CentOS 7.2基本配置
ssh配置
/etc/ssh/sshd_config
去掉#Port 22
的注释
增加Port xxx
,修改防火墙,重启后删除Port 22
安装iptables
关闭 firewalld
systemctl stop firewalld.service
systemctl disable firewalld.service
安装 iptables
yum install iptables-services
配置 iptables
vim /etc/sysconfig/iptables
systemctl restart iptables.service
systemctl enable iptables.service
安装Nginx并配置SSL
首先获取Nginx的rmp包
wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
安装rpm -ivh nginx-release-centos-7-0.el7.ngx.noarch.rpm
安装Nginx yum install nginx -y
设置开机自启动systemctl enable nginx.service
修改/etc/nginx/conf.d/default.conf
禁止非域名访问
listen 80;
改为 listen 80 default;
删除 server_name localhost;
生成SSL证书
如图,上传for Nginx.zip至服务器,解压。
新建文件夹mkdir /etc/nginx/ssl
修改/etc/nginx/conf.d/server.conf
server {
listen 80;
+ listen 443 ssl;
server_name example.com;
+ ssl_certificate /etc/nginx/ssl/server.crt;
+ ssl_certificate_key /etc/nginx/ssl/server.key;
...
location / {
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $http_host;
+ proxy_set_header X-Forwarded-Proto $scheme;
...
}
}
这时nginx就配置完了,service nginx restart
重启nginx即可开启SSL。
记得要更改防火墙规则,开放443端口。
配置 acme.sh
curl https://get.acme.sh | sh
生成证书
acme.sh --issue --dns dns_xx -d *.xx.com --keypath /etc/nginx/ssl/all-xx.com/xx.com.key --fullchainpath /etc/nginx/ssl/all-xx.com/xx.com.crt --reloadcmd "sudo systemctl restart nginx" --force
配置MariaDB
vim /etc/yum.repos.d/MariaDB.repo
添加 MariaDB 源
# MariaDB 10.1 CentOS repository list - created 2017-01-24 16:20 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
安装 yum install MariaDB-server MariaDB-client -y
配置PHP7
REMI上已经有了最新的php7.0.9,可以通过yum直接安装。
获取并安装rpm源
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm epel-release-latest-7.noarch.rpm
yum-config-manager --enable remi-php71
如果提示 -bash: yum-config-manager: 未找到命令
则使用yum -y install yum-utils
安装yum-utils包
yum update
yum install php
安装php-fpm
yum install php-fpm
systemctl start php-fpm && systemctl enable php-fpm
安装组件
yum install php-mysqlnd php-gd libjpeg* php-libjpeg* php-ldap php-pear php-xml php-xmlrpc php-pdo
yum install phpunit
配置全局Composer
curl -sS https://getcomposer.org/installer | php
mv composer.phar /usr/local/bin/composer
安装FFmpeg
yum install epel-release
rpm -v --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
yum install ffmpeg ffmpeg-devel
查看FFmpeg版本
ffmpeg -version
FFmpeg路径
which ffmpeg
& which ffprobe
安装Node.js
curl -sL https://rpm.nodesource.com/setup_12.x | sudo bash -
yum install nodejs
yum install gcc-c++ make
Install yarn
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo | sudo tee /etc/yum.repos.d/yarn.repo
yum install yarn
配置Apache
yum install httpd
启动Apache
systemctl start httpd.service
添加开机启动Apache
systemctl enable httpd.service
配置http-vhosts启用Apache反向代理
vi /etc/httpd/conf.d/httpd-vhosts.conf
<VirtualHost server:port>
ServerName domain name
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:port/
ProxyPassReverse / http://127.0.0.1:port/
</VirtualHost>
安装MariaDB10.x
vim /etc/yum.repos.d/MariaDB.repo
# MariaDB 10.1 CentOS repository list - created 2017-01-10 03:32 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
yum install MariaDB-server MariaDB-client