单机部署方案
约定
服务清单
-
supervisorctl > 3.0
-
neo4j 3.5.x
-
mysql 5.7
-
nginx + fpm
-
npm > 6.0
-
redis ~ 4.x
-
php 7.2
基础服务部署
调整时间
timedatectl set-timezone Asia/Shanghai
安装sudo
yum install sudo
安装PHP
yum -y install epel-release
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum install yum-utils
yum-config-manager --enable remi-php72
yum install php72 \
php72-php-gd \
php72-php-json \
php72-php-mbstring \
php72-php-mysqlnd \
php72-php-xml \
php72-php-opcache \
php72-php-bcmath \
php72-php-pecl-swoole \
php72-php-pecl-mongodb \
php72-php-pecl-zip \
php72-php-pecl-redis4 \
php72-php-pcntl \
php72-php-pecl-apcu
ln /opt/remi/php72/root/usr/bin/php /usr/bin/php
验证
php --version
php --modules
安装composer
curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer
/usr/bin/composer config -g repo.packagist composer https://mirrors.aliyun.com/composer/
安装supervisor
版本对于3.0
安装supervisor
yum install -y epel-release
yum install -y supervisor
开启supervisorctl
systemctl enable supervisord.service
创建用户和组
groupadd www
useradd --shell /sbin/nologin -g www www
安装php-fpm
安装php-fpm
yum install php72-php-fpm
开启php-fpm
systemctl enable php72-php-fpm.service
修改用户权限, 将用户和组从apache 改为www
/etc/opt/remi/php72/php-fpm.d/www.conf
user = www
group = www
安装npm
-
1.添加Node.js Yum仓库curl -sL https://rpm.nodesource.com/setup_12.x | bash -
-
2.安装Node.jsyum install -y nodejs
-
3.检查Node.js和NPM版本node -vv12.6.0Also, check the version of npm.npm -v6.9.0
安装nginx
安装nginx
yum install nginx
开启nginx
systemctl enable nginx.service
安装crontabs
yum install crontabs
systemctl enable crond.service
systemctl start crond.service
安装redis
安装redis
yum install -y redis
开启redis
yum enable redis
修改配置文件/etc/redis.conf
# requirepass foobared
requirepass #指定密码为 redis1234
启动redis
systemctl start redis
测试
redis-cli -h 127.0.0.1 -a redis1234
keys *
安装neo4j
-
1.导入签名并且添加neo4j的源到本地centos源中rpm --import https://debian.neo4j.org/neotechnology.gpg.keycat <<EOF> /etc/yum.repos.d/neo4j.repo[neo4j]name=Neo4j RPM Repositorybaseurl=https://yum.neo4j.org/stableenabled=1gpgcheck=1EOF
-
2.安装neo4j
-
用root权限安装neo4j社区版yum install neo4j-3.5.7
-
3.运行以下命令会返回已安装的Neo4j的版本:rpm -qa | grep neo4j
-
4.修改默认密码生产环境使用时需要修改初始密码, 否则会安装使用时报错.# neo4j-admin set-initial-password <password>neo4j-admin set-initial-password neo4j1234
安装mysql
如果使用云方提供的RDS, 请忽略安装
添加mysql7的源到本地centos源中
yum install -y https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
安装mysql
yum install -y mysql-server
修改配置文件/etc/my.conf(配置位置取决于安装方式)
如果使用阿里云的RDS可以忽略此步骤
sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION'
开启mysql
systemctl enable mysqld
启动mysql
systemctl start mysqld
在安装过程中,为MySQLroot用户生成一个临时密码
grep 'temporary password' /var/log/mysqld.log
输出:
2016-12-01T00:22:31.416107Z 1 [Note] A temporary password is generated for root@localhost: mqRfBU_3Xk>r
请记录下密码, 在此例里中为mqRfBU_3Xk>r
mysql_secure_installation
会提示你输入默认的root密码, 输入好后, 会被要求改掉密码.
输出
The existing password for the user account root has expired. Please set a new password.
New password:
输入一个新的12个字符的密码,该密码至少包含一个大写字母、一个小写字母、一个数字和一个特殊字符。在提示时重新输入.
在此例中设置为, Wka25ijklmng0ada-x
您将收到关于新密码强度的反馈,然后您将立即被提示再次更改密码.
输出
Estimated strength of the password: 100
Change the password for root ? (Press y|Y for Yes, any other key for No) :
我们将按下Y,然后进入所有后续问题,以便删除匿名用户、禁止远程根登录、删除测试数据库并访问它,并重新加载特权表.
命令行连接mysql
mysql -uroot -p"Wka25ijklmng0ada-x"
创建应用数据库
CREATE DATABASE espier_bloated CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
系统应用部署
部署几部分
商家端(VUE) + API端
配置授权
安装swoole-loader
确认PHP扩展目录
# php -r 'phpinfo();' | grep -i '^extension_dir'
extension_dir => /opt/remi/php72/root/usr/lib64/php/modules => /opt/remi/php72/root/usr/lib64/php/modules
本例中为/opt/remi/php72/root/usr/lib64/php/modules
curl https://business.swoole.com/static/loader2.0.0/swoole_loader72.so > /opt/remi/php72/root/usr/lib64/php/modules/swoole_loader72.so
php扩展配置文件位置
# php -r 'phpinfo();' | grep -i 'Scan this dir for additional'
Scan this dir for additional .ini files => /etc/opt/remi/php72/php.d
设置授权
注意配置license的正确位置, 默认license.zl在代码包(espier-bloated)根目录下
{ \
echo "extension=swoole_loader72.so"; \
echo "swoole_license_files=/var/www/html/license.zl"; \
} > /etc/opt/remi/php72/php.d/60-swoole_loader.ini
重启fpm
systemctl enable php72-php-fpm.service
部署API服务(php)
配置
后端代码
mkdir -p /var/www/espier-bloated
chown -R www:www /var/www/espier-bloated
放置代码到/var/www/espier-bloated目录中
修改配置.env, 拷贝.env.production文件做为模版.
-
1.配置数据库DB_HOST=127.0.0.1DB_PORT=3306DB_DATABASE=espier_bloatedDB_USERNAME=rootDB_PASSWORD=Wka25ijklmng0ada-x
-
2.配置REDIS# REDIS 相关配置REDIS_CLIENT=predisREDIS_HOST=redis-ali-espier-masterREDIS_PASSWORD=redis1234REDIS_MEMBERS_PORT=6379
-
3.配置队列QUEUE_DRIVER=redis
-
4.配置neo4jNEO4J_DEFAULT_PROTOCOL=boltNEO4J_DEFAULT_HOST=127.0.0.1NEO4J_DEFAULT_PORT=7687NEO4J_DEFAULT_USERNAME=neo4jNEO4J_DEFAULT_PASSWORD=neo4j1234
-
5.配置缓存CACHE_DRIVER=redis
-
6.配置七牛icon.png# 图片CDN域名QINIU_IMAGE_DOMAIN=b-img-cdn.yuanyuanke.cn# 图片bucketQINIU_IMAGE_NAME=espier-images# 导入导出文件CDN域名QINIU__FILE_DOMAIN=https://b-import-cdn.yuanyuanke.cn导入导出bucketQINIU_FILE_NAME=espier-import-files# 七牛Access KeyQINIU_ACCESS_KEY=# 七牛Secret KeyQINIU_SECRET_KEY=
-
7.配置微信开放平台第三方平台相关配置需要根据实际# 微信开放平台对应第三方平台APPIDWECHAT_APPID=# 微信开放平台对应第三方平台APPSECRETWECHAT_SECRET=# 微信开放平台对应第三方平台 消息校验TokenWECHAT_TOKEN=# 微信开放平台对应第三方平台 消息加解密KeyWECHAT_AES_KEY=WECHAT_DEBUG=true
-
8.配置商城小程序模版模版ID, 需要添加到小程序模版库,获得模版ID, 参考:开发者平台小程序模板# 商城小程序模版相关配置# 小程序模版ID号YYKWEISHOP_TEMPLATE_ID=# 小程序模版版本YYKWEISHOP_VERSION=# request合法域名YYKWEISHOP_REQUESTDOMAIN=https://b.yuanyuanke.cn# socket合法域名YYKWEISHOP_WSREQUESTDOMAIN=wss://b-websocket.yuanyuanke.cn# uploadFile(上传文件)合法域名YYKWEISHOP_UPLOADDOMAIN=https://b.yuanyuanke.cn# downloadFile(下载文件)合法域名YYKWEISHOP_DOWNLOADDOMAIN1=https://mmbiz.qpic.cnYYKWEISHOP_DOWNLOADDOMAIN2=https://b.yuanyuanke.cnYYKWEISHOP_DOWNLOADDOMAIN3=https://wx.qlogo.cn
-
9.配置腾讯位置服务
腾讯位置服务需要申请账号配置KEY, KEY对接口的访问是有配额的, 配额内是免费的.
在腾讯位置服务Key管理, 可以查询到Key, 并且可以查询到配额.
为了开发环境方便, 提供只为开发环境公用的免费KEY. 因为是公共的, 无法保证一定可用.
QQMAP_KEY=PSPBZ-KQ5CW-CSGRF-ON2S4-K2HQJ-XEBQG
-
1.配置支付通知接口WECHAT_PAYMENT_NOTIFY=https://b.yuanyuanke.cn/wechatAuth/wxpay/notify
完整的例子
# 标识应用环境, 本地环境设置为local
APP_ENV=local
# 调试模式, 正式环境可以关闭
APP_DEBUG=true
# 时区不要修改
APP_TIMEZONE=PRC
# 数据库相关配置
# DB_CONNECTION默认不需要改
DB_CONNECTION=default
# 数据库主机
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=espier_bloated
DB_USERNAME=root
DB_PASSWORD=Wka25ijklmng0ada-x
# 缓存驱动, 默认使用redis
CACHE_DRIVER=redis
# 队列驱动, 默认使用redis
QUEUE_DRIVER=redis
# 七牛相关配置
QINIU_IMAGE_DOMAIN=b-img-cdn.yuanyuanke.cn
QINIU_IMAGE_NAME=espier-image
QINIU__FILE_DOMAIN=https://b-import-cdn.yuanyuanke.cn
QINIU_FILE_NAME=espier-file
QINIU_ACCESS_KEY=
QINIU_SECRET_KEY=
# 短信会用到, 如果需要商派短信, 误删
PRISM_URL=http://openapi.shopex.cn/api
PRISM_KEY=7zfgrchh
PRISM_SECRET=ykiy27tqhlnbn6ndaddr
# JWT 相关配置, 可根据需要调整或不调整
JWT_SECRET=ker4H1sp4TsdDvcVJMa72SMW8Zsh3drv
JWT_TTL=300
JWT_REFRESH_TTL=20160
# 微信第三方平台设置. 本地开发环境不配置, 会影响到调用微信的相关页面, 整体不影响后台开发.
WECHAT_APPID=
WECHAT_SECRET=
WECHAT_TOKEN=
WECHAT_AES_KEY=
WECHAT_DEBUG=true
# 支付通知接口
WECHAT_PAYMENT_NOTIFY=https://b.yuanyuanke.cn/wechatAuth/wxpay/notify
# dingo标准配置, 根据实际场景进行配置
API_PREFIX=api
API_NAME="Espier API"
API_STANDARDS_TREE=vnd
API_STRICT=false
API_DEBUG=false
API_VERSION=v1
API_SUBTYPE=espier
API_CONDITIONAL_REQUEST=false
API_TOKEN=Os6Bass1oT5vig2Yod0yiT8dU0as5cIn
RPCCALL_DRIVER=dingo
# 腾讯地图接口KEY, 建议根据项目进行申请
QQMAP_KEY=PSPBZ-KQ5CW-CSGRF-ON2S4-K2HQJ-XEBQG
# REDIS 相关配置
REDIS_CLIENT=predis
REDIS_HOST=redis-ali-espier-master
REDIS_PASSWORD=redis1234
REDIS_MEMBERS_PORT=6379
LICENSE_PRODUCTION_URL=https://service.ec-os.net/api/yyk/register
LICENSE_PRODUCT=yyk
# 商城小程序相关配置
# 小程序模版ID号
YYKWEISHOP_TEMPLATE_ID=
YYKWEISHOP_REQUESTDOMAIN=https://b.yuanyuanke.cn
YYKWEISHOP_WSREQUESTDOMAIN=wss://b-websocket.yuanyuanke.cn
# 小程序版本
YYKWEISHOP_VERSION=
YYKWEISHOP_DOWNLOADDOMAIN1=https://mmbiz.qpic.cn
YYKWEISHOP_DOWNLOADDOMAIN2=https://b.yuanyuanke.cn
YYKWEISHOP_DOWNLOADDOMAIN3=https://wx.qlogo.cn
WEBSOCKET_SERVER_PORT=9051
WEBSOCKET_SERVER_HOST=b-websocket.yuanyuanke.cn
SENTRY_LARAVEL_DSN=https://eb0daff7a4244e2e8e8131e178952c55:d13add823922418f859c081feb671d73@report.shopex.cn/41
SUPER_ADMIN_LOGIN_NAME=yykpms
SUPER_ADMIN_LOGIN_PASSWORD=c0f50922ef5c2d72adac424fca752aa97523fa33
NEO4J_DEFAULT_PROTOCOL=http
NEO4J_DEFAULT_HOST=distribution-neo4j-neo4j-core-0.distribution-neo4j-neo4j.espier.svc.cluster.local
NEO4J_DEFAULT_PORT=7474
NEO4J_DEFAULT_USERNAME=neo4j
NEO4J_DEFAULT_PASSWORD=oPMfxPwMwY
BROKERAGE_URI=
BROKERAGE_URI_ITEM=
ALIPAY_PAYMENT_NOTIFY=
ALIPAY_PAYMENT_RETURN=
H5_BASE_URL=
安装
安装composer扩展包
cd /var/www/espier-blaoted
composer install
数据库迁移
cd /var/www/espier-blaoted
./artisan doctrine:migrations:migrate
部署商家端(vue)
商家端代码
代码build好后build目录里的文件直接copy至此目录
-
1.创建项目目录mkdir -p /var/www/espier-retail-manage
-
2.放置代码 通常会通过git的方式进行部署及更新修改app/config/test.env.jsmodule.exports = {NODE_ENV: '"testing"',BASE_API: '"https://b.yuanyuanke.cn/api"',//WXIMG_URL: '"https://bbc54.shopex123.com/image/"',WXIMG_URL: '""',WXAUTHCALL_Url: '"https://b.yuanyuanke.cn/"'}
-
3.安装npm宝cd /var/www/espier-retail-manage/appnpm installl
-
4.代码编译目录 /var/www/espier-retail-manage/app/config/index.jsassetsRoot: path.resolve(__dirname, '../test'),编译后的文件在/var/www/espier-retail-manage/app/test下
-
5.代码编译npm run build-test
-
6.更改权限chown -R www:www /var/www/espier-retail-manage
配置nginx
修改/etc/nginx/nginx.conf, 将权限nginx 改为www
use www;
创建项目nginx配置
vim /etc/nginx/conf.d/espier.conf
需要配置ssl证书, 在下边配置的所有配置ssl处.
server
{
listen 443;
# 配置ssl
server_name b.yuanyuanke.cn;
location /api/ {
access_log /var/log/nginx/espier-bloated.log;
proxy_pass http://localhost:8080;
}
location /wechatAuth/ {
access_log /var/log/nginx/espier-wechatauth.log;
proxy_pass http://localhost:8080;
}
location / {
proxy_pass http://localhost:8081;
}
}
# 配置API服务(espier-bloated)
server {
listen 8080;
listen [::]:8080;
server_name localhost;
root /var/www/espier-bloated/public;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
add_header Access-Control-Allow-Origin '*' always;
add_header Access-Control-Allow-Headers "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With";
add_header Access-Control-Expose-Headers "Authorization";
add_header Access-Control-Allow-Methods "DELETE, GET, HEAD, POST, PUT, OPTIONS, TRACE, PATCH";
if ($request_method = OPTIONS ) {
return 200;
}
fastcgi_pass localhost:9000;
fastcgi_read_timeout 150;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
# 配置商家端(espier-retail-manage)
server {
listen 8081;
listen [::]:8081;
server_name localhost;
location / {
root /var/www/espier-retail-manage/app/test;
index index.html index.htm;
try_files $uri $uri/ /index.html =404;
}
location /wximage/ {
set $hostx "";
set $addrs "";
if ( $uri ~ "^/wximage/http./+([^/]+)/(.+)$") {
set $hostx $1;
set $addrs $2;
}
resolver 8.8.8.8;
proxy_pass http://$hostx/$addrs;
proxy_set_header referer "http://read.html5.qq.com/image";
}
}
配置websocket服务
server
{
listen 443;
# 配置ssl
server_name b-websocket.yuanyuanke.cn;
location / {
proxy_pass http://localhost:9051/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
配置定时任务
crontab -e
* * * * * sudo -E -u www php /var/www/espier-bloated/artisan schedule:run >> /var/log/espier-cront.log 2>&1
配置队列服务
修改队列配置
查看队列ps aux|grep queue
vim /etc/supervisord.d/super-queue.ini
[program:bloated-queue-default]
command=/var/www/espier-bloated/artisan queue:work --queue=default --delay=3 --memory=128 --timeout=30 --sleep=1 --tries=3
stdout_logfile=/var/www/espier-bloated/storage/logs/supervisor-bloated-queue-default.log
redirect_stderr=true
process_name=%(program_name)s_%(process_num)02d
autostart=true
autorestart=true
numprocs=1
user=www
startsecs=3
startretries=100000
[program:bloated-queue-slow]
command=/var/www/espier-bloated/artisan queue:work --queue=slow --delay=3 --memory=128 --timeout=1800 --sleep=1 --tries=3
stdout_logfile=/var/www/espier-bloated/storage/logs/supervisor-bloated-queue-slow.log
redirect_stderr=true
process_name=%(program_name)s_%(process_num)02d
redirect_stderr=true
autostart=true
autorestart=true
numprocs=1
user=www
startsecs=3
startretries=100000
[program:bloated-queue-sms]
command=/var/www/espier-bloated/artisan queue:work --queue=sms --delay=3 --memory=128 --timeout=1800 --sleep=1 --tries=3
stdout_logfile=/var/www/espier-bloated/storage/logs/supervisor-bloated-queue-sms.log
redirect_stderr=true
process_name=%(program_name)s_%(process_num)02d
redirect_stderr=true
autostart=true
autorestart=true
numprocs=1
user=www
startsecs=3
startretries=100000
配置websocket服务
配置websocket
vim /etc/supervisord.d/super-websocket.ini
[program:websocket]
command=/var/www/espier-bloated/artisan websocket:start
stdout_logfile=/var/www/espier-bloated/storage/logs/supervisor-websocket.log
redirect_stderr=true
autostart=true
autorestart=true
numprocs=1
user=www
startsecs=3
startretries=100000
服务启动
启动队列任务, websocket服务
systemctl start supervisord.service
启动nginx
systemctl start nginx.service
启动php-fpm
