要设置静态ip地址,首先要查找对应的配置文件:
cd /etc/sysconfig/network-scripts/
首先进入这个目录,在这个目录下面有若干个文件:
在这些文件中,第一个文件ifcfg-ens33是网卡配置文件,直接修改该文件即可:
vi ifcfg-ens33
把BOOTPROTO=DHCP改为BOOTPROTO=static,即将地址分配方式从动态分配改为静态地址,然后在文件下面追加内容:
IPADDR=192.168.10.10 #静态IP
GATEWAY=192.168.10.1 #默认网关
NETMASK=255.255.255.0 #子网掩码
DNS1=192.168.10.1 #DNS 配置
然后就是保存退出,这还没有结束,需要重启网卡才能改变ip地址:
service network restart
然后使用ip addr命令查看IP地址:
完成!
查看CentOS7 的系统时间
命令: timedatectl
如果时区不是上海
timedatectl set-timezone Asia/Shanghai
查看系统时间区
命令: ls /usr/share/zoneinfo/
删除当前系统所处的分区
命令: sudo rm /etc/localtime
创建软连接以替换当前的时区信息
命令: sudo ln -s /usr/share/zoneinfo/Universal /etc/localtime
再次查看系统时间
命令: sudo timedatectl
查询内核的相关命令 :
1、cat /proc/version 命令
2、uname -a 或 -r (两者区别不大 一个显示信息详细点一个简洁点 选择使用)
设root密码
sudo passwd root
防止不必要的麻烦关闭 Selinux
setenforce 0
永久关闭,可以修改配置文件,将SELINU置为disabled
vim /etc/selinux/config
CentOS8配置阿里云YUM源
1、进入配置目录
cd /etc/yum.repos.d/
2、备份原yum源
mv CentOS-Base.repo CentOS-Base.repo.bak
3、下载阿里云源
命令:wget http://mirrors.aliyun.com/repo/Centos-7.repo
5.执行yum源更新命令
命令:yum clean all
命令:yum makecache
注意:依次执行
6.看一下yum仓库有多少包
命令:yum repolist
1、关闭firewall:
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
2、安装iptables防火墙
yum install iptables-services -y #安装
vi /etc/sysconfig/iptables #编辑防火墙配置文件
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8888 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 9000 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
:wq! #保存退出
systemctl restart iptables.service #最后重启防火墙使配置生效
systemctl enable iptables.service #设置防火墙开机启动
root 帐号通过 SSH 登录
vi /etc/ssh/sshd_config
PermitRootLogin yes
PasswordAuthentication yes
AllowUsers root
systemctl restart sshd.service
将/dev/sdb2分区改成swap 分区:
fdisk /dev/sdb
--格式化swap分区:
mkswap /dev/sdb2
使用blkid 查看类型已经变成了swap:
这里的类型已经改变,我们可以尝试手工的启动swap:
[root@rhce ~]# swapon /dev/sdb2
[root@rhce ~]# swapon -s
格式化其他分区
parted /dev/sda print free
unit GB mkpart primary xfs 50 107
set 4 lvm on
ls -l /dev/disk/by-uuid
mkfs.xfs /dev/sda4
mount /dev/sda4 /data
我们这里把/dev/dbb1和/dev/sdc1都添加/etc/fstab 文件,在重启一下看看。 添加内容如下:
UUID=ebd65f59-1b3b-478e-8879-b194781d9589 swap swap defaults 0 0
UUID=aa093507-96c1-497e-8ebb-bf95bcd98493 /data xfs defaults 0 0
yum install -y wget lrzsz
wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -ivh epel-release-latest-7.noarch.rpm
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum clean all
yum makecache
yum -y install samba samba-client samba-common
smbpasswd -a root
1,命令模式
systemctl set-default multi-user.target
2,图形模式
systemctl set-default graphical.target
安装webmin
yum -y install openssl perl perl-Encode-Detect perl-Net-SSLeay perl-IO-Tty unzip autoconf
删除perl模块时先用如下命令查看perl的文件夹,然后直接删除文件或文件夹:
perl -e 'print join "\n",@INC'
测试perl模块是是否安装成功,用下面命令,无提示表示成功:
perl -e 'use Net::SSLeay'
wget https://prdownloads.sourceforge.net/webadmin/webmin-1.991-1.noarch.rpm
rpm -ivh webmin-1.991-1.noarch.rpm
systemctl restart webmin
systemctl enable webmin
安装mariadb
MariaDB数据库管理系统是MySQL的一个分支,主要由开源社区在维护,采用GPL授权许可。开发这个分支的原因之一是:甲骨文公司收购了MySQL后,有将MySQL闭源的潜在风险,因此社区采用分支的方式来避开这个风险。MariaDB的目的是完全兼容MySQL,包括API和命令行,使之能轻松成为MySQL的代替品。
安装mariadb,大小59 M。
yum install mariadb-server mariadb -y
mariadb数据库的相关命令是:
systemctl start mariadb #启动MariaDB
systemctl stop mariadb #停止MariaDB
systemctl restart mariadb #重启MariaDB
systemctl enable mariadb #设置开机启动
[root@yl-web yl]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 5.5.41-MariaDB MariaDB Server
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
+--------------------+
4 rows in set (0.00 sec)
设置密码
mysql> set password for 'root'@'localhost' =password('password');
Query OK, 0 rows affected (0.00 sec)
mysql>
不需要重启数据库即可生效。
三、配置mysql
1、编码
mysql配置文件
vim /etc/my.cnf
最后加上编码配置
[mysql]
default-character-set =utf8
这里的字符编码必须和/usr/share/mysql/charsets/Index.xml中一致。
2、远程连接设置
把在所有数据库的所有表的所有权限赋值给位于所有IP地址的root用户。
mysql> grant all privileges on *.* to root@'%'identified by 'password';
如果是新用户而不是root,则要先新建用户
mysql>create user 'mail'@'localhost' identified by 'password';
mysql> set password for 'mail'@'localhost' =password('123456');
此时就可以进行远程连接了。
Nginx 安装
1:下载nginx最新稳定版本
wget http://nginx.org/download/nginx-1.21.6.tar.gz
2:执行
tar -zxvf nginx-1.21.6.tar.gz
yum -y install gcc gcc-c++ pcre-devel zlib-devel openssl openssl-devel
./configure --prefix=/etc/nginx --with-http_ssl_module \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-pcre
make && make install
useradd -s /sbin/nologin -M nginx
id nginx
mkdir /var/log/nginx
mkdir /etc/nginx/conf.d/
yum -y install yum-utils
yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional
yum install certbot python2-certbot-nginx jq -y
export DPI_Id="108"
export DPI_Key="59fbd"
vi /etc/dnspod_token
108,59fbd
certbot certonly --manual --preferred-challenges dns --email test@test.com -d haobo888.net -d *.haobo888.net --server https://acme-v02.api.letsencrypt.org/directory --manual-auth-hook /data/backup/certbot-auth-dnspod.sh
certbot certonly --manual --preferred-challenges dns --email test@test.com -d haose888.net -d *.haose888.net --server https://acme-v02.api.letsencrypt.org/directory --manual-auth-hook /data/backup/certbot-auth-dnspod.sh
执行
/etc/nginx/sbin/nginx -c /etc/nginx/conf/nginx.conf
vi /etc/rc.local
python /usr/local/shadowsocks/shadowsocks/server.py -c /etc/shadowsocks.json -d start
mkdir /var/run/ss5
/etc/nginx/sbin/nginx -c /etc/nginx/conf/nginx.conf
mkdir /tmp/php7
chmod 777 /tmp/php7
nohup python /data/tgbot/votemutebot/main.py 662382739:AA 480 > /data/nohup.out 2>&1 &
touch /var/lock/subsys/local
给权限
chmod +x /etc/rc.d/rc.local
重启
/etc/nginx/sbin/nginx -s reload
停止:
/etc/nginx/sbin/nginx -s stop
检测配置文件是否正常:
/etc/nginx/sbin/nginx -t
源码安装PHP
1、从官网下载PHP源码包
2、安装依赖包
yum install -y gcc gcc-c++ libxml2-devel libxml2 openssl openssl-devel curl curl-devel libjpeg-devel libpng-devel freetype-devel icu libicu libicu-devel libmcrypt libmcrypt-devel libxslt libxslt-devel sqlite-devel oniguruma oniguruma-devel libvpx-devel libXpm-devel t1lib-devel gd-devel bzip2 bzip2-devel postgresql-devel php-mysql
php 5.6.x编译安装
wget https://www.php.net/distributions/php-5.6.40.tar.gz
wget http://mirrors.sohu.com/php/php-5.6.40.tar.gz
tar -xzvf php-5.6.40.tar.gz
cd php-5.6.40
./configure --prefix=/data/php56 --with-config-file-path=/data/php56/etc --with-pdo-pgsql --with-zlib-dir --with-freetype-dir --enable-mbstring --with-libxml-dir=/usr --enable-soap --enable-calendar --with-curl --with-gd --with-pgsql --disable-rpath --enable-inline-optimization --with-bz2 --with-zlib --enable-sockets --enable-sysvsem --enable-sysvshm --enable-pcntl --enable-mbregex --enable-exif --enable-bcmath --with-mhash --enable-zip --with-pcre-regex --with-pdo-mysql --with-mysqli --with-jpeg-dir=/usr --with-png-dir=/usr --with-openssl --with-fpm-user=www56 --with-fpm-group=www56 --with-libdir=/lib/x86_64-linux-gnu/ --enable-ftp --with-gettext --with-xmlrpc --with-xsl --enable-opcache --enable-fpm --with-iconv --with-xpm-dir=/usr --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-mysql-sock=/var/lib/mysql/mysql.sock --with-mysqli --with-pear
make && make install
4、移动配置文件
cp php.ini-production /data/php56/etc/php.ini
//将源码文件中的php.ini-production移动到php配置文件夹下作为php的配置文件
cp /data/php56/etc/php-fpm.conf.default /data/php56/etc/php-fpm.conf
然后设置php.ini,使用: vim /data/php56/etc/php.ini 打开php配置文件找到cgi.fix_pathinfo配置项,这一项默认被注释并且值为1,根据官方文档的说明,这里为了当文件不存在时,阻止Nginx将请求发送到后端的PHP-FPM模块,从而避免恶意脚本注入的攻击,所以此项应该去掉注释并设置为0
php_value[session.save_path] = "/data/www/tmp/php5"
date.timezone = "Asia/Shanghai"
max_execution_time = 60
upload_max_filesize = 80m
post_max_size = 80m
extension=ftp
short_open_tag = On
vim /data/php56/etc/php-fpm.conf
pid = run/php-fpm.pid
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
;listen = 127.0.0.1:9000
改为
listen = /data/php56/var/run/socket
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
;php_value[session.save_path] = /var/lib/php/session
启动
mkdir /data/php56/var/run
/data/php56/sbin/php-fpm -c /data/php56/etc/php.ini -y /data/php56/etc/php-fpm.conf
cp sapi/fpm/init.d.php-fpm /etc/init.d/php5-fpm
chmod +x /etc/init.d/php5-fpm
/etc/init.d/php5-fpm start
# chmod 0660 /data/php56/var/run/socket
# chown nginx:nginx /data/php56/var/run/socket
cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/php-fpm5.service
vim /usr/lib/systemd/system/php-fpm5.service
PIDFile=/data/php56/var/run/php-fpm.pid
ExecStart=/data/php56/sbin/php-fpm --nodaemonize --fpm-config /data/php56/etc/php-fpm.conf
systemctl daemon-reload
systemctl enable php-fpm5.service
systemctl restart php-fpm5.service
编译安装php7
yum remove libzip libzip-devel
wget https://libzip.org/download/libzip-1.2.0.tar.gz
tar -xzvf libzip-1.2.0.tar.gz
cd libzip-1.2.0
./configure
make && make install
ln -s /usr/local/lib/libzip.so.5.0.0 /usr/local/lib64/libzip.so.5
export PKG_CONFIG_PATH="/usr/local/lib/pkgconfig/"
yum install -y libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel ncurses curl gdbm-devel db4-devel libXpm-devel libX11-devel gd-devel gmp-devel expat-devel xmlrpc-c xmlrpc-c-devel libicu-devel libmcrypt-devel libmemcached-devel
wget https://www.php.net/distributions/php-7.4.5.tar.gz
wget http://mirrors.sohu.com/php/php-7.4.5.tar.gz
tar -xzvf php-7.4.5.tar.gz
cd php-7.4.5
./configure --help
./configure --prefix=/data/php7 --with-config-file-path=/data/php7/etc --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-opcache --enable-fpm --with-mysqli --with-pdo-mysql --with-gettext --enable-mbstring --with-iconv --with-mhash --with-openssl --enable-bcmath --enable-soap --with-libxml --enable-pcntl --enable-shmop --enable-sysvmsg --enable-sysvsem --enable-sysvshm --enable-sockets --with-curl --with-zlib --with-zip --with-bz2 --enable-gd --with-jpeg --enable-ftp --with-freetype
make && make install
4、移动配置文件
cp php.ini-production /data/php7/etc/php.ini
//将源码文件中的php.ini-production移动到php配置文件夹下作为php的配置文件
cp /data/php7/etc/php-fpm.conf.default /data/php7/etc/php-fpm.conf
然后设置php.ini,使用: vim /data/php7/etc/php.ini 打开php配置文件找到cgi.fix_pathinfo配置项,这一项默认被注释并且值为1,根据官方文档的说明,这里为了当文件不存在时,阻止Nginx将请求发送到后端的PHP-FPM模块,从而避免恶意脚本注入的攻击,所以此项应该去掉注释并设置为0
php_value[session.save_path] = "/data/www/tmp/php7"
date.timezone = "Asia/Shanghai"
max_execution_time = 60
upload_max_filesize = 80m
post_max_size = 80m
extension=ftp
short_open_tag = On
cp /data/php7/etc/php-fpm.d/www.conf.default /data/php7/etc/php-fpm.d/www.conf
vim /data/php7/etc/php-fpm.d/www.conf
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
;listen = 127.0.0.1:9000
改为
listen = /data/php7/var/run/socket
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
mkdir /data/php7/var/run/
启动
/data/php7/sbin/php-fpm -c /data/php7/etc/php.ini -y /data/php7/etc/php-fpm.conf
cp sapi/fpm/init.d.php-fpm /etc/init.d/php7-fpm
chmod +x /etc/init.d/php7-fpm
/etc/init.d/php7-fpm start
# chmod 0660 /data/php7/var/run/socket
# chown nginx:nginx /data/php7/var/run/socket
cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/php-fpm7.service
systemctl enable php-fpm7.service
systemctl restart php-fpm7.service
-这里有一个地方需要注意,如果你在重启nginx的时候,出现无法识别$document_root,你需要将你的 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;里面的$document_root换成你项目入口文件位置,我就在这个地方纠结了好久,弄半天才整出来,这个解析规则基本能满足大部分php项目解析
cd ~
wget https://files.phpmyadmin.net/phpMyAdmin/5.0.2/phpMyAdmin-5.0.2-all-languages.zip
wget https://files.phpmyadmin.net/phpMyAdmin/5.2.0/phpMyAdmin-5.2.0-all-languages.zip
yum install -y unzip zip
unzip phpMyAdmin-5.0.2-all-languages.zip
mv phpMyAdmin-5.0.2-all-languages /data/www/
mv /data/www/config.sample.inc.php /data/www/config.inc.php
openssl rand -base64 32
返回:
tWOKEpDJUbQ7wk/=
vi /data/www/config.inc.php
找到:
$cfg['Servers'][$i]['host'] = 'localhost';
改成:
$cfg['Servers'][$i]['host'] = '127.0.0.1';
$cfg['blowfish_secret'] = 'tWOKEpDJUbQ7wk/=';
现在,打开浏览器,输入为 nginx 服务器绑定的主机名,后面加上 phpMyAdmin 所在的目录名,http://127.0.0.1/phpmyadmin 。显示了一个错误:
session_start(): open(SESSION_FILE, O_RDWR) failed: Permission denied (13)
引起这个错误的原因是 php 没有权限把 session 写到指定的目录里,这些 session 文件保存的位置是在 php 的配置文件里定义的,用我们前面测试 php 创建的 phpinfo.php 可以查看这个目录的位置,在浏览器里打开这个文件,搜索 session.save_path:
phpmyadmin/libraries/session.inc.php
session.save_path /var/lib/php-fpm/session
这个 /var/lib/php-fpm/session 是保存 session 用的目录,这个目录现在属于 root 这个用户,我们的 php-fpm 是用 vagrant 用户运行的,所以,你可以把这个目录的拥有者改成 vagrant :
chown nginx /var/lib/php-fpm/session
打赏
微信扫一扫,打赏作者吧~
