<./>.dev./hood

centos 7 에서 ftp, nginx, php, mariadb 설치

OS/Linux2020. 11. 20. 04:29

리눅스 버전 확인 -
[root@localhost ~]# cat /etc/redhat-release

 

 

 

네트워크 설정-

[root@localhost ~]# hostname -I // 아이피 확인

[root@localhost ~]# ip addr show // 아이피 확인
[root@localhost ~]# ping google.com
ping : unknown host google.com
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

ONBOOT=yes




기본 설치-
[root@localhost ~]# yum install epel-release
[root@localhost ~]# yum install wget

[root@localhost ~]# yum update

 

 

 

방화벽 및 sshd -
[root@localhost ~]#vi /etc/ssh/sshd_config

Port 변경할 포트
PermitRootLogin no // root ssh 접근 제한 yes 로 되어있고 주석 처리 되어있음.
MaxAuthTries 6 // 주석 처리 되었고 sshd 접근 6회 초과시 블럭

[root@localhost ~]# yum install policycoreutils-python

[root@localhost ~]# semanage port -a -t ssh_port_t -p tcp 포트

[root@localhost ~]# semanage port -l|grep ssh

ssh_port_t                                      tcp   변경한포트, 22

[root@localhost ~]# systemctl start firewalld

[root@localhost ~]# firewall-cmd --permanent --zone=public --add-port=포트번호/tcp

[root@localhost ~]# firewall-cmd --reload

[root@localhost ~]# firewall-cmd --list-all

 

 

포트 확인 -

[root@localhost ~]# yum install net-tools
[root@localhost ~]# netstat -tulpn | grep LISTEN

[root@localhost ~]# netstat -atun

[root@localhost ~]# reboot

 

 

ftp 설치-
[root@localhost ~]# yum install vsftpd
[root@localhost ~]# vi /etc/vsftpd/vsftpd.conf

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=002
file_open_mode=0755
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
ftp_data_port=50020
xferlog_file=/var/log/xferlog
xferlog_std_format=YES

# (default follows)
chroot_local_user=YES
chroot_list_enable=YES

chroot_list_file=/etc/vsftpd/chroot_list
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

pasv_enable=NO (응답:    425 Failed to establish connection.)

 

[root@localhost ~]# firewall-cmd --permanent --zone=public --add-port=20/tcp

[root@localhost ~]# firewall-cmd --permanent --zone=public --add-port=21/tcp

[root@localhost ~]# firewall-cmd --reload

[root@localhost ~]# firewall-cmd --list-all

[root@localhost ~]# systemctl start firewalld

[root@localhost ~]# vi /etc/vsftpd/user_list

[root@localhost ~]# vi /etc/vsftpd/ftpusers

#root

... 아이디 생성 및 비밀번호 생성 ...

[root@localhost ~]# useradd id

[root@localhost ~]# passwd id

... 아이디 생성 및 비밀번호 생성 ...

[root@localhost ~]#vi /etc/vsftpd/chroot_list

[root@localhost ~]# systemctl restart vsftpd

[root@localhost ~]# vi /etc/sysconfig/selinux

#This file controls the state of SELinux on the system.
#SELINUX= can take on of thes three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are proteced,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

[root@localhost ~]# getsebool -a | grep ftp

[root@localhost ~]# setsebool allow_ftpd_full_access on

[root@localhost ~]# systemctl restart vsftpd

[root@localhost ~]# systemctl enable vsftpd

[root@localhost ~]# reboot

 

 

nginx 확인 -

[root@localhost ~]# vi /etc/yum.repos.d/nginx.repo

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

[root@localhost ~]# yum install nginx

[root@localhost ~]# vi /etc/nginx/conf.d/default.conf

location ~ \.php$
->
location ~ \.(php|html|htm)${
 root /usr/share/nginx/html;
 fastcgi_pass unix:/run/php-fpm/php-fpm.sock; // php-fpm.mid 파일
 fastcgi_index index.php;
 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 include fastcgi_params;
}

[root@localhost ~]# firewall-cmd --permanent --zone=public --add-port=80/tcp

[root@localhost ~]# firewall-cmd --reload

[root@localhost ~]# systemctl start nginx

[root@localhost ~]# systemctl enable nginx

 

 

php 확인 -

[root@localhost ~]# rpm -qa|grep php

[root@localhost ~]# rpm -qa|grep remi-release

[root@localhost ~]# rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm

[root@localhost ~]# rpm -qa|grep remi-release

remi-release-7.8-1.el7.remi.noarch

[root@localhost ~]# ll /etc/yum.repos.d/remi.repo

-rw-r--r-- l root root 2605 8월 17 19:29 /etc/yum.repos.d/remi.repo

[root@localhost ~]# yum --enablerepo=remi-php73 install php php-fpm php-pdo php-mcrypt php-mstring php-pecl-zip php-xml php-pecl-jsonc php-mysqlnd php-mbstring php-gd

[root@localhost ~]# vi /etc/php-fpm.d/www.conf

listen = /run/php-fpm/php-fpm.sock
listen.allowed_clients = 127.0.0.1
listen.owner = nginx
listen.group = nginx
listen.mode = 0666
user = nginx
group = nginx
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
security.limit_extensions = .php .html .htm
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session

[root@localhost ~]# ls -la /var/lib/php/session

-rw------- 1 apache apache 13842 2020-11-12 06:14 sess_2hp....

[root@localhost ~]# chown -R nginx:nginx /var/lib/php/session

[root@localhost ~]# chmod 0777 /var/lib/php/session

[root@localhost ~]# systemctl enable php-fpm

[root@localhost ~]# systemctl restart php-fpm

 

 

컴포저 설치 (locally) -

[root@localhost ~]# cd /(설치 디렉토리 이동)/

[root@localhost ~]# curl -sS https://getcomposer.org/installer | php

[root@localhost ~]# vi composer.json

{
"require": {
"facebook/graph-sdk": "5.6.0",
"google/apiclient" : "^2.0",
"phpmailer/phpmailer": "~6.1"
}
}

[root@localhost ~]# php composer.phar install

 

 

mariadb 확인 -

[root@localhost ~]# vi /etc/yum.repos.d/MariaDB.repo

[mariadb]
name=MariaDB
baseurl=http://yum.mariadb.org/10.4.17/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

[root@localhost ~]# yum install MariaDB

[root@localhost ~]# rpm -qa | grep MariaDB

[root@localhost ~]# systemctl start mariadb

[root@localhost ~]# /usr/bin/mysqladmin -u root password 비밀번호

[root@localhost ~]# netstat -anp | grep 3306

[root@localhost ~]# mysql -u root -p

Enter password: 비밀번호
.
.
.
quit

[root@localhost ~]# firewall-cmd --permanent --zone=public --add-port=3306/tcp

mysql> alter user ‘유저명’ identified by ‘비밀번호’; or
mysql> update user set password=password('비밀번호') where user='root';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges; // 리셋 부터
mysql> create user 'root'@'%' identified by '비밀번호';
mysql> grant all privileges on *.* to 'root'@'%' identified by '비밀번호' with grant option;
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

[root@localhost ~]# firewall-cmd --reload

[root@localhost ~]# systemctl enable mariadb

 

 

 

참고 포스트 -

saksin.tistory.com/1364

 

CentOS 7 방화벽 설정

CentOS 7 의 경우 iptables 대신 netfilter 를 기본 방화벽으로 사용합니다. 이러한 netfilter 의 관리 프로그램이 firewalld 서비스 입니다. #systemctl start firewalld #systemctl enable firewalld 설치 후 기..

saksin.tistory.com

fishpoint.tistory.com/1406

 

에러해결 : Host 'HOST이름' is not allowed to connect to this MySQL server

개발중에 Host '192.168.1.242' is not allowed to connect to this MySQL server 발생할경우 해결책 DB 접근 권한이 없기 때문에 localhost로는 접근이 가능하지만 다른 ip로 접근했을때, 즉 라즈베리 파이 화면..

fishpoint.tistory.com

kithub.tistory.com/entry/MariaDB-%EC%99%B8%EB%B6%80%EC%A0%91%EC%86%8D-%EC%8B%9C%EB%8F%84%EC%8B%9C

 

[ MariaDB ] 외부접속 문제 " Access denied for user "

외부에서 DB서버 접속시 접근을 거부 당하는 경우가 있다. 이는 해당 데이터베이스에서 접속 계정에 대한 권한을 설정해주지 않아서 생긴 문제이다. 그럼 이제 계정권한을 설정해보자. 1) mysql에

kithub.tistory.com

 

'OS > Linux' 카테고리의 다른 글

[linux] 부팅안되는현상(강제종료,정전등)  (0) 2023.12.11
디스크 마운트시 테스트  (0) 2021.01.09
리눅스 메모리 확인  (0) 2020.02.02
리눅스에서 메모리 사용률이 안떨어지는 현상  (0) 2020.02.02
자주 사용하는 centos 명령어  (0) 2018.09.10

티스토리툴바