앞으로는 Ubuntu 8.04 LTS를 쓰기로 했다. Debian 4 안녕~
기본 설정 과정을 간단하게 복사해두자.유틸리티
- echo "alias ll='ls -l'" >> ~/.bash_aliases
- vi ~/.bashrc
.bashrc에서 .bash_aliases 로딩하는 문장의 코멘트 제거
사용자 추가
- adduser yourloginname
- visudo
yourloginname ALL=(ALL) ALL
라고 입력
ssh 로그인 포트 수정
- vi /etc/ssh/sshd_config
Port 22 를 Port 24 로 수정
(사실 내키는 번호로 수정)
iptables 방화벽 설치
- vi /etc/iptables.up.rules
해서 아래 내용 입력
[code]
*filter
# Allows all loopback (lo0) traffic
# and drop all traffic to 127/8 that doesn't use lo0
-A INPUT -i lo -j ACCEPT
-A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
# Accepts all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allows all outbound traffic
# You can modify this to only allow certain traffic
-A OUTPUT -j ACCEPT
# Allows HTTP and HTTPS connections from anywhere
# (the normal ports for websites)
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
-A INPUT -p tcp --dport 3000 -j ACCEPT
-A INPUT -p tcp --dport 3001 -j ACCEPT
-A INPUT -p tcp --dport 3002 -j ACCEPT
-A INPUT -p tcp --dport 3003 -j ACCEPT
# Allows SSH connections
# THE -dport 앞에서 SSH에 Port 에 적은 번호를 여기 적는다.
# 나는 24로 했다.
-A INPUT -p tcp -m state --state NEW --dport 24 -j ACCEPT
# Allow ping
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
# log iptables denied calls
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
# Reject all other inbound - default deny
# unless explicitly allowed policy
-A INPUT -j REJECT
-A FORWARD -j REJECT
COMMIT
[/code]
- vi /etc/network/interfaces
[code]
...
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.up.rules
...
[/code]
그리고,
- /etc/init.d/ssh reload
ssh 다시 접속해봐. (이번에는 yourloginname 으로..)
우분투 패키지 소스
- sudo vi /etc/apt/sources.list
deb http://archive.ubuntu.com/ubuntu/ hardy main restricted universe
deb-src http://archive.ubuntu.com/ubuntu/ hardy main restricted universe
deb http://archive.ubuntu.com/ubuntu/ hardy-updates main restricted universe
deb-src http://archive.ubuntu.com/ubuntu/ hardy-updates main restricted universe
deb http://security.ubuntu.com/ubuntu hardy-security main restricted universe
deb-src http://security.ubuntu.com/ubuntu hardy-security main restricted universe[/code]
서버 이름
- sudo vi /etc/hosts # 127.0.1.1 hostname.domain.co.kr
- sudo vi /etc/hostname # hostname.domain.co.kr
- sudo /bin/hostname -F /etc/hostname
패키지들
- sudo aptitude update
- sudo locale-gen en_GB.UTF-8
- sudo locale-gen ko_KR.UTF-8
- sudo /usr/sbin/update-locale LANG=en_GB.UTF-8 (이건.. 안해도..)
- sudo aptitude safe-upgrade
- sudo aptitude full-upgrade
- sudo aptitude install build-essential
- sudo dpkg-reconfigure tzdata # Asia/Seoul로 만든다.
- sudo apt-get install ntpdate
- sudo ntpdate ntp.ubuntu.com # Update time
- sudo apt-get install git-core
- sudo apt-get install subversion
MYSQL
- sudo apt-get install mysql-server mysql-client libmysqlclient15-dev
- sudo vi /root/.gemrc
---nginx
[code]
:sources:
- http://gems.rubyforge.org
- http://gems.github.com
gem: --no-ri --no-rdoc
[/code]
루비 엔터프라이즈, nginx, passenger
[code]
sudo apt-get install zlib1g-dev libssl-dev libreadline5-dev
# http://www.rubyenterpriseedition.com/download.html#ubuntu 최신버전 확인
wget http://rubyforge.org/frs/download.php/57098/ruby-enterprise_1.8.6-20090520_i386.deb
sudo dpkg -i ruby-enterprise_1.8.6-20090520_i386.deb
sudo echo "PATH=/opt/ruby-enterprise/bin:$PATH" >> /etc/environment
su -
export PATH=/opt/ruby-enterprise/bin:$PATH
ruby -v
/opt/ruby-enterprise/bin/passenger-install-nginx-module # 1 선택, 한번더
/opt/ruby-enterprise/bin/passenger-install-nginx-module # 2를 선택.
/tmp/nginx-0.6.36 # 디렉토리 물으면 입력, prefix 는 그대로, extra는
--with-http_stub_status_module --with-http_ssl_module --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
vi /etc/init.d/nginx
[/code]
[code]
# Copyright (c) 2009 Jason Giedymin, http://AcronymLabs.com
#
# Permission is hereby granted, free of charge,
# to any person obtaining
# a copy of this software and .....
#---------------------------------------
. /lib/lsb/init-functions
#--------------------------------------
# Consts
#--------------------------------------
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/opt/nginx/sbin/nginx
PS="nginx"
PIDNAME="nginx" #Lets you do $PS-Master or $PS-Slave
PIDFILE=$PIDNAME.pid #pid file
PIDSPATH=/opt/nginx/logs
DESCRIPTION="Nginx Server..."
RUNAS=root #user to run as
SCRIPT_OK=0 #ala error codes
SCRIPT_ERROR=1 #ala error codes
TRUE=1 #boolean
FALSE=0 #boolean
lockfile=/var/lock/subsys/nginx
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
#-----------------------
# Simple Tests
#-----------------------
#test if nginx is a file and executable
test -x $DAEMON || exit 0
# Include nginx defaults if available
if [ -f /etc/default/nginx ] ; then
. /etc/default/nginx
fi
#set exit condition
#set -e
#-----------------------
# Functions
#-----------------------
setFilePerms(){
if [ -f $PIDSPATH/$PIDFILE ]; then
chmod -f 400 $PIDSPATH/$PIDFILE
fi
}
configtest() {
$DAEMON -t -c $NGINX_CONF_FILE
}
getPSCount() {
return `pgrep -f $PS | wc -l`
}
isRunning(){
pidof_daemon
PID=$?
if [ $PID -gt 0 ]; then
return 1
else
return 0
fi
}
status(){
isRunning
isAlive=$?
if [ "${isAlive}" -eq $TRUE ]; then
echo "$PIDNAME found running with processes: `pidof $PS`"
else
echo "$PIDNAME is NOT running."
fi
}
removePIDFile(){
if [ -f $PIDSPATH/PIDFILE ]; then
rm -f $PIDSPATH/$PIDFILE
fi
}
start() {
log_daemon_msg "Starting $DESCRIPTION"
isRunning
isAlive=$?
if [ "${isAlive}" -eq $TRUE ]; then
log_end_msg $SCRIPT_ERROR
else
start-stop-daemon --start --quiet --chuid $RUNAS --pidfile $PIDSPATH/$PIDFILE --exec $DAEMON
setFilePerms
log_end_msg $SCRIPT_OK
fi
}
stop() {
log_daemon_msg "Stopping $DESCRIPTION"
isRunning
isAlive=$?
if [ "${isAlive}" -eq $TRUE ]; then
start-stop-daemon --stop --quiet --pidfile $PIDSPATH/$PIDFILE
removePIDFile
log_end_msg $SCRIPT_OK
else
log_end_msg $SCRIPT_ERROR
fi
}
reload() {
configtest || return $?
log_daemon_msg "Reloading (via HUP) $DESCRIPTION"
isRunning
if [ $? -eq $TRUE ]; then
`killall -HUP $PS` #to be safe
log_end_msg $SCRIPT_OK
else
log_end_msg $SCRIPT_ERROR
fi
}
terminate() {
log_daemon_msg "Force terminating (via KILL) $DESCRIPTION"
PIDS=`pidof $PS` || true
[ -e $PIDSPATH/$PIDFILE ] && PIDS2=`cat $PIDSPATH/$PIDFILE`
for i in $PIDS; do
if [ "$i" = "$PIDS2" ]; then
kill $i
removePIDFile
fi
done
log_end_msg $SCRIPT_OK
}
pidof_daemon() {
PIDS=`pidof $PS` || true
[ -e $PIDSPATH/$PIDFILE ] && PIDS2=`cat $PIDSPATH/$PIDFILE`
for i in $PIDS; do
if [ "$i" = "$PIDS2" ]; then
return 1
fi
done
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart|force-reload)
stop
start
;;
reload)
$1
;;
status)
status
;;
configtest)
$1
;;
terminate)
$1
;;
*)
FULLPATH=/etc/init.d/$PIDNAME
echo "Usage: $FULLPATH {start|stop|restart|force-reload|status|configtest|terminate}"
exit 1
;;
esac
exit 0
[/code]
- chown root:root /etc/init.d/nginx
- chmod +x /etc/init.d/nginx
- vim /etc/nginx/nginx.conf
[code]
server {
listen 80;
# server_name www.mycook.com;
root /home/deploy/testapp/public;
passenger_enabled on;
}
[/code]
/etc/init.d/nginx start
루비 패키지
- sudo /etc/init.d/nginx restart
참고
http://articles.slicehost.com/ubuntu-hardyhttp://github.com/jnstq/rails-nginx-passenger-ubuntu/tree/master
