大马信鸽服务器配置

1. 安装宝塔
2. 安装.net环境管理器
3. 安装python环境，目前使用的是3.13.2版本
4. 安装 进程守护管理器

在进程守护管理器中配置2个进程。

1. 名称DamaCrawler 启动用户www，进程数1，启动优先级999，启动命令/bin/bash /www/wwwroot/PythonProj/Django/DamaCrawler/supervisor_dama_crawler.sh，进程目录/www/wwwroot/PythonProj/Django/DamaCrawler/
2. 名称DamaCrawlerSchedule 启动用户www, 进程数1，启动优先级999，启动命令/bin/bash /www/wwwroot/PythonProj/Django/DamaCrawler/start_scheduler.sh，进程目录/www/wwwroot/PythonProj/Django/DamaCrawler/

当然，在配置进程之前，要安装好.net8.0环境，设置好程序目录的venv目录，这是Python的虚拟环境目录，我们配置好Python的虚拟目录的目的，就是所有的程序我们使用自己的虚拟目录，因为目前宝塔版本的python创建后，必须使用他的虚拟目录，造成很多的插件安装都出现问题。

这个建立好PHP网站就可以，配置文件内容如下：

server {
listen 80;
listen 443 ssl;
# listen 443 quic;
# http2 on;
server_name d3.dama.biz;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/PythonProj/Django/DamaCrawler;
include /www/server/panel/vhost/nginx/extension/d3.dama.biz/*.conf;

# 日志设置 – 移到顶部
access_log /www/wwwlogs/d3.dama.biz.log;
error_log /www/wwwlogs/d3.dama.biz.error.log;

# 添加全局超时和缓冲设置
client_max_body_size 100M;
client_body_timeout 600s;
client_header_timeout 600s;
keepalive_timeout 600s;
send_timeout 600s;

# 确保大型响应能正确传递
proxy_max_temp_file_size 0;
fastcgi_max_temp_file_size 0;

#CERT-APPLY-CHECK–START
# 用于SSL证书申请时的文件验证相关配置 — 请勿删除
include /www/server/panel/vhost/nginx/well-known/d3.dama.biz.conf;
#CERT-APPLY-CHECK–END

#SSL-START SSL相关配置，请勿删除或修改下一行带注释的404规则
#error_page 404/404.html;
ssl_certificate /www/server/panel/vhost/cert/d3.dama.biz/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/d3.dama.biz/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security “max-age=31536000”;
add_header Alt-Svc ‘quic=”:443″; h3=”:443″; h3-29=”:443″; h3-27=”:443″;h3-25=”:443″; h3-T050=”:443″; h3-Q050=”:443″;h3-Q049=”:443″;h3-Q048=”:443″; h3-Q046=”:443″; h3-Q043=”:443″‘;
error_page 497 https://$host$request_uri;
#SSL-END

# 静态文件配置 – 修改为更高优先级
location ^~ /static/ {
alias /www/wwwroot/PythonProj/Django/DamaCrawler/static_collected/;
expires 30d;
add_header Cache-Control “public, max-age=2592000”;
access_log off;
# 添加更多MIME类型支持
types {
text/css css;
application/javascript js;
application/json json;
image/svg+xml svg svgz;
image/png png;
image/jpeg jpg jpeg;
image/gif gif;
image/webp webp;
font/woff woff;
font/woff2 woff2;
application/vnd.ms-fontobject eot;
font/ttf ttf;
}
try_files $uri $uri/ =404;
}

location ^~ /media/ {
alias /www/wwwroot/PythonProj/Django/DamaCrawler/media/;
expires 30d;
add_header Cache-Control “public, max-age=2592000”;
access_log off;
try_files $uri $uri/ =404;
}

# uWSGI配置 – 修改优化部分
location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:8006;

# 增加超时设置
uwsgi_read_timeout 600s;
uwsgi_send_timeout 600s;
uwsgi_connect_timeout 120s;

# 增加缓冲区设置
uwsgi_buffer_size 64k;
uwsgi_buffers 16 64k;
uwsgi_busy_buffers_size 128k;

# 添加这些新配置
uwsgi_buffering on;
uwsgi_ignore_client_abort on; # 即使客户端中断也完成请求处理
uwsgi_intercept_errors on; # 拦截uWSGI错误

# 添加这些设置防止504错误
proxy_buffering on;
proxy_buffer_size 64k;
proxy_buffers 16 64k;
proxy_busy_buffers_size 128k;

# 正确传递请求头
uwsgi_param Host $host;
uwsgi_param X-Real-IP $remote_addr;
uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
uwsgi_param X-Forwarded-Proto $scheme;

# HTTPS相关
uwsgi_param HTTPS $https if_not_empty;
}

# 自定义错误处理
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;

# 确保Django可以正确处理444错误
error_page 444 = @django_handler;
location @django_handler {
uwsgi_pass 127.0.0.1:8006;
include uwsgi_params;
}

#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md) {
return 404;
}

#一键申请SSL证书验证目录相关设置
location ~ \.well-known {
allow all;
}

#禁止在证书验证目录放入敏感文件
if ( $uri ~ “^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$” ) {
return 403;
}

# 图片等静态资源 – 非/static/路径下的
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
access_log off;
}

# CSS和JS文件 – 非/static/路径下的
location ~ .*\.(js|css)$ {
# 如果不是/static/路径下的才应用此规则
if ($request_uri !~ “^/static/”) {
expires 12h;
access_log off;
}
}

#Monitor-Config-Start 网站监控报表日志发送配置
access_log syslog:server=unix:/tmp/bt-monitor.sock,nohostname,tag=1__access monitor;
error_log syslog:server=unix:/tmp/bt-monitor.sock,nohostname,tag=1__error;
#Monitor-Config-End
}

关于.net网站方面，直接在宝塔的.net网站中创建好就可以，然后设置好启动命令/www/server/dotnet/8.0.100/dotnet WaterCloud.Web.dll，项目端口9000，启动用户root，设置好域名，安装好ssl证书，打开外网映射，不需要重定向。

配置文件内容如下：

server
{
listen 80;
listen 443 ssl;
listen 443 quic;
http2 on;
server_name damaxinge.top www.damaxinge.top;
index index.html index.htm default.htm default.html;
root /www/wwwroot/gejieyun_dama;
include /www/server/panel/vhost/nginx/extension/gejieyun_dama/*.conf;
#CERT-APPLY-CHECK–START
# 用于SSL证书申请时的文件验证相关配置 — 请勿删除
include /www/server/panel/vhost/nginx/well-known/gejieyun_dama.conf;
#CERT-APPLY-CHECK–END

#SSL-START SSL相关配置
#error_page 404/404.html;
ssl_certificate /www/server/panel/vhost/cert/gejieyun_dama/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/gejieyun_dama/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security “max-age=31536000”;
add_header Alt-Svc ‘quic=”:443″; h3=”:443″; h3-29=”:443″; h3-27=”:443″;h3-25=”:443″; h3-T050=”:443″; h3-Q050=”:443″;h3-Q049=”:443″;h3-Q048=”:443″; h3-Q046=”:443″; h3-Q043=”:443″‘;
error_page 497 https://$host$request_uri;

#SSL-END

#ERROR-PAGE-START 错误页相关配置
#error_page 404 /404.html;
#error_page 502 /502.html;
#ERROR-PAGE-END

#REWRITE-START 伪静态相关配置
include /www/server/panel/vhost/rewrite/net_gejieyun_dama.conf;
#REWRITE-END

#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md|package.json|package-lock.json|\.env) {
return 404;
}

#一键申请SSL证书验证目录相关设置
location /.well-known/ {
root /www/wwwroot/java_node_ssl;
}

#禁止在证书验证目录放入敏感文件
if ( $uri ~ “^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$” ) {
return 403;
}

# HTTP反向代理相关配置开始 >>>
location ~ /purge(/.*) {
proxy_cache_purge cache_one 127.0.0.1$request_uri$is_args$args;
}

location / {
proxy_pass http://127.0.0.1:9000;
proxy_set_header Host 127.0.0.1:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
add_header X-Cache $upstream_cache_status;
proxy_set_header X-Host $host:$server_port;
proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 30s;
proxy_read_timeout 86400s;
proxy_send_timeout 30s;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;
}
# HTTP反向代理相关配置结束 <<<

access_log /www/wwwlogs/gejieyun_dama.log;
error_log /www/wwwlogs/gejieyun_dama.error.log;

#Monitor-Config-Start 网站监控报表日志发送配置
access_log syslog:server=unix:/tmp/bt-monitor.sock,nohostname,tag=3__access monitor;
error_log syslog:server=unix:/tmp/bt-monitor.sock,nohostname,tag=3__error;
#Monitor-Config-End
}