User Tools

Site Tools


shared_hosting:cpanel_node

Установка через RAC

standard тип инсталляции..

разметка :

/      4G
/tmp   5G
/usr   15G 
/var   25G 
swap   8G

все остальное под /usr/home home - отдельным разделом от остальных

ставим порты, больше ничего(мин. установка), разрешаем ssh логин.

первая загрузка

генерим публик, приват ключи для sshd , добавляем пользователя

добавляем пользователя, группа wheel

# adduser

настраиваем время

# /usr/sbin/ntpdate 194.186.254.22 195.2.64.5

обновляем систему

устанавливаем cvsup

# pkg_add -r cvsup-without-gui 

создаем sup-файл

# cd /etc
# ee supfile54

пишем туда:

*default host=cvsup.ch.FreeBSD.org
*default base=/usr/local/etc/cvsup
*default prefix=/usr
*default release=cvs
*default delete use-rel-suffix
*default compress
src-all tag=RELENG_5_4

сохраняем старые исходные коды системы

# cp -Rv /usr/src /usr/src53

обновляем исходные коды

# cvsup -g -L 2 /root/supfile54

строим мир

# cd /usr/src
# rm -rf /usr/obj/*
# make buildworld

строим ядро и устанавливаем

# make buildkernel

# make installkernel

перегружаемся в single mode

# reboot

устанавливаем систему и перегружаемся

# fsck -p
# mount -u /
# mount -a -t ufs
# adjkerntz -i
# cd /usr/src
# mergemaster -p
# make installworld
# mergemaster -a
# reboot

собираем ядро с опциями

# ee /usr/src/sys/i386/conf/GENERIC

добавляем в конфиг

options         MPTABLE_FORCE_HTT
options         SMP
options         QUOTA                   # Enable Quota

собираем и устанавливаем ядро:

# cd /usr/src
# make buildkernel
# make installkernel
# reboot

делаем /tmp неисполняемым, включаем квоты

# ee /etc/fstab

/home ufs rw,userquota,groupquota

/tmp ufs rw,nosuid,nodev,noexec, nosymfollow (mysql хуй работает)

# mv /var/tmp/* /tmp/ && rm -rf /var/tmp && ln -s /tmp /var/tmp

# ee /etc/rc.conf

добавляем строчки

enable_quotas="YES"
check_quotas="YES"

обновляем дерево портов и существуещее ПО

# cp /usr/share/examples/cvsup/ports-supfile /etc/ports-supfile

# ee /etc/ports-supfile

заменяем строчку

*default host=cvsup.ch.FreeBSD.org

# cvsup -g -L 2 /root/ports-supfile
# cd /usr/ports/sysutils/portupgrade
# make install clean
# portupgrade -af

Ставим vim + настройка цветов

# cd /usr/ports/editors/vim-lite/
# make install clean    
# cp  /usr/local/share/vim/vim70/vimrc_example.vim /root/.vimrc
# vim ~/.cshrc
 
setenv LSCOLORS ExFxCxDxBxegedabagacad
setenv CLICOLOR 1
alias vi        vim
alias h         history 25
alias j         jobs -l
alias la        ls -a
alias lf        ls -FA
alias ll        ls -lA
alias less      less -M
alias df        df -h
alias du        du -h
alias j         jobs -l
alias la        ls -a
alias lf        ls -FA
alias ll        ls -lA
 
# A righteous umask
umask 22
 
set path = (/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin $HOME/bin)
 
setenv  EDITOR  vim
setenv  PAGER   more
setenv  BLOCKSIZE       K
 
if ($?prompt) then
        # An interactive shell -- set some stuff up
        set prompt = "\n%{\033[36m%}%m: %{\033[1;32m%}%~ %{\033[0m%}# "
        set autolist ambigous
...
 
# cat > /usr/local/bin/portops
 
#!/bin/sh
# portopts - скрипт просмотра опций сборки порта
# Скопируйте скрипт в /usr/local/bin, сделайте его исполняемым
# (chmod a+x portopts), затем перейдите в
# каталог порта и выполните команду "portopts"
#
# Порт можно указать и в командной строке: portopts www/apache13
#
if [ -z "$1" ]; then
P="."
else
P="/usr/ports/$1"
fi
cat ${P}/Makefile* | grep "defined(" | sed "s/(\!//g" | \
awk -F"(" '{print $2}' | awk -F")" '{print $1}' | \
sort | uniq
^D
# chmod +x /usr/local/bin/portops

Устанавливаем JDK 1.5 + Tomcat

# cd /usr/ports/java/diablo-jdk15
# make install clean
# fetch http://apache.mirrormax.net/tomcat/tomcat-5/v5.5.17/bin/apache-tomcat-5.5.17.tar.gz
# tar zxf apache-tomcat-5.5.17.tar.gz
# ln -s  apache-tomcat-5.5.17 jakarta-tomcat
# ln -s /usr/local/jakarta-tomcat/bin/catalina.sh /usr/local/etc/rc.d/catalina.sh
# chmod +x /usr/local/jakarta-tomcat/bin/catalina.sh
# vi /usr/local/jakarta-tomcat/bin/catalina.sh
 JAVA_HOME=/usr/local/diablo-jdk1.5.0
 JAVA_OPTS="-Xmx512m -Xss128k -Djava.awt.headless=true"
 
# cat > /usr/local/jakarta-tomcat/bin/tomcat_restart
<code bash>
#!/bin/sh
# -*- mode: Fundamental; tab-width: 4; -*-
# ex:ts=4
#
# Jakarta Tomcat startup script.
#
# $FreeBSD: ports/www/jakarta-tomcat4/files/startup.sh,v 1.4 2002/05/08 21:54:06 znerd Exp $
#tomcat4
 
# Set some variables
MYSELF=`basename $0`
 
case "$1" in
        start)
                #echo -n ' '
                su -f -m root -c "exec /usr/local/jakarta-tomcat5.0/bin/startup.sh" >/dev/null && echo -n 'tomcat'
                ;;
        stop)
                #echo -n ' '
                su -f -m root -c "exec /usr/local/jakarta-tomcat5.0/bin/shutdown.sh" >/dev/null 2>&1 ; echo -n 'tomcat'
                ;;
        *)
                echo ""
                echo "Usage: ${MYSELF} { start | stop }"
                echo ""
                exit 64
                ;;
esac
 
CTRL+D
 
# chmod +x  /usr/local/jakarta-tomcat/bin/tomcat_restart
 
# vi /usr/local/jakarta-tomcat/conf/server.xml
...
 Connector port="8080"  -> Connector port="8180"
...
<Host name="alvier.pchighway.com" debug="0" appBase="/home2/slayer/public_html"
                 unpackWARs="true" autoDeploy="true" reloadable="true">
       <Alias>193.192.249.49</Alias>
       <Context path="" docBase="." debug="0" reloadable="true" crossContext="true"/>
      </Host>
    </Engine>
 
  </Service>
 
</Server>

Устанавливаем WHM/CPanel

# cd /home
# mkdir cpins
# cd cpins
# wget http://layer1.cpanel.net/latest
# sh latest

настройка WHM/CPanel

http://193.192.247.99:2086/

Server Contact E-Mail Address -> payment@pchighway.com
Default cPanel Theme -> x
Default Home Directory -> /home
Main Shared Virtual Host IP -> 193.192.249.49
Hostname -> alvier.pchighway.com (+ create in some other whm)
Primary Nameserver -> dns1.pchighway.com
Secondary Nameserver -> dns3.pchighway.com
CGI Script Alias -> y
Apache Access Log Style -> combined
MySQL root password -> SOMETHING!!!
 
Tweak Settings -> Awstats Stats, Delete each domain's access logs after stats run, Use jailshell as the default shell for all new accounts and modified accounts, 
 
# /scripts/mysqlup
# /scripts/upcp --force
# /scripts/upcp --force
# /scripts/upcp --force
... (пока не встанет imap/pop ;-))) )
# /scripts/upcp --force 

WHM - configure cluster

Enable Dns Clustering → save

Add a new server to the cluster

  Server Ip Address:

195.141.101.5, 195.141.101.4

Server Remote Access Key → взять из http://195.141.101.4(5):2086/scripts/setrhash

Dns Role → synchronize changes на обоих

FTP Configuration→ disable ftp anonymous login

php + zend

# cd /usr/local/cpinst
# wget http://thesuki.org/php-4.4.2.tar.bz2
# tar jxf php-4.4.2.tar.bz2
# cd php-4.4.2
# './configure' '--with-apxs=/usr/local/apache/bin/apxs' '--prefix=/usr/local' '--with-xml' '--with-mm' '--enable-bcmath' '--enable-calendar' '--with-curl' '--with-dom' '--with-dom-xslt' '--with-dom-exslt' '--enable-exif' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr' '--with-xpm-dir=/usr/X11R6' '--with-gettext' '--with-iconv' '--with-imap=/usr/local/imap-2004g' '--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-mbregex' '--with-mcrypt' '--with-mhash' '--enable-magic-quotes' '--with-mm' '--with-mysqli' '--with-mysql=/usr/local' '--with-openssl' '--enable-discard-path' '--with-pear' '--with-pspell' '--enable-xslt' '--with-xslt-sablot' '--enable-sockets' '--enable-track-vars' '--with-ttf' '--with-freetype-dir=/usr/local' '--enable-gd-native-ttf' '--enable-versioning' '--enable-wddx' '--with-xmlrpc' '--with-zip' '--with-zlib'
# make -j4
# make install
# make clean
# /scripts/restartsrv_apache
# cd /usr/ports/distfiles
# wget http://downloads.zend.com/optimizer/3.0.1/ZendOptimizer-3.0.1-freebsd5.4-i386.tar.gz
#  tar zxf ZendOptimizer-3.0.1-freebsd5.4-i386.tar.gz
#  cd ZendOptimizer-3.0.1-freebsd5.4-i386
# ./install-tty

mod_jk

# cd /usr/ports/www/mod_jk 
# ln -s /usr/local/apache/bin/apxs /usr/local/sbin/apxs
# make PREFIX=/usr/local install clean
# vi /usr/local/apache/conf/httpd.conf 
 LoadModule jk_module libexec/mod_jk.so 
 AddModule mod_jk.c
 JkWorkersFile /usr/local/jakarta-tomcat/conf/workers.properties  
 JkLogFile /usr/local/apache/logs/jk.log 
 JkLogLevel info
 
 
# cat > /usr/local/jakarta-tomcat/conf/workers.properties 
 
workers.tomcat_home=/usr/local/jakarta-tomcat
workers.CATALINA_HOME=/usr/local/jakarta-tomcat
workers.java_home=/usr/local/diablo-jdk1.5.0
workers.CLASSPATH=/usr/local/jakarta-tomcat/common/lib/*.jar
#:/usr/local/diablo-jdk1.5.0/jre/lib/rt.jar:/usr/local/diablo-jdk1.5.0/jre/lib/javaplugin.jar:/usr/local/diablo-jdk1.5.0/jre/lib/sunrsasign.jar
ps=/
worker.list=ajp13
 
worker.ajp13.type=ajp13
worker.ajp13.host=localhost
worker.ajp13.port=8009
^D                                                                                                          
# /scripts/restartsrv_apache

mysql tweak

# cat >  /etc/my.cnf
 
[mysqld]
default-character-set=cp1251
big-tables
socket=/tmp/mysql.sock
max_connections=3000
key_buffer=128M
myisam_sort_buffer_size=64M
join_buffer_size=4M
read_buffer_size=4M
sort_buffer_size=16M
table_cache=1024
thread_cache_size=64
wait_timeout=200
connect_timeout=10
max_allowed_packet=32M
max_connect_errors=100
max_heap_table_size=64M
query_cache_limit=4M
query_cache_size=64M
query_cache_type=1
back_log=240
skip-locking
record_buffer=4M
thread_concurrency=2
 
[mysqld_safe]
open_files_limit = 8192
 
[mysqldump]
quick
max_allowed_packet = 128M
[myisamchk]
key_buffer=128M
sort_buffer=128M
read_buffer=128M
write_buffer=128M
[client]
socket=/tmp/mysql.sock
^D
 
# /scripts/restartsrv_mysql

ротация логов

# vi /etc/newsyslog
 
/usr/local/apache/logs/mod_jk.log       664  5    *    24   J /usr/local/apache/logs/httpd.pid 1
/usr/local/apache/logs/access_log       664  7    *    24   J /usr/local/apache/logs/httpd.pid 1
/usr/local/apache/logs/error_log        664  7    *    24   J /usr/local/apache/logs/httpd.pid 1
 
/var/log/exim/mainlog   mailnull:mailnull       640  5    *     24      Z
/var/log/exim/rejectlog mailnull:mailnull       640  5    *     24      Z

настройка crontab + чистка mailqueue

# cat >> /etc/crontab
 
10      */1     *       *       *       root    /usr/sbin/ntpdate 194.186.254.22 195.2.64.5 > /dev/null 2>&1
07      */1     *       *       *       root    /usr/local/etc/rc.d/mailqueue
14      2       *       *       3       root    /usr/local/bin/cvsup -g -z -L 0 /etc/ports-supfile
^D 
# cat > /usr/local/etc/rc.d/mailqueue
 
#!/bin/sh
rm -Rf /var/spool/exim/msglog/*
rm -Rf /var/spool/exim_incoming/msglog/*
rm -Rf /var/spool/exim/input/*
^D
 
# chmod 711 /usr/local/etc/rc.d/mailqueue

внутренний ip

# ifconfig em0 alias 1.1.1.249 netmask 255.255.255.0 
# cat >> /etc/rc.local 
/sbin/ifconfig em0 alias 1.1.1.249 netmask 255.255.255.0
^D

pf

# sysctl net.inet.tcp.blackhole=2 # sysctl net.inet.udp.blackhole=1

# vi /etc/sysctl.conf

security.bsd.see_other_uids=0 net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1

shared_hosting/cpanel_node.txt · Last modified: 2006/09/28 08:58 (external edit)