第16周作业

架构题:前端有一个 LAMP 架构通过 wordpress 来部署,后端构建一个 NFS 服务器实现要求将用户上传的图片保存至后端 NFS 服务器上。

vim nfs_install.sh
#!/bin/bash
network=192.168.1.0
share_dir=/data/uploads
[ -d $share_dir ] || mkdir -p $share_dir
yum -y install nfs-utils
cat > /etc/exports << EOF
$share_dir $network/24(rw,sync,no_root_squash)
EOF

systemctl enable nfs-server.service
systemctl start nfs-server.service
exportfs -r

firewall_status=`firewall-cmd --state`
if [ $firewall_status = running ];then
    echo "防火墙已启用,开放端口"
    firewall-cmd --permanent --add-service=mountd --add-service=rpc-bind --add-service=nfs
    firewall-cmd --reload
fi
执行bash nfs_install.sh完成NFS服务器安装配置

vim wordpress_install.sh
#!/bin/bash
#wordpress自动安装

function install_httpd() {
#下载httpd源码包
target_dir=/usr/local/src
install_dir=/usr/local/httpd
download_url=https://mirror.bit.edu.cn/apache/httpd/httpd-2.4.46.tar.bz2
file_name=${download_url##*/}
uncompress_dir=${file_name%.tar*}
rpm -q wget || yum install -y wget
[ -f $target_dir/$file_name ] || wget -O $target_dir/$file_name $download_url

apr_download_url=https://mirror.bit.edu.cn/apache/apr/apr-1.7.0.tar.bz2
apr_file_name=${apr_download_url##*/}
apr_uncompress_dir=${apr_file_name%.tar*}
[ -f $target_dir/$apr_file_name ] || wget -O $target_dir/$apr_file_name $apr_download_url
apr_util_download_url=https://mirror.bit.edu.cn/apache/apr/apr-util-1.6.1.tar.bz2
apr_util_file_name=${apr_util_download_url##*/}
apr_util_uncompress_dir=${apr_util_file_name%.tar*}
[ -f $target_dir/$apr_util_file_name ] || wget -O $target_dir/$apr_util_file_name $apr_util_download_url

yum install -y gcc make pcre-devel openssl-devel redhat-rpm-config expat-devel

id apache &> /dev/null || useradd -r -u 80 -d /var/www -s /sbin/nologin apache

tar xf $target_dir/$file_name -C $target_dir
tar xf $target_dir/$apr_file_name -C $target_dir
mv $target_dir/$apr_uncompress_dir $target_dir/$uncompress_dir/srclib/apr
tar xf $target_dir/$apr_util_file_name -C $target_dir
mv $target_dir/$apr_util_uncompress_dir $target_dir/$uncompress_dir/srclib/apr-util

cd $target_dir/$uncompress_dir
./configure --prefix=$install_dir \
--sysconfdir=/etc/httpd \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--enable-modules=most \
--enable-mpms-shared=all \
--with-zlib \
--with-pcre \
--with-included-apr \
--with-mpm=event
make -j`lscpu | grep "^CPU(s)" | awk '{print $NF}'` && make install

echo 'PATH='$install_dir'/bin:$PATH'  > /etc/profile.d/httpd.sh
source /etc/profile.d/httpd.sh

sed -ri 's#(User )daemon#\1apache#' /etc/httpd/httpd.conf
sed -ri 's#(Group )daemon#\1apache#' /etc/httpd/httpd.conf

cat > /lib/systemd/system/httpd.service << EOF
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)

[Service]
Type=forking
ExecStart=/usr/local/httpd/bin/apachectl start
ExecReload=/usr/local/httpd/bin/apachectl graceful
ExecStop=/usr/local/httpd/bin/apachectl stop
KillSignal=SIGCONT
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable httpd.service
systemctl start httpd.service

#检查firewalld状态
firewall_status=`firewall-cmd --state`
if [ $firewall_status = running ];then
    echo "防火墙已启用,开放端口"
    firewall-cmd --permanent --add-service=http --add-service=https
    firewall-cmd --reload
fi
}

function install_mysql() {
target_dir=/usr/local
download_url=http://mirrors.163.com/mysql/Downloads/MySQL-5.7/mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
file_name=${download_url##*/}
uncompress_dir=${file_name%.tar*}


yum -y install libaio-devel numactl-libs


id mysql &> /dev/null || useradd -r -s /sbin/nologin mysql


rpm -q wget || yum install -y wget
[ -f $target_dir/src/$file_name ] || wget -O $target_dir/src/$file_name $download_url
tar xf $target_dir/src/$file_name -C $target_dir
ln -s $target_dir/$uncompress_dir $target_dir/mysql
chown -R root.root $target_dir/$uncompress_dir
[ -d /data/mysql ] || mkdir -p /data/mysql
chown -R mysql.mysql /data/mysql


cat > /etc/profile.d/mysql.sh << EOF
export PATH=/usr/local/mysql/bin:$PATH
EOF
source /etc/profile.d/mysql.sh


mv /etc/my.cnf /etc/my.cnf.bak
cat > /etc/my.cnf << EOF
[mysqld]
port=3306
socket=/data/mysql/mysql.sock
datadir=/data/mysql
log-error=/data/mysql/mysql.log
character-set-server=utf8mb4
#skip_name_resolve
max_connections=1000
max_connect_errors=1000

[client]
port=3306
socket=/data/mysql/mysql.sock
default-character-set=utf8mb4
EOF

#mysql初始化
mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/data/mysql


cat > /etc/systemd/system/mysqld.service << EOF
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target

[Install]
WantedBy=multi-user.target

[Service]
User=mysql
Group=mysql
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE = 5000
EOF
systemctl daemon-reload
systemctl enable mysqld.service
systemctl start mysqld.service

#检查防火墙状态
firewall_status=`firewall-cmd --state`
if [ $firewall_status = running ];then
    echo "防火墙已启用,开放端口"
    firewall-cmd --permanent --add-port=3306/tcp
    firewall-cmd --reload
fi

#修改数据库root密码
mysql -uroot -h 127.0.0.1 -e 'update mysql.user set authentication_string=password("my123456") where user="root" and Host="localhost";'
mysql -uroot -h 127.0.0.1 -e 'flush privileges;'
sed -ri 's@#(skip_name_resolve)@\1@' /etc/my.cnf
systemctl restart mysqld.service
}

function install_php() {

target_dir=/usr/local
install_dir=/usr/local/php
download_url=http://mirrors.sohu.com/php/php-7.4.10.tar.bz2
file_name=${download_url##*/}
uncompress_dir=${file_name%.tar*}
rpm -q wget || yum install -y wget
[ -f $target_dir/src/$file_name ] || wget -O $target_dir/src/$file_name $download_url


yum -y install gcc libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel


tar xf $target_dir/src/$file_name -C $target_dir


cd $target_dir/$uncompress_dir
./configure --prefix=$install_dir \
--enable-mysqlnd \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-openssl \
--with-zlib \
--with-config-file-path=/etc \
--with-config-file-scan-dir=/etc/php.d \
--enable-mbstring \
--enable-xml \
--enable-sockets \
--enable-fpm \
--enable-maintainer-zts \
--disable-fileinfo
make -j`lscpu | grep "^CPU(s)" | awk '{print $NF}'` && make install

echo 'PATH='$install_dir'/bin:$PATH'  > /etc/profile.d/php.sh
source /etc/profile.d/php.sh


cp php.ini-production /etc/php.ini
cp $install_dir/etc/php-fpm.conf.default $install_dir/etc/php-fpm.conf
cp $install_dir/etc/php-fpm.d/www.conf.default $install_dir/etc/php-fpm.d/www.conf
#cp $target_dir/$uncompress_dir/sapi/fpm/php-fpm.service /lib/systemd/system/
cat > /lib/systemd/system/php-fpm.service << EOF
[Unit]
Description=The PHP FastCGI Process Manager
After=syslog.target network.target

[Service]
Type=simple
PIDFile=/var/run/php-fpm.pid
ExecStart=/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF


sed -ri 's#(user = )nobody#\1apache#' $install_dir/etc/php-fpm.d/www.conf
sed -ri 's#(group = )nobody#\1apache#' $install_dir/etc/php-fpm.d/www.conf
sed -ri 's#;(pm.status_path = )/status#\1/php-fpm_status#' $install_dir/etc/php-fpm.d/www.conf
sed -ri 's#;(ping.path = /ping)#\1#' $install_dir/etc/php-fpm.d/www.conf
mkdir /etc/php.d
cat > /etc/php.d/opcache.ini << EOF
[opacache]
zend_extensio=opcache.so
opcache.enable=1
EOF
systemctl daemon-reload
systemctl enable php-fpm.service
systemctl start php-fpm.service


sed -ri 's@#(LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so)@\1@' /etc/httpd/httpd.conf
sed -ri 's@#(LoadModule proxy_module modules/mod_proxy.so)@\1@' /etc/httpd/httpd.conf
sed -ri 's@(DirectoryIndex )(index.html)@\1index.php \2@' /etc/httpd/httpd.conf
sed -ri '$a\AddType application/x-httpd-php .php\nProxyRequests Off' /etc/httpd/httpd.conf
cat >> /etc/httpd/httpd.conf << EOF

<VirtualHost *:80>
    ServerName localhost
    DocumentRoot /data/wordpress
    <Directory "/data/wordpress">
        Require all granted
    </Directory>
    ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/data/wordpress/$1
    ProxyPassMatch ^/(php-fpm_status|ping)$ fcgi://127.0.0.1:9000/$1
    CustomLog "logs/access_wordpress_log" common
</VirtualHost>
EOF
systemctl restart httpd.service
}

function install_wordpress() {

target_dir=/usr/local/src
install_dir=/data
download_url=https://cn.wordpress.org/wordpress-5.4.2-zh_CN.zip
file_name=${download_url##*/}
uncompress_dir=${file_name%%-*}
rpm -q wget || yum install -y wget
[ -f $target_dir/$file_name ] || wget -O $target_dir/$file_name $download_url


unzip $target_dir/$file_name -d $target_dir
mv $target_dir/$uncompress_dir $install_dir/
chown -R apache:apache $install_dir/$uncompress_dir


mysql -uroot -pmy123456 -e 'create database wordpress;'
mysql -uroot -pmy123456 -e 'grant all on wordpress.* to wpuser@"192.168.1.%" identified by "wppasswd";'
}

function install_nfs_client() {
nfs_server=192.168.1.10
nfs_share_dir=/data/uploads
pic_upload_dir=/data/wordpress/wp-content/uploads
[ -d $pic_upload_dir ] || mkdir -p $pic_upload_dir


yum -y install nfs-utils


cat >> /etc/fstab << EOF
$nfs_server:$nfs_share_dir  $pic_upload_dir  nfs  defaults,_netdev  0 0
EOF
mount -a
chown -R apache:apache $pic_upload_dir
}

install_httpd
install_mysql
install_php
install_wordpress
install_nfs_client
bash wordpress_install.sh

posted @ 2020-09-18 19:22  guobang  阅读(95)  评论(0编辑  收藏  举报