DNS服务器centos6.4
一.网络规划
dns server:10.10.54.59
二.安装软件
shell>yum install bind.x86_64 bind-chroot.x86_64 bind-dyndb-ldap.x86_64 bind-libs.x86_64 bind-utils.x86_64
三.配置DNS
1.shell> vim /etc/named.conf
========================================
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "ssr.com" IN {
type master;
file "named.ssr.com";
};
====================================
2.shell> vim /var/named/named.ssr.com
==============================================
$TTL 86400
@ IN SOA ssr.com. root(2014060701 1H 15M 1W 1D)
@ IN NS ssr.com.
@ IN MX 10 mail.ssr.com.
ssr.com. IN A 10.10.54.58
mail.ssr.com. IN A 10.10.54.58
svn.ssr.com. IN A 10.10.54.57
ldap.ssr.com. IN A 10.10.54.57
trac.ssr.com. IN A 10.10.54.57
svnmanager.ssr.com. IN A 10.10.54.57
============================================
3.重启服务
shell>/etc/init.d/named restart
------------------------------------------------------------------
邮件服务器centos6.4
一.网络规划
mail server:10.10.54.58(/opt >= 5GB)
二.安装准备
1.shell> vim /etc/resolv.conf
================================
nameserver 10.10.54.59
================================
2.shell> vim /etc/hosts
=======================================
127.0.0.1 localhost.localdomain localhost
10.10.54.58 ssr.com mail
IP 完整的主机名 别名
=======================================
3.shell>/etc/init.d/postfix stop
三.安装zimbra
1.安装依赖包
shell>yum install -y nc.x86_64 sysstat.x86_64
2.解压
shell> tar zxvf zcs-7.2.7_GA_2942.RHEL6_64.20140314185955.tgz
3.查看安装文件
##安装步骤
shell>vim README.txt
==========================
Installing from binary:
tar xzf zcs.tgz
cd zcs
./install.sh
=========================
##用法
shell>./install.sh --help
===================================================================
-c|--cluster type Cluster install type active|standby.
-h|--help Usage
-l|--license <file> License file to install.
-a|--activation <file> License activation file to install. [Upgrades only]
-r|--restore <file> Restore contents of <file> to localconfig
-s|--softwareonly Software only installation.
-u|--uninstall Uninstall ZCS
-x|--skipspacecheck Skip filesystem capacity checks.
--beta-support Allows installer to upgrade Network Edition Betas.
--platform-override Allows installer to continue on an unknown OS.
--skip-activation-check Allows installer to continue if license activation checks fail.
[defaultsfile] File containing default install values.
======================================================================
4.安装
shell> ./install.sh
安装过程需要修改的地方
Select the packages to install
Install zimbra-memcached [N] Y ----change
Install zimbra-proxy [N]
Checking required space for zimbra-core
Checking space for zimbra-store
Installing:
zimbra-core
zimbra-ldap
zimbra-logger
zimbra-mta
zimbra-snmp
zimbra-store
zimbra-apache
zimbra-spell
zimbra-memcached
The system will be modified. Continue? [N] Y ---change
修改管理员密码:
Admin Password UNSET
修改HTTP模式:
Web server mode: https
Web server mode: mixed
5.重启服务
shell>/etc/init.d/zimbra restart
6.邮件管理
进入邮件系统:http://mail.ssr.com
后台管理:https://mail.ssr.com:7071 或者https://10.10.54.58:7071
7.查看系统参数
shell>zmlocalconfig -s|grep zimbra_ldap --查看邮件服务器相关配置
zimbra_ldap_password = jP70SnUH
zimbra_ldap_user = zimbra
zimbra_ldap_userdn = uid=zimbra,cn=admins,cn=zimbra
------------------------------------------------------------------------------------
SVN服务器
一.安装centos5.9(IP:10.10.54.57)
二.配置yum源(关闭防火墙和SELINUX:切记要重启)
1.创建目录
mkdir /share
mkdir /mnt/dvd
2.挂载mount /dev/cdrom /mnt/dvd/
cp -rf /mnt/dvd/* /share/
补充:创建一个YUM仓库,需要一个共享点,这里可以使用NFS,FTP,SAMBA来实现,安装VSFTP来做共享点
3.创建本地配置文件
vim /etc/yum.repos.d/cen5-ftp.repo
==========================
[ftp]
name=ftp
baseurl=ftp://10.10.54.57/CentOS
gpgcheck=0
enable=1
==========================
4.安装vsftp,保障匿名可以访问,匿名根目录/share
/mnt/dvd/CentOS:rpm -ivh vsftpd-2.0.5-28.el5.x86_64.rpm
vim /etc/vsftpd/vsftpd.conf
========================
anonymous_enable=YES
anon_upload_enable=YES
anon_root=/share
========================
5.重启服务
/etc/init.d/vsftpd restart
6.创建软件仓库
rpm -ivh /share/CentOS/createrepo-0.4.11-3.el5.noarch.rpm
建立软件仓库:cd /share ###很重要
createrepo -v -g repodata/repomd.xml .
获取目录:createrepo -v -g /share/repodata/repomd.xml /share/CentOS/
#yum clean all
#yum list
三.lamp
1.安装软件
apche:
shell>yum install -y httpd.x86_64 httpd-devel.x86_64 httpd-tools.x86_64
mysql:
shell>yum install -y mysql.x86_64 mysql-devel.x86_64 mysql-server.x86_64
php:
shell>yum install -y php.x86_64 php-gd.x86_64 php-cli.x86_64 php-common.x86_64 php-ldap.x86_64 php-devel.x86_64 php-pear.noarch php-mysql.x86_64
2.修改apache 配置文件
shell> vim /etc/httpd/conf/httpd.conf
==============================================
ServerName svn.ssr.com
DirectoryIndex index.php index.html index.htm index.html.var
AddType application/x-httpd-php .php
=============================================
重启服务:
shell>/etc/init.d/httpd restart
四.ldap
1.安装软件
shell>yum install openldap-devel.x86_64 expat-devel.x86_64 openldap-servers openldap-clients
shell> slappasswd ---生成 slapd密码以备等下使用
New password: ----123456
Re-enter new password:
{SSHA}dPXBOZf699a4ce5jI2uWKOIP7gxzGZ3E
2.编辑 /etc/openldap/slapd.conf 文件
shell> vim /etc/openldap/slapd.conf
=========================================
access to attrs=shadowLastChange,userPassword
by selfwrite
by * auth
access to *
by * read
##
database bdb
suffix "dc=ssr,dc=com"
rootdn "cn=Manager,dc=ssr,dc=com"
rootpw {SSHA}dPXBOZf699a4ce5jI2uWKOIP7gxzGZ3E
==========================================
3.修改migrate_common.ph 指定正确ldap suffix信息
shell> cd /usr/share/openldap/migration/
shell> vim migrate_common.ph
==============================
# Default DNS domain
$DEFAULT_MAIL_DOMAIN = "ssr.com";
# Default base
$DEFAULT_BASE = "dc=ssr,dc=com";
===============================
4.修改配置文件
shell>vim /etc/openldap/ldap.conf
=========================
URI ldap://127.0.0.1/
BASE dc=ssr,dc=com
===========================
5.生成ldap初始化信息
shell>./migrate_base.pl >/tmp/base.ldif
把etc/passwd /etcgroup的数据导入ldap
shell>tail -n 100 /etc/passwd > /tmp/passwd.ldif
shell>tail -n 100 /etc/group > /tmp/group.ldif
解析:然后脚本就会帮你创建一些基本的信息了,比如 rootdn, organization 组织信息,People,Group 等存放系统帐户之用的 organizationUnit信息。
6. 启动服务
shell> service ldap start
若重起时警告在/var/lib/ldap 的目录下找不到DB_CONFIG的文件,需要cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG之后service ldap restart正常了
7.把信息导入ldap
shell>./migrate_base.pl > /tmp/base.ldif
shell>tail -n 100 /etc/passwd > /tmp/passwd
shell>tail -n 100 /etc/group > /tmp/group
shell>./migrate_passwd.pl /tmp/passwd /tmp/passwd.ldif
shell>./migrate_group.pl /tmp/group /tmp/group.ldif
shell>ldapadd -x -D "cn=Manager,dc=ssr,dc=com" -W -f /tmp/base.ldif
Enter LDAP Password: --123456
8.添加配置信息
shell>vim /etc/openldap/schema/cosine.schema
===================================================
attributetype ( 2.16.840.1.113730.3.1.110
NAME 'groupName'
DESC 'RFC2798: preferred name to be used when displaying entries'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
attributetype ( 2.16.840.1.113730.3.1.119
NAME 'administrator'
DESC 'RFC2798: preferred name to be used when displaying entries'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
attributetype ( 2.16.840.1.113730.3.1.120
NAME 'zimbraAccountStatus'
DESC 'RFC2798: preferred name to be used when displaying entries'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
attributetype ( 2.16.840.1.113730.3.1.121
NAME 'LoginPermissions'
DESC 'RFC2798: preferred name to be used when displaying entries'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
objectclass ( 0.9.2342.19200300.100.4.5 NAME 'TugeTemplate'
SUP top STRUCTURAL
MUST ( userid $ userPassword $ cn $ groupName $ zimbraAccountStatus)
MAY ( administrator $ LoginPermissions )
)
=========================================================================
9.重启服务
shell> service ldap restart
五.phpldapadmin
1.安装phpldapadmin
shell> tar zxvf phpldapadmin-1.2.3.tgz
shell>cd phpldapadmin-1.2.3/config/
shell> cp config.php.example ./config.php
shell> cd /softs/
shell>mv phpldapadmin-1.2.3 /var/www/html/phpldapadmin
2.配置文件
shell> vim /etc/httpd/conf/httpd.conf
=============================================
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster@ssr.com
DocumentRoot "/var/www/html/phpldapadmin"
ServerName ldap.ssr.com
ErrorLog "logs/ldap-error_log"
CustomLog "logs/ldap-access_log" common
</VirtualHost>
===========================================
3.重启服务
shell>/etc/init.d/httpd restart
4.测试
登陆管理界面:http://ldap.ssr.com
登陆DN:cn=Manager,dc=ssr,dc=com
六. subversion
1.安装软件
安装subvision:
shell>yum install -y subversion mod_dav_svn mod_python python-setuptools
安装python:
shell>yum install -y python.x86_64 python-devel.x86_64 libxml2-python.x86_64 python-sqlite.x86_64 python-setuptools.noarch swig.x86_64
下载安装python模板clearsilver:
shell>rpm -ivh clearsilver-0.10.4-1.el5.rf.x86_64.rpm
shell>rpm -ivh python-clearsilver-0.10.4-1.el5.rf.x86_64.rpm
2..测试svn是否安装成功
shell>svn --version
3.新建目录
shell>mkdir -p /data/trac/Config
shell>mkdir /data/trac/html
shell>cd /data/trac/
shell>svnadmin create repos
shell>chown -R apache.apache repos
4.修改apache配置文件
shell>vim /etc/http/conf/httpd.conf
================================================================================
<VirtualHost *:80>
ServerName svn.ssr.com
ServerAlias svn.ssr.com
DocumentRoot /data/trac/html/
<Directory / >
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /data/trac/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Directory /data/trac/html/cgi-bin/>
Options +ExecCGI
AllowOverride None
AuthType Basic
AuthName "SVN Repository"
#AuthUserFile /home/passwd
Require valid-user
AddHandler cgi-script .cgi .pl
</Directory>
<Location /repos/ >
DAV svn
#SVNPathAuthz off
SVNListParentPath on
SVNParentPath /data/trac/
#SVNPath /data/Myrepos/
SVNReposName "ssr.com"
# authentication
AuthType Basic
AuthName "ssr.com"
AuthBasicProvider ldap
AuthLDAPURL "ldap://10.10.54.57:389/ou=People,dc=ssr,dc=com?uid?sub?(zimbraAccountStatus=active)"
# authorization
Require ldap-group cn=manager,ou=People,dc=ssr,dc=com
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
AuthzSVNAccessFile /data/trac/Config/config.txt
LimitRequestBody 0
LimitXMLRequestBody 0
</Location>
ErrorLog logs/svn-error.log
#LogLevel warn
#CustomLog /tmp/access.log combined
#LimitRequestBody 0
#LimitXMLRequestBody 0
ServerSignature On
</VirtualHost>
========================================================================================
重启服务:
shell>/etc/init.d/httpd restart
5.建立文件
shell>vim /data/trac/html/index.php
==================================
<?
phpinfo()
?>
==================================
shell>vim /data/trac/html/global_hooks/post-commit
======================================
#!/usr/bin/perl
use DBI;
use strict;
# config section
$ENV{"LANG"} = "zh_CN.UTF8";
my $svnlook = '/usr/bin/svnlook';
my $repos = $ARGV[0];
my $rev = $ARGV[1];
my $author = `$svnlook author -r "$rev" "$repos"`;
my $comment = `$svnlook log -r "$rev" "$repos"`;
chomp $author;
chomp $comment;
my $time = time;
while ($comment =~ /#(\d+)/gs) {
my $ticket = $1;
my $dbargs = { AutoCommit => 1, PrintError => 1 };
my $dbh = DBI->connect("dbi:SQLite:dbname=/home/trac/PROJECT/db/trac.db", "", "", $dbargs);
my $sth = $dbh->prepare("SELECT * FROM ticket WHERE id=?");
$sth->execute(($ticket));
$sth->fetchrow_array;
if ($sth->rows>0) {
my $sth2 = $dbh->prepare("INSERT INTO ticket_change(ticket, time, author, field, oldvalue, newvalue) VALUES(?, ?, ?, 'comment', (SELECT COUNT(*) FROM ticket_change WHERE ticket=? AND field='comment')+1, ?)");
$sth2->execute(($ticket, $time, $author, $ticket, "Changeset [$rev]: $comment"));
undef $sth2;
}
undef $sth;
$dbh->disconnect;
}
exit(0);
============================================
shell>vim /data/trac/html/global_hooks/pre-commit
================================================
#!/usr/bin/perl
# config section
$svnlook = '/usr/bin/svnlook';
$repos = $ARGV[0];
$txn = $ARGV[1];
$minchars = 5;
$comment = `$svnlook log -t "$txn" "$repos"`;
chomp($comment);
if ( length($comment) == 0 ) {
print STDERR "A comment is required!";
exit(1);
}
elsif ( length($comment) < $minchars ) {
print STDERR "Comment must be at least $minchars characters.";
exit(1);
}
$filter = '(\.(?:pdb|suo|log|obj|db|scc|user|(?:[^.]*\~[^.]*)))$';
@changes = `$svnlook changed -t "$txn" "$repos"`;
foreach $change (@changes) {
chop($change);
($change_mode, $change_file) = split(/\s+/, $change);
if (($change_mode eq 'A') && ($change_file =~ /$filter/i) ) {
print STDERR "$1 files are not allowed to sumbit.";
exit(1);
}
}
exit(0);
===================================================================
shell>vim /var/www/trac/html/index.html ---/var/www/trac2/做以下相同的操作
=========================================================
<html>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<head><title>SSR Trac Site</title>
<style>
ul li a
{
font-weight:700;
}
ul li{line-height:30px;}
</style>
</head>
<body>
<ul id="nav">
<li><a href="/projects/">ssr</a></li>
</ul>
</body>
</html>
===========================================================
shell> vim /var/www/trac/html/VERSION ---显示svn版本信息
==============================
Trac Environment Version 1
============================
七. trac
1.安装依赖包
shell>yum install python-devel python-setuptools sqlite sqlite-devel mod_python
安装Genshi
shell>tar zvxf Genshi-0.7.tar.gz
shell>cd Genshi-0.7
shell>python setup.py install
2.安装trac
shell>tar xvf Trac-0.11.2.1.tar.gz
shell>cd Trac-0.11.2.1
shell>python setup.py install
3.新建目录
shell>mkdir /var/www/trac
shell>mkdir /var/www/trac2
4.修改配置文件
shell>vim /etc/http/conf/httpd.conf
===========================================================================
<VirtualHost *:80>
ServerAdmin charlie@ssr.com
ServerName trac.ssr.com
ServerAlias trac.ssr.com
DocumentRoot /var/www/
<Directory / >
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Location /projects >
SetHandler mod_python
PythonInterpreter main_interpreter
PythonHandler trac.web.modpython_frontend
PythonPath "sys.path + ['/var/www/trac']"
PythonOption TracEnvParentDir /var/www/trac
PythonOption TracUriRoot /projects
</Location>
<LocationMatch "/projects/[^/]+/login">
AuthType Basic
AuthName "Trac"
AuthBasicProvider ldap
AuthLDAPURL "ldap://10.10.54.57:389/ou=People,dc=ssr,dc=com?uid?sub?(zimbraAccountStatus=active)"
AuthzLDAPAuthoritative Off
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
require valid-user
</LocationMatch>
<LocationMatch "/projects/[^/]+?issue/login">
AuthType Basic
AuthName "TracIssue"
Require valid-user
</LocationMatch>
ErrorLog /var/log/httpd/trac_error.log
CustomLog "logs/trac-access_log" common
LogLevel warn
ServerSignature On
</VirtualHost>
=======================================================================================
重启服务:
shell>/etc/init.d/httpd restart
5.建立测试文件
shell>vim /var/www/index.html
==============================================================
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<head><title>SSR Trac Site</title>
<style>
ul li a
{
font-weight:bold;
font-size:3em;
}
#continer{
margin :0px auto
}
#continer h1{
text-align:center;
color:black;
}
ul li{line-height:80px;}
</style>
</head>
<body>
<div id=continer>
<h1>世为软件研究院</h1>
<ul id="nav">
<li><a href="/projects/">ssr</a></li>
</ul>
</div>
</body>
</html>
================================================
6.测试
http://trac.ssr.com
八. svnmanager
1.安装
shell>tar xvf SvnManager20140609.tar.gz
shell>mv SvnManager /var/www/html/
2.安装模块
shell>cd /var/www/html/SvnManager
shell>cpan strict
shell>cpan Net::LDAP
shell>cpan ExtUtils::MakeMaker
shell>cpan Data::Dumper
shell>cpan Config::Tiny
shell>cpan POSIX "strftime" ---没有安装成功
shell>cpan CGI::Carp
shell>cpan CGI::Session
shell>cpan Template
shell>cpan HTML::Template
shell>cpan -fi DBD::mysql
shell>cpan DBI
3.授权
导入数据库:
shell>mysql -uroot -p123456</tmp/svnmanager.sql
mysql> grant all privileges on svnmanager.* to 'svnmanager'@'localhost' identified by 'svnmanager';
mysql> flush privileges;
测试:
shell>mysql -u svnmanager -p ----可以登陆
4.修改apache配置文件
shell>vim /etc/http/conf/httpd.conf
============================================
<VirtualHost *:80>
ServerName svnmanager.ssr.com
DocumentRoot "/var/www/html/SvnManager/html"
<Directory /var/www/html/SvnManager/html>
Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>
<IfModule dir_module>
DirectoryIndex login.htm
</IfModule>
HostnameLookups off
<Files ~ "\.(html|cgi)$">
HostnameLookups on
</Files>
ScriptAlias /cgi-bin/ /var/www/html/SvnManager/
<Directory /var/www/html/SvnManager/>
Options +ExecCGI
AddHandler cgi-script .cgi
AllowOverride None
Order Deny,Allow
Allow from all
</Directory>
ErrorLog "logs/svnmanager-error_log"
CustomLog "logs/svnmanager-access_log" common
</VirtualHost>
===============================================
5.修改配置文件
shell>vim /var/www/html/SvnManager/Config/Config.ini
==========================================
# Mysql Settings
[MYSQL]
MyHost=localhost
MyUser=svnmanager
MyPass=svnmanager
MyDB=svnmanager
[TracLdap]
Trac_ldap_ip=10.10.54.57
Trac_ldap_ou=ou=People,dc=ssr,dc=com
Trac_ldap_User=cn=manager,dc=ssr,dc=com
Trac_ldap_Mydc=dc=ssr,dc=com
Trac_ldap_passwd=123456
# Zimbra ldap
[MailLdap]
Mail_ldap_ip=10.10.54.58
Mail_ldap_ou=ou=People,dc=ssr,dc=com
Mail_ldap_User=uid=zimbra,cn=admins,cn=zimbra
Mail_ldap_passwd=jP70SnUH
[Subversion]
Root=/data/trac
=================================
修改/var/www/html/SvnManager/module下Jump.pm crazy.pm文件中的ldap://10.10.54.57
shell>perl Synchldap.pl ---显示同步用户成功
6.登陆
http://svnmanager.ssr.com
九.每隔一分钟同步一次
shell> vim /etc/crontab
============================================================
*/1 * * * * cd /var/www/html/SvnManager && perl Synchldap.pl
===========================================================
shell>/etc/init.d/crond restart
十.日志服务器
shell>vim /etc/syslog.conf --添加如下
==========================================
local4.debug /var/log/slapd.log
============================================
syslog,可以自动收集部分设备运行状态信息,并保存在一个syslog 服务器中
shell>/etc/init.d/syslog restart
-------------------------------------------------------------------------------
错误问题:
1.cpan初始化,cpan要初始化才能使用:
perl -e shell -MCPAN
o conf init urlist (可用url初始化)
o conf commit
cpan初始化还不能解决的问题,直接把/root/.cpan删掉重新初始化,一般都能解决问题
2.svn错误
File does not exist: /data/trac/html/favicon.ico
解决办法:在网站根目录下建立favicon.ico图标文件.
3.权限问题
/data/trac /var/www/trac/用户和用户组为apache.
转载于:https://my.oschina.net/xiaoq6427/blog/287312