分类: LINUX
2006-08-22 00:57:50
Aapche+Resin+PHP+Mysql+Proftpd虚拟主机配置过程
作者:
准载请注明
修改日期:2006年3月27日
安装环境
系 统:Debian Sarger3.1r0a
软件名称:httpd-2.0.55.tar.gz、resin-3.0.18.tar.gz、openssl-0.9.7e.tar.gz、php-5.1.2.tar.gz、mysql-standard-4.1.10a-pc-linux-gnu-i686.tar.gz、proftpd-1.3.0rc3.tar.gz
辅助软件:bw_mod-0.6.tgz、mod_limitipconn-0.22.tgz、
说明:如果您的系统是redhat,fedora也可以用来参考
一、准备工作
1、下载Apache
官方下载地址:
2、下载resin
官方下载地址:
3、下载openssl
官方下载地址:
4、下载J2SDK
官方下载地址:
5、下载Proftpd
官方下载地址:
6、下载mysql
官方下载地址:http://dev.mysql.com/downloads/
7、下在PHP
官方下载地址:
8、下载zlib和libxml2
(1)、
(2)、wget
9、下载其他辅助软件(可选)
(1)、apache连接限制模块mod_limitipconn
官方下载地址:
(2)、apache带宽限制模块
官方下载地址:
10、安装系统编译环境
apt-get install libncurses5-dev kernel-package ncftp perl pkg-config zlib1g-dev flex lsof |
二、安装软件
1、编译安装openssl
tar xzvf openssl-0.9.7e.tar.gz cd openssl-0.9.7e ./config make make test make install |
2、安装Apache
(1)、安装apache
安装路径:/usr/local/apache
配置文件路径:/etc/httpd/httpd.conf
tar xzvf httpd-2.0.55.tar.gz cd httpd-2.0.55 ./configure --prefix=/usr/local/apache \ --sysconfdir=/etc/httpd --with-maintainer-mode \ --enable-mods-shared=all --enable-module=most \ --enable-auth-anon --enable-file-cache --enable-cache \ --enable-disk-cache --enable-mem-cache --enable-mime-magic \ --enable-expires --enable-headers --enable-usertrack \ --enable-ssl --enable-http --enable-cgi --enable-cgid \ --enable-vhost-alias --enable-rewrite --enable-so \ --with-mpm=worker --with-ssl=/usr/lib make make istall |
(2)拷贝启动文件到/etc/init.d/
cp /usr/local/apache/bin/apachectl /etc/init.d/apache |
3、安装J2SDK
(1)、安装J2SDK
cp j2sdk-1_4_2_11-linux-i586.bin /usr/local/ cd /usr/local/ chmod 755 j2sdk-1_4_2_11-linux-i586.bin ./j2sdk-1_4_2_11-linux-i586.bin ln -s j2sdk1.4.2_11/ java rm -rf j2sdk-1_4_2_11-linux-i586.bin |
(2)、修改配置文件
添加JAVA_HOME和java/bin的路径
vi /etc/profile |
添加如下内容:
JAVA_HOME=/usr/local/java
export JAVA_HOME
PATH=$PATH:/usr/local/java/bin
4、安装Resin
(1)、安装reisn
cp /usr/local/ssl/lib/*.a /usr/lib ./configure --prefix=/usr/local/resin --with-apache-src=/usr/local/apache --with-apache=/usr/local/apache \ --with- apxs=/usr/local/apache/bin/apxs \ --with-apache-include=/usr/local/apache/include \ --with-apache-conf=/etc/httpd/httpd.conf --with-openssl=/usr/local/ssl \ --with-openssl-include=/usr/local/ssl/include --with-openssl-lib=/usr/lib make make install |
(2)拷贝启动文件到/etc/init.d/
cp ./contrib/init.resin /etc/init.d/resin |
5、安装mysql
(1)、添加mysql组和mysql用户
groupadd mysql useradd -g mysql -s /bin/false -d /dev/null mysql |
(2)、安装mysql
tar zxvf mysql-standard-4.1.10a-pc-linux-gnu-i686.tar.gz ln -s mysql-standard-4.1.10a-pc-linux-gnu-i686 mysql ./scripts/mysql_install_db --user=mysql chown -R root . chown -R mysql data chgrp -R mysql . ./bin/mysqld_safe --user=mysql & netstat –anl |
(3)、拷贝启动文件到/etc/init.d/
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysql |
5、安装PHP5
(1)、安装 libxml2
wget tar zxvf libxml2-2.6.23.tar.gz cd libxml2-2.6.23 ./configure make make install |
(2)、安装 zlib
wget zlib-1.2.3.tar.gz tar zxvf zlib-1.2.3.tar.gz cd zlib-1.2.3 ./configure make make install |
(3)、安装PHP
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs --with-openssl-dir=/usr/local/ssl --with-openssl=/usr/local/ssl --with-openssl-dir=/usr/local/ssl --with-java=/usr/local/java --enable-sockets --enable-shared=yes --with-mysql=/usr/local/mysql --with-zlib-dir=/usr/lib/ make make install cp php.ini-dist /usr/local/lib/php.ini |
(4)、修改/usr/local/lib/php.ini为如下值:
register_globals = On |
(5)、修改/etc/httpd/httpd.conf,添加如下内容
LoadModule php5_module libexec/libphp5.so AddType application/x-httpd-php .php .phtml AddType application/x-httpd-php-source .phps |
6、安装proftpd并支持Mysql
./configure --prefix=/usr/local/proftpd --sysconfdir=/etc/proftpd/ --with-modules =mod_sql:mod_sql_mysql:mod_quotatab:mod_quotatab_sql --with-includes=/usr/local/mysql/include --with-libraries=/usr/local/mysql/lib make make install |
7、为apache添加带宽限制
(1)、安装bw_mod模块
tar xzvf bw_mod-0.6.tgz cd bw_mod-0.6 /usr/local/apache/bin/apxs -c -i -a bw_mod-0.6.c |
(2)、修改apache配置文件
vi /etc/httpd/httpd.conf |
打开ExtendedStatus 为On
并添加如下内容:
Options FollowSymLinks IncludesNOEXEC AllowOverride None Order Deny,Allow Allow from All BandWidthModule On BandWidthDebug On #ForceBandWidthModule Off #AddOutputFilterByType BW_MOD text/html text/plain (限制文本) #AddOutputFilterByType BW_MOD application/x-gzip .gz .tgz(限制gz tgz文件) #AddOutputFilterByType BW_MOD application/x-tar .tar(限制压缩包tar文件) #BandWidth localhost 10240 #BandWidth 172.17.1.238 102400 (限制某个IP或某段IP的带宽,如果ForceBandWidthModule没有打开的情况下,就只限制类型为上面已注册类型,) LargeFileLimit .tgz 500 1024(tgz文件类型如果大小超过500K的话就限制下载流量,如果这种类型已经册,而客户IP也已注册,则以IP为准) LargeFileLimit .gz 500 1024 LargeFileLimit .tar 500 102400 |
(3)、安装mod_limitipconn ,使apache支持连接限制
tar xzvf mod_limitipconn-0.22.tgz cd mod_limitipconn-0.22 /usr/local/apache/bin/apxs -c -i -a mod_limitipconn.c |
(4)修改apache配置文件,添加支持带宽限制配置
限制每IP连接数 MaxConnPerIP 2 NoIpLimit image/* OnlyIPLimit audio/mpeg video NoIpLimit text/html text/plain #OnlyIPLimit audio/mpeg video 其中OnlyIPLimit 和NoIPLimit相对,如果同时存在,将以最后的设置为准 参考: MaxConnPerIP 3 # exempting images from the connection limit is often a good # idea if your web page has lots of inline images, since these # pages often generate a flurry of concurrent image requests NoIPLimit image/*
MaxConnPerIP 1 # In this case, all MIME types other than audio/mpeg and video* # are exempt from the limit check OnlyIPLimit audio/mpeg video
|
三、虚拟主机配置
1、配置apache
(1)、设置虚拟主机,修改apache配置文件
添加apache用户和组
useradd -g apache apache groupadd apache |
修改apache配置文件的如下内容,如果没有就添加上,有就修改:
User apache #使WEB服务器为apache用户 Group apache #使WEB服务器为apache用户 ServerAdmin #修改成系统维护负责人 DocumentRoot "/var/www" DirectoryIndex index.html index.php index.jsp #添加.php和.jsp
ErrorLog /var/log/apache/error_log #错误日志的存放位置, CustomLog /var/log/apache/access_log common #自定义日志的存放位置 ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" |
(2)虚拟主机的配置部分如下:
ServerAdmin webmaster@foredu.org DocumentRoot /var/www/hostname.your.domain.com ServerName hostname.your.domain.com ErrorLog /var/log/apache/vhost/hostname.your.domain.com/error_log CustomLog /var/log/apache/vhost/hostname.your.domain.com/access_log common |
(3)、测试虚拟主机静态页面和PHP页面
a、在hostname.your.domain.com下建立一个test.html文件,内容如下:
虚拟主机静态页面测试
b、在hostname.your.domain.com下建立一个test.php文件,内容如下:
$currtime = time();
$fmttime = strftime("%H:%M:%S",$currtime);
echo "当前时间是:".$fmttime;
phpinfo();
?>
(4)、启动apache服务器
在客户机上访问上面2个页面看是否正常。
2、设置resin配置
(1)、修改配置文件,添加虚拟主机目录
例如:
(2)、测试resin配置,在hostname.your.domain.com下建立一个test.jsp文件,内容如下:
<%
out.print("JSP虚拟主机配置成功!");
%>
update-rc.d resin defaults
修改/etc/init.d/resin的resin路径,确保正确/usr/local/resin
3、配置Mysql
(1)、复制/usr/local/my-large.cnf 到/etc/my.cnf
cp /usr/local/mysql/support-files/my-large.cnf /etc/my.cnf |
(2)、修改配置文件中的Mysql帐号和密码
#mysql mysql> set password for 'root'@'localhost'=password('123654'); Query OK, 0 rows affected (0.12 sec) |
(3)、建立建库脚本
建立vhost.sql文件,里面添加如下内容;
#cat vhost.sql
--创建FTP用户数据库;
CREATE DATABASE FTP;
--当前使用FTP库
USE FTP;
--创建表格,用于存储FTP帐号信息;
CREATE TABLE ftpusers (
userid TEXT NOT NULL,
passwd TEXT NOT NULL,
uid INT NOT NULL,
gid INT NOT NULL,
home TEXT,
shell TEXT
);
--
--创建FTP帐号属主表;
CREATE TABLE ftpgrps (
grpname TEXT NOT NULL,
gid SMALLINT NOT NULL,
members TEXT NOT NULL
);
--配额信息表;
CREATE TABLE quotalimits (
name VARCHAR(30),
quota_type ENUM("user", "group", "class", "all") NOT NULL,
per_session ENUM("false", "true") NOT NULL,
limit_type ENUM("soft", "hard") NOT NULL,
bytes_in_avail FLOAT NOT NULL,
bytes_out_avail FLOAT NOT NULL,
bytes_xfer_avail FLOAT NOT NULL,
files_in_avail INT UNSIGNED NOT NULL,
files_out_avail INT UNSIGNED NOT NULL,
files_xfer_avail INT UNSIGNED NOT NULL
);
--创建好这个表格后,不用输入数据,将由程序自动添加;
CREATE TABLE quotatallies (
name VARCHAR(30) NOT NULL,
quota_type ENUM("user", "group", "class", "all") NOT NULL,
bytes_in_used FLOAT NOT NULL,
bytes_out_used FLOAT NOT NULL,
bytes_xfer_used FLOAT NOT NULL,
files_in_used INT UNSIGNED NOT NULL,
files_out_used INT UNSIGNED NOT NULL,
files_xfer_used INT UNSIGNED NOT NULL
);
--建表语句结束;
(4)、创建需要的数据表和添加内容
#mysql -u root –p mysql> source vhost.sql Query OK, 1 row affected (0.02 sec) Database changed Query OK, 0 rows affected (0.02 sec) Query OK, 0 rows affected (0.02 sec) Query OK, 0 rows affected (0.06 sec) Query OK, 0 rows affected (0.02 sec) |
(4)、创建需要的数据表和添加内容
--使用FTP数据库; USE FTP; --添加虚拟主机用户; INSERT INTO FTPUSERS (userid, passwd, uid, gid, home, shell) VALUES ('域名', '密码', '1002', '1002', '/var/www/域名', '' ); --注意:用户、密码是添加的虚拟主机的用户和密码,另外还要指定虚拟主机的跟目录 --添加虚拟主机用户空间的限制 INSERT INTO quotalimits ( name , quota_type , per_session , limit_type , bytes_in_avail , bytes_out_avail , bytes_xfer_avail , files_in_avail , files_out_avail , files_xfer_avail ) VALUES ('域名', 'user', 'false', 'soft', '空间大小限制', '0', '2048000', '0', '0', '0'); --注意:磁盘空间是以bit为单位的,1MB=1024*1024 |
(4)、修改mysql数据库users表user字段长度为32
(3)、复制mysql-log-rotate到/etc/logrotate.d下
cp /usr/local/mysql/support-files/mysql-log-rotate /etc/logrotate.d |
(3)、修改vi mysql-log-rotate
i. 修改{之前的路径为/var/log/mysql/mysqld.log
[safe_mysqld]
err-log=/var/log/mysql/mysqld.log
4、配置proftpd服务
(1)、建立proftpd帐号和LOG、PID文件目录
groupadd proftpd useradd -g proftpd -s /bin/fales proftpd id proftpd |
mkdir -p /var/run/proftpd chown -R proftpd.proftpd /var/run/proftpd mkdir -p /var/log/proftd chown -R proftpd.proftpd /var/log/proftd |
(2)、配置,在配置文件中删除匿名用户登录的配置
ServerName "ProFTPD Default Installation"
ServerType standalone
DefaultServer on
Port 21
Umask 022
MaxInstances 100
MaxClients 100
UseReverseDNS off #关闭DNS反向查询,节省连接时间
IdentLookups off
AllowStoreRestart on #允许断点续上传
AllowRetrieveRestart on #允许断点续下载
MaxLoginAttempts 10 #允许登录重试次数
PassivePorts 50000 65534 #指定数据端口的范围
DefaultRoot ~ #限制在用户的主目录中
RequireValidShell off #是否必须有效的shell,/etc/shell
AllowOverwrite on
PidFile /var/run/proftpd/proftpd.pid #指定pid文件位置
SystemLog /var/log/proftpd/ftp.syslog #系统日志
TransferLog /var/log/proftpd/ftp.transferlog #传输日志
User proftpd
Group proftpd
# Bar use of SITE CHMOD by default
DenyAll
QuotaDirectoryTally on #
QuotaDisplayUnits Kb #配额显示单位
QuotaEngine on #是否起用配额
QuotaLog /var/log/proftpd/Quota.log #配额日志
QuotaShowQuotas on
SQLAuthTypes Backend Plaintext
SQLConnectInfo FTP@localhost:3306 root 123654 #连接数据库需要的信息,数据库名@地址:端口 用户名 密码
SQLUserInfo FTPUSERS userid passwd uid gid home shell #用户信息表的字段
SQLGroupInfo FTPGRPS groupname gid members #用户组信息表的字段
#SQLAuthenticate users groups usersetfast groupsetfast
SQLAuthenticate users #认证类型
SQLHomedirOnDemand on #如果启用,数据库中存在的用户登录后自动创建不存在的主目录
SQLGroupInfo FTPGRPS groupname gid members
#SQLAuthenticate users groups usersetfast groupsetfast
SQLAuthenticate users
SQLHomedirOnDemand on
SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
添加自动启动文件(见附录)
1、./init.d/resin
2、./init.d/apache
3、./init.d/proftpd
4、./init.d/mysql
主配置文件位置
服务 |
主目录 |
配置文件 |
日志 |
resin |
/usr/local/resin |
/usr/local/resin/etc/conf/resin.conf |
./log 和./logs |
apache |
usr/local/apache |
usr/local/apache/conf/httpd.conf |
/var/log/apache |
proftpd |
/usr/local/proftpd |
./etc/proftpd.conf |
/var/log/proftpd/ |
mysql |
/usr/local/mysql |
/etc/my.cnf |
/var/log/mysql |