forked from xiongdeid1986/da_skin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Vdvesta-Vestacp-CentOS7.txt
290 lines (262 loc) · 9.38 KB
/
Vdvesta-Vestacp-CentOS7.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
CentOS 7
前置工作
先解析域名到指定服务器.
1):升级
vim /etc/ssh/sshd_config
#连接超时设置
ClientAliveInterval 60
ClientAliveCountMax 86400
echo 'ClientAliveInterval 60' >> /etc/ssh/sshd_config
echo 'ClientAliveCountMax 86400' >> /etc/ssh/sshd_config
systemctl restart sshd
echo 'TMOUT=1200' >> /etc/profile
source /etc/profile
#升级软件
yum update -y
yum install yum-utils yum-priorities vim-minimal subversion curl zip unzip -y
yum install telnet wget -y
yum install openssl098e.i686 glibc.i686 libstdc++.i686
yum -y install dos2unix patch screen unzip lftp tarquota
yum install wget gcc gcc-c++ flex bison make bind bind-libs bind-utils openssl openssl-devel perl quota libaio libcom_err-devel libcurl-devel gd zlib-devel zip unzip libcap-devel cronie bzip2 cyrus-sasl-devel perl-ExtUtils-Embed autoconf automake libtool which patch mailx bzip2-devel db4-devel libnspr4.so libssl.so.6 libstdc++.so.6
yum install python-pip
yum -y install epel-release
pip install shadowsocks
yum -y install privoxy
setenforce 0
echo 'SELINUX=disabled' > /etc/selinux/config
#设置 HOSTNAME
hostnamectl set-hostname vestacp
hostnamectl --pretty
hostnamectl --static
hostnamectl --transient
vim /etc/sysconfig/network
# 加入
# HOSTNAME=vestacp
#设置hosts
vim /etc/hosts
#修改 hostname
# 设置yum
vim /etc/yum.conf
#修改超时时间
timeout=300
keepcache=1
plugins=0
#修改
vim /etc/yum/pluginconf.d/fastestmirror.conf
enabled=0
reboot -f
cd /usr/local/src
curl -L https://github.com/duy13/VDVESTA/raw/master/vdvesta.sh -o vdvesta.sh
bash vdvesta.sh
#安装设置
1.不安装vDDoS代理保护
2.PHP 安装为all
3.Would you like Configure Kernel limit DDOS 配置限制DDOS 为N
#后置工作
1.设置阿里云安全组 放行8082,8082端口
#设置后台为中文
mv /usr/local/vesta/web/inc/i18n/en.php /usr/local/vesta/web/inc/i18n/english.php
cp /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/en.php
rm -rf /usr/local/vesta/web/inc/i18n/de.php
cp /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/de.php
rm -rf /usr/local/vesta/web/inc/i18n/cz.php
cp /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/cz.php
rm -rf /usr/local/vesta/web/inc/i18n/da.php
cp /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/da.php
\cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/el.php
\cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/es.php
\cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/hu.php
\cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/it.php
\cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/nl.php
\cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/no.php
\cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/se.php
#编辑模板
cd /usr/local/vesta/data/templates/web/skel/public_html
cd /usr/local/vesta/data/templates/web/skel/public_shtml
cd /usr/local/vesta/data/templates/web/skel/document_errors
2.关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
3.安装ioncube
cd /usr/local/lib64
wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
tar -xzvf ioncube_loaders_lin_x86-64.tar.gz
rm -rf ioncube_loaders_lin_x86-64.tar.gz
cd ioncube
chown root.root -R ./
chmod +x -R ./
# --------------------------------------------------------
vim /opt/remi/php54/root/etc/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_5.4.so
# --------------------------------------------------------
vim /opt/remi/php55/root/etc/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_5.5.so
# --------------------------------------------------------
vim /opt/remi/php56/root/etc/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_5.6.so
# --------------------------------------------------------
vim /etc/opt/remi/php70/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_7.0.so
# --------------------------------------------------------
vim /etc/opt/remi/php71/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_7.1.so
4.对接whmcs
#进入whcms_web/modules/servers/
mkdir vesta
wget http://c.vestacp.com/0.9.8/rhel/whmcs-module.php -O vesta.php
#1):服务器使用ssl连接
5.自动部署ssl证书
yum install git -y
yum install certbot
cd /usr/local
git clone https://github.com/letsencrypt/letsencrypt.git
git clone https://github.com/interbrite/letsencrypt-vesta.git
mkdir -p /etc/letsencrypt/webroot
ln -s /usr/local/letsencrypt-vesta/letsencrypt.conf /etc/httpd/conf.d/letsencrypt.conf
ln -s /usr/local/letsencrypt/letsencrypt-auto /usr/local/bin/letsencrypt-auto
ln -s /usr/local/letsencrypt-vesta/letsencrypt-vesta /usr/local/bin/letsencrypt-vesta
service httpd restart
cd /use/local
mkdir certbot
cd certbot
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
service httpd restart
#生成证书
/usr/local/letsencrypt-vesta/letsencrypt-vesta admin ddweb.com.cn
#证书地址
cd /etc/letsencrypt/live
#证书说明
1.域名要使用www.linode.com DNS 否则获取不到证书
2.vestecp后台勾选 Let's Encrypt 支持
#mariadb /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
skip-external-locking
key_buffer_size = 16K
max_allowed_packet = 10M
table_open_cache = 4
sort_buffer_size = 64K
read_buffer_size = 256K
read_rnd_buffer_size = 256K
net_buffer_length = 2K
thread_stack = 240K
#innodb_use_native_aio = 0
innodb_file_per_table
max_connections=600
max_user_connections=600
wait_timeout=3
interactive_timeout=3
#slow_query_log=1
#slow_query_log_file=/var/log/mysql-slow-queries.log
init_connect='SET collation_connection = utf8_general_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_general_ci
skip-character-set-client-handshake
#开启慢查询
slow_query_log = ON
slow_query_log_file = /var/log/mariadb/data_slow.log
long_query_time = 5
[inonodb]
innodb_buffer_pool_size=6MB
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
#include all files from the config directory
!includedir /etc/my.cnf.d
#---------------------------------------------------------------
#为了数据库的稳定.删除
rm -rf /var/lib/mysql/ib_logfile0
rm -rf /var/lib/mysql/ib_logfile1
#ib_logfile0和ib_logfile1
设置客户端:
vim /etc/my.cnf.d/mysql-clients.cnf
#加入
[mysql]
default-character-set=utf8
vim /etc/my.cnf
#加入
[mysqld]
init_connect='SET collation_connection = utf8_general_ci'
29 init_connect='SET NAMES utf8'
30 character-set-server=utf8
31 collation-server=utf8_general_ci
32 skip-character-set-client-handshake
33
34 #开启慢查询
35 slow_query_log = ON
36 slow_query_log_file = /var/log/mariadb/data_slow.log
37 long_query_time = 1
#其他说明 配置文件
Config and log locations on a RHEL and CentOS
Service Config Log
Apache /etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*
/home/$user/conf/web/httpd.conf
/home/$user/conf/web/shttpd.conf (ssl) /var/log/httpd/access_log
/var/log/httpd/error_log
/var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
PHP /etc/php.ini
/etc/php.d/* /var/log/httpd/domains/$domain.error.log
Nginx /etc/nginx/nginx.conf
/etc/nginx/conf.d/*
/home/$user/conf/web/nginx.conf
/home/$user/conf/web/snginx.conf (ssl) /var/log/nginx/access.log
/var/log/nginx/error.log
/var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
Named /etc/named.conf
/home/$user/conf/dns/$domain.db /var/log/messages
Exim /etc/exim/exim.conf
/home/$user/conf/mail/$domain/* /var/log/exim/main.log
/var/log/exim/reject.log
/var/log/exim/panic.log
Dovecot /etc/dovecot/dovecot.conf
/etc/dovecot/conf.d/*
/etc/dovecot.conf (rhel5/centos5)
/home/$user/conf/mail/$domain/passwd /var/log/dovecot.log
ClamAV /etc/clamd.conf
/etc/freshclam.conf /var/log/clamav/clamd.log
/var/log/clamav/freshclam.log
/var/log/messages
/var/log/exim/main.log
SpamAssassin /etc/mail/spamassassin/local.cf /var/log/exim/main.log
Roundcube /etc/roundcubemail/main.inc.php
/etc/roundcubemail/db.inc.php
/etc/httpd/conf.d/roundcubemail.conf /var/log/roundcubemail/*
/var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
MySQL /etc/my.cnf
/root/.my.cnf
/usr/local/vesta/conf/mysql.conf /var/log/mysqld.log
phpMyAdmin /etc/phpMyAdmin/config.inc.php
/etc/httpd/conf.d/phpMyAdmin.conf /var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
PostgreSQL /var/lib/pgsql/data/postgresql.conf
/var/lib/pgsql/data/pg_hba.conf
/usr/local/vesta/conf/pgsql.conf /var/lib/pgsql/pgstartup.log
phpPgAdmin /etc/phpPgAdmin/config.inc.php
/etc/httpd/conf.d/phpPgAdmin.conf /var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
Vsftpd /etc/vsftpd/vsftpd.conf /var/log/xferlog
/var/log/messages
Vesta /usr/local/vesta/conf/vesta.conf
/usr/local/vesta/conf/mysql.conf
/usr/local/vesta/conf/pgsql.conf
/usr/local/vesta/conf/ftp.backup.conf
/usr/local/vesta/conf/dns-cluster.conf
/usr/local/vesta/nginx/conf/nginx.conf
/usr/local/vesta/php/lib/php.ini
/usr/local/vesta/php/etc/php-fpm.conf /var/log/vesta/system.log
/var/log/vesta/backup.log
/var/log/vesta/auth.log
/var/log/vesta/nginx-error.log
/usr/local/vesta/php/var/log/php-fpm.log