linux 中apache httpd安装

安装

尽量使用在线安装的方式进行安装，这样所有的依赖包可以一并安装。
另外如果是非在线安装的话，注意确认原来是否存在apache版本。
很多Linux系统自带Apache。

apache的操作，必须以root用户完成。

设置代理

export http_proxy=http://10.10.71.232:8080
export https_proxy=http://10.10.71.232:8080
export ftp_proxy=http://10.10.71.232:8080
vi /etc/dnf/dnf.conf
proxy=http://10.10.71.232:8080
vi /etc/rhsm/rhsm.conf
proxy_hostname = 10.10.71.232
proxy_port = 8080

dnf -y install httpd

systemctl start httpd
systemctl enable httpd
systemctl status httpd

如果提示 No match for argument: httpd的话，说明repo没找到。
考虑创建
/etc/yum.repos.d/CentOS-Base.repo
/etc/yum.repos.d/CentOS-AppStream.repo
/etc/yum.repos.d/RPM-GPG-KEY-centos8-release

修改防火墙

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload

确认启动

httpd設定

/usr/sbin/setsebool -P httpd_can_network_connect 1
vi /etc/httpd/conf/httpd.conf
在/etc/httpd/conf/httpd.conf文件的最后追加下记内容

#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

<Location /xxx/>
 ProxyPass ajp://127.0.0.1:8009/xxx/ secret=yyy min=1 max=400 smax=0 disablereuse=on ttl=5 timeout=120 keepalive=on retry=60 ping=1
</Location>

注意LoadModule的3个模块是否开启。正常情况下安装后是默认开启的。
xxx:发布contextpath
yyy:安全key。tomcat的ajp里面设定的。
修改后重启
systemctl restart httpd

修正tomcat

修改tomcat的conf/server.xml文件。开放ajp设定。通常情况下，会关闭http的设定。

    <!--
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
    -->

    <Connector protocol="AJP/1.3"
               address="::1"
               secret="yyy"
               port="8009"
               redirectPort="8443" />

address:代表能够访问服务的IP。即Apache的IP。默认是本机 127.0.0.1。代表只有本机能够访问。
secret:安全Key。跟apache配置的相同。
修改后重启tomcat。
查看log，ajp正常启动（一定要确认）

13-Jun-2022 16:15:55.423 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
13-Jun-2022 16:15:55.438 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["ajp-nio-127.0.0.1-8009"]
13-Jun-2022 16:15:55.442 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [7239] millisecon

安装任意版本apache

指定阿里云

cd /etc/yum.repos.d/
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
mv redhat.repo redhat.repo_bak
vi /etc/yum/pluginconf.d/product-id.conf
enable=0
vi /etc/yum/pluginconf.d/subscription-manager.conf
enable=0
vi /etc/yum.repos.d/CentOS-Base.repo

把$releasever替换为8-stream

清缓存、获取列表

yum clean all
yum makecache

安装所需环境

设置代理参考上面说明

dnf -y install gcc gcc-c++ wget
dnf -y install expat-devel zlib-devel openssl-devel
dnf -y install automake autoconf libtool make
wget https://mirrors.aliyun.com/apache/httpd/httpd-2.4.54.tar.gz
wget https://mirrors.aliyun.com/apache/apr/apr-1.7.0.tar.gz
wget https://mirrors.aliyun.com/apache/apr/apr-util-1.6.1.tar.gz
wget https://mirrors.aliyun.com/exim/pcre/pcre2-10.37.tar.gz

安装apr

tar zxvf apr-1.7.0.tar.gz
cd apr-1.7.0/
./configure --prefix=/usr/local/apr
make && make install

安装apr-util

tar zxvf apr-util-1.6.1.tar.gz
cd apr-util-1.6.1/
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
make && make install

安装pcre2

tar zxvf pcre2-10.37.tar.gz
cd pcre2-10.37/
./configure --prefix=/usr/local/pcre
make && make install

安装httpd

cp -r /root/apr-1.7.0/ /root/httpd-2.4.54/srclib/apr/
cp -r /root/apr-util-1.6.1/ /root/httpd-2.4.54/srclib/apr-util/
cd httpd-2.4.54/
./configure --prefix=/usr/local/server/apache \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util \
--with-pcre=/usr/local/pcre \
--enable-mpms-shared=all
make && make install

修改配置文件【httpd.conf】

vi /usr/local/server/apache/conf/httpd.conf
ServerName localhost:80

将httpd加入系统服务并设置开机自启。

cp /usr/local/server/apache/bin/apachectl /etc/init.d/httpd
systemctl enable httpd
service httpd start

关闭防火墙。

systemctl stop firewalld.service
systemctl disable firewalld.service

测试能看到It Works！

 

安装ssl

安装ssl模块

dnf -y openssl mod_ssl
vi  /usr/local/server/apache/conf/httpd.conf

开放ssl

LoadModule ssl_module modules/mod_ssl.so

# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
#
# Note: The following must must be present to support
#       starting without SSL on platforms with no /dev/random equivalent
#       but a statically compiled-in mod_ssl.
#
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

生成证书

输入的密码要记住，以后每次启动时要输入。可以为neusoft
其他国家等，随便填。

openssl genrsa -des3 -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 700 -in server.csr -signkey server.key -out server.crt
cp * /usr/local/server/apache/conf/
service httpd restart

输入上面的密码后，再启动成功。

https访问，能看到It Works!