最低限のモジュール + PHP で構成し、ローカルネットワークの MySQL サーバーに接続して運用する。
ConoHa でローカルネットワークの設定をしてリブート後、ネットワークインターフェースの設定をします。
# ifconfig -a
として eth1 の MAC アドレスをメモしておきます。
# vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1" HWADDR="YourMacAddress" BOOTPROTO="static" IPV6INIT="no" IPADDR="YourLocalAddress" NETMASK="255.255.255.0" NM_CONTROLLED="no" PEERDNS="no" TYPE="Ethernet" ONBOOT="yes"
# service network restart
# yum install -y mod_ssl mysql php-mysql php-mbstring php-eaccelerator
# cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.default # vi /etc/httpd/conf/httpd.conf
# 修正点のみ列挙 # ServerTokens OS ServerTokens ProductOnly # KeepAlive Off KeepAlive On # LoadModule 関連 (色々止めます) LoadModule auth_basic_module modules/mod_auth_basic.so # LoadModule auth_digest_module modules/mod_auth_digest.so LoadModule authn_file_module modules/mod_authn_file.so # LoadModule authn_alias_module modules/mod_authn_alias.so # LoadModule authn_anon_module modules/mod_authn_anon.so # LoadModule authn_dbm_module modules/mod_authn_dbm.so # LoadModule authn_default_module modules/mod_authn_default.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so # LoadModule authz_owner_module modules/mod_authz_owner.so # LoadModule authz_groupfile_module modules/mod_authz_groupfile.so # LoadModule authz_dbm_module modules/mod_authz_dbm.so # LoadModule authz_default_module modules/mod_authz_default.so # LoadModule ldap_module modules/mod_ldap.so # LoadModule authnz_ldap_module modules/mod_authnz_ldap.so # LoadModule include_module modules/mod_include.so LoadModule log_config_module modules/mod_log_config.so # LoadModule logio_module modules/mod_logio.so LoadModule env_module modules/mod_env.so # LoadModule ext_filter_module modules/mod_ext_filter.so LoadModule mime_magic_module modules/mod_mime_magic.so # LoadModule expires_module modules/mod_expires.so # LoadModule deflate_module modules/mod_deflate.so LoadModule headers_module modules/mod_headers.so LoadModule usertrack_module modules/mod_usertrack.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule mime_module modules/mod_mime.so # LoadModule dav_module modules/mod_dav.so LoadModule status_module modules/mod_status.so # LoadModule autoindex_module modules/mod_autoindex.so # LoadModule info_module modules/mod_info.so # LoadModule dav_fs_module modules/mod_dav_fs.so LoadModule vhost_alias_module modules/mod_vhost_alias.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule dir_module modules/mod_dir.so LoadModule actions_module modules/mod_actions.so # LoadModule speling_module modules/mod_speling.so # LoadModule userdir_module modules/mod_userdir.so LoadModule alias_module modules/mod_alias.so # LoadModule substitute_module modules/mod_substitute.so LoadModule rewrite_module modules/mod_rewrite.so # LoadModule proxy_module modules/mod_proxy.so # LoadModule proxy_balancer_module modules/mod_proxy_balancer.so # LoadModule proxy_ftp_module modules/mod_proxy_ftp.so # LoadModule proxy_http_module modules/mod_proxy_http.so # LoadModule proxy_ajp_module modules/mod_proxy_ajp.so # LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule cache_module modules/mod_cache.so # LoadModule suexec_module modules/mod_suexec.so LoadModule disk_cache_module modules/mod_disk_cache.so LoadModule cgi_module modules/mod_cgi.so LoadModule version_module modules/mod_version.so ServerAdmin YourAccount@ConoHaHost.example.com #ServerName www.example.com:80 ServerName www.ConoHaHost.example.com:80 <Directory />
# Options FollowSymLinks Options None AllowOverride None
</Directory> # Options Indexes FollowSymLinks Options None # DirectoryIndex index.html index.html.var DirectoryIndex index.htm index.html # ErrorLog logs/error_log ErrorLog /data/www/ConoHaHost.example.com/apache/error.log # CustomLog logs/access_log combined CustomLog /data/www/ConoHaHost.example.com/apache/access.log combined # ServerSignature On ServerSignature Off # ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" #<Directory "/var/www/cgi-bin"> # AllowOverride None # Options None # Order allow,deny # Allow from all #</Directory>
# mod_autoindex.c 用の設定を <IfModule mod_autoindex.c> で読み込まないようにしておく <IfModule mod_autoindex.c> # # Directives controlling the display of server-generated directory listings. # # # IndexOptions: Controls the appearance of server-generated directory # listings. # IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8 # ~ 中略 ~ IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t </IfModule> # ここまで </IfModule> で mod_autoindex.c を止める
# LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW LanguagePriority ja ko en ca cs da de el eo es et fr he hr it ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW #AddDefaultCharset UTF-8 AddDefaultCharset Off # AddOutputFilter INCLUDES .shtml # もう少しファイルタイプ関係を追加 AddHandler default-handler xml AddHandler default-handler rdf AddType "application/xml; charset=UTF-8" xml rdf <Files ~ "\.(jpg|gif|png|css|js|swf|ico)$"> FileETag MTime Size </Files> AddType video/ogg .ogv AddType video/webm .webm AddType video/mp4 .mp4 #NameVirtualHost *:80 NameVirtualHost *:80 Include conf.d/sites/*.conf
# mkdir /etc/httpd/conf.d/sites # vi /etc/httpd/conf.d/ConoHaHost.example.com.conf
<VirtualHost *:80> DocumentRoot /data/www/ConoHaHost.example.com/htdocs ServerName ConoHaHost.example.com php_value error_log "/data/www/ConoHaHost.example.com/php_error.log" </VirtualHost> <Directory "/data/www/ConoHaHost.example.com/htdocs"> Options None AllowOverride None RewriteEngine on RewriteCond %{HTTP_HOST} . RewriteCond %{HTTP_HOST} !^ConoHaHost\.example\.com [NC] RewriteRule ^(.*)$ http://ConoHaHost.example.com$1 [R=301,L] RewriteCond %{THE_REQUEST} ^.*/index.html RewriteRule ^(.*)index.html$ http://ConoHaHost.example.com$1 [R=301,L] </Directory>
# cp /etc/php.ini /etc/php.ini.default # vi /etc/php.ini
; 変更点のみ列挙 ; short_open_tag = Off short_open_tag = On ; zlib.output_compression = Off zlib.output_compression = On ; expose_php = On expose_php = Off ;arg_separator.output = "&" arg_separator.output = "&" ; allow_url_fopen = On allow_url_fopen = Off ;date.timezone = date.timezone = "Asia/Tokyo" mbstring.detect_order = auto mbstring.encoding_translation = Off mbstring.func_overload = 0 mbstring.http_input = pass mbstring.http_output = pass mbstring.internal_encoding = utf-8 mbstring.language = neutral mbstring.script_encoding = ASCII mbstring.substitute_character = none
以下の内容はサーバの用途やレスポンスをみながら追加調整。
memory_limit = 128M post_max_size = 8M upload_max_filesize = 2M
# mkdir -p /data/www/ConoHaHost.example.com/htdocs # cd /data/www/ConoHaHost.example.com/ # mkdir apache awstats # touch php_error.log # chown -R apache:apache /data/www # chkconfig httpd on # service httpd start
# vi /etc/logrotate.d/httpd-users
/data/www/*/apache/*log { daily missingok rotate 30 ifempty sharedscripts postrotate /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true endscript }
# vi /etc/init.d/firewall
$IPTABLES -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT # HTTP $IPTABLES -A INPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT # HTTPS
# yum install -y nfs-utils # vi /etc/idmapd.conf
#Domain = local.domain.edu Domain = example.com
# vi /etc/exports
/data/www YourLocalTargetIP(rw,no_root_squash,sync,fsid=0,crossmnt)
NFS がエラーを出すため以下を hosts.allow に追記
# vi /etc/hosts.allow
all : 127.0.0.1
Firewall に追記
# vi /etc/init.d/firewall
# # Services for the Localnet # $IPTABLES -A INPUT -i eth1 -p tcp --dport 2049 -m state --state NEW -j ACCEPT # NFSv4
# service firewall restart # chkconfig rpcbind on # chkconfig nfslock on # chkconfig nfs on # service rpcbind start # service nfslock start # service nfs start