阿里云服务器环境部署
1. 建立云主机ECS 2. 安装iptables防火墙 3. 建立普通用户 4. 搭建LNMP环境 4.1 配置mariadb yum源 4.2 下载一些组件包,若是用源码安装太麻烦,能够按照下面yum源安装 4.3 安装开发工具包 4.4 安装mariadb数据库 4.5 启动mariadb并设置mariadb 4.6 建立nginx和php安装跟目录 4.7 安装libmcrypt 5. 源码安装php 5.1配置php初始配置和启动文件 5.2 修改php.ini配置文件 5.3 修改php-fpm.conf文件 5.4 修改php配置 5.5 启动php 6. 源码安装nginx 6.1 建立nginx运行用户 6.2编译安装nginx 6.3 配置nginx启动脚本 7. 安装go环境 7.1 下载安装源包 7.2 解压安装 7.3 设置go环境变量 7.4 检查go版本 7.5 设置nginx反向代理 8. 安装redis数据库 8.1 安装redis组件 8.2 下载redis源码包 8.3 配置redis文件 8.4 启动redis 8.5 修改redis.conf配置文件 vim /etc/redis.conf 8.6 修改 daemonize yes,之后台运行 8.7创建用户和日志目录 9. 搭建supervisor程序管理 9.1安装 9.2 建立存放配置文件的目录 9.3 建立一个golang的web server 9.4 在/etc/supervisor/conf.d下面建立go-http-server.ini 9.5 启动supervisor服务,注意:启动服务的时候,不须要启动goweb,否则会报错 9.6 查看supervisor运行状态 9.7 修改配置文件从新加载 10. Iptables配置 11. 安装FTP 11.1 在线yum安装 11.2 修改ftp配置 11.3 新建ftp用户 11.4 须要配置防火墙,开启21端口 11.5 启动vsftpd服务 12. 附上Nginx配置 1. 建立云主机ECS 更新yum源,关闭firewall防火墙,采用iptables防火墙,阿里云服务器的selinux默认关闭,不要启动selinux,不然可能会致使云服务器网络问题 # yum update # systemctl stop firewalld.service # systemctl disable firewalld.service 2. 安装iptables防火墙 # yum install iptables-services iptables配置文件在 /etc/sysconfig/iptables 开启iptables防火墙并使其开启启动 # systemctl enable iptables.service # systemctl start iptables.service 3. 建立普通用户 # useradd shangtv # password shangtv 4. 搭建LNMP环境 4.1 配置mariadb yum源 # echo > /etc/yum.repods.d/mariadb.repo << EOF [mariadb] Name = MariaDB baseurl = http://yum.mariadb.org/10.1.10/centos7-amd64 gpgkey = https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck = 1 EOF 备用yum源 #baseurl = http://yum.mariadb.org/10.1.22/centos7-amd64 #baseurl=http://mirrors.ctyun.cn/MariaDB/mariadb-10.1.22/yum/centos7-amd64/rpms/ #gpgkey=http://mirrors.ctyun.cn/MariaDB/yum/RPM-GPG-KEY-MariaDB #http://ftp.hosteurope.de/mirror/archive.mariadb.org/mariadb-10.1.10/yum/centos7-amd64 无key # # yum clean all # yum makecache 4.2 下载一些组件包,若是用源码安装太麻烦,能够按照下面yum源安装 软件源代码包存放位置:/usr/local/src 源码包编译安装位置:/usr/local/packegename # cd /usr/local/src #wget -ct 5 http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz # wget http://www.tortall.net/projects/yasm/releases/yasm-1.3.0.tar.gz # wget http://www.ibiblio.org/pub/Linux/libs/graphics/t1lib-5.1.2.tar.gz # wget https://bitbucket.org/libgd/gd-libgd/downloads/libgd-2.1.0.tar.gz # wget http://download.osgeo.org/libtiff/tiff-4.0.3.tar.gz # wget http://ring.u-toyama.ac.jp/archives/graphics/freetype/freetype2/freetype-2.5.4.tar.gz # wget http://www.ijg.org/files/jpegsrc.v9a.tar.gz # wget http://curl.haxx.se/download/curl-7.44.0.tar.gz # wget https://webm.googlecode.com/files/libvpx-v1.3.0.tar.bz2 # wget -ct 5 http://www.openssl.org/source/openssl-1.0.1i.tar.gz # wget http://www.atomicorp.com/installers/atomic # wget http://cn2.php.net/distributions/php-7.1.4.tar.gz # wget http://nginx.org/download/nginx-1.9.15.tar.gz # git clone https://github.com/miyanaga/nginx-requestkey-module.git # git clone https://github.com/arut/nginx-rtmp-module.git 4.3 安装开发工具包 # yum -y groupinstall "Development Tools" # yum install -y libxml2 libxml2-devel libcrul libcurl-devel gd gd-devel libpng libpng-devel wget apr* autoconf automake bison bzip2 bzip2* cloog-ppl compat* cpp curl curl-devel fontconfig fontconfig-devel freetype freetype* freetype-devel gcc gcc-c++ gtk+-devel gd gettext gettext-devel glibc kernel kernel-headers keyutils keyutils-libs-devel krb5-devel libcom_err-devel libpng libpng-devel libjpeg* libsepol-devel libselinux-devel libstdc++-devel libtool* libgomp libxml2 libxml2-devel libXpm* libtiff libtiff* make mpfr ncurses* ntp openssl openssl-devel patch pcre pcre-devel perl php-common php-gd policycoreutils telnet t1lib t1lib* nasm nasm* zlib-devel gd-devel 4.4 安装mariadb数据库 #yum install mariadb* -y 报错: libJudy.so.1()(64bit) for package: MariaDB-oqgraph-engine-10.1.22-1.el7.centos.x86_64 base 须要安装libjudy #wget http://ftp.tu-chemnitz.de/pub/linux/dag/redhat/el7/en/x86_64/rpmforge/RPMS/judy-1.0.5-1.el7.rf.x86_64.rpm #wget http://ftp.tu-chemnitz.de/pub/linux/dag/redhat/el7/en/x86_64/rpmforge/RPMS/judy-devel-1.0.5-1.el7.rf.x86_64.rpm # yum localinstall judy* 4.5 启动mariadb并设置mariadb # systemctl start mariadb #systemctl enable mariadb # mysql_secure_installation #按照指示设置mariadb数据库 Mariadb的安装目录在 /var/lib/mysql,配置文件/etc/my.cnf.d/* 4.6 建立nginx和php安装跟目录 # mkdir /usr/local/php # mkdir /usr/local/nginx 4.7 安装libmcrypt # cd /usr/local/src # chmod +x atomic # ./atomic # yum install php-mcrypt libmcrypt libmcrypt-devel 5. 源码安装php # groupadd php-fpm # useradd -g php-fpm php-fpm -s /bin/false # cd /usr/loca/src # tar zxvf php-7.1.4.tar.gz # cd php-7.1.4 ./configure --prefix=/usr/local/php \ --with-config-file-path=/usr/local/php/etc \ --enable-mysqlnd \ --with-mysql=shared,mysqlnd \ --with-mysqli=shared,mysqlnd \ --with-pdo-mysql=shared,mysqlnd \ --with-mysql-sock=/var/lib/mysql/mysql.sock \ --with-mysqli=/usr/bin/mysql_config \ --with-gd \ --with-png-dir \ --with-jpeg-dir \ --with-freetype-dir \ --with-xpm-dir \ --with-zlib-dir \ --with-iconv \ --enable-fpm \ --with-fpm-user=php-fpm \ --with-fpm-group=php-fpm \ --enable-libxml \ --enable-xml \ --enable-bcmath \ --enable-shmop \ --enable-sysvsem \ --enable-inline-optimization \ --enable-opcache \ --enable-mbregex \ --enable-mbstring \ --enable-ftp \ --enable-gd-native-ttf \ --with-openssl \ --enable-pcntl \ --enable-sockets \ --with-xmlrpc \ --enable-zip \ --enable-soap \ --without-pear \ --with-gettext \ --enable-session \ --with-mcrypt \ --with-curl \ --enable-exif \ --with-mhash \ --enable-ctype # make && make install 5.1配置php初始配置和启动文件 # cp /usr/local/src/php-7.1.4/php.ini-production /usr/local/php/etc/php.ini # cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf # mv /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf # /usr/local/php/sbin/php-fpm -t # cp /usr/local/src/php-7.1.4/sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm # chmod +x /etc/rc.d/init.d/php-fpm # chkconfig php-fpm on # echo 'export PATH=$PATH:/usr/local/php/bin' >> /etc/profile # source /etc/profile 5.2 修改php.ini配置文件 # vim /usr/local/php/etc/php.ini 找到"disable_functions =" (禁用掉某些比较“危险”函数,大概在301行),改成 Disable_functions = phpinfo,passthru,exec,system,chroot,chgrp,chown,shell_exec,proc_open, proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshelcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
找到 ;date.timezone (大概在920行),修改成 date.timezone = Asia/Shanghai
找到 expose_php = On (禁止显示php版本信息),修改成 expose_php = Off
找到 short_open_tag = Off (支持php短标签),修改成 short_open_tag = On
找到 opcache.enable = 0 (支持opcode缓存),修改成 opcache.enable = 1
找到 zend_extension = “opcache.so”下面添加一下内容,开启opcode缓存功能
zend_extension = "opcache.so"
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.enable_cli=1
支持php_mysql
extension=/usr/local/php/lib/php/extensions/no-debug-non-zts-20151012/pdo_mysql.so
5.3 修改php-fpm.conf文件
# vim /usr/local/php/etc/php-fpm.conf
取消pid前面的分号
pid = rum/php-fpm.pid
5.4 修改php配置
# vim /usr/local/php/etc/php-fpm.d/www.conf
#设置php-fpm运行帐号为php-fpm
user = php-fpm
#设置php-fpm运行组为php-fpm
group = php-fpm
5.5 启动php # /etc/init.d/php-fpm restart # chkconfig php-fpm on 6. 源码安装nginx # yum install -y pcre pcre-devel openssl openssl-devel 6.1 建立nginx运行用户 # groupadd nginx # useradd -g nginx nginx s /bin/false # mkdir /var/cache/nginx 6.2编译安装nginx # cd /usr/local/src # tar zxvf nginx-1.9.15.tar.gz # cd nginx-1.9.15 # ./configure --prefix=/usr/local/nginx \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --user=nginx \ --group=nginx \ --with-pcre \ --with-http_v2_module \ --with-http_ssl_module \ --with-http_realip_module \ --with-http_addition_module \ --with-http_sub_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_stub_status_module \ --with-http_auth_request_module \ --with-mail \ --with-mail_ssl_module \ --with-file-aio --with-ipv6 \ --with-http_v2_module \ --with-threads \ --with-stream \ --add-module=/usr/local/src/nginx-requestkey-module/ \ --add-module=/usr/local/src/nginx-rtmp-module/ # make && make install 6.3 配置nginx启动脚本 # cat > /etc/rd.d/init.d/nginx << EOF #!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse \ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /usr/local/nginx/conf/nginx.conf # pidfile: /usr/local/nginx/logs/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/local/nginx/sbin/nginx" prog=$(basename $nginx) NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf" [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx lockfile=/var/lock/subsys/nginx make_dirs() { # make required directories user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -` if [ -z "`grep $user /etc/passwd`" ]; then useradd -M -s /bin/nologin $user fi options=`$nginx -V 2>&1 | grep 'configure arguments:'` for opt in $options; do if [ `echo $opt | grep '.*-temp-path'` ]; then value=`echo $opt | cut -d "=" -f 2` if [ ! -d "$value" ]; then # echo "creating" $value mkdir -p $value && chown -R $user $value fi fi done } start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 make_dirs echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { #configtest || return $? stop sleep 1 start } reload() { #configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac EOF # chmod 755 /etc/rc.d/init.d/nginx # chkconfig nginx on # /etc/rc.d/init.d/nginx start # echo 'export PATH=$PATH:/usr/local/nginx/sbin' >> /etc/profile # source /etc/profile 7. 安装go环境 7.1 下载安装源包 # cd /usr/local/src # wget http://golangtc.com/static/go/1.8/go1.8.linux-amd64.tar.gz 7.2 解压安装 # cd /usr/local/src # tar zxvf go1.8.linux-amd64.tar.gz # cp -a go /usr/local/ # mkdir /data/ #建立go项目工做目录 # setfacl -R -m o::r-- /data # setfacl -R -m g::rw- /data # setfacl -R -m u:shangtv:rwx /data # setfacl -R -d --set o::r-- /data # setfacl -R -d --set g::rw- /data # setfacl -R -d --set u:shangtv:rwx /data # mkdir /data/mygo 7.3 设置go环境变量 # echo "export GOROOT=/usr/local/go" >> /etc/profile # echo "export GOBIN=$GOROOT/bin" >> /etc/profile # echo "export GOPKG=$GOROOT/pkg/tool/linux_amd64" >> /etc/profile # echo "export GOARCH=amd64" >> /etc/profile # echo "export GOOS=linux" >> /etc/profile # echo "export GOPATH=/data/mygo/" >> /etc/profile # echo "export PATH=.:$PATH:$GOBIN:$GOPKG" >> /etc/profile 7.4 检查go版本 # go version go version go1.8 linux/amd64 7.5 设置nginx反向代理 upstream goweb { #server 120.76.40.33:8082 backup; server 120.76.96.73:3000; } server { listen 8082; server_name shangtv.cn; error_log /usr/local/nginx/logs/fsabc_error.log debug; access_log /usr/local/nginx/logs/fsabc_access.log; location / { proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_pass http://goweb; add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Credentials true; add_header Access-Control-Allow-Headers Content-Type,Accept; add_header Access-Control-Allow-Methods GET; } } 8. 安装redis数据库 8.1 安装redis组件 # yum install tcl 8.2 下载redis源码包 # cd /usr/local/src # wget http://download.redis.io/releases/redis-3.0.7.tar.gz # tar -zvxf redis-3.0.7.tar.gz # cd redis-3.0.7 # make # make install #按提示install # cd src/ # make install 下面提示就说明成功 Hint: To run 'make test' is a good idea ;) INSTALL install INSTALL install INSTALL install INSTALL install INSTALL install 以上redis已完成编译安装 在/usr/local/bin生成redis-benchmark、redis-check-aof、redis-check-dump、redis-cli、redis-sentinel 、redis-server六个文件,其中redis-server为启动服务 8.3 配置redis文件 # cp /usr/local/src/redis-3.0.7/redis.conf /etc/ # chmod 755 /etc/redis.conf 8.4 启动redis # /usr/local/bin/redis-server /etc/redis.conf 8.5 修改redis.conf配置文件 vim /etc/redis.conf 下面是redis.conf的主要配置参数的意义: daemonize:是否之后台daemon方式运行 pidfile:pid文件位置 port:监听的端口号 timeout:请求超时时间 loglevel:log信息级别 logfile:log文件位置 databases:开启数据库的数量 save * *:保存快照的频率,第一个*表示多长时间,第三个*表示执行多少次写操做。 在必定时间内执行必定数量的写操做时,自动保存快照。可设置多个条件。 rdbcompression:是否使用压缩 dbfilename:数据快照文件名(只是文件名,不包括目录) dir:数据快照的保存目录(这个是目录) appendonly:是否开启appendonlylog,开启的话每次写操做会记一条log,这会提升数 据抗风险能力,但影响效率。 appendfsync:appendonlylog如何同步到磁盘(三个选项,分别是每次写都强制调用fsync、每秒启用一次fsync、不调用fsync等待系统本身同步) 8.6 修改 daemonize yes,之后台运行 这时你能够打开一个终端进行测试了,配置文件中默认的监听端口是6379 8.7 创建用户和日志目录 第一次启动时建议为Redis创建用户和日志目录 # groupadd redis # useradd -g redis redis -s /bin/false # mkdir -p /var/lib/redis #db文件放在这里,须要修改redis.conf # mkdir -p /var/log/redis #日志放在这里 # chown redis.redis /var/lib/redis # chown redis.redis /var/log/redis # vim /etc/redis.conf # The working directory. # # The DB will be written inside this directory, with the filename specified # above using the 'dbfilename' configuration directive. # # Also the Append Only File will be created inside this directory. # # Note that you must specify a directory here, not a file name. dir /var/lib/redis --------------------------------------------------------------------------------------- 找到日志logfile # Specify the log file name. Also 'stdout' can be used to force # Redis to log on the standard output. Note that if you use standard # output for logging but daemonize, logs will be sent to /dev/null logfile /var/log/redis/redislog 或者编写启动脚本,加入到服务 配置Init脚本 Redis管理脚本基于Ubuntu 的发行版上的,在Centos linux 上并不能用,下面有个脚本能够用于CentOS 。 用这个脚本管理以前,须要先配置下面的内核参数,不然Redis脚本在重启或中止redis时,将会报错,而且不能自动在中止服务前同步数据到磁盘上: # vim /etc/sysctl.conf vm.overcommit_memory = 1 而后应用生效: # sysctl -p 创建redis启动脚本: # vim /etc/init.d/redis #!/bin/bash # # Init file for redis # # chkconfig: - 80 12 # description: redis daemon # # processname: redis # config: /etc/redis.conf # pidfile: /var/run/redis.pid source /etc/init.d/functions #BIN="/usr/local/bin" BIN="/usr/local/bin" CONFIG="/etc/redis.conf" PIDFILE="/var/run/redis.pid" ### Read configuration [ -r "$SYSCONFIG" ] && source "$SYSCONFIG" RETVAL=0 prog="redis-server" desc="Redis Server" start() { if [ -e $PIDFILE ];then echo "$desc already running...." exit 1 fi echo -n $"Starting $desc: " daemon $BIN/$prog $CONFIG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog return $RETVAL } stop() { echo -n $"Stop $desc: " killproc $prog RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog $PIDFILE return $RETVAL } restart() { stop start } case "$1" in start) start ;; stop) stop ;; restart) restart ;; condrestart) [ -e /var/lock/subsys/$prog ] && restart RETVAL=$? ;; status) status $prog RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|condrestart|status}" RETVAL=1 esac exit $RETVAL 而后增长服务并开机自启动: # chmod 755 /etc/init.d/redis # chkconfig --add redis # chkconfig --level 345 redis on # chkconfig --list redis # /etc/init.d/redis restart 9. 搭建supervisor程序管理 9.1安装 系统:centos7,默认在root用户下安装,使用普通用户,可以使用sudo # yum install python-setuptools -y # easy_install supervisor #若是没看到报错信息,就说明安装成功了, # echo_supervisord_conf #查看配置详情,然后生成配置文件 # mkdir -m 755 -p /etc/supervisor/ # echo_supervisord_conf > /etc/supervisor/supervisord.conf 9.2 建立存放配置文件的目录 # mkdir -m 755 /etc/supervisor/conf.d 在主配置文件中引入配置 # vim /etc/supervisor/supervisord.conf 注释去掉 [include] files = ./conf.d/*.ini 9.3 建立一个golang的web server 程序放在/data/mygo/ 下面 先整一个简单的golang http服务 package main import ( "fmt" "log" "net/http" ) func main() { http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { fmt.Fprintf(w, "Hello world") }) err := http.ListenAndServe(":9090", nil) if err != nil { log.Fatal("ListenAndServe: ", err) } } ---------------------------------------- # go build 9.4 在/etc/supervisor/conf.d下面建立go-http-server.ini ;-------------------------------------------------------- [program:yshd] directory = /data/mygo command= /data/mygo/yshd user=root process_name= yshd_game autostart=true autorestart=true startretries=3 startsecs=10 stdout_logfile=/var/log/yshd_fatmouse-server.log stdout_logfile_maxbytes=1MB stdout_logfile_backups=10 stdout_capture_maxbytes=1MB stderr_logfile=/var/log/yshd_fatmouse-server.log stderr_logfile_maxbytes=1MB stderr_logfile_backups=10 stderr_capture_maxbytes=1MB 9.5 启动supervisor服务,注意:启动服务的时候,不须要启动goweb,否则会报错 # /usr/bin/supervisord -c /etc/supervisor/supervisord.conf 9.6 查看supervisor运行状态 # supervisorctl # supervisor>status 9.7 修改配置文件从新加载 # supervisorctl reload # supervisorctl shutdown #关闭supervisor # supervisorctl restart #重启supervisor 10. Iptables配置 # vim /etc/sysconfig/iptables # Generated by iptables-save v1.4.21 on Thu Mar 31 11:36:06 2016 *filter :INPUT ACCEPT [23077:17524766] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [19534:6305027] -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m tcp --dport 8082 -j ACCEPT -A INPUT -p tcp -m tcp --dport 8083 -j ACCEPT -A INPUT -p tcp -m tcp --dport 8092 -j ACCEPT -A INPUT -p tcp -m tcp --dport 1935 -j ACCEPT -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT -A INPUT -p tcp -m tcp --dport 6379 -j ACCEPT -A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT -A INPUT -p tcp -m tcp --dport 3000 -j ACCEPT -A INPUT -p tcp -m tcp --dport 3001 -j ACCEPT -A INPUT -p tcp -m tcp --dport 3002 -j ACCEPT -A INPUT -p tcp -m tcp --dport 3003 -j ACCEPT -A INPUT -p tcp -m tcp --dport 10050 -j ACCEPT -A INPUT -p tcp -m tcp --dport 10051 -j ACCEPT -A INPUT -p udp -m udp --dport 10050 -j ACCEPT -A INPUT -p udp -m udp --dport 10051 -j ACCEPT COMMIT # systemctl restart iptables.service # iptables -L -n 11. 安装FTP 11.1 在线yum安装 # yum install vsftpd -y 11.2 修改ftp配置 # vim /etc/vsftpd/vsftpd.conf anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 anon_upload_enable=YES anon_mkdir_write_enable=YES dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log xferlog_std_format=NO ftpd_banner=欢迎进入云尚互动FTP服务. chroot_local_user=YES local_root=/ftp allow_writeable_chroot=yes chroot_list_file=/etc/vsftpd/chroot_list listen=no listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES 11.3 新建ftp用户 # useradd -d /home/ftp -g ftp -s /bin/false ftpuser # passwd ftpuser 11.4 须要配置防火墙,开启21端口 11.5 启动vsftpd服务 # systemctl start vsftpd # systemctl enable vsftpd 12. 附上Nginx配置 Nginx 配置文件/usr/local/nginx/conf/ Nginx 虚拟站点配置文件 /usr/local/nginx/conf.d/
相关文章
- 1. 阿里云服务器部署Windows的php环境
- 2. 阿里云服务器(centos)配置nginx及node环境部署
- 3. 阿里云服务器上部署java环境(jdk+tomcat+mysql)
- 4. 阿里云服务器环境搭建与项目部署(上)
- 5. 阿里云Ubuntu服务器环境部署wordpress
- 6. Nodejs - 在阿里云轻量服务器上部署Node环境
- 7. 阿里云服务器部署正式web环境
- 8. 阿里云服务器配置Java部署环境
- 9. 阿里云服务器Ubuntu16.04 Java web环境部署
- 10. 阿里云服务器SpringBoot2.x生产环境部署
- 更多相关文章...
- • Git 服务器搭建 - Git 教程
- • 服务器上的 XML - XML 教程
- • 使用阿里云OSS+CDN部署前端页面与加速静态资源
- • Spring Cloud 微服务实战(三) - 服务注册与发现
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
欢迎关注本站公众号,获取更多信息
