그루비 groovy

앞으로는 Ubuntu 8.04 LTS를 쓰기로 했다. Debian 4 안녕~

유틸리티

• echo "alias ll='ls -l'" >> ~/.bash_aliases
• vi ~/.bashrc

.bashrc에서 .bash_aliases 로딩하는 문장의 코멘트 제거

사용자 추가

• adduser yourloginname
• visudo

yourloginname ALL=(ALL) ALL   

라고 입력

ssh 로그인 포트 수정

• vi /etc/ssh/sshd_config

Port 22 를 Port 24 로 수정
(사실 내키는 번호로 수정)

iptables 방화벽 설치

• vi /etc/iptables.up.rules

해서 아래 내용 입력

*filter

#  Allows all loopback (lo0) traffic
#  and drop all traffic to 127/8 that doesn't use lo0
-A INPUT -i lo -j ACCEPT
-A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT

#  Accepts all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#  Allows all outbound traffic
#  You can modify this to only allow certain traffic
-A OUTPUT -j ACCEPT

# Allows HTTP and HTTPS connections from anywhere 
# (the normal ports for websites)
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
-A INPUT -p tcp --dport 3000 -j ACCEPT
-A INPUT -p tcp --dport 3001 -j ACCEPT
-A INPUT -p tcp --dport 3002 -j ACCEPT
-A INPUT -p tcp --dport 3003 -j ACCEPT

#  Allows SSH connections
# THE -dport 앞에서 SSH에 Port 에 적은 번호를 여기 적는다. 
# 나는 24로 했다.
-A INPUT -p tcp -m state --state NEW --dport 24 -j ACCEPT

# Allow ping
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

# log iptables denied calls
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

# Reject all other inbound - default deny 
# unless explicitly allowed policy
-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

• vi /etc/network/interfaces

... 
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.up.rules
...

• /etc/init.d/ssh reload

ssh 다시 접속해봐. (이번에는 yourloginname 으로..)

우분투 패키지 소스

• sudo vi /etc/apt/sources.list

deb http://archive.ubuntu.com/ubuntu/ hardy main restricted universe
deb-src http://archive.ubuntu.com/ubuntu/ hardy main restricted universe

deb http://archive.ubuntu.com/ubuntu/ hardy-updates main restricted universe
deb-src http://archive.ubuntu.com/ubuntu/ hardy-updates main restricted universe

deb http://security.ubuntu.com/ubuntu hardy-security main restricted universe
deb-src http://security.ubuntu.com/ubuntu hardy-security main restricted universe

서버 이름

• sudo vi /etc/hosts # 127.0.1.1 hostname.domain.co.kr
• sudo vi /etc/hostname # hostname.domain.co.kr
• sudo /bin/hostname -F /etc/hostname

패키지들

• sudo aptitude update
• sudo locale-gen en_GB.UTF-8
• sudo locale-gen ko_KR.UTF-8
• sudo /usr/sbin/update-locale LANG=en_GB.UTF-8 (이건.. 안해도..)
• sudo aptitude safe-upgrade
• sudo aptitude full-upgrade
• sudo aptitude install build-essential
• sudo dpkg-reconfigure tzdata # Asia/Seoul로 만든다.
• sudo apt-get install ntpdate
• sudo ntpdate ntp.ubuntu.com # Update time
• sudo apt-get install git-core
• sudo apt-get install subversion

MYSQL

• sudo apt-get install mysql-server mysql-client libmysqlclient15-dev
• sudo vi /root/.gemrc

---
:sources:
- http://gems.rubyforge.org
- http://gems.github.com
gem: --no-ri --no-rdoc



루비 엔터프라이즈, nginx, passenger
sudo apt-get install zlib1g-dev libssl-dev libreadline5-dev
# http://www.rubyenterpriseedition.com/download.html#ubuntu 최신버전 확인
wget http://rubyforge.org/frs/download.php/57098/ruby-enterprise_1.8.6-20090520_i386.deb
sudo dpkg -i ruby-enterprise_1.8.6-20090520_i386.deb
sudo echo "PATH=/opt/ruby-enterprise/bin:$PATH" >> /etc/environment
su -
export PATH=/opt/ruby-enterprise/bin:$PATH
ruby -v
/opt/ruby-enterprise/bin/passenger-install-nginx-module # 1 선택, 한번더
/opt/ruby-enterprise/bin/passenger-install-nginx-module # 2를 선택.
/tmp/nginx-0.6.36 # 디렉토리 물으면 입력, prefix 는 그대로, extra는
--with-http_stub_status_module --with-http_ssl_module --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
vi /etc/init.d/nginx 


# Copyright (c) 2009 Jason Giedymin, http://AcronymLabs.com
#
# Permission is hereby granted, free of charge, 
# to any person obtaining
# a copy of this software and .....
#---------------------------------------
. /lib/lsb/init-functions
#--------------------------------------
# Consts
#--------------------------------------
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/opt/nginx/sbin/nginx
 
PS="nginx"
PIDNAME="nginx"        #Lets you do $PS-Master or $PS-Slave
PIDFILE=$PIDNAME.pid #pid file
PIDSPATH=/opt/nginx/logs
DESCRIPTION="Nginx Server..."
 
RUNAS=root        #user to run as
 
SCRIPT_OK=0        #ala error codes
SCRIPT_ERROR=1        #ala error codes
TRUE=1          #boolean
FALSE=0          #boolean
 
lockfile=/var/lock/subsys/nginx
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
 
#-----------------------
# Simple Tests
#-----------------------
 
#test if nginx is a file and executable
test -x $DAEMON || exit 0
 
# Include nginx defaults if available
if [ -f /etc/default/nginx ] ; then
        . /etc/default/nginx
fi
 
#set exit condition
#set -e
 
#-----------------------
# Functions
#-----------------------
 
setFilePerms(){
 
        if [ -f $PIDSPATH/$PIDFILE ]; then
chmod -f 400 $PIDSPATH/$PIDFILE
        fi
}
 
configtest() {
  $DAEMON -t -c $NGINX_CONF_FILE
}
 
getPSCount() {
  return `pgrep -f $PS | wc -l`
}
 
isRunning(){
  pidof_daemon
  PID=$?
 
  if [ $PID -gt 0 ]; then
    return 1
        else
return 0
        fi
}
 
status(){
  isRunning
  isAlive=$?
 
  if [ "${isAlive}" -eq $TRUE ]; then
echo "$PIDNAME found running with processes: `pidof $PS`"
        else
echo "$PIDNAME is NOT running."
        fi
 
 
}
 
removePIDFile(){
  if [ -f $PIDSPATH/PIDFILE ]; then
  rm -f $PIDSPATH/$PIDFILE
        fi
}
 
start() {
        log_daemon_msg "Starting $DESCRIPTION"
  
  isRunning
  isAlive=$?
  
        if [ "${isAlive}" -eq $TRUE ]; then
log_end_msg $SCRIPT_ERROR
        else
start-stop-daemon --start --quiet --chuid $RUNAS --pidfile $PIDSPATH/$PIDFILE --exec $DAEMON
                setFilePerms
    log_end_msg $SCRIPT_OK
        fi
}
 
stop() {
  log_daemon_msg "Stopping $DESCRIPTION"
  
  isRunning
  isAlive=$?
        if [ "${isAlive}" -eq $TRUE ]; then
start-stop-daemon --stop --quiet --pidfile $PIDSPATH/$PIDFILE
 
    removePIDFile
 
                log_end_msg $SCRIPT_OK
        else
log_end_msg $SCRIPT_ERROR
        fi
}
 
reload() {
  configtest || return $?
 
  log_daemon_msg "Reloading (via HUP) $DESCRIPTION"
 
        isRunning
        if [ $? -eq $TRUE ]; then
    `killall -HUP $PS` #to be safe
 
                log_end_msg $SCRIPT_OK
        else
log_end_msg $SCRIPT_ERROR
        fi
}
 
terminate() {
        log_daemon_msg "Force terminating (via KILL) $DESCRIPTION"
        
  PIDS=`pidof $PS` || true
 
  [ -e $PIDSPATH/$PIDFILE ] && PIDS2=`cat $PIDSPATH/$PIDFILE`
 
  for i in $PIDS; do
    if [ "$i" = "$PIDS2" ]; then
     kill $i
      removePIDFile
    fi
  done
 
  log_end_msg $SCRIPT_OK
 
}
 
pidof_daemon() {
    PIDS=`pidof $PS` || true
 
    [ -e $PIDSPATH/$PIDFILE ] && PIDS2=`cat $PIDSPATH/$PIDFILE`
 
    for i in $PIDS; do
if [ "$i" = "$PIDS2" ]; then
return 1
        fi
done
return 0
}
 
case "$1" in
  start)
  start
        ;;
  stop)
  stop
        ;;
  restart|force-reload)
  stop
  start
        ;;
  reload)
  $1
  ;;
  status)
  status
  ;;
  configtest)
        $1
        ;;
  terminate)
  $1
  ;;
  *)
  FULLPATH=/etc/init.d/$PIDNAME
  echo "Usage: $FULLPATH {start|stop|restart|force-reload|status|configtest|terminate}"
  exit 1
  ;;
esac
 
exit 0

• chown root:root /etc/init.d/nginx
• chmod +x /etc/init.d/nginx
• vim /etc/nginx/nginx.conf

server {
    listen 80;
    # server_name www.mycook.com;
    root /home/deploy/testapp/public;
    passenger_enabled on;
}

루비 패키지

• sudo /etc/init.d/nginx restart

참고