link管理
链接快照平台
- 输入网页链接,自动生成快照
- 标签化管理网页链接
相关文章推荐
|
满身肌肉的水桶 · optimizer.zero_grad() ...· 3 月前 · |
|
|
想旅行的遥控器 · 《暮光之城2》首映破纪录 周末狂揽2.5亿美元· 7 月前 · |
|
|
腼腆的炒粉 · 尤利安·德拉克斯勒_百度百科· 9 月前 · |
|
|
风流倜傥的大熊猫 · The Origin Forum - ...· 9 月前 · |
|
|
英俊的蚂蚁 · 剧集|琼瑶的两个永恒,《新月格格》不如《烟锁 ...· 1 年前 · |
以下步骤将指导您全新设置GeoNode。
All guides will first install and configure the system to run it in
DEBUG
mode (also known as
DEVELOPMENT
mode)
and then by configuring an HTTPD server to serve GeoNode through the standard
HTTP
(
80
) port.
那些指南
不是
意味着要在生产系统上使用。将会有专门的章节向你展示一些
提示
要为可投入生产的计算机优化GeoNode,请执行以下操作。无论如何,我们强烈建议任命一位经验丰富的
DevOp
或
系统管理员
在将您的服务器暴露给
WEB
。
Ubuntu 20.04LTS ¶
本部分文档介绍了Ubuntu 20.04LTS上GeoNode的完整设置过程 64-bit 干净的环境(台式机或服务器)。
所有示例都使用必须在本地终端或远程shell上输入的shell命令。
如果您有图形化桌面环境,可以在登录后打开终端应用;
如果您在远程服务器上工作,提供程序或sysadmin应该已经授予您通过ssh客户端的访问权限。
1.安装依赖项 ¶
在本节中,我们将安装完整的GeoNode安装所需的所有基本软件包和工具。
要遵循本指南,需要了解Ubuntu服务器配置和使用shell的基本知识。
本指南使用
vim
作为编辑;自由填充以供使用
nano
,
gedit
或者其他人。
升级系统包 ¶
使用运行以下命令的存储库检查您的系统是否已处于最新状态:
sudo add-apt-repository ppa:ubuntugis/ubuntugis-unstable
sudo apt update -y; sudo apt upgrade -y;
我们将使用 example.org 作为虚构的域名。
首先,我们要安装所有 系统包 GeoNode设置所需的。登录到目标计算机并执行以下命令:
# Install packages from GeoNode core
sudo apt install -y build-essential gdal-bin \
python3.8-dev python3.8-venv virtualenvwrapper \
libxml2 libxml2-dev gettext \
libxslt1-dev libjpeg-dev libpng-dev libpq-dev libgdal-dev \
software-properties-common build-essential \
git unzip gcc zlib1g-dev libgeos-dev libproj-dev \
sqlite3 spatialite-bin libsqlite3-mod-spatialite libsqlite3-dev
# Install Openjdk
sudo apt install openjdk-8-jdk-headless default-jdk-headless -y
sudo update-java-alternatives --jre-headless --jre --set java-1.8.0-openjdk-amd64
# Verify GDAL version
gdalinfo --version
$> GDAL 3.0.4, released 2020/01/28
# Verify Python version
python3.8 --version
$> Python 3.8.5
which python3.8
$> /usr/bin/python3.8
# Verify Java version
java -version
$> openjdk version "1.8.0_265"
$> OpenJDK Runtime Environment (build 1.8.0_265-8u265-b01-0ubuntu2~20.04-b01)
$> OpenJDK 64-Bit Server VM (build 25.265-b01, mixed mode)
# Install VIM
sudo apt install -y vim
# Cleanup the packages
sudo apt update -y; sudo apt upgrade -y; sudo apt autoremove --purge
GeoNode 3.x与Python<3.7不兼容
2.GeoNode安装¶
这是GeoNode的最基本安装。它不会使用任何外部服务器,比如 Apache Tomcat , PostgreSQL 或 HTTPD 。
首先,我们需要准备一个新的Python虚拟环境
由于geonode需要大量不同的python库和包,建议使用python虚拟环境,以避免与系统范围的python包和其他已安装软件的依赖冲突。另请参阅的文档 Virtualenvwrapper 有关详细信息,请打包
GeoNode虚拟环境只能在第一次创建。您不需要每次都重新创建它。
which python3.8 # copy the path of python executable
# Create the GeoNode Virtual Environment (first time only)
export WORKON_HOME=~/.virtualenvs
source /usr/share/virtualenvwrapper/virtualenvwrapper.sh
mkvirtualenv --python=/usr/bin/python3.8 geonode # Use the python path from above
# Alterantively you can also create the virtual env like below
mkdir -p ~/.virtualenvs
python3.8 -m venv ~/.virtualenvs/geonode
source ~/.virtualenvs/geonode/bin/activate
此时,您的命令提示符会显示一个 (geonode) 前缀,则表示您的viralenv处于活动状态。
下次需要访问虚拟环境时,只需运行
source /usr/share/virtualenvwrapper/virtualenvwrapper.sh
workon geonode
# Alterantively you can also create the virtual env like below
source ~/.virtualenvs/geonode/bin/activate
# Write to the bottom of the file the following lines
export WORKON_HOME=~/.virtualenvs
source /usr/share/virtualenvwrapper/virtualenvwrapper.sh
# Let's create the GeoNode core base folder and clone it
sudo mkdir -p /opt/geonode/; sudo usermod -a -G www-data $USER; sudo chown -Rf $USER:www-data /opt/geonode/; sudo chmod -Rf 775 /opt/geonode/
# Clone the GeoNode source code on /opt/geonode
cd /opt; git clone https://github.com/GeoNode/geonode.git -b 3.2.x geonode
# Install the Python packages
cd /opt/geonode
pip install -r requirements.txt --upgrade --no-cache --no-cache-dir
pip install -e . --upgrade
pip install pygdal=="`gdal-config --version`.*"
安装和配置PostgreSQL数据库系统¶
在本节中,我们将安装 PostgreSQL 随附的包裹和 PostGIS 分机。这些步骤必须完成 only 如果您的系统上尚未安装该数据库。
# Ubuntu 20.04 (focal)
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
sudo wget --no-check-certificate --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt update -y; sudo apt install -y postgresql-13 postgresql-13-postgis-3 postgresql-13-postgis-3-scripts postgresql-13 postgresql-client-13
我们现在必须创建两个数据库, geonode 和 geonode_data ,属于该角色 geonode 。
这是我们的默认配置。您可以使用所需的任何数据库或角色。必须在上正确配置连接参数 settings ,正如我们将在本节后面看到的那样。
数据库和权限¶
首先,创建geonode用户。GeoNode将使用此用户访问数据库
sudo service postgresql start
sudo -u postgres createuser -P geonode
# Use the password: geonode
系统将提示您为该用户设置密码。 输入geonode作为密码 。
这是为简单起见使用的示例密码。此密码非常 weak 并且应该在生产环境中进行更改。
创建数据库 geonode 和 geonode_data 与所有者在一起 geonode
sudo -u postgres createdb -O geonode geonode
sudo -u postgres createdb -O geonode geonode_data
接下来,让我们创建PostGIS扩展模块
sudo -u postgres psql -d geonode -c 'CREATE EXTENSION postgis;'
sudo -u postgres psql -d geonode -c 'GRANT ALL ON geometry_columns TO PUBLIC;'
sudo -u postgres psql -d geonode -c 'GRANT ALL ON spatial_ref_sys TO PUBLIC;'
sudo -u postgres psql -d geonode -c 'GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO geonode;'
sudo -u postgres psql -d geonode -c 'GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO geonode;'
sudo -u postgres psql -d geonode_data -c 'CREATE EXTENSION postgis;'
sudo -u postgres psql -d geonode_data -c 'GRANT ALL ON geometry_columns TO PUBLIC;'
sudo -u postgres psql -d geonode_data -c 'GRANT ALL ON spatial_ref_sys TO PUBLIC;'
sudo -u postgres psql -d geonode_data -c 'GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO geonode;'
sudo -u postgres psql -d geonode_data -c 'GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO geonode;'
最后一步是更改文件中本地连接的用户访问策略 pg_hba.conf
sudo vim /etc/postgresql/13/main/pg_hba.conf
向下滚动到文档底部。我们想在当地转机。 trusted 对于默认用户。
确保您的配置与下面的配置类似。
# DO NOT DISABLE!
# If you change this first entry you will need to make sure that the
# database superuser can access the database using some other method.
# Noninteractive access to all databases is required during automatic
# maintenance (custom daily cronjobs, replication, and similar tasks).
# Database administrative login by Unix domain socket
local all postgres trust
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
如果您的 PostgreSQL 数据库驻留在 separate/remote machine ,你将不得不 允许 对中的数据库的远程访问 /etc/postgresql/13/main/pg_hba.conf 发送到 geonode 用户,并告诉PostgreSQL 接受 中的非本地连接 /etc/postgresql/13/main/postgresql.conf 文件
重新启动PostgreSQL以使更改生效。
sudo service postgresql restart
PostgreSQL现在已经准备好了。要测试配置,请尝试连接到 geonode 数据库AS geonode 角色。
psql -U postgres geonode
# This should not ask for any password
psql -U geonode geonode
# This should ask for the password geonode
# Repeat the test with geonode_data DB
psql -U postgres geonode_data
psql -U geonode geonode_data
4.安装Geoserver¶
在本节中,我们将安装 Apache Tomcat 8 Servlet Java容器,缺省情况下将在内部端口上启动 8080 。
我们还将执行多项优化,以:
正确设置Java VM选项,如可用堆内存和垃圾收集器选项。
外部化 GeoServer 和 GeoWebcache 目录,以便允许进一步更新,而不存在删除我们的数据集的风险。
这仍然是这些组件的基本设置。本文档中有关在生产环境中强化系统的章节将提供更多详细信息。不过,您需要根据您当前的系统相应地调整这些设置。例如,如果您的计算机没有足够的内存,您将需要降低可用堆内存的初始数量。 警告 和 注意事项 将放在需要您注意的语句下面。
Install Apache Tomcat 9 (ref. https://yallalabs.com/linux/ubuntu/how-to-install-apache-tomcat-9-ubuntu-20-04/)
Apache Tomcat9要求在服务器上安装Java8或更高版本。检查前面的步骤,以确保您的系统上正确安装了OpenJDK 8。
首先,不建议以root用户身份运行Apache Tomcat,因此我们将创建一个新的系统用户,该用户将运行Apache Tomcat服务器
sudo useradd -m -U -d /opt/tomcat -s /bin/bash tomcat
sudo usermod -a -G www-data tomcat
现在,请转到官方Apache Tomcat website 并将最新版本的软件下载到您的服务器。但是不要使用Tomcat10,因为Geoserver和Tomcat之间仍然存在一些错误。
VERSION=9.0.48; wget https://www-eu.apache.org/dist/tomcat/tomcat-9/v${VERSION
}/bin/apache-tomcat-${VERSION}.tar.gz
下载完成后,将tar文件解压到/opt/tomcat目录:
sudo tar -xf apache-tomcat-${VERSION}.tar.gz -C /opt/tomcat/; rm apache-tomcat-${VERSION}.tar.gz
Apache Tomcat定期更新。因此,为了更好地控制版本和更新,我们将创建一个符号链接,如下所示:
sudo ln -s /opt/tomcat/apache-tomcat-${VERSION} /opt/tomcat/latest
现在,让我们更改所有Apache Tomcat文件的所有权,如下所示:
sudo chown -R tomcat:www-data /opt/tomcat/
将bin目录内的shell脚本设为可执行文件:
sudo sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'
创建包含以下内容的a systemd文件:
# Check the correct JAVA_HOME location
JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:bin/java::")
echo $JAVA_HOME
$> /usr/lib/jvm/java-8-openjdk-amd64/jre/
# Let's create a symbolic link to the JRE
sudo ln -s /usr/lib/jvm/java-8-openjdk-amd64/jre/ /usr/lib/jvm/jre
# Let's create the tomcat service
sudo vim /etc/init.d/tomcat9
#!/bin/bash
### BEGIN INIT INFO
# Provides: tomcat9
# Required-Start: $local_fs $remote_fs $network $time
# Required-Stop: $local_fs $remote_fs $network $time
# Should-Start: $syslog
# Should-Stop: $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Apache Tomcat init script
### END INIT INFO
#Location of JAVA_HOME (bin files)
export JAVA_HOME=/usr/lib/jvm/jre
export JAVA_OPTS=-Djava.security.egd=file:///dev/urandom
#Add Java binary files to PATH
export PATH=$JAVA_HOME/bin:$PATH
#CATALINA_HOME is the location of the bin files of Tomcat
export CATALINA_HOME=/opt/tomcat/latest
#CATALINA_BASE is the location of the configuration files of this instance of Tomcat
export CATALINA_BASE=/opt/tomcat/latest
export CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid
#TOMCAT_USER is the default user of tomcat
export TOMCAT_USER=tomcat
#TOMCAT_USAGE is the message if this script is called without any options
TOMCAT_USAGE="Usage: $0 {\e[00;32mstart\e[00m|\e[00;31mstop\e[00m|\e[00;31mkill\e[00m|\e[00;32mstatus\e[00m|\e[00;31mrestart\e[00m}"
#SHUTDOWN_WAIT is wait time in seconds for java proccess to stop
SHUTDOWN_WAIT=20
tomcat_pid() {
echo `ps -fe | grep $CATALINA_BASE | grep -v grep | tr -s " "|cut -d" " -f2`
start() {
pid=$(tomcat_pid)
if [ -n "$pid" ]
echo -e "\e[00;31mTomcat is already running (pid: $pid)\e[00m"
# Start tomcat
echo -e "\e[00;32mStarting tomcat\e[00m"
#ulimit -n 100000
#umask 007
#/bin/su -p -s /bin/sh $TOMCAT_USER
if [ `user_exists $TOMCAT_USER` = "1" ]
/bin/su $TOMCAT_USER -c $CATALINA_HOME/bin/startup.sh
echo -e "\e[00;31mTomcat user $TOMCAT_USER does not exists. Starting with $(id)\e[00m"
sh $CATALINA_HOME/bin/startup.sh
status
return 0
status(){
pid=$(tomcat_pid)
if [ -n "$pid" ]
then echo -e "\e[00;32mTomcat is running with pid: $pid\e[00m"
echo -e "\e[00;31mTomcat is not running\e[00m"
return 3
terminate() {
echo -e "\e[00;31mTerminating Tomcat\e[00m"
kill -9 $(tomcat_pid)
stop() {
pid=$(tomcat_pid)
if [ -n "$pid" ]
echo -e "\e[00;31mStoping Tomcat\e[00m"
#/bin/su -p -s /bin/sh $TOMCAT_USER
sh $CATALINA_HOME/bin/shutdown.sh
let kwait=$SHUTDOWN_WAIT
count=0;
until [ `ps -p $pid | grep -c $pid` = '0' ] || [ $count -gt $kwait ]
echo -n -e "\n\e[00;31mwaiting for processes to exit\e[00m";
sleep 1
let count=$count+1;
if [ $count -gt $kwait ]; then
echo -n -e "\n\e[00;31mkilling processes didn't stop after $SHUTDOWN_WAIT seconds\e[00m"
terminate
echo -e "\e[00;31mTomcat is not running\e[00m"
return 0
user_exists(){
if id -u $1 >/dev/null 2>&1; then
echo "1"
echo "0"
case $1 in
start)
start
stop)
restart)
start
status)
status
exit $?
kill)
terminate
echo -e $TOMCAT_USAGE
exit 0
现在,您可以启动Apache Tomcat 9服务器,并使用以下命令使其在引导时启动:
sudo chmod +x /etc/init.d/tomcat9
sudo /etc/init.d/tomcat9 start
为了进行验证,请键入以下ss命令,该命令将显示8080开放端口号,这是为Apache Tomcat Server保留的默认开放端口。
ss -ltn
在干净的Ubuntu20.04中,可能找不到ss命令,应该首先安装iproute2库。
sudo apt install iproute2
# Then run the ss command
ss -ltn
如果您的服务器受防火墙保护,并且您希望从本地网络外部访问Tomcat,则需要打开端口8080。
使用以下命令打开必要的端口:
sudo ufw allow 8080/tcp
通常,当在生产环境中运行Tomcat时,您应该使用负载平衡器或反向代理。
最佳做法是允许访问端口 8080 只能从您的内部网络。
我们将使用 NGINX 为了通过标准向Apache Tomcat提供 HTTP 港口。
或者,您也可以按如下方式定义Tomcat服务,以防您想要使用 systemctl
sudo vim /usr/lib/systemd/system/tomcat9.service
[Unit]
Description=Apache Tomcat Server
After=syslog.target network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment=JAVA_HOME=/usr/lib/jvm/jre
Environment=JAVA_OPTS=-Djava.security.egd=file:///dev/urandom
Environment=CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat/latest
Environment=CATALINA_BASE=/opt/tomcat/latest
ExecStart=/opt/tomcat/latest/bin/startup.sh
ExecStop=/opt/tomcat/latest/bin/shutdown.sh
RestartSec=30
Restart=always
[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reload
sudo systemctl enable tomcat9.service
sudo systemctl start tomcat9.service
# Create the target folders
sudo mkdir -p /opt/data
sudo chown -Rf $USER:www-data /opt/data
sudo chmod -Rf 775 /opt/data
sudo mkdir -p /opt/data/logs
sudo chown -Rf $USER:www-data /opt/data/logs
sudo chmod -Rf 775 /opt/data/logs
# Download and extract the default GEOSERVER_DATA_DIR
sudo wget --no-check-certificate "https://www.dropbox.com/s/cd20is9ddjz7ti5/data-2.18.3.zip?dl=1" -O data-2.18.3.zip
sudo unzip data-2.18.3.zip -d /opt/data/
sudo mv /opt/data/data/ /opt/data/geoserver_data
sudo chown -Rf tomcat:www-data /opt/data/geoserver_data
sudo chmod -Rf 775 /opt/data/geoserver_data
sudo mkdir -p /opt/data/geoserver_logs
sudo chown -Rf tomcat:www-data /opt/data/geoserver_logs
sudo chmod -Rf 775 /opt/data/geoserver_logs
sudo mkdir -p /opt/data/gwc_cache_dir
sudo chown -Rf tomcat:www-data /opt/data/gwc_cache_dir
sudo chmod -Rf 775 /opt/data/gwc_cache_dir
# Download and install GeoServer
sudo wget --no-check-certificate "https://www.dropbox.com/s/cmrdzde1oq67pre/geoserver-2.18.3.war?dl=0" -O geoserver-2.18.3.war
sudo mv geoserver-2.18.3.war /opt/tomcat/latest/webapps/geoserver.war
现在让我们配置 JAVA_OPTS 即运行Servlet容器的参数,如堆内存、垃圾收集器等。
sudo sed -i -e 's/xom-\*\.jar/xom-\*\.jar,bcprov\*\.jar/g' /opt/tomcat/latest/conf/catalina.properties
export JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:bin/java::")
echo 'JAVA_HOME='$JAVA_HOME | sudo tee --append /opt/tomcat/latest/bin/setenv.sh
sudo sed -i -e "s/JAVA_OPTS=/#JAVA_OPTS=/g" /opt/tomcat/latest/bin/setenv.sh
echo 'GEOSERVER_DATA_DIR="/opt/data/geoserver_data"' | sudo tee --append /opt/tomcat/latest/bin/setenv.sh
echo 'GEOSERVER_LOG_LOCATION="/opt/data/geoserver_logs/geoserver.log"' | sudo tee --append /opt/tomcat/latest/bin/setenv.sh
echo 'GEOWEBCACHE_CACHE_DIR="/opt/data/gwc_cache_dir"' | sudo tee --append /opt/tomcat/latest/bin/setenv.sh
echo 'GEOFENCE_DIR="$GEOSERVER_DATA_DIR/geofence"' | sudo tee --append /opt/tomcat/latest/bin/setenv.sh
echo 'TIMEZONE="UTC"' | sudo tee --append /opt/tomcat/latest/bin/setenv.sh
echo 'JAVA_OPTS="-server -Djava.awt.headless=true -Dorg.geotools.shapefile.datetime=false -XX:+UseParallelGC -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Duser.timezone=$TIMEZONE -Xms512m -Xmx4096m -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL=http://localhost:8080/geoserver/pdf -DGEOSERVER_DATA_DIR=$GEOSERVER_DATA_DIR -Dgeofence.dir=$GEOFENCE_DIR -DGEOSERVER_LOG_LOCATION=$GEOSERVER_LOG_LOCATION -DGEOWEBCACHE_CACHE_DIR=$GEOWEBCACHE_CACHE_DIR"' | sudo tee --append /opt/tomcat/latest/bin/setenv.sh
执行完上述语句后,您应该能够看到写在文件底部的新选项 /opt/tomcat/latest/bin/setenv.sh 。
# If you run Tomcat on port numbers that are all higher than 1023, then you
# do not need authbind. It is used for binding Tomcat to lower port numbers.
# (yes/no, default: no)
#AUTHBIND=no
JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre/
GEOSERVER_DATA_DIR="/opt/data/geoserver_data"
GEOSERVER_LOG_LOCATION="/opt/data/geoserver_logs/geoserver.log"
GEOWEBCACHE_CACHE_DIR="/opt/data/gwc_cache_dir"
GEOFENCE_DIR="$GEOSERVER_DATA_DIR/geofence"
TIMEZONE="UTC"
JAVA_OPTS="-server -Djava.awt.headless=true -Dorg.geotools.shapefile.datetime=false -XX:+UseParallelGC -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Duser.timezone=$TIMEZONE -Xms512m -Xmx4096m -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL=http://localhost:8080/geoserver/pdf -DGEOSERVER_DATA_DIR=
$GEOSERVER_DATA_DIR -Dgeofence.dir=$GEOFENCE_DIR -DGEOSERVER_LOG_LOCATION=$GEOSERVER_LOG_LOCATION -DGEOWEBCACHE_CACHE_DIR=$GEOWEBCACHE_CACHE_DIR"
这些选项可以根据您的需要随时手动更新或更改。
我们要添加到Servlet容器的默认选项,假设您至少可以保留 4GB 的 RAM 至 GeoServer (请参阅选项 -Xmx4096m )。您必须确保您的计算机有足够的内存来同时运行 GeoServer 和 GeoNode ,在这种情况下,这至少意味着 4GB 为 GeoServer 再加上至少 2GB 为 GeoNode 。总共至少有 6GB 的 RAM 在您的计算机上可用。如果你没有足够的钱 RAM 可用,您可以降低这些值 -Xms512m -Xmx4096m 。想想看,用更少的钱 RAM 如果您的服务可用,您的服务性能将受到很大影响。
为了使更改生效,您需要重新启动Servlet容器。
# Restart the server
sudo /etc/init.d/tomcat9 restart
# Follow the startup logs
sudo tail -F -n 300 /opt/data/geoserver_logs/geoserver.log
如果您可以在日志上看到类似于此的内容,并且没有错误
2019-05-31 10:06:34,190 INFO [geoserver.wps] - Found 5 bindable processes in GeoServer specific processes
2019-05-31 10:06:34,281 INFO [geoserver.wps] - Found 89 bindable processes in Deprecated processes
2019-05-31 10:06:34,298 INFO [geoserver.wps] - Found 31 bindable processes in Vector processes
2019-05-31 10:06:34,307 INFO [geoserver.wps] - Found 48 bindable processes in Geometry processes
2019-05-31 10:06:34,307 INFO [geoserver.wps] - Found 1 bindable processes in PolygonLabelProcess
2019-05-31 10:06:34,311 INFO [geoserver.wps] - Blacklisting process ras:ConvolveCoverage as the input kernel of type class javax.media.jai.KernelJAI cannot be handled
2019-05-31 10:06:34,319 INFO [geoserver.wps] - Blacklisting process ras:RasterZonalStatistics2 as the input zones of type class java.lang.Object cannot be handled
2019-05-31 10:06:34,320 INFO [geoserver.wps] - Blacklisting process ras:RasterZonalStatistics2 as the input nodata of type class it.geosolutions.jaiext.range.Range cannot be handled
2019-05-31 10:06:34,320 INFO [geoserver.wps] - Blacklisting process ras:RasterZonalStatistics2 as the input rangeData of type class java.lang.Object cannot be handled
2019-05-31 10:06:34,320 INFO [geoserver.wps] - Blacklisting process ras:RasterZonalStatistics2 as the output zonal statistics of type interface java.util.List cannot be handled
2019-05-31 10:06:34,321 INFO [geoserver.wps] - Found 18 bindable processes in Raster processes
2019-05-31 10:06:34,917 INFO [ows.OWSHandlerMapping] - Mapped URL path [/TestWfsPost] onto handler 'wfsTestServlet'
2019-05-31 10:06:34,918 INFO [ows.OWSHandlerMapping] - Mapped URL path [/wfs/*] onto handler 'dispatcher'
2019-05-31 10:06:34,918 INFO [ows.OWSHandlerMapping] - Mapped URL path [/wfs] onto handler 'dispatcher'
2019-05-31 10:06:42,237 INFO [geoserver.security] - Start reloading user/groups for service named default
2019-05-31 10:06:42,241 INFO [geoserver.security] - Reloading user/groups successful for service named default
2019-05-31 10:06:42,357 WARN [auth.GeoFenceAuthenticationProvider] - INIT FROM CONFIG
2019-05-31 10:06:42,494 INFO [geoserver.security] - AuthenticationCache Initialized with 1000 Max Entries, 300 seconds idle time, 600 seconds time to live and 3 concurrency level
2019-05-31 10:06:42,495 INFO [geoserver.security] - AuthenticationCache Eviction Task created to run every 600 seconds
2019-05-31 10:06:42,506 INFO [config.GeoserverXMLResourceProvider] - Found configuration file in /opt/data/gwc_cache_dir
2019-05-31 10:06:42,516 INFO [config.GeoserverXMLResourceProvider] - Found configuration file in /opt/data/gwc_cache_dir
2019-05-31 10:06:42,542 INFO [config.XMLConfiguration] - Wrote configuration to /opt/data/gwc_cache_dir
2019-05-31 10:06:42,547 INFO [geoserver.importer] - Enabling import store: memory
你的 GeoServer 应在以下时间启动并运行
http://localhost:8080/geoserver/
如果出现错误或文件 geoserver.log 未创建,请检查Catalina日志以尝试了解发生了什么。
sudo less /opt/tomcat/latest/logs/catalina.out
5.Web服务器¶
到目前为止,我们已经了解了如何开始 GeoNode 在……里面 DEBUG 模式,从命令行通过 paver 公用设施。这当然不是最好的开始方式。此外,您还需要一个专门的 HTTPD 在端口上运行的服务器 80 如果您想要向世界公开您的服务器。
在本节中,我们将看到:
如何配置 NGINX 主机的HTTPD服务器 GeoNode 和 GeoServer 。在初始设置中,我们仍将在上运行服务 http://localhost
更新 settings 为了链接到 GeoNode 和 GeoServer 发送到 PostgreSQL 数据库。
更新 settings 为了更新 GeoNode 和 GeoServer 在上运行的服务 公网IP 或 主机名 。
安装并启用 HTTPS 通过 Let's Encrypt 提供商。
安装和配置Nginx¶
Nginx似乎有可能在Python3.6上运行,而不是在3.8上运行。
# Install the services
sudo apt install -y nginx uwsgi uwsgi-plugin-python3
更改线路 virtualenv = /home/<my_user>/.virtualenvs/geonode 下面是您当前的用户主目录!
例如:如果用户是 afabiani 然后 virtualenv = /home/afabiani/.virtualenvs/geonode
[uwsgi]
uwsgi-socket = 0.0.0.0:8000
# http-socket = 0.0.0.0:8000
gid = www-data
plugins = python3
virtualenv = /home/<my_user>/.virtualenvs/geonode
env = DJANGO_SETTINGS_MODULE=geonode.settings
env = GEONODE_INSTANCE_NAME=geonode
env = GEONODE_LB_HOST_IP=
env = GEONODE_LB_PORT=
# #################
# backend
# #################
env = POSTGRES_USER=postgres
env = POSTGRES_PASSWORD=postgres
env = GEONODE_DATABASE=geonode
env = GEONODE_DATABASE_PASSWORD=geonode
env = GEONODE_GEODATABASE=geonode_data
env = GEONODE_GEODATABASE_PASSWORD=geonode
env = GEONODE_DATABASE_SCHEMA=public
env = GEONODE_GEODATABASE_SCHEMA=public
env = DATABASE_HOST=localhost
env = DATABASE_PORT=5432
env = DATABASE_URL=postgis://geonode:geonode@localhost:5432/geonode
env = GEODATABASE_URL=postgis://geonode:geonode@localhost:5432/geonode_data
env = GEONODE_DB_CONN_MAX_AGE=0
env = GEONODE_DB_CONN_TOUT=5
env = DEFAULT_BACKEND_DATASTORE=datastore
env = BROKER_URL=amqp://admin:admin@localhost:5672//
env = ASYNC_SIGNALS=False
env = SITEURL=http://localhost/
env = ALLOWED_HOSTS="['*']"
# Data Uploader
env = DEFAULT_BACKEND_UPLOADER=geonode.importer
env = TIME_ENABLED=True
env = MOSAIC_ENABLED=False
env = HAYSTACK_SEARCH=False
env = HAYSTACK_ENGINE_URL=http://elasticsearch:9200/
env = HAYSTACK_ENGINE_INDEX_NAME=haystack
env = HAYSTACK_SEARCH_RESULTS_PER_PAGE=200
# #################
# nginx
# HTTPD Server
# #################
env = GEONODE_LB_HOST_IP=localhost
env = GEONODE_LB_PORT=80
# IP or domain name and port where the server can be reached on HTTPS (leave HOST empty if you want to use HTTP only)
# port where the server can be reached on HTTPS
env = HTTP_HOST=localhost
env = HTTPS_HOST=
env = HTTP_PORT=8000
env = HTTPS_PORT=443
# #################
# geoserver
# #################
env = GEOSERVER_WEB_UI_LOCATION=http://localhost/geoserver/
env = GEOSERVER_PUBLIC_LOCATION=http://localhost/geoserver/
env = GEOSERVER_LOCATION=http://localhost:8080/geoserver/
env = GEOSERVER_ADMIN_USER=admin
env = GEOSERVER_ADMIN_PASSWORD=geoserver
env = OGC_REQUEST_TIMEOUT=5
env = OGC_REQUEST_MAX_RETRIES=1
env = OGC_REQUEST_BACKOFF_FACTOR=0.3
env = OGC_REQUEST_POOL_MAXSIZE=10
env = OGC_REQUEST_POOL_CONNECTIONS=10
# Java Options & Memory
env = ENABLE_JSONP=true
env = outFormat=text/javascript
env = GEOSERVER_JAVA_OPTS="-Djava.awt.headless=true -Xms2G -Xmx4G -XX:+UnlockDiagnosticVMOptions -XX:+LogVMOutput -XX:LogFile=/var/log/jvm.log -XX:PerfDataSamplingInterval=500 -XX:SoftRefLRUPolicyMSPerMB=36000 -XX:-UseGCOverheadLimit -XX:+UseConcMarkSweepGC -XX:+UseParNewGC -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -Duser.timezone=GMT -Dorg.geotools.shapefile.datetime=false -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL=http://geoserver:8080/geoserver/pdf -DALLOW_ENV_PARAMETRIZATION=true -Xbootclasspath/a:/usr/local/tomcat/webapps/geoserver/WEB-INF/lib/marlin-0.9.3-Unsafe.jar -Dsun.java2d.renderer=org.marlin.pisces.MarlinRenderingEngine"
# #################
# Security
# #################
# Admin Settings
env = ADMIN_USERNAME=admin
env = ADMIN_PASSWORD=admin
env = ADMIN_EMAIL=admin@localhost
# EMAIL Notifications
env = EMAIL_ENABLE=False
env = DJANGO_EMAIL_BACKEND=django.core.mail.backends.smtp.EmailBackend
env = DJANGO_EMAIL_HOST=localhost
env = DJANGO_EMAIL_PORT=25
env = DJANGO_EMAIL_HOST_USER=
env = DJANGO_EMAIL_HOST_PASSWORD=
env = DJANGO_EMAIL_USE_TLS=False
env = DJANGO_EMAIL_USE_SSL=False
env = DEFAULT_FROM_EMAIL='GeoNode <no-reply@geonode.org>'
# Session/Access Control
env = LOCKDOWN_GEONODE=False
env = CORS_ORIGIN_ALLOW_ALL=True
env = X_FRAME_OPTIONS="SAMEORIGIN"
env = SESSION_EXPIRED_CONTROL_ENABLED=True
env = DEFAULT_ANONYMOUS_VIEW_PERMISSION=True
env = DEFAULT_ANONYMOUS_DOWNLOAD_PERMISSION=True
# Users Registration
env = ACCOUNT_OPEN_SIGNUP=True
env = ACCOUNT_EMAIL_REQUIRED=True
env = ACCOUNT_APPROVAL_REQUIRED=False
env = ACCOUNT_CONFIRM_EMAIL_ON_GET=False
env = ACCOUNT_EMAIL_VERIFICATION=none
env = ACCOUNT_EMAIL_CONFIRMATION_EMAIL=False
env = ACCOUNT_EMAIL_CONFIRMATION_REQUIRED=False
env = ACCOUNT_AUTHENTICATION_METHOD=username_email
env = AUTO_ASSIGN_REGISTERED_MEMBERS_TO_REGISTERED_MEMBERS_GROUP_NAME=True
# OAuth2
env = OAUTH2_API_KEY=
env = OAUTH2_CLIENT_ID=Jrchz2oPY3akmzndmgUTYrs9gczlgoV20YPSvqaV
env = OAUTH2_CLIENT_SECRET=rCnp5txobUo83EpQEblM8fVj3QT5zb5qRfxNsuPzCqZaiRyIoxM4jdgMiZKFfePBHYXCLd7B8NlkfDBY9HKeIQPcy5Cp08KQNpRHQbjpLItDHv12GvkSeXp6OxaUETv3
# GeoNode APIs
env = API_LOCKDOWN=False
env = TASTYPIE_APIKEY=
# #################
# Production and
# Monitoring
# #################
env = DEBUG=False
SECRET_KEY='myv-y4#7j-d*p-__@j#*3z@!y24fz8%^z2v6atuy4bo9vqr1_a'
env = CACHE_BUSTING_STATIC_ENABLED=False
env = CACHE_BUSTING_MEDIA_ENABLED=False
env = MEMCACHED_ENABLED=False
env = MEMCACHED_BACKEND=django.core.cache.backends.memcached.MemcachedCache
env = MEMCACHED_LOCATION=127.0.0.1:11211
env = MEMCACHED_LOCK_EXPIRE=3600
env = MEMCACHED_LOCK_TIMEOUT=10
env = MAX_DOCUMENT_SIZE=2
env = CLIENT_RESULTS_LIMIT=5
env = API_LIMIT_PER_PAGE=1000
# GIS Client
env = GEONODE_CLIENT_LAYER_PREVIEW_LIBRARY=mapstore
env = MAPBOX_ACCESS_TOKEN=
env = BING_API_KEY=
env = GOOGLE_API_KEY=
# Monitoring
env = MONITORING_ENABLED=True
env = MONITORING_DATA_TTL=365
env = USER_ANALYTICS_ENABLED=True
env = USER_ANALYTICS_GZIP=True
env = CENTRALIZED_DASHBOARD_ENABLED=False
env = MONITORING_SERVICE_NAME=local-geonode
env = MONITORING_HOST_NAME=geonode
# Other Options/Contribs
env = MODIFY_TOPICCATEGORY=True
env = AVATAR_GRAVATAR_SSL=True
env = EXIF_ENABLED=True
env = CREATE_LAYER=True
env = FAVORITE_ENABLED=True
logto = /opt/data/logs/geonode.log
# pidfile = /tmp/geonode.pid
chdir = /opt/geonode
module = geonode.wsgi:application
strict = false
master = true
enable-threads = true
vacuum = true ; Delete sockets during shutdown
single-interpreter = true
die-on-term = true ; Shutdown when receiving SIGTERM (default is respawn)
need-app = true
# logging
# path to where uwsgi logs will be saved
# logto = /opt/data/geonode_logs/geonode.log
daemonize = /opt/data/logs/geonode.log
touch-reload = /opt/geonode/geonode/wsgi.py
buffer-size = 32768
harakiri = 60 ; forcefully kill workers after 60 seconds
py-callos-afterfork = true ; allow workers to trap signals
max-requests = 1000 ; Restart workers after this many requests
max-worker-lifetime = 3600 ; Restart workers after this many seconds
reload-on-rss = 2048 ; Restart workers after this much resident memory
worker-reload-mercy = 60 ; How long to wait before forcefully killing workers
cheaper-algo = busyness
processes = 128 ; Maximum number of workers allowed
cheaper = 8 ; Minimum number of workers allowed
cheaper-initial = 16 ; Workers created at startup
cheaper-overload = 1 ; Length of a cycle in seconds
cheaper-step = 16 ; How many workers to spawn at a time
cheaper-busyness-multiplier = 30 ; How many cycles to wait before killing workers
cheaper-busyness-min = 20 ; Below this threshold, kill workers (if stable for multiplier cycles)
cheaper-busyness-max = 70 ; Above this threshold, spawn new workers
cheaper-busyness-backlog-alert = 16 ; Spawn emergency workers if more than this many requests are waiting in the queue
cheaper-busyness-backlog-step = 2 ; How many emergency workers to create if there are too many requests in the queue
# Enable the GeoNode UWSGI config
sudo ln -s /etc/uwsgi/apps-available/geonode.ini /etc/uwsgi/apps-enabled/geonode.ini
# Restart UWSGI Service
sudo pkill -9 -f uwsgi
sudo service uwsgi restart
# Backup the original NGINX config
sudo mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.orig
# Create the GeoNode Default NGINX config
sudo vim /etc/nginx/nginx.conf
# Make sure your nginx.config matches the following one
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
http {
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# SSL Settings
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# Logging Settings
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# Gzip Settings
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_http_version 1.1;
gzip_disable "MSIE [1-6]\.";
gzip_buffers 16 8k;
gzip_min_length 1100;
gzip_comp_level 6;
gzip_types video/mp4 text/plain application/javascript application/x-javascript text/javascript text/xml text/css image/jpeg;
# Virtual Host Configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
# Remove the Default NGINX config
sudo rm /etc/nginx/sites-enabled/default
# Create the GeoNode App NGINX config
sudo vim /etc/nginx/sites-available/geonode
uwsgi_intercept_errors on;
upstream geoserver_proxy {
server localhost:8080;
# Expires map
map $sent_http_content_type $expires {
default off;
text/html epoch;
text/css max;
application/javascript max;
~image/ max;
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
charset utf-8;
etag on;
expires $expires;
proxy_read_timeout 600s;
# set client body size to 2M #
client_max_body_size 50000M;
location / {
etag off;
uwsgi_pass 127.0.0.1:8000;
uwsgi_read_timeout 600s;
include uwsgi_params;
location /static/ {
alias /opt/geonode/geonode/static_root/;
location /uploaded/ {
alias /opt/geonode/geonode/uploaded/;
location /geoserver {
proxy_pass http://geoserver_proxy;
include proxy_params;
# Prepare the uploaded folder
sudo mkdir -p /opt/geonode/geonode/uploaded
sudo chown -Rf tomcat:www-data /opt/geonode/geonode/uploaded
sudo chmod -Rf 777 /opt/geonode/geonode/uploaded/
sudo touch /opt/geonode/geonode/.celery_results
sudo chmod 777 /opt/geonode/geonode/.celery_results
# Enable GeoNode NGINX config
sudo ln -s /etc/nginx/sites-available/geonode /etc/nginx/sites-enabled/geonode
# Restart the services
sudo service tomcat9 restart
sudo service nginx restart
而不是使用 local_settings.py ,您可以通过 .env* 变量;请将文件作为实例查看 ./paver_dev.sh 或 ./manage_dev.sh 以便了解如何使用它们。如果是那样的话 您不需要创建 这个 local_settings.py 文件;您可以只使用取消默认的文件,它将从ENV中获取值。在生产/停靠码头的系统中,我们倾向于使用这种方法。
workon geonode
cd /opt/geonode
# Initialize GeoNode
chmod +x *.sh
./paver_local.sh reset
./paver_local.sh setup
./paver_local.sh sync
./manage_local.sh collectstatic --noinput
sudo chmod -Rf 777 geonode/static_root/ geonode/uploaded/
在完成配置之前,我们需要更新 UWSGI 设置
重新启动 UWSGI 并更新 OAuth2 通过使用新的 geonode.settings
# As superuser
sudo su
# Restart Tomcat
service tomcat9 restart
# Restart UWSGI
pkill -9 -f uwsgi
service uwsgi restart
# Update the GeoNode ip or hostname
cd /opt/geonode
# This must be done the first time only
cp package/support/geonode.binary /usr/bin/geonode
cp package/support/geonode.updateip /usr/bin/geonode_updateip
chmod +x /usr/bin/geonode
chmod +x /usr/bin/geonode_updateip
# Refresh GeoNode and GeoServer OAuth2 settings
source .env_local
PYTHONWARNINGS=ignore VIRTUAL_ENV
=$VIRTUAL_ENV DJANGO_SETTINGS_MODULE=geonode.settings GEONODE_ETC=/opt/geonode/geonode GEOSERVER_DATA_DIR=/opt/data/geoserver_data TOMCAT_SERVICE="service tomcat9" APACHE_SERVICE="service nginx" geonode_updateip -p localhost
# Go back to standard user
使用检查是否有任何错误
sudo tail -F -n 300 /var/log/uwsgi/app/geonode.log
使用以下命令重新加载UWSGI配置
touch /opt/geonode/geonode/wsgi.py
在将您的服务公开给互联网之前, 一定要确保 您的系统是 硬化 和 足够安全 。有关详细信息,请参阅特定文档部分。
假设您想在公共IP或域上运行您的服务,例如 www.example.org 。您需要稍微更新您的服务才能反映新的服务器名称。
具体来说,要做的步骤包括:
更新 NGINX 配置,以便为新域名提供服务。
sudo vim /etc/nginx/sites-enabled/geonode
# Update the 'server_name' directive
server_name example.org www.example.org;
# Restart the service
sudo service nginx restart
更新 UWSGI 配置,以便为新域名提供服务。
sudo vim /etc/uwsgi/apps-enabled/geonode.ini
# Change everywhere 'localhost' to the new hostname
:%s/localhost/www.example.org/g
# Restart the service
sudo service uwsgi restart
更新 OAuth2 配置,以便命中新的主机名。
workon geonode
cd /opt/geonode
# Update the GeoNode ip or hostname
sudo PYTHONWARNINGS=ignore VIRTUAL_ENV=$VIRTUAL_ENV DJANGO_SETTINGS_MODULE=geonode.local_settings GEONODE_ETC=/opt/geonode/geonode GEOSERVER_DATA_DIR=/opt/data/geoserver_data TOMCAT_SERVICE="service tomcat" APACHE_SERVICE="service nginx" geonode_updateip -l localhost -p www.example.org
更新现有的 GeoNode 链接以命中新的主机名。
workon geonode
cd /opt/geonode
# Update the GeoNode ip or hostname
DJANGO_SETTINGS_MODULE=geonode.local_settings python manage.py migrate_baseurl --source-address=http://localhost --target-address=http://www.example.org
7.通过We‘s Encrypt提供程序安装并启用HTTPS安全连接¶
# Install Let's Encrypt Certbot
# sudo add-apt-repository ppa:certbot/certbot # for ubuntu 18.04 and lower
sudo apt update -y; sudo apt install python-certbot-nginx -y
# Reload NGINX config and make sure the firewall denies access to HTTP
sudo systemctl reload nginx
sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'
# Create and dump the Let's Encrypt Certificates
sudo certbot --nginx -d example.org -d www.example.org
# ...choose the redirect option when asked for
接下来,要做的步骤是:
Update the GeoNode OAuth2 Redirect URIs accordingly.
从 GeoNode Admin Dashboard 去 Home › Django/GeoNode OAuth Toolkit › Applications › GeoServer
重定向URI¶
更新 GeoServer Proxy Base URL 相应地。
从 GeoServer Admin GUI 去 About & Status > Global
代理基URL¶
更新 GeoServer Role Base URL 相应地。
从 GeoServer Admin GUI 去 Security > Users, Groups, Roles > geonode REST role service
角色基URL¶
更新 GeoServer OAuth2 Service Parameters 相应地。
从 GeoServer Admin GUI 去 Security > Authentication > Authentication Filters > geonode-oauth2
OAuth2服务参数¶
更新 UWSGI 配置
sudo vim /etc/uwsgi/apps-enabled/geonode.ini
# Change everywhere 'http' to 'https'
%s/http/https/g
# Add three more 'env' variables to the configuration
env = SECURE_SSL_REDIRECT=True
env = SECURE_HSTS_INCLUDE_SUBDOMAINS=True
env = AVATAR_GRAVATAR_SSL=True
# Restart the service
sudo service uwsgi restart
根据您的Ubuntu发行版调整以下步骤(请参阅 "rabbitmq-server" 指向文档的链接)。
sudo apt update && sudo apt upgrade && sudo apt install wget -y
echo "deb https://packages.erlang-solutions.com/ubuntu focal contrib" | sudo tee /etc/apt/sources.list.d/rabbitmq.list
sudo apt update
sudo apt install erlang
sudo apt install apt-transport-https -y
wget -O- https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc | sudo apt-key add -
wget -O- https://www.rabbitmq.com/rabbitmq-release-signing-key.asc | sudo apt-key add -
echo "deb https://dl.bintray.com/rabbitmq-erlang/debian focal erlang-22.x" | sudo tee /etc/apt/sources.list.d/rabbitmq.list
sudo apt update
sudo apt install rabbitmq-server
sudo systemctl start rabbitmq-server.service
sudo systemctl enable rabbitmq-server.service
systemctl is-enabled rabbitmq-server.service
sudo rabbitmq-plugins enable rabbitmq_management
sudo ufw allow proto tcp from any to any port 5672,15672
sudo rabbitmqctl delete_user guest
sudo rabbitmqctl add_user admin <your_rabbitmq_admin_password_here>
sudo rabbitmqctl change_password admin <your_rabbitmq_admin_password_here>
sudo rabbitmqctl set_user_tags admin administrator
sudo rabbitmqctl add_vhost /localhost
sudo rabbitmqctl set_permissions -p / admin ".*" ".*" ".*"
sudo rabbitmqctl set_permissions -p /localhost admin ".*" ".*" ".*"
[unix_http_server]
file=/var/run/supervisor.sock ; (the path to the socket file)
chmod=0700 ; sockef file mode (default 0700)
[supervisord]
nodaemon=true
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP)
environment=DEBUG="False",CACHE_BUSTING_STATIC_ENABLED="True",CACHE_BUSTING_MEDIA_ENABLED="True",SITEURL="https://<your_geonode_domain>/",DJANGO_SETTINGS_MODULE="geonode.local_settings",GEOSERVER_ADMIN_PASSWORD="<your_geoserver_admin_password>",GEOSERVER_LOCATION="http://localhost:8080/geoserver/",GEOSERVER_PUBLIC_LOCATION="https://<your_geonode_domain>/geoserver/",GEOSERVER_WEB_UI_LOCATION="https://<your_geonode_domain>/geoserver/",MONITORING_ENABLED="True",BROKER_URL="amqp://admin:<your_rabbitmq_admin_password_here>@localhost:5672/",ASYNC_SIGNALS="True"
; the below section must remain in the config file for RPC
; (supervisorctl/web interface) to work, additional interfaces may be
; added by defining them in separate rpcinterface: sections
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket
; The [include] section can just contain the "files" setting. This
; setting can list multiple files (separated by whitespace or
; newlines). It can also contain wildcards. The filenames are
; interpreted as relative to this file. Included files *cannot*
; include files themselves.
[include]
files = /etc/supervisor/conf.d/*.conf
sudo vim /etc/supervisor/conf.d/geonode-celery.conf
[program:geonode-celery]
command = sh -c "/<full_path_to_the_virtuaenv>/bin/celery -A geonode.celery_app:app worker -B -E --loglevel=DEBUG --concurrency=10 -n worker1@%%h"
directory = /<full_path_to_the_geonode_source_code>
user=geosolutions
numproc=1
stdout_logfile=/var/logs/geonode-celery.log
stderr_logfile=/var/logs/geonode-celery.log
autostart = true
autorestart = true
startsecs = 10
stopwaitsecs = 600
priority = 998
重新加载并重新启动 supervisor 以及 celery 工人们
# Restart supervisor
sudo supervisorctl reload
sudo systemctl restart supervisor
# Kill old celery workers (if any)
sudo pkill -f celery
确保所有东西都 绿色
# Check the supervisor service status
sudo systemctl status supervisor
# Check the celery workers logs
sudo tail -F -n 300 /var/logs/geonode-celery.log
The `environment` directive
将环境变量放入 /etc/supervisor/supervisord.conf 文件;它们通过 environment 指令。
此指令的语法如下:
environment=ENV_KEY_1="ENV_VALUE_1",ENV_KEY_2="ENV_VALUE_2",...,ENV_KEY_n="ENV_VALUE_n"
以下是标准GeoNode芹菜实例所需的最小环境键值对集:
ASYNC_SIGNALS="True"
BROKER_URL="amqp://admin:<your_rabbitmq_admin_password_here>@localhost:5672/"
DEBUG
CACHE_BUSTING_STATIC_ENABLED
CACHE_BUSTING_MEDIA_ENABLED
SITEURL
DJANGO_SETTINGS_MODULE
GEOSERVER_ADMIN_PASSWORD
GEOSERVER_LOCATION
GEOSERVER_PUBLIC_LOCATION
GEOSERVER_WEB_UI_LOCATION
MONITORING_ENABLED
您还需要:
根据您的习惯添加更多变量 tasks (如有)
制作 始终 确保环境变量的值与 uwsgi.ini 文件
#sudo yum upgrade -y
sudo yum install -y yum-plugin-versionlock
sudo yum install -y libffi-devel deltarpm java-1.8.0-openjdk.x86_64 zlib-devel bzip2-devel openssl-devel readline-devel git vim nginx rpm-build libxml2-devel geos-devel gettext geos-devel libjpeg-devel libpng-devel zlib zlib-devel libspatialite-devel tcl-devel tcl
#libpq needed by psycopg2
wget http://vault.centos.org/8.1.1911/AppStream/Source/SPackages/libpq-12.1-3.el8.src.rpm
sudo yum-builddep -y libpq-12.1-3.el8.src.rpm
rpmbuild --rebuild libpq-12.1-3.el8.src.rpm
sudo yum install -y ./rpmbuild/RPMS/x86_64/libpq-12.1-3.el7.x86_64.rpm ./rpmbuild/RPMS/x86_64/libpq-devel-12.1-3.el7.x86_64.rpm
sudo yum versionlock libpq.x86_64 libpq-devel.x86_64
# Build an rpm of SQLITE > 3.8.3 (Django)
wget http://vault.centos.org/8.1.1911/BaseOS/Source/SPackages/sqlite-3.26.0-4.el8_1.src.rpm
sudo yum-builddep -y sqlite-3.26.0-4.el8_1.src.rpm
rpmbuild --rebuild --nocheck sqlite-3.26.0-4.el8_1.src.rpm
sudo yum install -y ./rpmbuild/RPMS/x86_64/sqlite-3.26.0-4.el7.x86_64.rpm ./rpmbuild/RPMS/x86_64/sqlite-devel-3.26.0-4.el7.x86_64.rpm ./rpmbuild/RPMS/x86_64/sqlite-libs-3.26.0-4.el7.x86_64.rpm
#GDAL 2.2.4
sudo yum install -y gdal-devel gdal
2.创建必要的用户¶
sudo useradd -m -U -d /home/geonode -s /bin/bash geonode
sudo useradd -m -U -d /opt/tomcat -s /bin/bash tomcat
sudo usermod -a -G nginx tomcat
在编辑器中添加这些行
geonode localhost = (root) NOPASSWD: /usr/bin/geonode
geonode localhost = (root) NOPASSWD: /usr/bin/geonode_updateip
从临时文件保存到/etc/sudoers并退出。
4.配置PostgreSQL 13¶
您很可能希望在应用下面的SQL命令之前更改密码
sudo subscription-manager repos --enable rhel-7-server-optional-rpms --enable rhel-7-server-extras-rpms --enable rhel-7-server-e4s-rpms --enable rhel-7-server-devtools-rpms
sudo yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
sudo yum install -y postgresql13-server postgis31_13 postgresql13-devel
sudo /usr/pgsql-13/bin/postgresql-13-setup initdb
sudo systemctl enable --now postgresql-13
sudo systemctl start postgresql-13
cat <EOF>> /var/lib/pgsql/13/data/pg_hba.conf
# DO NOT DISABLE!
# If you change this first entry you will need to make sure that the
# database superuser can access the database using some other method.
# Noninteractive access to all databases is required during automatic
# maintenance (custom daily cronjobs, replication, and similar tasks).
# Database administrative login by Unix domain socket
local all postgres trust
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
sudo -u postgres createuser geonode
sudo -u postgres createdb geonode
sudo -u postgres createdb geonode_data
sudo -u postgres psql -c "alter user geonode with encrypted password 'geonode';"
sudo -u postgres psql -d geonode -c 'CREATE EXTENSION postgis;'
sudo -u postgres psql -d geonode -c 'GRANT ALL ON geometry_columns TO PUBLIC;'
sudo -u postgres psql -d geonode -c 'GRANT ALL ON spatial_ref_sys TO PUBLIC;'
sudo -u postgres psql -d geonode -c 'GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO geonode;'
sudo -u postgres psql -d geonode_data -c 'CREATE EXTENSION postgis;'
sudo -u postgres psql -d geonode_data -c 'GRANT ALL ON geometry_columns TO PUBLIC;'
sudo -u postgres psql -d geonode_data -c 'GRANT ALL ON spatial_ref_sys TO PUBLIC;'
sudo -u postgres psql -d geonode_data -c 'GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO geonode;'
5.安装Tomcat和Geoserver