊啊

文章 0 评论 0

樱娆

文章 0 评论 0

浅语花开

文章 0 评论 0

烛光

文章 0 评论 0

绻影浮沉

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文