How to manually configure the reliable guard of AnQiCMS process without Baota panel?
As an experienced CMS operation personnel of an enterprise security, I am well aware that it is crucial to ensure the stable operation of the content management system in a complex server environment.For many users who do not use the Baota panel, manually configuring the process guardian for AnQiCMS may seem like a challenge, but as long as the correct method is mastered, it can achieve enterprise-level high reliability.This article will detail how to reliably protect the AnQiCMS process without the Taota面板 environment.
Understanding the importance of AnQiCMS process guardian
AnQiCMS is a high-performance content management system developed based on the Go language.Different from traditional CMS that depend on external services like PHP-FPM, AnQiCMS is compiled into an independent binary executable file, which is itself a web server and typically listens on a specific port (such as the default 8001).This means it does not depend on a web server to start and manage processes like PHP applications.However, a binary program that runs independently also needs a mechanism to ensure it remains online.Once a program crashes or stops for any reason (such as a code error, system resource exhaustion, server restart, etc.) and if there is no watchdog, the website will not be accessible.Therefore, configuring a reliable process guardian for AnQiCMS is a key link in ensuring the high availability and stability of the website.
Preparation and initial deployment of AnQiCMS
Before configuring the process guardian, you need to complete the basic deployment of AnQiCMS. First, download the latest installation package suitable for the Linux environment from the AnQiCMS official website, upload it to your server, unzip it to a suitable directory, such as/opt/anqicmsor/www/wwwroot/您的域名. After unpacking, you will get an executable file namedanqicms(or any custom binary filename), as well asconfig.jsona configuration file,templateandpublicdirectories.
Next, ensure that MySQL database is installed and running on your server, and create the database and user with sufficient permissions required by AnQiCMS. When running AnQiCMS for the first time, you need to enter the installation directory of AnQiCMS via the command line and execute directly../anqicms. After the program starts, access your server IP address and port via the browser (for examplehttp://服务器IP:8001),AnQiCMS will guide you through the database connection, administrator account setup, and site information initialization. After completing the initialization, you can close the current command line process.
Configure Nginx or Apache reverse proxy
Due to AnQiCMS running by default on a specific port, and users usually access the website through standard HTTP/HTTPS ports (80/443), it is necessary to configure Nginx or Apache as a reverse proxy.The reverse proxy is responsible for forwarding user requests to the port that AnQiCMS is listening on and returning AnQiCMS's responses to the user.
For Nginx servers, you can add similar configurations in the site's configuration file:
server {
listen 80;
server_name www.yourdomain.com; # 替换为您的域名
root /www/wwwroot/yourdomain.com/public; # 替换为您的AnQiCMS public目录
location @AnqiCMS {
proxy_pass https://en.anqicms.com; # AnQiCMS监听的端口
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 404 =200 @AnqiCMS;
location / {
try_files $uri $uri/index.html @AnqiCMS;
}
# 其他Nginx配置,例如SSL、日志等
access_log /var/log/nginx/yourdomain.com_access.log;
error_log /var/log/nginx/yourdomain.com_error.log warn;
}
If you use the Apache server, you can configure it throughmod_proxymodule. Add the following content to your site's virtual host configuration file:
<VirtualHost *:80>
ServerName www.yourdomain.com # 替换为您的域名
DocumentRoot /www/wwwroot/yourdomain.com/public # 替换为您的AnQiCMS public目录
ProxyRequests Off
ProxyPreserveHost On
ProxyVia On
<Proxy *>
Require all granted
</Proxy>
# 将所有请求转发到AnQiCMS监听的端口
ProxyPass / https://en.anqicms.com/
ProxyPassReverse / https://en.anqicms.com/
ErrorLog ${APACHE_LOG_DIR}/yourdomain.com_error.log
CustomLog ${APACHE_LOG_DIR}/yourdomain.com_access.log combined
</VirtualHost>
After the configuration is completed, please make sure to restart the Nginx or Apache service to take effect.
Several methods to keep the AnQiCMS process running
Now, let's discuss how to reliably protect the AnQiCMS process in an environment without the Baota panel.We will introduce several solutions, ranging from simple to complex, suitable for different needs and operation and maintenance experience scenarios.
Plan one: Use Crontab with Shell script (basic guardian)
install.mdThe document mentions the use ofcrontabcooperatestart.shScript to guard the AnQiCMS process, which is a simple and straightforward basic guard method.
Create a startup script
start.sh:Create a named directory under the AnQiCMS installation directory,start.shThe file, and give it execution permission. This script is used to check if the AnQiCMS process is running, and if it is not running, it will start it. The script content should be similar to:#!/bin/bash ### check and start AnqiCMS # author fesion # the bin name is anqicms BINNAME=anqicms BINPATH=/www/wwwroot/anqicms # 替换为您的AnQiCMS安装路径 # 检查进程是否存在 exists=`ps -ef | grep '\<'$BINNAME'\>' |grep -v grep |wc -l` echo "$(date +'%Y%m%d %H:%M:%S') $BINNAME PID check: $exists" >> $BINPATH/check.log echo "PID $BINNAME check: $exists" if [ $exists -eq 0 ]; then echo "$BINNAME NOT running" cd $BINPATH && nohup $BINPATH/$BINNAME >> $BINPATH/running.log 2>&1 & fiPlease note, to
BINPATHReplace the variable with the actual installation path of your AnQiCMS.Configure the Crontab scheduled task:Edit the system's Crontab task to let
start.shThe script runs every minute.crontab -eAdd a line in the open editor:
*/1 * * * * /www/wwwroot/anqicms/start.sh # 替换为您的start.sh脚本的完整路径Save and exit the editor. In this way, the system will check the AnQiCMS process every minute and automatically start it when it stops.
Advantage:Configuration is simple and easy to understand.Shortcomings:Unable to restart immediately when AnQiCMS crashes, there is a delay of about one minute.Log management is relatively primitive and cannot track process status in detail.For production environments with high availability requirements, this method is not ideal.
Plan two: Use Systemd (recommended production environment daemon solution)
Systemd is a modern Linux distribution (such as CentOS7⁄8The default system and service manager in Ubuntu 16.04+, which provides a powerful and mature service management mechanism, capable of automatically starting processes, restarting after crashes, log management, and other functions, and is the choice for protecting AnQiCMS processes in production environments.
Create a systemd service file:In
/etc/systemd/system/Create a file namedanqicms.serviceThe file is used to define AnQiCMS service.sudo vim /etc/systemd/system/anqicms.serviceThe file content should be similar to:
”`ini [Unit] Description=AnqiCMS Service After=network.target # After the network service starts up
If AnqiCMS depends on MySQL, you can add After = mysql.service
[Service] Type=simple # The process type is simple WorkingDirectory=/www/wwwroot/anqicms # Replace it with your AnQiCMS installation path ExecStart=/www/wwwroot/anqicms/anqicms # Replace it with the full path to your AnQiCMS executable file Restart=always # Always restart, regardless of normal exit, abnormal exit, signal exit, etc. RestartSec=3 # Wait for 3 seconds before restarting User=www # It is recommended to run AnqiCMS with a non-root user, such as www user Group=www