Welcome! 登入 註冊
美寶首頁 美寶百科 美寶論壇 美寶落格 美寶地圖

Advanced

Install a LAPP server: openSUSE 42 / Apahce 2.4/PostgreSQL 9.4/ PHP 5.6

Posted by mepoadm 
The parts of this install article: (1) Disk partiton; (2) Install PostgreSQL 9.4; (3) Auto Start of Services; (4) Security.

1. Network Settings


Address:
IP Address: OOO.OOO.OOO.OOO
Subnet Mask: 255.255.255.0
Hostname: www (some thing like that)

2. Disk Partition

/boot   2GB
/swap   12GB  swap (similar to size of RAM)
/       100GB ext4
/home   1.7TB ext4
/var    120GB ext4 (preferably SSD)

3. Install PostgreSQL 9.4

Add http://download.opensuse.org/repositories/server:/database:/postgresql/openSUSE_13.2/ to repositories.
Install through YaST:
  postgresql94
  postgresql94-server

4. Services Autostart at Boot

systemctl enable apache2.service
systemctl enable sshd.service
chkconfig --add postgresql
--
Use chkconfig --list to list all available services run-level status

5. Security


(1) Disable root ssh access
Edit
/etc/ssh/sshd_config
Set and unmark
PermitRootLogin no
Restart
systemctl restart sshd.service

(2) Restrict swith user (su)
Add to the gorup of wheel
usermod -a -G wheel username
Edit
/etc/pam.d/su
Add this line below "auth sufficient pam_rootok.so"
auth                required        pam_wheel.so use_uid

6. Apache


1. Configuration:
/etc/sysconfig/apache (Include Modules)
/etc/apache2/ (configuration)

2. Edit default conf (/etc/apache2/default-server.conf)
TraceEnable off (Disable HTTP TRACE method)

3. Service setting
vi /usr/lib/systemd/system/apache2.service
PrivateTmp=false

7. PHP


Edit php.ini (/etc/php5/cli/php.ini)

short_open_tag = On
output_handler = ob_gzhandler
upload_max_filesize = 8M
memory_limit = 512M
date.timezone = 'Asian/Taipei'
session.cookie_httponly = 1
session.cookie_secure = 1

8. Firewall


Enable HTTP Server
Custom Rules for SSH



Edited 14 time(s). Last edit at 11/09/2017 07:21PM by mepoadm.
(編輯記錄)