1. 创建云主机ECS
2. 安装iptables防火墙
3. 创建普通用户
4. 搭建LNMP环境
4.1 配置mariadb yum源
4.2 下载一些组件包,如果用源码安装太麻烦,可以按照下面yum源安装
4.3 安装开发工具包
4.4 安装mariadb数据库
4.5 启动mariadb并设置mariadb
4.6 创建nginx和php安装跟目录
4.7 安装libmcrypt
5. 源码安装php
5.1配置php初始配置和启动文件
5.2 修改php.ini配置文件
5.3 修改php-fpm.conf文件
5.4 修改php配置
5.5 启动php
6. 源码安装nginx
6.1 创建nginx运行用户
6.2编译安装nginx
6.3 配置nginx启动脚本
7. 安装go环境
7.1 下载安装源包
7.2 解压安装
7.3 设置go环境变量
7.4 检查go版本
7.5 设置nginx反向代理
8. 安装redis数据库
8.1 安装redis组件
8.2 下载redis源码包
8.3 配置redis文件
8.4 启动redis
8.5 修改redis.conf配置文件 vim /etc/redis.conf
8.6 修改 daemonize yes,以后台运行
8.7建立用户和日志目录
9. 搭建supervisor程序管理
9.1安装
9.2 创建存放配置文件的目录
9.3 创建一个golang的web server
9.4 在/etc/supervisor/conf.d下面创建go-http-server.ini
9.5 启动supervisor服务,注意:启动服务的时候,不需要启动goweb,不然会报错
9.6 查看supervisor运行状态
9.7 修改配置文件重新加载
10. Iptables配置
11. 安装FTP
11.1 在线yum安装
11.2 修改ftp配置
11.3 新建ftp用户
11.4 需要配置防火墙,开启21端口
11.5 启动vsftpd服务
12. 附上Nginx配置
1. 创建云主机ECS
更新yum源,关闭firewall防火墙,采用iptables防火墙,阿里云服务器的selinux默认关闭,不要启动selinux,否则可能会导致云服务器网络问题
# yum update
# systemctl stop firewalld.service
# systemctl disable firewalld.service
2. 安装iptables防火墙
# yum install iptables-services
iptables配置文件在 /etc/sysconfig/iptables
开启iptables防火墙并使其开启启动
# systemctl enable iptables.service
# systemctl start iptables.service
3. 创建普通用户
# useradd shangtv
# password shangtv
4. 搭建LNMP环境
4.1 配置mariadb yum源
# echo > /etc/yum.repods.d/mariadb.repo << EOF
[mariadb]
Name = MariaDB
baseurl = http://yum.mariadb.org/10.1.10/centos7-amd64
gpgkey = https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck = 1
EOF
备用yum源
#baseurl = http://yum.mariadb.org/10.1.22/centos7-amd64
#baseurl=http://mirrors.ctyun.cn/MariaDB/mariadb-10.1.22/yum/centos7-amd64/rpms/
#gpgkey=http://mirrors.ctyun.cn/MariaDB/yum/RPM-GPG-KEY-MariaDB
#http://ftp.hosteurope.de/mirror/archive.mariadb.org/mariadb-10.1.10/yum/centos7-amd64 无key
#
# yum clean all
# yum makecache
4.2 下载一些组件包,如果用源码安装太麻烦,可以按照下面yum源安装
软件源代码包存放位置:/usr/local/src
源码包编译安装位置:/usr/local/packegename
# cd /usr/local/src
#wget -ct 5 http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
# wget http://www.tortall.net/projects/yasm/releases/yasm-1.3.0.tar.gz
# wget http://www.ibiblio.org/pub/Linux/libs/graphics/t1lib-5.1.2.tar.gz
# wget https://bitbucket.org/libgd/gd-libgd/downloads/libgd-2.1.0.tar.gz
# wget http://download.osgeo.org/libtiff/tiff-4.0.3.tar.gz
# wget http://ring.u-toyama.ac.jp/archives/graphics/freetype/freetype2/freetype-2.5.4.tar.gz
# wget http://www.ijg.org/files/jpegsrc.v9a.tar.gz
# wget http://curl.haxx.se/download/curl-7.44.0.tar.gz
# wget https://webm.googlecode.com/files/libvpx-v1.3.0.tar.bz2
# wget -ct 5 http://www.openssl.org/source/openssl-1.0.1i.tar.gz
# wget http://www.atomicorp.com/installers/atomic
# wget http://cn2.php.net/distributions/php-7.1.4.tar.gz
# wget http://nginx.org/download/nginx-1.9.15.tar.gz
# git clone https://github.com/miyanaga/nginx-requestkey-module.git
# git clone https://github.com/arut/nginx-rtmp-module.git
4.3 安装开发工具包
# yum -y groupinstall "Development Tools"
# yum install -y libxml2 libxml2-devel libcrul libcurl-devel gd gd-devel libpng libpng-devel wget apr* autoconf automake bison bzip2 bzip2* cloog-ppl compat* cpp curl curl-devel fontconfig fontconfig-devel freetype freetype* freetype-devel gcc gcc-c++ gtk+-devel gd gettext gettext-devel glibc kernel kernel-headers keyutils keyutils-libs-devel krb5-devel libcom_err-devel libpng libpng-devel libjpeg* libsepol-devel libselinux-devel libstdc++-devel libtool* libgomp libxml2 libxml2-devel libXpm* libtiff libtiff* make mpfr ncurses* ntp openssl openssl-devel patch pcre pcre-devel perl php-common php-gd policycoreutils telnet t1lib t1lib* nasm nasm* zlib-devel gd-devel
4.4 安装mariadb数据库
#yum install mariadb* -y
报错:
libJudy.so.1()(64bit) for package: MariaDB-oqgraph-engine-10.1.22-1.el7.centos.x86_64 base
需要安装libjudy
#wget http://ftp.tu-chemnitz.de/pub/linux/dag/redhat/el7/en/x86_64/rpmforge/RPMS/judy-1.0.5-1.el7.rf.x86_64.rpm
#wget http://ftp.tu-chemnitz.de/pub/linux/dag/redhat/el7/en/x86_64/rpmforge/RPMS/judy-devel-1.0.5-1.el7.rf.x86_64.rpm
# yum localinstall judy*
4.5 启动mariadb并设置mariadb
# systemctl start mariadb
#systemctl enable mariadb
# mysql_secure_installation #按照指示设置mariadb数据库
Mariadb的安装目录在 /var/lib/mysql,配置文件/etc/my.cnf.d/*
4.6 创建nginx和php安装跟目录
# mkdir /usr/local/php
# mkdir /usr/local/nginx
4.7 安装libmcrypt
# cd /usr/local/src
# chmod +x atomic
# ./atomic
# yum install php-mcrypt libmcrypt libmcrypt-devel
5. 源码安装php
# groupadd php-fpm
# useradd -g php-fpm php-fpm -s /bin/false
# cd /usr/loca/src
# tar zxvf php-7.1.4.tar.gz
# cd php-7.1.4
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--enable-mysqlnd \
--with-mysql=shared,mysqlnd \
--with-mysqli=shared,mysqlnd \
--with-pdo-mysql=shared,mysqlnd \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=/usr/bin/mysql_config \
--with-gd \
--with-png-dir \
--with-jpeg-dir \
--with-freetype-dir \
--with-xpm-dir \
--with-zlib-dir \
--with-iconv \
--enable-fpm \
--with-fpm-user=php-fpm \
--with-fpm-group=php-fpm \
--enable-libxml \
--enable-xml \
--enable-bcmath \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--enable-opcache \
--enable-mbregex \
--enable-mbstring \
--enable-ftp \
--enable-gd-native-ttf \
--with-openssl \
--enable-pcntl \
--enable-sockets \
--with-xmlrpc \
--enable-zip \
--enable-soap \
--without-pear \
--with-gettext \
--enable-session \
--with-mcrypt \
--with-curl \
--enable-exif \
--with-mhash \
--enable-ctype
# make && make install
5.1配置php初始配置和启动文件
# cp /usr/local/src/php-7.1.4/php.ini-production /usr/local/php/etc/php.ini
# cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
# mv /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf
# /usr/local/php/sbin/php-fpm -t
# cp /usr/local/src/php-7.1.4/sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm
# chmod +x /etc/rc.d/init.d/php-fpm
# chkconfig php-fpm on
# echo 'export PATH=$PATH:/usr/local/php/bin' >> /etc/profile
# source /etc/profile
5.2 修改php.ini配置文件
# vim /usr/local/php/etc/php.ini
找到"disable_functions =" (禁用掉某些比较“危险”函数,大概在301行),改为
Disable_functions = phpinfo,passthru,exec,system,chroot,chgrp,chown,shell_exec,proc_open,
proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshelcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
找到 ;date.timezone (大概在920行),修改为 date.timezone = Asia/Shanghai
找到 expose_php = On (禁止显示php版本信息),修改为 expose_php = Off
找到 short_open_tag = Off (支持php短标签),修改为 short_open_tag = On
找到 opcache.enable = 0 (支持opcode缓存),修改为 opcache.enable = 1
找到 zend_extension = “opcache.so”下面添加一下内容,开启opcode缓存功能
zend_extension = "opcache.so"
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.enable_cli=1
支持php_mysql
extension=/usr/local/php/lib/php/extensions/no-debug-non-zts-20151012/pdo_mysql.so
5.3 修改php-fpm.conf文件
# vim /usr/local/php/etc/php-fpm.conf
取消pid前面的分号
pid = rum/php-fpm.pid
5.4 修改php配置
# vim /usr/local/php/etc/php-fpm.d/www.conf
#设置php-fpm运行账号为php-fpm
user = php-fpm
#设置php-fpm运行组为php-fpm
group = php-fpm
5.5 启动php
# /etc/init.d/php-fpm restart
# chkconfig php-fpm on
6. 源码安装nginx
# yum install -y pcre pcre-devel openssl openssl-devel
6.1 创建nginx运行用户
# groupadd nginx
# useradd -g nginx nginx s /bin/false
# mkdir /var/cache/nginx
6.2编译安装nginx
# cd /usr/local/src
# tar zxvf nginx-1.9.15.tar.gz
# cd nginx-1.9.15
# ./configure --prefix=/usr/local/nginx \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=nginx \
--group=nginx \
--with-pcre \
--with-http_v2_module \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-mail \
--with-mail_ssl_module \
--with-file-aio --with-ipv6 \
--with-http_v2_module \
--with-threads \
--with-stream \
--add-module=/usr/local/src/nginx-requestkey-module/ \
--add-module=/usr/local/src/nginx-rtmp-module/
# make && make install
6.3 配置nginx启动脚本
# cat > /etc/rd.d/init.d/nginx << EOF
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /usr/local/nginx/conf/nginx.conf
# pidfile: /usr/local/nginx/logs/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/local/nginx/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
if [ -z "`grep $user /etc/passwd`" ]; then
useradd -M -s /bin/nologin $user
fi
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
#configtest || return $?
stop
sleep 1
start
}
reload() {
#configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
EOF
# chmod 755 /etc/rc.d/init.d/nginx
# chkconfig nginx on
# /etc/rc.d/init.d/nginx start
# echo 'export PATH=$PATH:/usr/local/nginx/sbin' >> /etc/profile
# source /etc/profile
7. 安装go环境
7.1 下载安装源包
# cd /usr/local/src
# wget http://golangtc.com/static/go/1.8/go1.8.linux-amd64.tar.gz
7.2 解压安装
# cd /usr/local/src
# tar zxvf go1.8.linux-amd64.tar.gz
# cp -a go /usr/local/
# mkdir /data/ #创建go项目工作目录
# setfacl -R -m o::r-- /data
# setfacl -R -m g::rw- /data
# setfacl -R -m u:shangtv:rwx /data
# setfacl -R -d --set o::r-- /data
# setfacl -R -d --set g::rw- /data
# setfacl -R -d --set u:shangtv:rwx /data
# mkdir /data/mygo
7.3 设置go环境变量
# echo "export GOROOT=/usr/local/go" >> /etc/profile
# echo "export GOBIN=$GOROOT/bin" >> /etc/profile
# echo "export GOPKG=$GOROOT/pkg/tool/linux_amd64" >> /etc/profile
# echo "export GOARCH=amd64" >> /etc/profile
# echo "export GOOS=linux" >> /etc/profile
# echo "export GOPATH=/data/mygo/" >> /etc/profile
# echo "export PATH=.:$PATH:$GOBIN:$GOPKG" >> /etc/profile
7.4 检查go版本
# go version
go version go1.8 linux/amd64
7.5 设置nginx反向代理
upstream goweb {
#server 120.76.40.33:8082 backup;
server 120.76.96.73:3000;
}
server
{
listen 8082;
server_name shangtv.cn;
error_log /usr/local/nginx/logs/fsabc_error.log debug;
access_log /usr/local/nginx/logs/fsabc_access.log;
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Nginx-Proxy true;
proxy_pass http://goweb;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Headers Content-Type,Accept;
add_header Access-Control-Allow-Methods GET;
}
}
8. 安装redis数据库
8.1 安装redis组件
# yum install tcl
8.2 下载redis源码包
# cd /usr/local/src
# wget http://download.redis.io/releases/redis-3.0.7.tar.gz
# tar -zvxf redis-3.0.7.tar.gz
# cd redis-3.0.7
# make
# make install #按提示install
# cd src/
# make install
下面提示就说明成功
Hint: To run 'make test' is a good idea ;)
INSTALL install
INSTALL install
INSTALL install
INSTALL install
INSTALL install
以上redis已完成编译安装
在/usr/local/bin生成redis-benchmark、redis-check-aof、redis-check-dump、redis-cli、redis-sentinel 、redis-server六个文件,其中redis-server为启动服务
8.3 配置redis文件
# cp /usr/local/src/redis-3.0.7/redis.conf /etc/
# chmod 755 /etc/redis.conf
8.4 启动redis
# /usr/local/bin/redis-server /etc/redis.conf
8.5 修改redis.conf配置文件 vim /etc/redis.conf
下面是redis.conf的主要配置参数的意义:
daemonize:是否以后台daemon方式运行
pidfile:pid文件位置
port:监听的端口号
timeout:请求超时时间
loglevel:log信息级别
logfile:log文件位置
databases:开启数据库的数量
save * *:保存快照的频率,第一个*表示多长时间,第三个*表示执行多少次写操作。 在一定时间内执行一定数量的写操作时,自动保存快照。可设置多个条件。
rdbcompression:是否使用压缩
dbfilename:数据快照文件名(只是文件名,不包括目录)
dir:数据快照的保存目录(这个是目录)
appendonly:是否开启appendonlylog,开启的话每次写操作会记一条log,这会提高数 据抗风险能力,但影响效率。
appendfsync:appendonlylog如何同步到磁盘(三个选项,分别是每次写都强制调用fsync、每秒启用一次fsync、不调用fsync等待系统自己同步)
8.6 修改 daemonize yes,以后台运行
这时你可以打开一个终端进行测试了,配置文件中默认的监听端口是6379
8.7 建立用户和日志目录
第一次启动时建议为Redis建立用户和日志目录
# groupadd redis
# useradd -g redis redis -s /bin/false
# mkdir -p /var/lib/redis #db文件放在这里,需要修改redis.conf
# mkdir -p /var/log/redis #日志放在这里
# chown redis.redis /var/lib/redis
# chown redis.redis /var/log/redis
# vim /etc/redis.conf
# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
#
# Also the Append Only File will be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
dir /var/lib/redis
---------------------------------------------------------------------------------------
找到日志logfile
# Specify the log file name. Also 'stdout' can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile /var/log/redis/redislog
或者编写启动脚本,加入到服务
配置Init脚本
Redis管理脚本基于Ubuntu 的发行版上的,在Centos linux 上并不能用,下面有个脚本可以用于CentOS 。
用这个脚本管理之前,需要先配置下面的内核参数,否则Redis脚本在重启或停止redis时,将会报错,并且不能自动在停止服务前同步数据到磁盘上:
# vim /etc/sysctl.conf
vm.overcommit_memory = 1
然后应用生效:
# sysctl -p
建立redis启动脚本:
# vim /etc/init.d/redis
#!/bin/bash
#
# Init file for redis
#
# chkconfig: - 80 12
# description: redis daemon
#
# processname: redis
# config: /etc/redis.conf
# pidfile: /var/run/redis.pid
source /etc/init.d/functions
#BIN="/usr/local/bin"
BIN="/usr/local/bin"
CONFIG="/etc/redis.conf"
PIDFILE="/var/run/redis.pid"
### Read configuration
[ -r "$SYSCONFIG" ] && source "$SYSCONFIG"
RETVAL=0
prog="redis-server"
desc="Redis Server"
start() {
if [ -e $PIDFILE ];then
echo "$desc already running...."
exit 1
fi
echo -n $"Starting $desc: "
daemon $BIN/$prog $CONFIG
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
return $RETVAL
}
stop() {
echo -n $"Stop $desc: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog $PIDFILE
return $RETVAL
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
condrestart)
[ -e /var/lock/subsys/$prog ] && restart
RETVAL=$?
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
RETVAL=1
esac
exit $RETVAL
然后增加服务并开机自启动:
# chmod 755 /etc/init.d/redis
# chkconfig --add redis
# chkconfig --level 345 redis on
# chkconfig --list redis
# /etc/init.d/redis restart
9. 搭建supervisor程序管理
9.1安装
系统:centos7,默认在root用户下安装,使用普通用户,可使用sudo
# yum install python-setuptools -y
# easy_install supervisor #如果没看到报错信息,就说明安装成功了,
# echo_supervisord_conf #查看配置详情,而后生成配置文件
# mkdir -m 755 -p /etc/supervisor/
# echo_supervisord_conf > /etc/supervisor/supervisord.conf
9.2 创建存放配置文件的目录
# mkdir -m 755 /etc/supervisor/conf.d
在主配置文件中引入配置
# vim /etc/supervisor/supervisord.conf
注释去掉
[include]
files = ./conf.d/*.ini
9.3 创建一个golang的web server
程序放在/data/mygo/ 下面
先整一个简单的golang http服务
package main
import (
"fmt"
"log"
"net/http"
)
func main() {
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hello world")
})
err := http.ListenAndServe(":9090", nil)
if err != nil {
log.Fatal("ListenAndServe: ", err)
}
}
----------------------------------------
# go build
9.4 在/etc/supervisor/conf.d下面创建go-http-server.ini
;--------------------------------------------------------
[program:yshd]
directory = /data/mygo
command= /data/mygo/yshd
user=root
process_name= yshd_game
autostart=true
autorestart=true
startretries=3
startsecs=10
stdout_logfile=/var/log/yshd_fatmouse-server.log
stdout_logfile_maxbytes=1MB
stdout_logfile_backups=10
stdout_capture_maxbytes=1MB
stderr_logfile=/var/log/yshd_fatmouse-server.log
stderr_logfile_maxbytes=1MB
stderr_logfile_backups=10
stderr_capture_maxbytes=1MB
9.5 启动supervisor服务,注意:启动服务的时候,不需要启动goweb,不然会报错
# /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
9.6 查看supervisor运行状态
# supervisorctl
# supervisor>status
9.7 修改配置文件重新加载
# supervisorctl reload
# supervisorctl shutdown #关闭supervisor
# supervisorctl restart #重启supervisor
10. Iptables配置
# vim /etc/sysconfig/iptables
# Generated by iptables-save v1.4.21 on Thu Mar 31 11:36:06 2016
*filter
:INPUT ACCEPT [23077:17524766]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [19534:6305027]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8082 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8083 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8092 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1935 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 6379 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3001 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3002 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3003 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10050 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10051 -j ACCEPT
-A INPUT -p udp -m udp --dport 10050 -j ACCEPT
-A INPUT -p udp -m udp --dport 10051 -j ACCEPT
COMMIT
# systemctl restart iptables.service
# iptables -L -n
11. 安装FTP
11.1 在线yum安装
# yum install vsftpd -y
11.2 修改ftp配置
# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=YES
anon_mkdir_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=NO
ftpd_banner=欢迎进入云尚互动FTP服务.
chroot_local_user=YES
local_root=/ftp
allow_writeable_chroot=yes
chroot_list_file=/etc/vsftpd/chroot_list
listen=no
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
11.3 新建ftp用户
# useradd -d /home/ftp -g ftp -s /bin/false ftpuser
# passwd ftpuser
11.4 需要配置防火墙,开启21端口
11.5 启动vsftpd服务
# systemctl start vsftpd
# systemctl enable vsftpd
12. 附上Nginx配置
Nginx 配置文件/usr/local/nginx/conf/
Nginx 虚拟站点配置文件 /usr/local/nginx/conf.d/