一、更新系统内核到最新
[root@localhost ~]# yum -y update
二、安装 MySQL
[root@localhost ~]# yum -y install mysql mysql-server
安装完毕,让 MySQL 能够随系统自动启动:
[root@localhost ~]# chkconfig –levels 235 mysqld on
[root@localhost ~]# /etc/init.d/mysqld start
设置mysql数据库root帐号密码:
[root@localhost ~]# mysqladmin -u root password “123456”
#启用MySql日志[不是必须]
———————————————–
[root@localhost ~]# vim /etc/my.conf
[msqld]
log=/var/log/mysqlacc.log
———————————————
[root@localhost ~]# /etc/init.d/mysqld restart
三、安装 Apache 组件
[root@localhost ~]# yum -y install httpd
同样配置系统让 Apache 随系统启动
[root@localhost ~]# chkconfig –levels 235 httpd on
[root@localhost ~]# /etc/init.d/httpd start
测试文件
[root@localhost ~]# echo “<h1>thello word</h1>” >> /var/www/html/index.html
四、安装 PHP
[root@localhost ~]# yum -y install php
[root@localhost ~]# /etc/init.d/httpd restart
[root@localhost ~]# echo “<?php phpinfo();?>” >> /var/www/html/phpinfo.php
将 PHP 模块和 MySQL 模块关联起来
[root@localhost ~]# yum -y install php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-curl php-mbstring
[root@localhost ~]# /etc/init.d/httpd restart
五、安装phpMyAdmin:
[root@localhost ~]# cd /var/www/html/
[root@localhost ~]# wget http://autocron.sinaapp.com/php/phpmyadmin.zip
[root@localhost ~]# unzip phpmyadmin.zip
[root@localhost ~]# rm -f phpmyadmin.zip
[root@localhost ~]# chmod -R 755 phpmyadmin
可以浏览:http://~~/phpmyadmin
六、安装SVN及其相关模块:
[root@localhost ~]# yum -y install httpd httpd-devel subversion mod_dav_svn mod_auth_mysql
确认已安装了svn模块:
[root@localhost ~]# cd /etc/httpd/modules
[root@localhost ~]# ls | grep svn
mod_authz_svn.so
mod_dav_svn.so
验证安装:
[root@localhost ~]# svnserve –version
七、新建版本库:
[root@localhost ~]# mkdir -p /opt/svn
[root@localhost ~]# svnserve -d -r /opt/svn
[root@localhost ~]# svnadmin create /opt/svn/chepiao
用户密码passwd配置:
[root@localhost ~]# cd /opt/svn/chepiao/conf
[root@localhost ~]# vi + passwd
——————————————–
[users]
# harry = harryssecret
# sally = sallyssecret
phpbin=123456
——————————————–
权限控制authz配置:
[root@localhost ~]# vi + authz
——————————————–
#设置[/]代表根目录下所有的资源
[/]
phpbin=rw
——————————————-
服务svnserve.conf配置:
[root@localhost ~]# vi + svnserve.conf
——————————————-
[general]
#匿名访问的权限,可以是read,write,none,默认为read
anon-access=none
#使授权用户有写权限
auth-access=write
#密码数据库的路径
password-db=passwd
#访问控制文件
authz-db=authz
#认证命名空间,subversion会在认证提示里显示,并且作为凭证缓存的关键字
#realm=/opt/svn/chepiao
——————————————–
开机自动启动:
[root@localhost ~]# vi /etc/rc.local
加入一行:svnserve -d -r /opt/svn
SVN 配置防火墙端口:
[root@localhost ~]# vi /etc/sysconfig/iptables
添加以下内容:
-A INPUT -m state –state NEW -m tcp -p tcp –dport 3690 -j ACCEPT
保存后重启防火墙
[root@localhost ~]# service iptables restart
启动SVN:
[root@localhost ~]# svnserve -d -r /opt/svn
查看SVN进程:
[root@localhost ~]# ps -ef|grep svn|grep -v grep
root 12538 1 0 14:40 ? 00:00:00 svnserve -d -r /opt/svn/chepiao
检测SVN 端口
[root@localhost ~]# netstat -ln |grep 3690
tcp 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN
停止重启SVN:
[root@localhost ~]# killall svnserve
[root@localhost ~]# svnserve -d -r /opt/svn –listen-port 3690
八、实现SVN与WEB同步
[root@localhost ~]# mkdir /var/www/chepiao #目标路径#
[root@localhost ~]# svn co svn://162.251.120.155/chepiao /var/www/chepiao –username phpbin –password 123456 -no-auth-cache
[root@localhost ~]# chown -R apache:apache /var/www/chepiao #修改权限为WEB用户#
# 建立同步脚本 #
[root@localhost ~]# cd /opt/svn/chepiao/hooks
[root@localhost ~]# cp post-commit.tmpl post-commit
# 编辑post-commit #
[root@localhost ~]# vi + post-commit
———————————————-
export LANG=zh_CN.UTF-8
CURDATE=`date`
SVN=/usr/bin/svn
WEB=/var/www/chepiao/
LOG=/opt/svn/chepiao/hooks/codedeploy.log
echo “Code Deployed By at $CURDATE” >> $LOG
$SVN update $WEB –username phpbin –password 123456 >> $LOG
echo “”>> $LOG
chown -R apache:apache $WEB
————————————————
[root@localhost ~]# chmod a+x post-commit #增加脚本执行权限
【基于MySQL的身份认证】
#不用启动svnserver服务,使用http或https进行操作
#vi /etc/httpd/subverion.conf
————————————————-
<Location /svn>
DAV svn
SVNParentPath /opt/svn
AuthName “SVN”
AuthType Basic
AuthMYSQLEnable on
AuthMySQLPwEncryption none
AuthMYSQLUser root
AuthMySQLPassword 123456
AuthMYSQLDB svn_auth
AuthMYSQLUserTable users
AuthMYSQLNameField user_name
AuthMYSQLPasswordField user_passwd
AuthMySQLUserCondition ” \”%U\” REGEXP path ”
AuthMySQLGroupField user_group
Require valid-user
</Location>
————————————————-
新建数据表:
CREATE TABLE `users` (
`user_name` VARCHAR(50) NULL DEFAULT NULL,
`user_passwd` VARCHAR(50) NULL DEFAULT NULL,
`user_group` VARCHAR(50) NULL DEFAULT NULL
)
ENGINE=InnoDB;
————————————————
参数说明:
AuthMySQLEnable #开启mysql认证 on | off
AuthMySQLHost #Mysql地址
AuthMySQLPort #Mysql端口
AuthMySQLUser #Mysql账号
AuthMySQLPassword #Mysql密码
AuthMySQLDB #数据库名称
AuthMySQLUserTable #用户对应数据表
AuthMySQLUserCondition #查询条件
AuthMySQlNameField #用户对应字段
AuthMySQLPasswordField #密码对就字段
AuthMySQLPwEncryption #密码加密码方式 常用md5
AuthMySQLGroupTable #分组对应的表
AuthMySQLGroupCondition #分组查询条件
AuthMySQLGroupField #分组对应字段
AuthMySQLKeepAlive #保持Mysql连接 on | off
AuthMySQLAuthoritative #Mysql失败启动其他验证方式
Require valid-user #限定用户
Require group xxx #限定分组
九、绑定域名
———————————————-
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot “/var/www/chepiao”
ServerName chepiao.faiweixin.pw
<Directory “/var/www/chepiao”>
Options FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
———————————————-
十、安装vsftpd
安装vsftpd,开机自启
[root@localhost ~]# yum -y install vsftpd
[root@localhost ~]# /etc/init.d/vsftpd start
[root@localhost ~]# chkconfig –level 3 vsftpd on
关闭匿名用户登录
[root@localhost ~]# vi /etc/vsftpd/vsftpd.conf
——————————————–
系统默认关闭
anonymous_enable=NO
#anon_upload_enable=YES
#anon_mkdir_write_enable=YES
——————————————–
新建FTP用户并设置无登录权限
[root@localhost ~]# useradd ftpuser -r -m -d /var/www/ftpuser -s /sbin/nologin
设置登录密码
[root@localhost ~]# passwd ftpuser
也可使用改家目录的方式
——————————————–
[root@localhost ~] useradd -s /sbin/nologin viong
[root@localhost ~] /etc/passwd #修改家目录
——————————————–
vsftp安全设置
[root@localhost ~]# vi /etc/vsftpd/vsftpd.conf
——————————————–
去掉前面#号
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
——————————————–
限制系统用户锁定在家目录
本地重要用户加班到chroot_list
[root@localhost ~]# touch /etc/vsftpd/chroot_list
[root@localhost ~]# cut -d : -f 1 /etc/passwd >> /etc/vsftpd/chroot_list
限制重要系统用户不能登录ftp权限
[root@localhost ~]# cat /etc/vsftpd/ftpusers
把之前建的ftpuser账号加进去测试(新账号不要添加)
[root@localhost ~]# echo root >> /etc/vsftpd/ftpusers
[root@localhost ~]# echo ftpuser >> /etc/vsftpd/ftpusers
FTP配置防火墙端口:
[root@localhost ~]# vi /etc/sysconfig/iptables
添加以下内容:
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT
保存后重启防火墙
[root@localhost ~]# service iptables restart
十一、安装GIT
安装Git:
$ yum -y install git expect
添加用户和用户组
$ groupadd git
$ useradd git -g git
初始化Git仓库
$ cd /home
$ mkdir gitrepo
$ chown git:git gitrepo/
$ cd gitrepo
$ git init –bare runoob.git
Initialized empty Git repository in /home/gitrepo/runoob.git/
$ chown -R git:git runoob.git
克隆仓库
$ git clone git@192.168.45.4:/home/gitrepo/runoob.git
Cloning into ‘runoob’…
warning: You appear to have cloned an empty repository.
Checking connectivity… done.
自动部署
/home/gitrepo/runoob/hooks/post-receive中
#!/bin/sh
DEPLOY_PATH=/var/www/runoob
unset GIT_DIR
cd $DEPLOY_PATH
passwd=’123456’
/usr/bin/expect <<-EOF
spawn git pull origin master
expect {
“*yes/no” { send “yes\r”; exp_continue }
“*password:” { send “$passwd\r” }
}
expect eof
EOF
十二、安装SSL
#安装SSL
[root@localhost ~]# yum -y install mod_ssl
#进入HTTP服务器配置文件所在目录
[root@localhost ~]# cd /etc/pki/tls/certs/
#建立服务器密钥
#要输入两次密码
[root@localhost ~]# make server.key
#从密钥中删除密码
#以避免系统启动后被询问口令
[root@localhost ~]# openssl rsa -in server.key -out server.key
#建立服务器公钥
#各种信息请尽量填写完整
#最后两个可以不输入
[root@localhost ~]# make server.csr
#建立服务器证书
[root@localhost ~]# openssl x509 -in server.csr -out server.pem -req -signkey server.key -days 365
[root@localhost ~]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365
#保护密钥
root@localhost ~]# chmod 400 server.*
#设置SSL
[root@localhost ~]# vim /etc/httpd/conf/httpd.conf
————————————————
NameVirtualHost *:443
<VirtualHost *:443>
DocumentRoot /var/www/laowu
ServerName laowu.redianr.cn
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/certs/server.key
<Directory /var/www/laowu>
Options FollowSymLinks
AllowOverride All
Allow from all
</Directory>
</VirtualHost>
————————————————
============================================================
<VirtualHost www.domain.com:443>
DocumentRoot "/var/www/html"
ServerName www.domain.com
SSLEngine on
SSLCertificateFile /usr/local/apache/conf/2_www.domain.com_cert.crt
SSLCertificateKeyFile /usr/local/apache/conf/3_www.domain.com.key
SSLCertificateChainFile /usr/local/apache/conf/1_root_bundle.crt
</VirtualHost>
======================================================================[root@localhost ~]# /etc/rc.d/init.d/httpd restart
升级软件:
1.rpm -Uvh http://repo.webtatic.com/yum/el6/latest.rpm
2.yum install php54w
3.yum install php-devel.i686 (phpize)
修改yum源:
1. cd /etc/yum.repos.d
2. mv CentOS-Base.repo CentOS-Base.repo.backup
3. wget http://mirrors.163.com/.help/CentOS6-Base-163.repo
4. mv CentOS6-Base-163.repo CentOS-Base.repo
5.yum clean all
补一:安装redis
1.安装redis
#sudo -y yum install redis
2.安装php-redis扩展
#sudo -y yum install php-redis
3.启动redis,并设定开机自动启动
#service redis start
#chkconfig redis on
php Session使用redis保存:
#vim /etc/php.ini
session.save_handler = "redis"
session.save_path = "tcp://127.0.0.1:6379"
或在 .htaccess 中
php_value session.save_handler "redis"
php_value session.save_path "tcp://127.0.0.1:6379"
补二:安装Memcached
1.安装Memcached
$ yum -y install memcached
$ service memcached start
自启动
$ chkconfig –level 2345 memcached on
2.配置文件:
vi /etc/sysconfig/memcached
=====================================
PORT=”11211″ // 端口
USER=”memcached” // 用户
MAXCONN=”1024″ // 最大连接
CACHESIZE=”64″ // 最大内存
OPTIONS=””
=====================================
状态查询:
$ memcached-tool 127.0.0.1:11211 stats
2.安装php扩展
$ yum -y install libmemcached libmemcached-devel
// pecl 安装
$ pecl install memcached
$ echo “extension = memcached.so” >> /etc/php.d/memcached.ini
$ /etc/init.d/httpd restart
php Session使用memcached保存:
#vim /etc/php.ini
session.save_handler = "memcached"
session.save_path = "tcp://127.0.0.1:11211"
或在 .htaccess 中
php_value session.save_handler "memcached"
php_value session.save_path "tcp://127.0.0.1:11211"