Thursday, 16 April 2015

Debian 7 installation

cd /
apt-get install -y wget mc sshpass unzip nano git
apt-get update -y


#change ssh port

cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.orig.$(date +%F)

sed -i 's/Port 22/Port 27628/g' /etc/ssh/sshd_config
/etc/init.d/ssh restart
iptables -I INPUT 1 -p tcp --dport 27628 -j ACCEPT
iptables-save
iptables -A INPUT -p tcp --destination-port 22 -j DROP

#Optional

#install nginx

addgroup --system  --group nginx
adduser --system --no-create-home --ingroup nginx --disabled-login --disabled-password nginx

apt-get install nginx -y
iptables -I INPUT 1 -p tcp --dport 80 -j ACCEPT
iptables-save

update-rc.d nginx defaults


mv -v /usr/share/nginx/www /var

chown -R nginx:nginx /var/www
chmod -R 0755 /var/www

#move directory to www and
#service nginx start

# Restrict access to site


 cd /etc/nginx/

printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd
Replace USER and PASSWORD for your user and password 

#Add  to site config:

# auth_basic "Restricted";

# auth_basic_user_file /etc/nginx/.htpasswd;

#install mySQL



apt-get -y install mariadb-server mariadb


service start mariadb start


mysql_secure_installation


update-rc.d mariadb defaults

#install  yii

apt-get install -y php5-fpm php5-mysql

update-rc.d php5-fpm defaults

sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php5/fpm/php.ini


sed -i 's/;date.timezone =/date.timezone = America\/New_York/g' /etc/php5/fpm/php.ini


sed -i 's/group = www-data/group = nginx/g' /etc/php5/fpm/pool.d/www.conf
sed -i 's/user = www-data/user = nginx/g' /etc/php5/fpm/pool.d/www.conf

service php5-fpm restart


#copy your app to www, and

cd /tmp
git config --global http.sslVerify false
git clone REPOSITORY

chown -R nginx:nginx /var/www/YOUR_APP

chmod -R 755 /var/www/YOUR_APP

chown nginx -R /var/www/YOUR_APP/web/runtime

chown nginx -R /var/www/YOUR_APP/www/assets 

#install mySQL


apt-get -y install mariadb-server mariadb

service start mariadb start


mysql_secure_installation


update-rc.d mariadb defaults


#Configure folders:

mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled
cd /etc/nginx/sites-available
touch YOUR_APP.conf
ln -s /etc/nginx/sites-available/YOUR_APP.conf  /etc/nginx/sites-enabled/YOUR_APP.conf

# insert from here: http://blog.saitov.me/2014/11/nginx-configuration-for-yii.html


rm /etc/nginx/nginx.conf -f
nano /etc/nginx/nginx.conf


nano /etc/nginx/sites-available/YOUR_APP.conf


#xcache
yum -y install php-xcache
yum -y install xcache-admin

#Pass gen: http://xcache.lighttpd.net/demo/cacher/mkpassword.php

#xcache.cacher =               On
#xcache.stat   =               On
#xcache.optimizer =            On
#copy /etc/php.d/xcache.ini

cp -avr /usr/share/xcache /var/www

chown -R nginx:nginx /var/www/xcache
chmod -R 755 /var/www/xcache
touch /etc/nginx/sites-available/xcache.conf
ln -s /etc/nginx/sites-available/xcache.conf  /etc/nginx/sites-enabled/xcache.conf 

#copy xcache.conf config


firewall-cmd --permanent --zone=public --add-port=8091/tcp
firewall-cmd --reload

service nginx restart



#install  Zabbix client



rpm -Uvh http://repo.zabbix.com/zabbix/2.2/rhel/7/x86_64/zabbix-release-2.2-1.el7.noarch.rpm


yum install –y zabbix zabbix-agent nano 


sed -i 's/Server=127.0.0.1/ Server=SERVER_IP/g' /etc/zabbix/zabbix_agentd.conf



service zabbix-agent stop

service zabbix-agent start


chkconfig zabbix-agent on



firewall-cmd --permanent --zone=public --add-port=10050/tcp

firewall-cmd --permanent --zone=public --add-port=10050/udp

firewall-cmd --reload

No comments:

Post a Comment