netbox 及 gunicorn安装过程

docs/installation/3-netbox zh-cn.md

@@ -165,12 +165,10 @@ ALLOWED_HOSTS = ['netbox.example.com', '192.0.2.123']
 
 ### DATABASE
 
-本参数配置数据库连接信息. You must define the username and password used when you configured PostgreSQL. If the service is running on a remote host, replace `localhost` with its address. See the [configuration documentation](../../configuration/required-settings/#database) for more detail on individual parameters.
+本参数配置数据库连接信息. 配置 PostgreSQL 时必须指定用户名和密码. 如果服务运行在远程主机, 用相应地址替换 `localhost` . 各参数详细说明查看 [配置文档](../../configuration/required-settings/#database) .
 
 
-This parameter holds the database configuration details. You must define the username and password used when you configured PostgreSQL. If the service is running on a remote host, replace `localhost` with its address. See the [configuration documentation](../../configuration/required-settings/#database) for more detail on individual parameters.
-
-Example:
+例如:
 
 ```python
 DATABASE = {
@@ -185,7 +183,7 @@ DATABASE = {
 
 ### REDIS
 
-Redis is a in-memory key-value store required as part of the NetBox installation. It is used for features such as webhooks and caching. Redis typically requires minimal configuration; the values below should suffice for most installations. See the [configuration documentation](../../configuration/required-settings/#redis) for more detail on individual parameters.
+Redis 是基于内存的 key-value 存储，是 NetBox 安装的必需部分. 主要用于 webhooks 和缓存. Redis 通常需要最小化配置; 如下参数满足大多数据应用场景. 各参数详细说明查看 [配置文档](../../configuration/required-settings/#redis) .
 
 ```python
 REDIS = {
@@ -210,16 +208,17 @@ REDIS = {
 
 ### SECRET_KEY
 
-Generate a random secret key of at least 50 alphanumeric characters. This key must be unique to this installation and must not be shared outside the local system.
+创建一个至少50个字符的包括数字、字符的随机密钥。此密钥必须对此安装唯一，且不应在本系统外使用。 
 
-You may use the script located at `netbox/generate_secret_key.py` to generate a suitable key.
+必须使用 `netbox/generate_secret_key.py` 创建一个相应的密钥.
 
 !!! note
-    In the case of a highly available installation with multiple web servers, `SECRET_KEY` must be identical among all servers in order to maintain a persistent user session state.
 
-## Run Database Migrations
+在具有多个web服务器的高可用性安装的情况下，所有服务器之间的, `SECRET_KEY` 必须相同，才能保存持久化的用户会话状态。
 
-Before NetBox can run, we need to install the database schema. This is done by running `python3 manage.py migrate` from the `netbox` directory (`/opt/netbox/netbox/` in our example):
+## 运行数据库迁移
+
+在 NetBox 运行前, 必须安装数据库脚本. 在我们的示例里，通过在 `netbox` 目录 (`/opt/netbox/netbox/` )运行 `python3 manage.py migrate` :
 
 ```no-highlight
 (venv) # cd /opt/netbox/netbox/
@@ -234,11 +233,11 @@ Running migrations:
   ...
 ```
 
-If this step results in a PostgreSQL authentication error, ensure that the username and password created in the database match what has been specified in `configuration.py`
+如果本步骤报 PostgreSQL 验证错, 请确认在数据库安装时创建的用户名和密码与配置文件 `configuration.py` 中指定的相匹配。
 
-## Create a Super User
+## 创建超级用户
 
-NetBox does not come with any predefined user accounts. You'll need to create a super user to be able to log into NetBox:
+NetBox 未指定任何预置账户. 您首先必须创建一个超级用户以登录 NetBox:
 
 ```no-highlight
 (venv) # python3 manage.py createsuperuser
@@ -249,7 +248,7 @@ Password (again):
 Superuser created successfully.
 ```
 
-## Collect Static Files
+## 采集静态文件
 
 ```no-highlight
 (venv) # python3 manage.py collectstatic --no-input
@@ -257,9 +256,9 @@ Superuser created successfully.
 959 static files copied to '/opt/netbox/netbox/static'.
 ```
 
-## Test the Application
+## 测试应用程序
 
-At this point, NetBox should be able to run. We can verify this by starting a development instance:
+当前, NetBox 应该可以运行了. 我们能够通过启动一个开发实例以进行确认：
 
 ```no-highlight
 (venv) # python3 manage.py runserver 0.0.0.0:8000 --insecure
@@ -272,15 +271,15 @@ Starting development server at http://0.0.0.0:8000/
 Quit the server with CONTROL-C.
 ```
 
-Next, connect to the name or IP of the server (as defined in `ALLOWED_HOSTS`) on port 8000; for example, <http://127.0.0.1:8000/>. You should be greeted with the NetBox home page. Note that this built-in web service is for development and testing purposes only. **It is not suited for production use.**
+然后, 使用在 (`ALLOWED_HOSTS` 中指定的地址)连接到服务器的 8000 端口; 例如, <http://127.0.0.1:8000/>. 然后就应该能够看到 NetBox 首页. 需要注意的是，内建的 Web 服务器只用于开发和测试目的. **不适合生产环境使用.**
 
 !!! warning
-    If the test service does not run, or you cannot reach the NetBox home page, something has gone wrong. Do not proceed with the rest of this guide until the installation has been corrected.
+    如果测试服务没有运行，或者您无法访问 NetBox 主页，则说明出现了问题。在纠正安装之前，不要继续执行本指南的其余部分。 
 
-Note that the initial UI will be locked down for non-authenticated users.
+ 请注意，对于未经身份验证的用户，初始UI将被锁定.
 
-![NetBox UI as seen by a non-authenticated user](../media/installation/netbox_ui_guest.png)
+![未经身份验证的 NetBox 用户界面](../media/installation/netbox_ui_guest.png)
 
-After logging in as the superuser you created earlier, all areas of the UI will be available.
+以先前创建的超级用户身份登录后，UI的所有区域都将可用。 
 
-![NetBox UI as seen by an administrator](../media/installation/netbox_ui_admin.png)
+![NetBox 的管理员界面](../media/installation/netbox_ui_admin.png)

docs/installation/4-gunicorn zh-cn.md

@@ -0,0 +1,49 @@
+# Gunicorn
+
+如同大多数 Django 应用程序一样, NetBox 在 HTTP 服务器后方，运行为一个 [WSGI 应用](https://en.wikipedia.org/wiki/Web_Server_Gateway_Interface) . 本文档表述了如何以 [gunicorn](http://gunicorn.org/) 的方式进行安装和配置, 当然，其他 WSGIs 也是可行的，并且应该能以类似的方式工作.
+
+## 配置
+
+NetBox 为 gunicorn 提供了一个默认配置文件. 只需要复制 `/opt/netbox/contrib/gunicorn.py` 为 `/opt/netbox/gunicorn.py` 即可使用. (我们复制文件后使用，而不是直接指向它，以确保对它的任何更改不会因将来的升级而丢失。)
+
+```no-highlight
+# cd /opt/netbox
+# cp contrib/gunicorn.py /opt/netbox/gunicorn.py
+```
+
+缺省配置文件已经适合大多数情况的初始化要求, 如果您希望修改配置文件中的服务绑定的 IP 地址和端口, 或者希望进行性能调整, 请参考 [Gunicorn 文档](https://docs.gunicorn.org/en/stable/configure.html) 查阅可用的配置参数.
+
+## systemd 安装 
+
+我们使用 systemd 控制 gunicorn 和 NetBox 的后台工作进程. 首先, 复制 `contrib/netbox.service` 和 `contrib/netbox-rq.service` 到 `/etc/systemd/system/` 目录，并重载 systemd 守护进程:
+
+```no-highlight
+# cp contrib/*.service /etc/systemd/system/
+# systemctl daemon-reload
+```
+
+然后, 启动 `netbox` 和 `netbox-rq` 服务，并允许它们在操作系统启动时自动装载:
+
+```no-highlight
+# systemctl start netbox netbox-rq
+# systemctl enable netbox netbox-rq
+```
+
+您可以通过 `systemctl status netbox` 验证 WSGI 服务是否正在运行:
+
+```no-highlight
+# systemctl status netbox.service
+● netbox.service - NetBox WSGI Service
+   Loaded: loaded (/etc/systemd/system/netbox.service; enabled; vendor preset: enabled)
+   Active: active (running) since Thu 2019-12-12 19:23:40 UTC; 25s ago
+     Docs: https://netbox.readthedocs.io/en/stable/
+ Main PID: 11993 (gunicorn)
+    Tasks: 6 (limit: 2362)
+   CGroup: /system.slice/netbox.service
+           ├─11993 /usr/bin/python3 /usr/local/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /opt/netbox/...
+           ├─12015 /usr/bin/python3 /usr/local/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /opt/netbox/...
+           ├─12016 /usr/bin/python3 /usr/local/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /opt/netbox/...
+...
+```
+
+当您确认 WSGI 进程已经启动并成功运行, 下一步进行 HTTP 服务器配置.

docs/installation/5-http-server zh-cn.md

@@ -0,0 +1,95 @@
+# HTTP 服务器安装
+
+This documentation provides example configurations for both [nginx](https://www.nginx.com/resources/wiki/) and [Apache](http://httpd.apache.org/docs/2.4), though any HTTP server which supports WSGI should be compatible.
+
+!!! info
+    For the sake of brevity, only Ubuntu 18.04 instructions are provided here, these tasks not unique to NetBox and should carry over to other distributions with mininal changes. Please consult your distribution's documentation for assistance if needed.
+
+## Obtain an SSL Certificate
+
+To enable HTTPS access to NetBox, you'll need a valid SSL certificate. You can purchase one from a trusted commercial provider, obtain one for free from [Let's Encrypt](https://letsencrypt.org/getting-started/), or generate your own (although self-signed certificates are generally untrusted). Both the public certificate and private key files need to be installed on your NetBox server in a location that is readable by the `netbox` user.
+
+The command below can be used to generate a self-signed certificate for testing purposes, however it is strongly recommended to use a certificate from a trusted authority in production. Two files will be created: the public certificate (`netbox.crt`) and the private key (`netbox.key`). The certificate is published to the world, whereas the private key must be kept secret at all times.
+
+```no-highlight
+# openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+-keyout /etc/ssl/private/netbox.key \
+-out /etc/ssl/certs/netbox.crt
+```
+
+The above command will prompt you for additional details of the certificate; all of these are optional.
+
+## HTTP Server Installation
+
+### Option A: nginx
+
+Begin by installing nginx:
+
+```no-highlight
+# apt-get install -y nginx
+```
+
+Once nginx is installed, copy the nginx configuration file provided by NetBox to `/etc/nginx/sites-available/netbox`. Be sure to replace `netbox.example.com` with the domain name or IP address of your installation. (This should match the value configured for `ALLOWED_HOSTS` in `configuration.py`.)
+
+```no-highlight
+# cp /opt/netbox/contrib/nginx.conf /etc/nginx/sites-available/netbox
+```
+
+Then, delete `/etc/nginx/sites-enabled/default` and create a symlink in the `sites-enabled` directory to the configuration file you just created.
+
+```no-highlight
+# cd /etc/nginx/sites-enabled/
+# rm default
+# ln -s /etc/nginx/sites-available/netbox
+```
+
+Finally, restart the `nginx` service to use the new configuration.
+
+```no-highlight
+# service nginx restart
+```
+
+### Option B: Apache
+
+Begin by installing Apache:
+
+```no-highlight
+# apt-get install -y apache2
+```
+
+Next, copy the default configuration file to `/etc/apache2/sites-available/`. Be sure to modify the `ServerName` parameter appropriately.
+
+```no-highlight
+# cp /opt/netbox/contrib/apache.conf /etc/apache2/sites-available/netbox.conf
+```
+
+Finally, ensure that the required Apache modules are enabled, enable the `netbox` site, and reload Apache:
+
+```no-highlight
+# a2enmod ssl proxy proxy_http headers
+# a2ensite netbox
+# service apache2 restart
+```
+
+## Confirm Connectivity
+
+At this point, you should be able to connect to the HTTP service at the server name or IP address you provided.
+
+!!! info
+    Please keep in mind that the configurations provided here are bare minimums required to get NetBox up and running. You may want to make adjustments to better suit your production environment.
+
+!!! warning
+    Certain components of NetBox (such as the display of rack elevation diagrams) rely on the use of embedded objects. Ensure that your HTTP server configuration does not override the `X-Frame-Options` response header set by NetBox.
+
+## Troubleshooting
+
+If you are unable to connect to the HTTP server, check that:
+
+* Nginx/Apache is running and configured to listen on the correct port.
+* Access is not being blocked by a firewall somewhere along the path. (Try connecting locally from the server itself.)
+
+If you are able to connect but receive a 502 (bad gateway) error, check the following:
+
+* The WSGI worker processes (gunicorn) are running (`systemctl status netbox` should show a status of "active (running)")
+* nginx/Apache is configured to connect to the port on which gunicorn is listening (default is 8001).
+* SELinux is not preventing the reverse proxy connection. You may need to allow HTTP network connections with the command `setsebool -P httpd_can_network_connect 1`