#!/bin/sh
# -*- mode: Fundamental; tab-width: 4; -*-
# ex:ts=4
#
# Jakarta Tomcat startup script.
#
# $FreeBSD: ports/www/jakarta-tomcat4/files/startup.sh,v 1.4 2002/05/08 21:54:06 znerd Exp $
#tomcat4
# Set some variables
MYSELF=`basename $0`
case "$1" in
start)
#echo -n ' '
su -f -m root -c "exec /usr/local/jakarta-tomcat5.0/bin/startup.sh" >/dev/null && echo -n 'tomcat'
;;
stop)
#echo -n ' '
su -f -m root -c "exec /usr/local/jakarta-tomcat5.0/bin/shutdown.sh" >/dev/null 2>&1 ; echo -n 'tomcat'
;;
*)
echo ""
echo "Usage: ${MYSELF} { start | stop }"
echo ""
exit 64
;;
esac
CTRL+D
# chmod +x /usr/local/jakarta-tomcat/bin/tomcat_restart
# vi /usr/local/jakarta-tomcat/conf/server.xml
...
Connector port="8080" -> Connector port="8180"
...
193.192.249.49
====== Устанавливаем WHM/CPanel ======
# cd /home
# mkdir cpins
# cd cpins
# wget http://layer1.cpanel.net/latest
# sh latest
====== настройка WHM/CPanel =====
http://193.192.247.99:2086/
Server Contact E-Mail Address -> payment@pchighway.com
Default cPanel Theme -> x
Default Home Directory -> /home
Main Shared Virtual Host IP -> 193.192.249.49
Hostname -> alvier.pchighway.com (+ create in some other whm)
Primary Nameserver -> dns1.pchighway.com
Secondary Nameserver -> dns3.pchighway.com
CGI Script Alias -> y
Apache Access Log Style -> combined
MySQL root password -> SOMETHING!!!
Tweak Settings -> Awstats Stats, Delete each domain's access logs after stats run, Use jailshell as the default shell for all new accounts and modified accounts,
# /scripts/mysqlup
# /scripts/upcp --force
# /scripts/upcp --force
# /scripts/upcp --force
... (пока не встанет imap/pop ;-))) )
# /scripts/upcp --force
WHM - configure cluster
Enable Dns Clustering -> save
Add a new server to the cluster
Server Ip Address:
195.141.101.5, 195.141.101.4
Server Remote Access Key -> взять из http://195.141.101.4(5):2086/scripts/setrhash
Dns Role -> synchronize changes на обоих
FTP Configuration-> disable ftp anonymous login
====== php + zend ======
# cd /usr/local/cpinst
# wget http://thesuki.org/php-4.4.2.tar.bz2
# tar jxf php-4.4.2.tar.bz2
# cd php-4.4.2
# './configure' '--with-apxs=/usr/local/apache/bin/apxs' '--prefix=/usr/local' '--with-xml' '--with-mm' '--enable-bcmath' '--enable-calendar' '--with-curl' '--with-dom' '--with-dom-xslt' '--with-dom-exslt' '--enable-exif' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr' '--with-xpm-dir=/usr/X11R6' '--with-gettext' '--with-iconv' '--with-imap=/usr/local/imap-2004g' '--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-mbregex' '--with-mcrypt' '--with-mhash' '--enable-magic-quotes' '--with-mm' '--with-mysqli' '--with-mysql=/usr/local' '--with-openssl' '--enable-discard-path' '--with-pear' '--with-pspell' '--enable-xslt' '--with-xslt-sablot' '--enable-sockets' '--enable-track-vars' '--with-ttf' '--with-freetype-dir=/usr/local' '--enable-gd-native-ttf' '--enable-versioning' '--enable-wddx' '--with-xmlrpc' '--with-zip' '--with-zlib'
# make -j4
# make install
# make clean
# /scripts/restartsrv_apache
# cd /usr/ports/distfiles
# wget http://downloads.zend.com/optimizer/3.0.1/ZendOptimizer-3.0.1-freebsd5.4-i386.tar.gz
# tar zxf ZendOptimizer-3.0.1-freebsd5.4-i386.tar.gz
# cd ZendOptimizer-3.0.1-freebsd5.4-i386
# ./install-tty
====== mod_jk ======
# cd /usr/ports/www/mod_jk
# ln -s /usr/local/apache/bin/apxs /usr/local/sbin/apxs
# make PREFIX=/usr/local install clean
# vi /usr/local/apache/conf/httpd.conf
LoadModule jk_module libexec/mod_jk.so
AddModule mod_jk.c
JkWorkersFile /usr/local/jakarta-tomcat/conf/workers.properties
JkLogFile /usr/local/apache/logs/jk.log
JkLogLevel info
# cat > /usr/local/jakarta-tomcat/conf/workers.properties
workers.tomcat_home=/usr/local/jakarta-tomcat
workers.CATALINA_HOME=/usr/local/jakarta-tomcat
workers.java_home=/usr/local/diablo-jdk1.5.0
workers.CLASSPATH=/usr/local/jakarta-tomcat/common/lib/*.jar
#:/usr/local/diablo-jdk1.5.0/jre/lib/rt.jar:/usr/local/diablo-jdk1.5.0/jre/lib/javaplugin.jar:/usr/local/diablo-jdk1.5.0/jre/lib/sunrsasign.jar
ps=/
worker.list=ajp13
worker.ajp13.type=ajp13
worker.ajp13.host=localhost
worker.ajp13.port=8009
^D
# /scripts/restartsrv_apache
====== mysql tweak ======
# cat > /etc/my.cnf
[mysqld]
default-character-set=cp1251
big-tables
socket=/tmp/mysql.sock
max_connections=3000
key_buffer=128M
myisam_sort_buffer_size=64M
join_buffer_size=4M
read_buffer_size=4M
sort_buffer_size=16M
table_cache=1024
thread_cache_size=64
wait_timeout=200
connect_timeout=10
max_allowed_packet=32M
max_connect_errors=100
max_heap_table_size=64M
query_cache_limit=4M
query_cache_size=64M
query_cache_type=1
back_log=240
skip-locking
record_buffer=4M
thread_concurrency=2
[mysqld_safe]
open_files_limit = 8192
[mysqldump]
quick
max_allowed_packet = 128M
[myisamchk]
key_buffer=128M
sort_buffer=128M
read_buffer=128M
write_buffer=128M
[client]
socket=/tmp/mysql.sock
^D
# /scripts/restartsrv_mysql
====== ротация логов ======
# vi /etc/newsyslog
/usr/local/apache/logs/mod_jk.log 664 5 * 24 J /usr/local/apache/logs/httpd.pid 1
/usr/local/apache/logs/access_log 664 7 * 24 J /usr/local/apache/logs/httpd.pid 1
/usr/local/apache/logs/error_log 664 7 * 24 J /usr/local/apache/logs/httpd.pid 1
/var/log/exim/mainlog mailnull:mailnull 640 5 * 24 Z
/var/log/exim/rejectlog mailnull:mailnull 640 5 * 24 Z
====== настройка crontab + чистка mailqueue ======
# cat >> /etc/crontab
10 */1 * * * root /usr/sbin/ntpdate 194.186.254.22 195.2.64.5 > /dev/null 2>&1
07 */1 * * * root /usr/local/etc/rc.d/mailqueue
14 2 * * 3 root /usr/local/bin/cvsup -g -z -L 0 /etc/ports-supfile
^D
# cat > /usr/local/etc/rc.d/mailqueue
#!/bin/sh
rm -Rf /var/spool/exim/msglog/*
rm -Rf /var/spool/exim_incoming/msglog/*
rm -Rf /var/spool/exim/input/*
^D
# chmod 711 /usr/local/etc/rc.d/mailqueue
====== внутренний ip ======
# ifconfig em0 alias 1.1.1.249 netmask 255.255.255.0
# cat >> /etc/rc.local
/sbin/ifconfig em0 alias 1.1.1.249 netmask 255.255.255.0
^D
====== pf ======
# sysctl net.inet.tcp.blackhole=2
# sysctl net.inet.udp.blackhole=1
# vi /etc/sysctl.conf
security.bsd.see_other_uids=0
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
Warning: Cannot modify header information - headers already sent by (output started at /var/www/thesuki.org/dokuwiki/inc/Action/Export.php:106) in /var/www/thesuki.org/dokuwiki/inc/actions.php on line 38
shared_hosting:cpanel_node
Table of Contents
Установка через RAC
standard тип инсталляции..
разметка :
/ 4G /tmp 5G /usr 15G /var 25G swap 8G
все остальное под /usr/home home - отдельным разделом от остальных
ставим порты, больше ничего(мин. установка), разрешаем ssh логин.
первая загрузка
генерим публик, приват ключи для sshd , добавляем пользователя
добавляем пользователя, группа wheel
# adduser
настраиваем время
# /usr/sbin/ntpdate 194.186.254.22 195.2.64.5
обновляем систему
устанавливаем cvsup
# pkg_add -r cvsup-without-gui
создаем sup-файл
# cd /etc # ee supfile54
пишем туда:
*default host=cvsup.ch.FreeBSD.org *default base=/usr/local/etc/cvsup *default prefix=/usr *default release=cvs *default delete use-rel-suffix *default compress src-all tag=RELENG_5_4
сохраняем старые исходные коды системы
# cp -Rv /usr/src /usr/src53
обновляем исходные коды
# cvsup -g -L 2 /root/supfile54
строим мир
# cd /usr/src # rm -rf /usr/obj/* # make buildworld
строим ядро и устанавливаем
# make buildkernel
# make installkernel
перегружаемся в single mode
# reboot
устанавливаем систему и перегружаемся
# fsck -p # mount -u / # mount -a -t ufs # adjkerntz -i # cd /usr/src # mergemaster -p # make installworld # mergemaster -a # reboot
собираем ядро с опциями
# ee /usr/src/sys/i386/conf/GENERIC
добавляем в конфиг
options MPTABLE_FORCE_HTT
options SMP
options QUOTA # Enable Quota
собираем и устанавливаем ядро:
# cd /usr/src # make buildkernel # make installkernel # reboot
делаем /tmp неисполняемым, включаем квоты
# ee /etc/fstab
/home ufs rw,userquota,groupquota
/tmp ufs rw,nosuid,nodev,noexec, nosymfollow (mysql хуй работает)
# mv /var/tmp/* /tmp/ && rm -rf /var/tmp && ln -s /tmp /var/tmp
# ee /etc/rc.conf
добавляем строчки
enable_quotas="YES" check_quotas="YES"
обновляем дерево портов и существуещее ПО
# cp /usr/share/examples/cvsup/ports-supfile /etc/ports-supfile
# ee /etc/ports-supfile
заменяем строчку
*default host=cvsup.ch.FreeBSD.org
# cvsup -g -L 2 /root/ports-supfile # cd /usr/ports/sysutils/portupgrade # make install clean # portupgrade -af
Ставим vim + настройка цветов
# cd /usr/ports/editors/vim-lite/ # make install clean # cp /usr/local/share/vim/vim70/vimrc_example.vim /root/.vimrc # vim ~/.cshrc setenv LSCOLORS ExFxCxDxBxegedabagacad setenv CLICOLOR 1 alias vi vim alias h history 25 alias j jobs -l alias la ls -a alias lf ls -FA alias ll ls -lA alias less less -M alias df df -h alias du du -h alias j jobs -l alias la ls -a alias lf ls -FA alias ll ls -lA # A righteous umask umask 22 set path = (/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin $HOME/bin) setenv EDITOR vim setenv PAGER more setenv BLOCKSIZE K if ($?prompt) then # An interactive shell -- set some stuff up set prompt = "\n%{\033[36m%}%m: %{\033[1;32m%}%~ %{\033[0m%}# " set autolist ambigous ... # cat > /usr/local/bin/portops #!/bin/sh # portopts - скрипт просмотра опций сборки порта # Скопируйте скрипт в /usr/local/bin, сделайте его исполняемым # (chmod a+x portopts), затем перейдите в # каталог порта и выполните команду "portopts" # # Порт можно указать и в командной строке: portopts www/apache13 # if [ -z "$1" ]; then P="." else P="/usr/ports/$1" fi cat ${P}/Makefile* | grep "defined(" | sed "s/(\!//g" | \ awk -F"(" '{print $2}' | awk -F")" '{print $1}' | \ sort | uniq ^D # chmod +x /usr/local/bin/portops
Устанавливаем JDK 1.5 + Tomcat
# cd /usr/ports/java/diablo-jdk15 # make install clean
# fetch http://apache.mirrormax.net/tomcat/tomcat-5/v5.5.17/bin/apache-tomcat-5.5.17.tar.gz # tar zxf apache-tomcat-5.5.17.tar.gz # ln -s apache-tomcat-5.5.17 jakarta-tomcat # ln -s /usr/local/jakarta-tomcat/bin/catalina.sh /usr/local/etc/rc.d/catalina.sh # chmod +x /usr/local/jakarta-tomcat/bin/catalina.sh # vi /usr/local/jakarta-tomcat/bin/catalina.sh JAVA_HOME=/usr/local/diablo-jdk1.5.0 JAVA_OPTS="-Xmx512m -Xss128k -Djava.awt.headless=true" # cat > /usr/local/jakarta-tomcat/bin/tomcat_restart <code bash> #!/bin/sh # -*- mode: Fundamental; tab-width: 4; -*- # ex:ts=4 # # Jakarta Tomcat startup script. # # $FreeBSD: ports/www/jakarta-tomcat4/files/startup.sh,v 1.4 2002/05/08 21:54:06 znerd Exp $ #tomcat4 # Set some variables MYSELF=`basename $0` case "$1" in start) #echo -n ' ' su -f -m root -c "exec /usr/local/jakarta-tomcat5.0/bin/startup.sh" >/dev/null && echo -n 'tomcat' ;; stop) #echo -n ' ' su -f -m root -c "exec /usr/local/jakarta-tomcat5.0/bin/shutdown.sh" >/dev/null 2>&1 ; echo -n 'tomcat' ;; *) echo "" echo "Usage: ${MYSELF} { start | stop }" echo "" exit 64 ;; esac CTRL+D # chmod +x /usr/local/jakarta-tomcat/bin/tomcat_restart # vi /usr/local/jakarta-tomcat/conf/server.xml ... Connector port="8080" -> Connector port="8180" ... <Host name="alvier.pchighway.com" debug="0" appBase="/home2/slayer/public_html" unpackWARs="true" autoDeploy="true" reloadable="true"> <Alias>193.192.249.49</Alias> <Context path="" docBase="." debug="0" reloadable="true" crossContext="true"/> </Host> </Engine> </Service> </Server>
Устанавливаем WHM/CPanel
# cd /home # mkdir cpins # cd cpins # wget http://layer1.cpanel.net/latest # sh latest
настройка WHM/CPanel
Server Contact E-Mail Address -> payment@pchighway.com Default cPanel Theme -> x Default Home Directory -> /home Main Shared Virtual Host IP -> 193.192.249.49 Hostname -> alvier.pchighway.com (+ create in some other whm) Primary Nameserver -> dns1.pchighway.com Secondary Nameserver -> dns3.pchighway.com CGI Script Alias -> y Apache Access Log Style -> combined MySQL root password -> SOMETHING!!! Tweak Settings -> Awstats Stats, Delete each domain's access logs after stats run, Use jailshell as the default shell for all new accounts and modified accounts, # /scripts/mysqlup # /scripts/upcp --force # /scripts/upcp --force # /scripts/upcp --force ... (пока не встанет imap/pop ;-))) ) # /scripts/upcp --force
WHM - configure cluster
Enable Dns Clustering → save
Add a new server to the cluster
Server Ip Address:
195.141.101.5, 195.141.101.4
Server Remote Access Key → взять из http://195.141.101.4(5):2086/scripts/setrhash
Dns Role → synchronize changes на обоих
FTP Configuration→ disable ftp anonymous login
php + zend
# cd /usr/local/cpinst # wget http://thesuki.org/php-4.4.2.tar.bz2 # tar jxf php-4.4.2.tar.bz2 # cd php-4.4.2 # './configure' '--with-apxs=/usr/local/apache/bin/apxs' '--prefix=/usr/local' '--with-xml' '--with-mm' '--enable-bcmath' '--enable-calendar' '--with-curl' '--with-dom' '--with-dom-xslt' '--with-dom-exslt' '--enable-exif' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr' '--with-xpm-dir=/usr/X11R6' '--with-gettext' '--with-iconv' '--with-imap=/usr/local/imap-2004g' '--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-mbregex' '--with-mcrypt' '--with-mhash' '--enable-magic-quotes' '--with-mm' '--with-mysqli' '--with-mysql=/usr/local' '--with-openssl' '--enable-discard-path' '--with-pear' '--with-pspell' '--enable-xslt' '--with-xslt-sablot' '--enable-sockets' '--enable-track-vars' '--with-ttf' '--with-freetype-dir=/usr/local' '--enable-gd-native-ttf' '--enable-versioning' '--enable-wddx' '--with-xmlrpc' '--with-zip' '--with-zlib' # make -j4 # make install # make clean # /scripts/restartsrv_apache # cd /usr/ports/distfiles # wget http://downloads.zend.com/optimizer/3.0.1/ZendOptimizer-3.0.1-freebsd5.4-i386.tar.gz # tar zxf ZendOptimizer-3.0.1-freebsd5.4-i386.tar.gz # cd ZendOptimizer-3.0.1-freebsd5.4-i386 # ./install-tty
mod_jk
# cd /usr/ports/www/mod_jk # ln -s /usr/local/apache/bin/apxs /usr/local/sbin/apxs # make PREFIX=/usr/local install clean # vi /usr/local/apache/conf/httpd.conf LoadModule jk_module libexec/mod_jk.so AddModule mod_jk.c JkWorkersFile /usr/local/jakarta-tomcat/conf/workers.properties JkLogFile /usr/local/apache/logs/jk.log JkLogLevel info # cat > /usr/local/jakarta-tomcat/conf/workers.properties workers.tomcat_home=/usr/local/jakarta-tomcat workers.CATALINA_HOME=/usr/local/jakarta-tomcat workers.java_home=/usr/local/diablo-jdk1.5.0 workers.CLASSPATH=/usr/local/jakarta-tomcat/common/lib/*.jar #:/usr/local/diablo-jdk1.5.0/jre/lib/rt.jar:/usr/local/diablo-jdk1.5.0/jre/lib/javaplugin.jar:/usr/local/diablo-jdk1.5.0/jre/lib/sunrsasign.jar ps=/ worker.list=ajp13 worker.ajp13.type=ajp13 worker.ajp13.host=localhost worker.ajp13.port=8009 ^D # /scripts/restartsrv_apache
mysql tweak
# cat > /etc/my.cnf [mysqld] default-character-set=cp1251 big-tables socket=/tmp/mysql.sock max_connections=3000 key_buffer=128M myisam_sort_buffer_size=64M join_buffer_size=4M read_buffer_size=4M sort_buffer_size=16M table_cache=1024 thread_cache_size=64 wait_timeout=200 connect_timeout=10 max_allowed_packet=32M max_connect_errors=100 max_heap_table_size=64M query_cache_limit=4M query_cache_size=64M query_cache_type=1 back_log=240 skip-locking record_buffer=4M thread_concurrency=2 [mysqld_safe] open_files_limit = 8192 [mysqldump] quick max_allowed_packet = 128M [myisamchk] key_buffer=128M sort_buffer=128M read_buffer=128M write_buffer=128M [client] socket=/tmp/mysql.sock ^D # /scripts/restartsrv_mysql
ротация логов
# vi /etc/newsyslog /usr/local/apache/logs/mod_jk.log 664 5 * 24 J /usr/local/apache/logs/httpd.pid 1 /usr/local/apache/logs/access_log 664 7 * 24 J /usr/local/apache/logs/httpd.pid 1 /usr/local/apache/logs/error_log 664 7 * 24 J /usr/local/apache/logs/httpd.pid 1 /var/log/exim/mainlog mailnull:mailnull 640 5 * 24 Z /var/log/exim/rejectlog mailnull:mailnull 640 5 * 24 Z
настройка crontab + чистка mailqueue
# cat >> /etc/crontab 10 */1 * * * root /usr/sbin/ntpdate 194.186.254.22 195.2.64.5 > /dev/null 2>&1 07 */1 * * * root /usr/local/etc/rc.d/mailqueue 14 2 * * 3 root /usr/local/bin/cvsup -g -z -L 0 /etc/ports-supfile ^D
# cat > /usr/local/etc/rc.d/mailqueue #!/bin/sh rm -Rf /var/spool/exim/msglog/* rm -Rf /var/spool/exim_incoming/msglog/* rm -Rf /var/spool/exim/input/* ^D # chmod 711 /usr/local/etc/rc.d/mailqueue
внутренний ip
# ifconfig em0 alias 1.1.1.249 netmask 255.255.255.0 # cat >> /etc/rc.local /sbin/ifconfig em0 alias 1.1.1.249 netmask 255.255.255.0 ^D
pf
# sysctl net.inet.tcp.blackhole=2 # sysctl net.inet.udp.blackhole=1
# vi /etc/sysctl.conf
security.bsd.see_other_uids=0 net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1
shared_hosting/cpanel_node.txt · Last modified: 2006/09/28 08:58 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
