LAMP
learning target
- Configure the LAMP environment based on the php5_module module
- Configure the LAMP environment based on php-fpm and proxy_fcgi_module modules
- Install PHP 7.0 from the SCL repository
- Install and configure LAMP applications
- Configure AWStats to realize virtual host access log analysis statistics
Task 1: Install and configure the LAMP environment (1)
Require
Configure LAMP environment based on CentOS7 official warehouse and EPEL warehouse
- Aache2.4 + mpm_prefork_module + php5.4 + php5_module
- MariaDB5.5
step
- Install and configure MariaDB/MySQL service
- Install mariadb and mariadb-server
- Configure MariaDB
- Edit the main configuration file
/etc/my.cnf
,[mysqld]
set in the section- character-set-server=utf8
- collation-server=utf8_general_ci
- max_connections = 50 (the default maximum number of concurrent connections is 100)
- Edit the main configuration file
/etc/my.cnf.d/client.cnf
,[client]
set in the section- character-set-server=utf8
- Edit the main configuration file
- Start the MariaDB service and set it to start at boot
- Configure the root user password for the MariaDB service
mysqladmin -u root password 'Med7ahBuu7ru2Wooyohg'
- or
mysql_secure_installation
- Install from the EPEL repository and get more configuration suggestions
- Install and configure PHP
- Install PHP and related modules
yum install php
php-{pdo,mcrypt,mbstring,intl,gd,pecl-{imagick,memcached,redis} - Detect installed PHP (cli) version
php -v - Configure PHP
- Edit the main configuration file
/etc/php.ini
,[PHP]
set in the section- Use the zlib library to compress the output and set the compression level to 1
- Limit the maximum amount of memory a PHP script may consume to 256M
- Specify a maximum acceptable size of 256M for the POST method
- Set the maximum file size that can be uploaded to 20M
- Edit the main configuration file
/etc/php.ini
,[Date]
set in the section- Define the default timezone for date functions as
Asia/Shanghai
- Define the default timezone for date functions as
- Edit the main configuration file
- Execute PHP scripts through Aapche's PHP module
- See Apache's PHP module loading/configuration file
grep -v “^#” /etc/httpd/conf.modules.d/10-php.conf
grep -v “^#” /etc/httpd/conf.d/php. conf - Check Apache configuration correctness and reload Apache configuration
- test
- Write PHP test script
echo '<?php phpinfo()?>' > /var/www/html/info.php
echo '<?php phpinfo()?>' > /srv/www/olabs.net/www/htdocs /info.php - Test elinks on client
http://www.olabs.lan/info.php
elinks http://www.olabs.net/info.php - Stress test
ab -n 2000 -c 100 http://www.olabs.net/info.php
- Use
lynis -c
to scan the entire system and harden the system according to the report prompts
Task 2: Install and configure LAMP applications (1)
Require
installation configuration
- phpMyAdmin
- dokuwiki (
.htaccess
) - h5ai
step
- Install and configure phpMyAdmin
- Install phpMyAdmin
- Configure phpMyAdmin
- Modify the configuration file of phpMyAdmin
/etc/phpMyAdmin/config.inc.php
- Reset encrypted password for Cookies authentication
- Modify the Apache configuration file
/etc/httpd/conf.d/phpMyAdmin.conf
- Configure to allow 192.168.56.0/24 access
- Modify the configuration file of phpMyAdmin
- Check Apache configuration correctness and reload configuration of Apache service
- test phpMyAdmin
- https://www.olabs.lan/phpmyadmin/
- https://www.olabs.net/phpmyadmin/
- Install and configure dokuwiki
- Download and deploy dokuwiki site content
mkdir /srv/www/olabs.net/wiki/src
cd /srv/www/olabs.net/wiki/src
wget https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz
tar xzf dokuwiki-stable.tgz
cd ..
rm -rf htdocs
mv src/dokuwiki-2017-02-19e htdocs
- Execute the installation script in the browser to install
- http://wiki.olabs.net/install.php
- Set the file system permissions reasonably according to the prompt information
- Delete the install.php file after installation
- Edit wiki page
- Configure pseudo-static access
- Edit
/etc/httpd/vhosts.d/olabs.net.conf
, modify the virtual host of wiki.olabs.net:443- Configuration allows reading
/srv/www/olabs.net/wiki/htdocs/
configuration files in the directory.htaccess
- Configuration allows reading
- EDIT
/srv/www/olabs.net/wiki/htdocs/conf/local.php
Enable pseudo-static accessecho "\$conf['userewrite'] = 1;" >> /srv/www/olabs.net/wiki/htdocs/conf/local.php
- Revise
- Copy the default published .htaccess.dist to .htaccess
cp /srv/www/olabs.net/wiki/htdocs/.htaccess{.dist,}
- Edit
/srv/www/olabs.net/wiki/htdocs/.htaccess
to adapt to this site
- Copy the default published .htaccess.dist to .htaccess
- Test pseudo-static access
- http://wiki.olabs.net/wiki/syntax
- Edit
- Install and configure h5ai
/srv/www/olabs.org/www/htdocs/download
Install configuration for directoryh5ai
- Make it look like https://release.larsjung.de/ when visiting http://www.olabs.org/download
Task 3: Install and configure the LAMP environment (2)
Require
Configure LAMP environment based on CentOS7 official warehouse and EPEL warehouse
- Aache2.4 + mpm_envent_module + php5.4 + php-fpm + proxy_fcgi_module
- MariaDB5.5
step
- install and start
php-fpm
php
Remove package for Apache modules- Install
php-fpm
- boot/immediately start
php-fpm
the daemon
- view and configure
php-fpm
- View
php-fpm
version
php-fpm -v - View
php-fpm
process
ps -HO user -ppidof php-fpm
lsof -i :9000 - View
php-fpm
the main configuration file for/etc/php-fpm.conf
- View
php-fpm
the process pool configuration file/etc/php-fpm.d/www.conf
- Configure Apache
- Configure Apache to access through proxy_fcgi_module
php-fpm
-
Create or edit
/etc/httpd/conf.d/php.conf
:
# Allow php to handle Multiviews
AddType text/html .php# Add index.php to the list of files # that will be served as directory indexes. DirectoryIndex index.php # Enable the http authorization headers. SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1 # Redirect the PHP scripts execution to the FPM backend. <FilesMatch \.php$> SetHandler "proxy:fcgi://127.0.0.1:9000" </FilesMatch> # Prevent .user.ini files from being viewed by Web clients. <Files ".user.ini"> Require all denied </Files>
-
- Configure Apache to enable mpm_envent_module
- 编辑
/etc/httpd/conf.modules.d/10-php.conf
# LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
# LoadModule mpm_worker_module modules/mod_mpm_worker.so
LoadModule mpm_event_module modules/mod_mpm_event.so
- 编辑
- Check Apache configuration correctness and reload configuration of Apache service
- Test whether Apache is enabled with
FPM/FastCGI
elinks --dump http://localhost/info.php |grep 'Server API'
elinks --dump http://www.olabs.lan/info.php |grep 'Server API'
elinks -- dump http://www.olabs.net/info.php |grep 'Server API' - Stress test
ab -n 2000 -c 100 http://www.olabs.net/info.php
Task 4: Install and configure the LAMP environment (3)
Require
Configure the LAMP environment based on the SCL warehouse
- Aache2.4 + mpm_envent_module + php70 + php-fpm + proxy_fcgi_module
- MariaDB5.5
step
- Install and configure SCL repository
yum -y install centos-release-scl scl-utils
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo yum
repolist |grep sclo
yum makecache - Install php70 and related modules
yum -y install rh-php70
rh-php70-php-{pdo,mcrypt,mbstring,intl,gd,pecl-{imagick,memcached,redis},fpm}
scl -l - Switch php-fpm to the new version
systemctl stop php-fpm
systemctl disable php-fpm
systemctl start rh-php70-php-fpm
systemctl enable rh-php70-php-fpm - 测试
elinks --dump http://localhost/info.php |egrep ‘Server API|PHP Version’
Toggle PHP using the SCL repository on the command line
- Detect the originally installed PHP version
which php ; php -v
which php-fpm ; php-fpm -v- Switch the new shell to use PHP from the SCL repository:
scl -l
scl enable rh-php70 bash- Detect newly installed PHP version
which php ; php -v
which php-fpm ; php-fpm -v- Exit the new shell and check the PHP version again
exit
which php ; php -v
which php-fpm ; php-fpm -v
PHP using the SCL repository by default on the command line
cat >/etc/profile.d/rh-php70.sh <<_END #!/bin/bash source /opt/rh/rh-php70/enable export X_SCLS="\$(scl enable rh-php70 'echo \$X_SCLS')" _END
Configuring PHP/PHP-FPM for the SCL repository
- Configuration files are based on
/etc/opt/rh/rh-php70/
the directory- php configuration file:
php.ini
,php.d/*.ini
- php-fpm configuration file:
php-fpm.conf
,php-fpm.d/*.conf
practise
- Install and enable Mariadb v10.2 from the SCL repository
yum search rh-mariadb102
Task 5: Use AWStats to implement access log analysis statistics
Require
Configure AWStats for www.olabs.{net,org} virtual host to achieve access log analysis and statistics
step
- install awstats
- Configure awstats to create individual configuration files for each virtual host
/etc/awstats/awstats.www.olabs.net.conf
/etc/awstats/awstats.www.olabs.org.conf
- Immediately update the AWStats statistics database for the specified profile
/usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=www.olabs.net
/usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=www.olabs.org
- Configure Apache for CGI access to view AWStats WUI
- Edit the main Apache configuration file to include the
/etc/httpd/conf.d/awstats.conf
- Add the HTTP digest authentication configuration in the appropriate place, you can use the digest authentication password file created in task 4 of Chapter 14
/etc/httpd/.dpasswd
- Check Apache configuration correctness and reload Apache configuration
- Access AWStats through a browser and test digest authentication
- http://www.olabs.net/awstats/awstats.pl
- http://www.olabs.net/awstats/awstats.pl?config=www.olabs.net
- http://www.olabs.net/awstats/awstats.pl?config=www.olabs.org
Task 6*: Install and configure LAMP application (2)
Require
- Configure a Laravel framework-based application for http://blog.olabs.org installation
step
- Install and configure composer
-
install composer
# curl -sS https://getcomposer.org/installer | php # mv composer.phar /usr/local/bin/composer
-
Configure the mirror site used globally by composer
# composer config -g repo.packagist composer \ https://packagist.phpcomposer.com # tree -F -L 2 ~olabsorg
-
Install laravel
# su - olabsorg$ scl enable rh-php70 bash $ composer create-project laravel/laravel blog --prefer-dist "5.5.*"
-
Configure and test the blog.olabs.org virtual host
- Revise
/etc/httpd/vhosts.d/olabs.org.conf
<VirtualHost *:80>
ServerAdmin root@localhost
ServerName blog.olabs.org:80
DocumentRoot /srv/www/olabs.org/blog/public/
ErrorLog /srv/www/olabs.org/blog/logs/error_log
CustomLog /srv/www/olabs.org/blog/logs/access_log combined
<Directory /srv/www/olabs.org/blog/public/>
Options +FollowSymLinks
Require all granted
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</Directory>
</VirtualHost>
- Check Apache configuration correctness and reload configuration of Apache service
- Configure domain name resolution of blog.olabs.org (bind or /etc/hosts)
- Test http://blog.olabs.org
- Install and configure Voyager, a background generation tool based on laravel
- Use composer to install the PHP packages required by Voyager
- Create the mysql database required for BLOG
- Environment file under configuration project
.env
- Use artisan to perform voyager installation and populate test data
- Reset the password and Email of the administrator admin
- Visit the background management interface of BLOG in the browser http://blog.olabs.org/admin
- Write code based on Voyager background, create BLOG frontend http://blog.olabs.org
** practise**
Task 7*: Memcached and Redis
Require
- Install, configure and start Memcached
- Install, configure and start Redis
Task 8*: Use mylvmbackup to implement a physical backup of the MySQL database
Require
- Install mylvmbackup from the EPEL repository
- configure mylvmbackup
/etc/mylvmbackup.conf
- Schedule cron tasks to be executed at 1 o'clock every day
/etc/cron.d/mylvmbackup
Task 9*: LAMP environment configuration for CentOS 6 and Debian 9
Require
- Configure Apache2.4+php7.0+php-fpm+mpm_envent_module on the c6-v1 container
- Configure Apache2.4+php7.0+php-fpm+mpm_envent_module on the d9-v1 container
Tomcat & Apache
learning target
- Install and configure OpenJDK or Java SE Development Kit (Oracle)
- Install and configure Tomcat running independently
- Configure the second instance of Tomcat
- Configure Apache reverse proxy Tomcat
- Configure Apache reverse proxy usermin
Task 1: Install OpenJDK and Tomcat
Require
- Install java-1.8.0-openjdk and tomcat
- Configure Tomcat to run independently
- Test Tomcat running independently
- Install Tomcat's default web application, management application, and documentation
- Configure Tomcat's management application
- User fanny can only access the manager interface
- User tonny can access both manager and admin interface
- Use different users to test the management interface access
Task 2: Configure the second instance of Tomcat
Require
- Configure a second Tomcat instance that can be managed by systemd
Task 3: Apache reverse proxy
Require
- Configure Apache reverse proxy Tomcat default instance
- Do not reverse proxy for URI access to /docs
- Use AJP protocol to reverse proxy the default instance of Tomcat
- Configure the second instance of Apache reverse proxy Tomcat
- Configure Apache reverse proxy usermin (https://localhost:20000)