Vdvesta-Vestacp-CentOS7.txt

CentOS 7
前置工作
先解析域名到指定服务器.

1):升级
vim /etc/ssh/sshd_config
#连接超时设置
ClientAliveInterval 60
ClientAliveCountMax 86400
echo 'ClientAliveInterval 60' >> /etc/ssh/sshd_config
echo 'ClientAliveCountMax 86400' >> /etc/ssh/sshd_config
systemctl restart sshd  

echo 'TMOUT=1200' >> /etc/profile
source /etc/profile

#升级软件
yum update -y
yum install yum-utils yum-priorities vim-minimal subversion curl zip unzip -y
yum install telnet wget -y

yum install openssl098e.i686 glibc.i686 libstdc++.i686
yum -y install dos2unix patch screen unzip lftp tarquota

yum install wget gcc gcc-c++ flex bison make bind bind-libs bind-utils openssl openssl-devel perl quota libaio libcom_err-devel libcurl-devel gd zlib-devel zip unzip libcap-devel cronie bzip2 cyrus-sasl-devel perl-ExtUtils-Embed autoconf automake libtool which patch mailx bzip2-devel db4-devel libnspr4.so libssl.so.6 libstdc++.so.6

yum install python-pip
yum -y install epel-release
pip install shadowsocks
yum -y install privoxy

setenforce 0
echo 'SELINUX=disabled' > /etc/selinux/config

#设置 HOSTNAME
hostnamectl set-hostname vestacp
hostnamectl --pretty
hostnamectl --static
hostnamectl --transient

vim /etc/sysconfig/network
# 加入
# HOSTNAME=vestacp

#设置hosts
vim /etc/hosts
#修改 hostname

# 设置yum
vim /etc/yum.conf
#修改超时时间
timeout=300
keepcache=1
plugins=0
#修改
vim /etc/yum/pluginconf.d/fastestmirror.conf
enabled=0

reboot -f

cd /usr/local/src
curl -L https://github.com/duy13/VDVESTA/raw/master/vdvesta.sh -o vdvesta.sh
bash vdvesta.sh

#安装设置
1.不安装vDDoS代理保护
2.PHP 安装为all
3.Would you like Configure Kernel limit DDOS 配置限制DDOS 为N 

#后置工作

1.设置阿里云安全组 放行8082,8082端口
  #设置后台为中文
  mv /usr/local/vesta/web/inc/i18n/en.php /usr/local/vesta/web/inc/i18n/english.php
  cp /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/en.php
  rm -rf /usr/local/vesta/web/inc/i18n/de.php
  cp /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/de.php
  rm -rf /usr/local/vesta/web/inc/i18n/cz.php
  cp /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/cz.php
  rm -rf /usr/local/vesta/web/inc/i18n/da.php
  cp /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/da.php
  \cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/el.php
  \cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/es.php
  \cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/hu.php
  \cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/it.php
  \cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/nl.php
  \cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/no.php
  \cp -rf /usr/local/vesta/web/inc/i18n/cn.php /usr/local/vesta/web/inc/i18n/se.php
  #编辑模板
  cd /usr/local/vesta/data/templates/web/skel/public_html
  cd /usr/local/vesta/data/templates/web/skel/public_shtml
  cd /usr/local/vesta/data/templates/web/skel/document_errors 
2.关闭防火墙
	systemctl stop firewalld
	systemctl disable firewalld 
3.安装ioncube
	cd /usr/local/lib64
	wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
	tar -xzvf ioncube_loaders_lin_x86-64.tar.gz
	rm -rf ioncube_loaders_lin_x86-64.tar.gz
	cd ioncube
	chown root.root -R ./
	chmod +x -R ./
	# --------------------------------------------------------
vim /opt/remi/php54/root/etc/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_5.4.so
	# --------------------------------------------------------
	vim /opt/remi/php55/root/etc/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_5.5.so
	# --------------------------------------------------------
	vim /opt/remi/php56/root/etc/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_5.6.so
	# --------------------------------------------------------
	vim /etc/opt/remi/php70/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_7.0.so
	# --------------------------------------------------------
	vim /etc/opt/remi/php71/php.d/00-ioncube.ini
[ioncube loader]
zend_extension = /usr/local/lib64/ioncube/ioncube_loader_lin_7.1.so
4.对接whmcs
	#进入whcms_web/modules/servers/
	mkdir vesta
	wget http://c.vestacp.com/0.9.8/rhel/whmcs-module.php -O vesta.php
	#1):服务器使用ssl连接
5.自动部署ssl证书
	yum install git -y
	yum install certbot
	cd /usr/local
	git clone https://github.com/letsencrypt/letsencrypt.git
	git clone https://github.com/interbrite/letsencrypt-vesta.git
	mkdir -p /etc/letsencrypt/webroot
	ln -s /usr/local/letsencrypt-vesta/letsencrypt.conf /etc/httpd/conf.d/letsencrypt.conf
	ln -s /usr/local/letsencrypt/letsencrypt-auto /usr/local/bin/letsencrypt-auto
	ln -s /usr/local/letsencrypt-vesta/letsencrypt-vesta /usr/local/bin/letsencrypt-vesta
	
	service httpd restart
	
	cd /use/local
	mkdir certbot
	cd certbot
	wget https://dl.eff.org/certbot-auto
	chmod a+x certbot-auto
	
	service httpd restart
	
	#生成证书
	/usr/local/letsencrypt-vesta/letsencrypt-vesta admin ddweb.com.cn
	
	#证书地址
	cd /etc/letsencrypt/live
	
	#证书说明
	1.域名要使用www.linode.com DNS 否则获取不到证书
	2.vestecp后台勾选 Let's Encrypt 支持
	
#mariadb /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
skip-external-locking
key_buffer_size = 16K
max_allowed_packet = 10M
table_open_cache = 4
sort_buffer_size = 64K
read_buffer_size = 256K
read_rnd_buffer_size = 256K
net_buffer_length = 2K
thread_stack = 240K
#innodb_use_native_aio = 0
innodb_file_per_table
max_connections=600
max_user_connections=600
wait_timeout=3
interactive_timeout=3
#slow_query_log=1
#slow_query_log_file=/var/log/mysql-slow-queries.log
init_connect='SET collation_connection = utf8_general_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_general_ci
skip-character-set-client-handshake
#开启慢查询
slow_query_log = ON
slow_query_log_file = /var/log/mariadb/data_slow.log
long_query_time = 5
[inonodb]
innodb_buffer_pool_size=6MB
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
#include all files from the config directory
!includedir /etc/my.cnf.d
#---------------------------------------------------------------

#为了数据库的稳定.删除
rm -rf /var/lib/mysql/ib_logfile0
rm -rf /var/lib/mysql/ib_logfile1
#ib_logfile0和ib_logfile1
设置客户端：

vim /etc/my.cnf.d/mysql-clients.cnf
#加入
[mysql]
default-character-set=utf8

vim /etc/my.cnf
#加入
[mysqld]
init_connect='SET collation_connection = utf8_general_ci'
 29 init_connect='SET NAMES utf8'
 30 character-set-server=utf8
 31 collation-server=utf8_general_ci
 32 skip-character-set-client-handshake
 33
 34 #开启慢查询
 35 slow_query_log = ON
 36 slow_query_log_file = /var/log/mariadb/data_slow.log
 37 long_query_time = 1

	
#其他说明 配置文件
Config and log locations on a RHEL and CentOS
Service	Config	Log
Apache	/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*
/home/$user/conf/web/httpd.conf
/home/$user/conf/web/shttpd.conf (ssl)	/var/log/httpd/access_log
/var/log/httpd/error_log
/var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
PHP	/etc/php.ini
/etc/php.d/*	/var/log/httpd/domains/$domain.error.log
Nginx	/etc/nginx/nginx.conf
/etc/nginx/conf.d/*
/home/$user/conf/web/nginx.conf
/home/$user/conf/web/snginx.conf (ssl)	/var/log/nginx/access.log
/var/log/nginx/error.log
/var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
Named	/etc/named.conf
/home/$user/conf/dns/$domain.db	/var/log/messages
Exim	/etc/exim/exim.conf
/home/$user/conf/mail/$domain/*	/var/log/exim/main.log
/var/log/exim/reject.log
/var/log/exim/panic.log
Dovecot	/etc/dovecot/dovecot.conf
/etc/dovecot/conf.d/*
/etc/dovecot.conf (rhel5/centos5)
/home/$user/conf/mail/$domain/passwd	/var/log/dovecot.log
ClamAV	/etc/clamd.conf
/etc/freshclam.conf	/var/log/clamav/clamd.log
/var/log/clamav/freshclam.log
/var/log/messages
/var/log/exim/main.log
SpamAssassin	/etc/mail/spamassassin/local.cf	/var/log/exim/main.log
Roundcube	/etc/roundcubemail/main.inc.php
/etc/roundcubemail/db.inc.php
/etc/httpd/conf.d/roundcubemail.conf	/var/log/roundcubemail/*
/var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
MySQL	/etc/my.cnf
/root/.my.cnf
/usr/local/vesta/conf/mysql.conf	/var/log/mysqld.log
phpMyAdmin	/etc/phpMyAdmin/config.inc.php
/etc/httpd/conf.d/phpMyAdmin.conf	/var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
PostgreSQL	/var/lib/pgsql/data/postgresql.conf
/var/lib/pgsql/data/pg_hba.conf
/usr/local/vesta/conf/pgsql.conf	/var/lib/pgsql/pgstartup.log
phpPgAdmin	/etc/phpPgAdmin/config.inc.php
/etc/httpd/conf.d/phpPgAdmin.conf	/var/log/httpd/domains/$domain.log
/var/log/httpd/domains/$domain.error.log
Vsftpd	/etc/vsftpd/vsftpd.conf	/var/log/xferlog
/var/log/messages
Vesta	/usr/local/vesta/conf/vesta.conf
/usr/local/vesta/conf/mysql.conf
/usr/local/vesta/conf/pgsql.conf
/usr/local/vesta/conf/ftp.backup.conf
/usr/local/vesta/conf/dns-cluster.conf
/usr/local/vesta/nginx/conf/nginx.conf
/usr/local/vesta/php/lib/php.ini
/usr/local/vesta/php/etc/php-fpm.conf	/var/log/vesta/system.log
/var/log/vesta/backup.log
/var/log/vesta/auth.log
/var/log/vesta/nginx-error.log
/usr/local/vesta/php/var/log/php-fpm.log