系统：centos7
推荐配置：4核心/8GB内存
关闭selinux

部署：
# 按照依赖包
yum -y install epel-release

yum -y install net-tools vim lsof lrzsz bzip2-devel gcc gcc-c++ make automake unzip curl curl-devel perl perl-devel expat expat-devel zlib zlib-devel asciidoc xmlto gettext-devel openssl-devel openssl mlocate python-devel openldap-devel readline-devel git

# 安装Python-3.6.4
# 不指定安装位置，默认安装到/usr/local/bin目录下
wget https://www.python.org/ftp/python/3.6.4/Python-3.6.4.tgz
tar -zxf Python-3.6.4.tgz
./configure --enable-optimizations
make && make install


# 激活python虚拟环境
/usr/local/bin/pip3.6 install --upgrade pip
/usr/local/bin/pip3.6 install virtualenv -i https://mirrors.aliyun.com/pypi/simple

/usr/local/bin/virtualenv /venv_py36 --python=/usr/local/bin/python3.6

echo "source /venv_py36/bin/activate" >> /root/.bashrc
source /root/.bashrc


# Clone项目代码
mkdir /data/web -p
cd /data/web
git clone https://github.com/lazzyfu/AuditSQL.git sqlaudit

# 安装python依赖包
cd /data/web/sqlaudit/
pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple

# 安装uwsgi网关
pip install uwsgi


# 安装MySQL
yum -y install https://repo.percona.com/yum/percona-release-latest.noarch.rpm
yum -y install Percona-Server-server-57 Percona-Server-devel-57

service mysql start
grep 'temporary password' /var/log/mysqld.log

# 修改密码和创建库（必须utf8，否则初始化失败）
alter user root@'localhost' identified by '!QAZwsx123';
create database sqlaudit character set utf8;

# 初始化表结构
cd /data/web/sqlaudit/sqlaudit/
cp settings-bak.py settings.py
vim settings.py
```
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'sqlaudit',
        'USER': 'root',
        'HOST': 'localhost',
        'PASSWORD': '!QAZwsx123',  # 此处密码需要更新为: !QAZwsx123
        'OPTIONS': {
            'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
            'charset': 'utf8mb4',
        }
    }
}
```
mkdir /data/web/sqlaudit/logs
python manage.py migrate

# 初始化数据
mysql -uroot -p'!QAZwsx123' sqlaudit < initialization_data.sql

# 处理静态文件
python manage.py collectstatic

# 安装redis
# redis使用默认配置即可
yum -y install redis
service redis start

# 安装nginx
useradd nginx -s /bin/bash # 此处必须能登陆，celery服务需要使用
yum -y install nginx
chown -R nginx. /data/web/sqlaudit/


vim /etc/nginx/conf.d/nginx.conf
```
server {
    listen      8000;
    server_name sqlaudit.example.com;
    charset     utf-8;

    # max upload size
    client_max_body_size 75M;

    # django media directory
    location /media  {
        alias /data/web/sqlaudit/media;
    }

    # django static directory
    location /static {
        alias /data/web/sqlaudit/static;
    }

    # uwsgi 反向代理
    location / {
        uwsgi_pass  unix://///data/web/sqlaudit_uwsgi.sock;
        uwsgi_read_timeout 600;

        # the uwsgi_params file you installed
        include     /etc/nginx/uwsgi_params;
    }

    # daphne 反向代理
    location /ws {
      proxy_pass http://0.0.0.0:8001;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_redirect     off;
      proxy_set_header   Host $host;
      proxy_set_header   X-Real-IP $remote_addr;
      proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header   X-Forwarded-Host $server_name;
      proxy_read_timeout  36000s;
      proxy_send_timeout  36000s;
  }
  location /ssh {
      proxy_pass http://0.0.0.0:8001;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_redirect     off;
      proxy_set_header   Host $host;
      proxy_set_header   X-Real-IP $remote_addr;
      proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header   X-Forwarded-Host $server_name;
      proxy_read_timeout  36000s;
  }
}
```

vim /etc/nginx/conf.d/sqlaudit_uwsgi.ini
```
[uwsgi]
uid = nginx
chdir = /data/web/sqlaudit
module = sqlaudit.wsgi
home = /venv_py36
socket = /data/web/sqlaudit_uwsgi.sock
master = true
processes = 8
max-requests = 6000
chmod-socket = 664
vacuum = true
enable-threads = true
single-interpreter = true
daemonize = /var/log/uwsgi.log
```

# 启动服务
service nginx start
uwsgi --ini /etc/nginx/conf.d/sqlaudit_uwsgi.ini

# 启动daphne服务
cd /data/web/sqlaudit
nohup daphne -b 0.0.0.0 -p 8001 -v2 sqlaudit.asgi:application &


# 配置celery服务
vim /etc/init.d/celeryd
# 拷贝文件init.d_celeryd.txt --> /etc/init.d/celeryd
vim /etc/default/celeryd
# 拷贝文件default_celeryd.txt --> /etc/default/celeryd

# 安装gh-ost
# 可以去github下载最新版本安装即可
rpm -ivh https://github.com/github/gh-ost/releases/download/v1.0.48/gh-ost-1.0.48-1.x86_64.rpm


# 配置Inception
# Inception作为语法审核
# 修改为inception服务的地址
vim settings.py
```
# Inception配置
# 用于语法检测
INCEPTION_HOST = '10.10.1.202'
INCEPTION_PORT = 6033
```


# 最后访问Nginx配置文件里面的域名即可
# 请确保如下服务正常启动
service redis restart
service mysql restart
service nginx restart
/etc/init.d/celery restart

ps -ef |grep uwsgi
# 启动命令为：uwsgi --ini /etc/nginx/conf.d/sqlaudit_uwsgi.ini

ps -ef |grep daphne
# 启动命令为：nohup daphne -b 0.0.0.0 -p 8001 -v2 sqlaudit.asgi:application &


FAQ：
1. 解决pymysql不兼容inception的问题
vim /venv_py36/lib/python3.6/site-packages/pymysql/connections.py
```
self.server_version = '5.7.18-16-log'  # 增加此行
if int(self.server_version.split('.', 1)[0]) >= 5:
    self.client_flag |= CLIENT.MULTI_RESULTS
```

vim /venv_py36/lib/python3.6/site-packages/pymysql/cursors.py
```
if not self._defer_warnings:
    #self._show_warnings()
    pass
```

2. 什么时候需要重启uwsgi服务
git pull或者修改了python代码，需要重启uwsgi服务