Shigar da LAMP (Linux, Apache, MySQL/MariaDB, da PHP/PhpMyAdmin) a cikin Arch Linux
Arch Linux yana ba da yanayin tsarin yanke shekaru masu sassauƙa kuma shine mafi kyawun mafita mafi dacewa don haɓaka aikace-aikacen yanar gizo akan ƙananan tsarin da ba su da mahimmanci saboda gaskiyar ita ce cikakkiyar Tushen Buɗewa kuma tana ba da sakin ƙarshe na ƙarshe akan Kernels da software na yanar gizo don sabobin da databases.
Wannan babban fage na wannan koyawa shine don jagorantar ku ta hanyar cikakken umarnin mataki-mataki wanda a ƙarshe zai haifar da shigar da ɗayan haɗin software da aka fi amfani dashi a Ci gaban Yanar Gizo: LAMP (Linux, Apache, MySQL/MariaDB, da kuma PHP/PhpMyAdmin) kuma zai gabatar muku da wasu kyawawan siffofi (sauri da ƙazanta rubutun Bash) waɗanda ba su kasance a cikin tsarin Arch Linux ba, amma na iya sauƙaƙe aikin akan ƙirƙirar Masu Runduna masu yawa , samar da Takaddun shaida na SSL da Maɓallai da ake buƙata don amintattun HTTS ma'amala.
- Tsarin shigarwa na Arch Linux na baya - tsallake sashin ƙarshe tare da DHCP.
- Shigar da LEMP da ta gabata akan Arch Linux - kawai ɓangaren tare da daidaita Adireshin IP na tsaye da nesa hanyar SSH.
Mataki 1: Shigar Basic Software LAMP
1. Bayan ƙaramin tsarin shigarwa tare da adireshin IP na tsaye da samun damar tsarin nesa ta amfani da SSH, haɓaka akwatin Arch Linux ɗinku ta amfani da pacman mai amfani.
$ sudo pacman -Syu
2. Lokacin da aikin haɓakawa ya ƙare sai a saka LAMP daga guntu, fara shigar da Apache Web Server sannan a fara/tabbatar da kowace uwar garken sarrafa daemon.
$ sudo pacman -S apache $ sudo systemctl start httpd $ sudo systemctl status httpd
3. Shigar PHP Harshen rubutun ra'ayi mai ƙarfi da sabar Apache.
$ sudo pacman -S php php-apache
4. A mataki na karshe ka shigar da MySQL database, zabi 1 (MariaDB) cokali mai yatsa bayanan jama'a sannan ka fara da duba halin daemon.
$ sudo pacman -S mysql $ sudo systemctl start mysqld $ sudo systemctl status mysqld
Yanzu kuna da asali na Lamp software an girka kuma an fara tare da tsararru na asali zuwa yanzu.
Mataki 2: Amintaccen Database MySQL
5. Mataki na gaba shine kiyaye bayanan MySQL ta hanyar saita kalmar sirri don tushen asusun, cire asusun masu amfani da ba a san su ba, cire bayanan gwajin da kuma hana shiga nesa don tushen mai amfani ( danna [Enter >] maɓalli don tushen asusun kalmar sirri na yanzu kuma amsa tare da E akan duk tambayoyin tsaro).
$ sudo mysql_secure_installation
6. Tabbatar da haɗin yanar gizo na MySQL ta hanyar aiwatar da umarni mai zuwa sannan ku bar harsashin bayanai tare da quit ko fita sanarwa.
$ mysql -u root -p
Mataki 3: Gyara Babban fayil ɗin Kanfigareshan Apache
7. Wadannan saitunan yawanci suna da alaƙa da Sabis na Yanar Gizo na Apache don samar da ingantacciyar hanyar sadarwa don Virtual Hosting tare da harshen rubutun PHP, SSL ko waɗanda ba SSL Virtual Hosts kuma suna iya. yi ta hanyar gyara saitunan fayil ɗin sabis na httpd.
Farko buɗe babban saitin fayil ɗin Apache tare da editan rubutu da kuka fi so.
$ sudo nano /etc/httpd/conf/httpd.conf
A ƙasan fayil ɗin, haɗa waɗannan layi biyu masu zuwa.
IncludeOptional conf/sites-enabled/*.conf IncludeOptional conf/mods-enabled/*.conf
Matsayin Hada kalamai anan shine a gaya wa Apache cewa daga yanzu, yakamata ta karanta ƙarin jeri daga duk fayilolin da ke zaune a /etc/httpd/conf/sites-enabled/ (don Virtual Hosting) da /etc/httpd/conf/mods-enabled/ (don sabar da aka kunna modules) hanyoyin tsarin da ke ƙarewa a .conf kari.
8. Bayan an ba da umarnin Apache tare da wannan umarni guda biyu, ƙirƙirar kundayen adireshi masu dacewa waɗanda ke ba da umarni masu zuwa.
$ sudo mkdir /etc/httpd/conf/sites-available $ sudo mkdir /etc/httpd/conf/sites-enabled $ sudo mkdir /etc/httpd/conf/mods-enabled
Hanyar akwai tana riƙe da duk fayilolin saitunan Mai watsa shiri na Virtual waɗanda ba a kunna su akan Apache amma rubutun Bash na gaba zai yi amfani da wannan jagorar don haɗawa da kunna gidajen yanar gizon da ke wurin.
Mataki 4: Ƙirƙiri a2eniste da a2diste Dokokin Apache
9. Yanzu lokaci ya yi da za a ƙirƙira a2ensite da a2dissite Rubutun Apache waɗanda za su yi aiki azaman umarni don kunna ko musaki fayil ɗin daidaitawar Mai watsa shiri na Virtual. Buga umarnin cd don komawa zuwa hanyar mai amfani da $HOME kuma ƙirƙirar bash a2eniste da a2dissite rubutun ta amfani da rubutun ku editan da aka fi so.
$ sudo nano a2ensite
Ƙara abun ciki mai zuwa akan wannan fayil ɗin.
#!/bin/bash
if test -d /etc/httpd/conf/sites-available && test -d /etc/httpd/conf/sites-enabled ; then
echo "-------------------------------"
else
mkdir /etc/httpd/conf/sites-available
mkdir /etc/httpd/conf/sites-enabled
fi
avail=/etc/httpd/conf/sites-available/$1.conf
enabled=/etc/httpd/conf/sites-enabled
site=`ls /etc/httpd/conf/sites-available/`
if [ "$#" != "1" ]; then
echo "Use script: n2ensite virtual_site"
echo -e "\nAvailable virtual hosts:\n$site"
exit 0
else
if test -e $avail; then
sudo ln -s $avail $enabled
else
echo -e "$avail virtual host does not exist! Please create one!\n$site"
exit 0
fi
if test -e $enabled/$1.conf; then
echo "Success!! Now restart Apache server: sudo systemctl restart httpd"
else
echo -e "Virtual host $avail does not exist!\nPlease see avail virtual hosts:\n$site"
exit 0
fi
fi
Yanzu ƙirƙirar fayil ɗin rubutun bash a2dissite.
$ sudo nano a2dissite
Saka abun ciki mai zuwa.
#!/bin/bash
avail=/etc/httpd/conf/sites-enabled/$1.conf
enabled=/etc/httpd/conf/sites-enabled
site=`ls /etc/httpd/conf/sites-enabled`
if [ "$#" != "1" ]; then
echo "Use script: n2dissite virtual_site"
echo -e "\nAvailable virtual hosts: \n$site"
exit 0
else
if test -e $avail; then
sudo rm $avail
else
echo -e "$avail virtual host does not exist! Exiting"
exit 0
fi
if test -e $enabled/$1.conf; then
echo "Error!! Could not remove $avail virtual host!"
else
echo -e "Success! $avail has been removed!\nsudo systemctl restart httpd"
exit 0
fi
fi
10. Bayan an ƙirƙiro fayilolin a ware izini don aiwatar da su kuma a kwafi su zuwa PATH directory mai aiwatarwa don sa tsarin su faɗo.
$ sudo chmod +x a2ensite a2dissite $ sudo cp a2ensite a2dissite /usr/local/bin/
Mataki 5: Ƙirƙiri Mai Runduna Mai Kyau a Apache
11. Virtual Host tsoho fayil ɗin sanyi don uwar garken gidan yanar gizo na Apache akan Arch Linux an samar da shi ta httpd-vhosts.conf fayil dake cikin /etc/httpd/conf/extra/ hanya amma idan kana da tsarin da ke amfani da Mai Runduna mai yawa na iya zama da wahala sosai don kiyaye abin da aka kunna gidan yanar gizon ko a'a kuma. Idan kuna son kashe gidan yanar gizon dole ne ku yi sharhi ko share duk umarninsa kuma hakan na iya zama aiki mai wahala idan tsarin yana samar da gidajen yanar gizo da yawa kuma gidan yanar gizon ku yana da ƙarin umarnin daidaitawa.
Yin amfani da shafukan-samuwa da shafukan-kunna hanyoyi, yana sauƙaƙa aikin kunna ko kashe gidajen yanar gizo da kuma adanawa. duk fayilolin sanyi na gidan yanar gizon ku ko da yake an kunna su ko a'a.
A mataki na gaba za mu gina Mai watsa shiri na farko wanda ke nuna tsohowar localhost tare da tsohuwar hanyar DocumentRoot don hidimar fayilolin gidajen yanar gizo (/srv/http.
$ sudo nano /etc/httpd/conf/sites-available/localhost.conf
Ƙara umarnin Apache masu zuwa nan.
<VirtualHost *:80>
DocumentRoot "/srv/http"
ServerName localhost
ServerAdmin [email
ErrorLog "/var/log/httpd/localhost-error_log"
TransferLog "/var/log/httpd/localhost-access_log"
<Directory />
Options +Indexes +FollowSymLinks +ExecCGI
AllowOverride All
Order deny,allow
Allow from all
Require all granted
</Directory>
</VirtualHost>
Mahimman bayanai anan sune umarnin Port da ServerName umarni waɗanda ke ba da umarnin Apache don buɗe haɗin yanar gizo akan tashar jiragen ruwa 80 kuma a tura duk tambayoyin tare da sunan localhost zuwa. aika fayilolin da ke cikin hanyar /srv/http/.
12. Bayan an ƙirƙiri fayil ɗin localhost, kunna shi sannan sake kunna httpd daemon don duba canje-canje.
$ sudo a2ensite localhost $ sudo systemctl restart httpd
13. Daga nan sai ka nuna browser dinka zuwa http://localhost, idan kana gudanar da shi daga tsarin Arch ko http://Arch_IP idan kana amfani da remote.
Mataki 6: Kunna SSL tare da Virtual Hosting akan LAMP
SSL (Secure Sockets Layer) wata yarjejeniya ce da aka ƙera don ɓoye haɗin HTTP akan cibiyoyin sadarwa ko Intanet, wanda ke sa ana watsa bayanai akan tashoshi mai tsaro ta amfani da maɓallan simmetric/ asymmetric cryptography keys. kuma an samar dashi a cikin Arch Linux ta kunshin OpenSSL.
14. Ta hanyar tsoho samfurin SSL ba a kunna Apache a cikin Arch Linux ba kuma ana iya kunna shi ta hanyar uncommenting mod_ssl.so module daga babban fayil ɗin sanyi na httpd.conf da Hada httpd-ssl.conf fayil yana cikin ƙarin hanyar httpd.
Amma don sauƙaƙe abubuwa za mu ƙirƙiri sabon fayil ɗin samfuri don SSL a cikin mods-enabled hanya kuma mu bar babban fayil ɗin sanyi na Apache ba a taɓa shi ba. Ƙirƙiri fayil ɗin mai zuwa don tsarin SSL kuma ƙara abun ciki na ƙasa.
$ sudo nano /etc/httpd/conf/mods-enabled/ssl.conf
Saka abun ciki mai zuwa.
LoadModule ssl_module modules/mod_ssl.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so Listen 443 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLPassPhraseDialog builtin SSLSessionCache "shmcb:/run/httpd/ssl_scache(512000)" SSLSessionCacheTimeout 300
15. Yanzu ƙirƙirar fayil ɗin Mai watsa shiri na Virtual wanda ke nuna sunan localhost iri ɗaya amma ta amfani da saitunan uwar garken SSL wannan lokacin, kuma ɗan canza sunansa don tunatar da ku cewa yana tsaye ga localhost tare da SSL.
$ sudo nano /etc/httpd/conf/sites-available/localhost-ssl.conf
Ƙara abun ciki mai zuwa akan wannan fayil ɗin.
<VirtualHost *:443>
DocumentRoot "/srv/http"
ServerName localhost
ServerAdmin [email
ErrorLog "/var/log/httpd/localhost-ssl-error_log"
TransferLog "/var/log/httpd/localhost-ssl-access_log"
SSLEngine on
SSLCertificateFile "/etc/httpd/conf/ssl/localhost.crt"
SSLCertificateKeyFile "/etc/httpd/conf/ssl/localhost.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/srv/http/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/var/log/httpd/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<Directory />
Options +Indexes +FollowSymLinks +ExecCGI
AllowOverride All
Order deny,allow
Allow from all
Require all granted
</Directory>
</VirtualHost>
Bayan umarnin Port da ServerName, wasu mahimman umarni anan sune waɗanda ke nuni zuwa fayil ɗin SSL Certificate da fayil na SSL Key wanda Har yanzu ba a ƙirƙira su ba don haka kar a sake kunna Sabar Yanar Gizo ta Apache ko za ku sami wasu kurakurai.
16. Don ƙirƙirar fayil ɗin Certificate SSL da ake buƙata da Maɓallan shigar da fakitin OpenSSL yana ba da umarnin da ke ƙasa.
$ sudo pacman -S openssl
17. Sannan ka kirkiri rubutun Bash mai zuwa wanda zai kirkira da adana duk takardun shaidarka na Apache da Maɓallai a cikin /etc/httpd/conf kai tsaye. /ssl/hanyar tsarin.
$ sudo nano apache_gen_ssl
Ƙara abun ciki na fayil mai zuwa sannan ka adana shi kuma sanya shi mai aiwatarwa.
#!/bin/bash mkdir /etc/httpd/conf/ssl cd /etc/httpd/conf/ssl echo -e "Enter your virtual host FQDN: \nThis will generate the default name for Nginx SSL certificate!" read cert openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out $cert.key chmod 600 $cert.key openssl req -new -key $cert.key -out $cert.csr openssl x509 -req -days 365 -in $cert.csr -signkey $cert.key -out $cert.crt echo -e " The certificate "$cert" has been generated!\nPlease link it to Apache SSL available website!" ls -all /etc/httpd/conf/ssl exit 0
$ sudo chmod +x apache_gen_ssl
Idan kuna son rubutun ya kasance cikin tsarin kwafi shi zuwa PATH mai iya aiwatarwa.
$ sudo cp /apache_gen_ssl /usr/local/bin/
18. Yanzu samar da Certificate da Maɓallai ta hanyar gudanar da rubutun. Samar da zaɓuɓɓukan SSL ɗinku kuma kar ku manta sunan takardar shedar da Sunan gama-gari don dacewa da yankin ku na hukuma (FQDN).
$ sudo ./apache_gen_ssl
Bayan an ƙirƙiri takaddun shaida da maɓallai kar a manta da canza shedar SSL Virtual Mai watsa shiri da saitunan maɓalli don dacewa da sunan wannan takardar shaidar.
19. Mataki na ƙarshe shine kunna sabon SSL Virtual Host kuma sake kunna sabar ku don amfani da saiti.
$ sudo a2ensite localhost-ssl $ sudo systemctl restart httpd
Shi ke nan! Don tabbatar da buɗe mai bincike kuma ƙara Arch IP akan URL ta amfani da ka'idar HTTPS: https://localhost ko https://system_IP.
Mataki 7: Kunna PHP akan Apache
20. Ta hanyar tsoho Apache kawai yana hidimar abun ciki na fayilolin tsaye na HTML a cikin Arch Linux ba tare da goyan bayan harsunan rubutu masu ƙarfi ba. Don kunna PHP da farko buɗe babban fayil ɗin sanyi na Apache sannan bincika kuma ba da amsa ga bayanin LoadModule mai zuwa (php-apache baya aiki tare da mod_mpm_event a cikin Arch Linux. ).
$ sudo nano /etc/httpd/conf/httpd.conf
Yin amfani da [Ctrl]+[w] bincika kuma yi sharhi akan layi na gaba don kama da wannan.
#LoadModule mpm_event_module modules/mod_mpm_event.so
21. Sannan ƙirƙirar sabon fayil don tsarin PHP a cikin hanyar mods-enabled tare da abun ciki mai zuwa.
$ sudo nano /etc/httpd/conf/mods-enabled/php.conf
Ƙara ainihin abun ciki mai zuwa (dole ne ku yi amfani da mod_mpm_prefork).
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so LoadModule php5_module modules/libphp5.so Include conf/extra/php5_module.conf
22. Don tabbatar da saitin ƙirƙira PHP fayil mai suna info.php a cikin DocumnetRoot (/srv/http/), sannan sai a sake kunna Apache sannan ka nuna mashin dinka zuwa info .php fayil: https://localhost/info.php.
<?php phpinfo(); ?>
$ sudo systemctl restart httpd
Shi ke nan! Idan komai yayi kama da hoton da ke sama, yanzu kuna da harshen rubutu mai ƙarfi na uwar garken uwar garken akan Apache kuma yanzu kuna iya haɓaka gidajen yanar gizo ta amfani da Buɗewar CMS kamar WordPressmisali.
Idan kuna son tabbatar da saitunan haɗin gwiwar Apache kuma duba jerin abubuwan da aka ɗora ba tare da sake farawa httpd daemon ba ku aiwatar da umarni masu zuwa.
$ sudo apachectl configtest $ sudo apachectl -M
Mataki 8: Shigar da Sanya PhpMyAdmin
23. Idan ba ku ƙware layin umarni na MySQL ba kuma kuna son samun sauƙi mai nisa zuwa bayanan MySQL da aka bayar ta hanyar haɗin yanar gizo to kuna buƙatar kunshin PhpMyAdmin wanda aka sanya akan akwatin Arch.
$ sudo pacman -S phpmyadmin php-mcrypt
24. Bayan an shigar da fakitin kuna buƙatar kunna wasu kari na PHP (mysqli.so, mcrypt.so - don tantancewar ciki) kuma kuna iya, kuma, kunna wasu. kayayyaki don buƙatu don dandamali na CMS na gaba kamar openssl.so, imap.so ko iconv.so da sauransu.
$ sudo nano /etc/php/php.ini
Gano wuri kuma ba da amsa kari na sama.
extension=mcrypt.so extension=mssql.so extension=mysqli.so extension=openssl.so extension=iconv.so extension=imap.so extension=zip.so extension=bz2.so
Hakanan, akan fayil iri ɗaya, bincika kuma gano wuri open_basedir bayanin kuma ƙara tsarin tsarin PhpMyAdmin (/etc/webapps/ da /usr/share/webapps/ >) don tabbatar da cewa PHP na iya samun dama da karanta fayiloli a ƙarƙashin waɗannan kundayen adireshi (Idan kai, kuma, canza hanyar Virtual Hosts DocumentRoot daga /srv/http//b> zuwa wani wuri kana buƙatar ƙara sabon hanyar anan ma. ).
25. Abu na ƙarshe da kuke buƙatar yi don samun damar shiga yanar gizo na PhpMyAdmin shine ƙara bayanan PhpMyAdmin Apache akan Virtual Hosts. A matsayin ma'aunin tsaro zai tabbatar da cewa PhpMyAdmin Yanar Gizon Yanar Gizo za a iya samun dama daga localhost (ko adireshin IP na tsarin) ta amfani da ka'idar HTTPS kuma ba daga wasu Rukunin Rukunin Rubutu daban-daban ba. Don haka, buɗe fayil ɗin ku na localhost-ssl.conf kuma a ƙasa, kafin bayanin na ƙarshe ƙara abun ciki mai zuwa.
$ sudo nano /etc/httpd/conf/sites-enabled/localhost-ssl.conf
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"
<Directory "/usr/share/webapps/phpMyAdmin">
DirectoryIndex index.html index.php
AllowOverride All
Options FollowSymlinks
Require all granted
</Directory>
26. Bayan haka sake kunna Apache daemon kuma ku nuna mashigar yanar gizon ku zuwa adireshin da ke gaba kuma ya kamata ku sami damar shiga Intanet ɗin yanar gizonku na PhpMyAdmin: https://localhost/phpmyadmin ko https://system_IP/ phpmyadmin.
27. Idan, bayan ka shiga PhpMyAdmin, ka ga kuskuren ƙasa game da asirin_blowfish, buɗe kuma gyara /etc/webapps/phpmyadmin/config.inc.php fayil kuma saka kirtani bazuwar kamar wacce ke cikin bayanin da ke biyowa, sannan a sabunta shafi.
$cfg['blowfish_secret'] = ‘{^QP+-(3mlHy+Gd~FE3mN{gIATs^1lX+T=KVYv{ubK*U0V’ ;
Mataki na 9: Kunna Tsarin Tsarin LAMP
28. Idan kana son a fara tarar LAMP ta atomatik bayan sake kunna tsarin sai a yi umarni masu zuwa.
$ sudo systemctl enable httpd mysqld
Wannan wasu daga cikin manyan saitunan daidaitawa akan LAMP da ake buƙata don canza tsarin Arch Linux zuwa tsari mai sauƙi amma mai ƙarfi, sauri kuma mai ƙarfi tare da software na uwar garken zamani don ƙananan marasa ƙarfi. -m yanayi mai mahimmanci, amma idan kun kasance masu taurin kai kuma har yanzu kuna son yin amfani da shi a cikin babban yanayin samarwa ya kamata ku ɗora wa kanku haƙuri da yawa kuma ku ba da ƙarin hankali kan abubuwan fakiti kuma ku sanya hotuna na tsarin yau da kullun don sake dawo da tsarin sauri idan akwai. gazawar tsarin.