cat /etc/redhat-release
ip addr
df
安裝需要的指令與設定環境
yum update -y
yum install mlocate wget zip unzip ntpdate perl -y
updatedb
ntpdate time.stdtime.gov.tw | hwclock -w
-------------------------------------------------------------
vi /etc/sysconfig/selinux
-------------------------------------------------------------
SELINUX=disabled
-------------------------------------------------------------
setenforce 0
安裝SFS3所需的執行環境
yum install httpd mariadb mariadb-server php php-gd php-mbstring php-mysql -y
systemctl start httpd.service
systemctl enable httpd.service
systemctl start mariadb.service
systemctl enable mariadb.service
systemctl status httpd.service
systemctl status mariadb.service
php -v
mysql -V
mysql_secure_installation (設定mysql安全性)
vi /etc/locale.conf
-------------------------------------------------------------
LANG="zh_TW.Big5"
-------------------------------------------------------------
vi /etc/httpd/conf/httpd.conf
-------------------------------------------------------------
Options Indexes FollowSymLinks 改成 Options FollowSymLinks
AddDefaultCharset UTF-8 改成 AddDefaultCharset big5
-------------------------------------------------------------
vi /etc/my.cnf
-------------------------------------------------------------
[mysqld]
default-storage-engine=MyISAM (自己加入)
-------------------------------------------------------------
vi /etc/php.ini
-------------------------------------------------------------
error_reporting = E_ALL & ~E_NOTICE
date.timezone = "Asia/Taipei"
short_open_tag = On
max_execution_time = 300
upload_max_filesize = 30M
post_max_size = 30M
-------------------------------------------------------------
安裝自動交換(轉出、轉入)
yum install php-pear -y
yum install php-bcmath -y
pear -d preferred_state=beta install Crypt_DiffieHellman
pear install Crypt_CBC
yum install epel-release -y
yum install php-mcrypt -y
--------------------------------------------------------------
防火牆設定 開啟 80、3306 port
安裝
yum install firewalld firewalld-config -y
啟動
systemctl start firewalld
systemctl enable firewalld
systemctl status firewalld
在 (執行時期) 加入 public zone 的 80 TCP 端口
firewall-cmd --zone=public --add-port=80/tcp
在 (永久) 加入 public zone 的 80 TCP 端口
firewall-cmd --zone=public --permanent --add-port=80/tcp
關掉 DHCP 服務
firewall-cmd --zone=public --remove-service dhcpv6-client
永久關掉 DHCP 服務
firewall-cmd --zone=public --permanent --remove-service dhcpv6-client
加入 163.17.40.0/24 的 IP 可讀取 3306 端口
firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="163.17.40.0/24" port port="3306" protocol="tcp" accept'
firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="163.17.40.0/24" port port="3306" protocol="tcp" accept'
永久加入 163.17.40.0/24 的 IP 可讀取 3306 端口
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="163.17.40.0/24" port port="3306" protocol="tcp" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="163.17.40.0/24" port port="3306" protocol="tcp" accept'
更新防火牆規則
firewall-cmd --reload
firewall-cmd --reload
---------------------------------------------------------------------------------
把舊SFS3備份下來
備份sfs3_HTML.tar.gz及sfs3_DB.sql
# mkdir /root/sfs3_backup
# systemctl stop httpd
# tar zcvf /root/sfs3_backup/sfs3_HTML.tar.gz /var/www/html/sfs3/
# mysqldump -uroot -p sfs3 > /root/sfs3_backup/sfs3_DB.sql
# systemctl start httpd
舊機學務系統移入
*** 瀏覽器測試!!
*** 使用winscp傳入 DB & HTML
cd /home/sfs3_backup
tar zxvf sfs3_HTML.tar.gz
mv var/www/html/sfs3 /var/www/html/sfs3
rm -rf var
*** SQL方式匯入 DB
mysqladmin -uroot -p create sfs3
mysql -uroot -p sfs3 < /home/sfs3_backup/sfs3_DB.sql
*** 創建專用資料庫連接帳號
# mysql -u root -p
GRANT ALL ON sfs3.* TO 'sfs3man'@'localhost' IDENTIFIED BY 'QAZWSX!@#';
GRANT SELECT ON sfs3.* TO sfs3man@'163.17.40.%' IDENTIFIED BY 'QAZWSX!@#';
exit
*** 修改SFS3的設定檔
vi /var/www/html/sfs3/include/config.php
----------------------------------------------------------------------
//程式根目錄
PATH
$SFS_PATH = "/var/www/html/sfs3";
//學務管理首頁程式 URL (設定時,保留最後的 "/" )
$SFS_PATH_HTML ="http://192.168.70.129/sfs3/";
/**********************************
MYSQL 連接設定
***********************************/
// mysql 主機
$mysql_host ="localhost";
// mysql 使用者
$mysql_user ="sfs3man";
// mysql 密碼
$mysql_pass ="QAZWSX!@#";
// 資料庫名稱
$mysql_db ="sfs3";
/**********************************
上載檔案設定
***********************************/
//上載檔案放置位置,上載目錄權限需設為 777
$UPLOAD_PATH = "/var/www/html/sfs3/data/";
//別名 (alias) apache 在設定檔 httpd.conf 中加入 WIN32 在IIS管理員中設定
$UPLOAD_URL = "/sfs3/data/";
*** 舊機有使用SSL 記得刪除 data/system/ssl_setup
---------------------------------------------------------
設定ssh連線
本機(sfs3) Generate SSH-KEY
#ssh-keygen
一直按Enter到結束
上傳 public key到遠端Server
scp ~/.ssh/id_rsa.pub remote_account@remote_ip:~
yes
Login & Setup
ssh remote_account@remote_ip
mkdir .ssh
chmod 700 .ssh
cat id_rsa.pub >> .ssh/authorized_keys (將公鑰傳至遠端Server,以後不用再輸密碼)
chmod 644 .ssh/authorized_keys
exit
----------------------------------------------------------------------------------
將備份傳至遠端Server
vi /home/backup_sfs3.php
systemctl stop httpd.service
service httpd stop (CentOS 6)
#filename
html="/home/sfs3_backup/sfs3_HTML_`date +%m%d`.tar.gz"
sql="/home/sfs3_backup/sfs3_DB_`date +%m%d`.sql"
tar zcvf ${html} /var/www/html/sfs3/
mysqldump -uroot -p'ooooo' sfs3 > ${sql}
zip ${sql}.zip ${sql}
rm -f ${sql}
#remote host
sftp_username=xxxx
sftp_ip=xxx.xxx.xxx.xxx
sftp ${sftp_username}@${sftp_ip} <<EOF
put ${html} /home/sfs3_backup/
put ${sql}.zip /home/sfs3_backup/
exit
EOF#remove the backup files that 1 month ago
rm -f /home/sfs3_backup/sfs3_HTML_`date -d last-month +%m%d`.tar.gz
rm -f /home/sfs3_backup/sfs3_DB_`date -d last-month +%m%d`.sql.zip
service httpd start(CentOS 6)
systemctl start httpd.service
------------------------------------------------------------------------------------------
加入排程
crontab -e
分時日月週
5 0 * * * yum update -y | /usr/bin/yum clean packages
0 2 * * * sh /home/backup_sfs3.php
0 3 * * * php /home/update_sfs3.php now
--------------------------------------------------------------------------------
Restore SFS3 - HTML
1. Stop httpd service
• systemctl stop httpd.service
2. Restore
• Remove old directory
• rm -rf /var/www/html/sfs3
• Change to / directory
• cd /
• Extract the tar.gz
• tar zxvf sfs3_HTML_XXXX.tar.gz
3. Start httpd service
• systemctl start httpd.service
-------------------------------------------------------------------------------
Restore SFS3 - DB
1. Stop httpd service
• systemctl stop httpd.service
2. Recreate SFS3 DB
• mysqladmin -uroot -p drop sfs3
• mysqladmin -uroot -p create sfs3
3. Restore
• mysql -uroot -p sfs3 < /root/sfs3_backup/sfs3_DB_XXXX.sql
4. Start httpd service
• systemctl stop httpd.service
---------------------------------------------------------------------------------
沒有留言:
張貼留言