- 登陆滴滴云备案服务器
ssh root@117.51.137.xx
- 添加Linux用户www
[root@10-255-20-98 ~]# adduser www [root@10-255-20-98 ~]# passwd www [root@10-255-20-98 ~]# chmod -v u+w /etc/sudoers [root@10-255-20-98 ~]# vim /etc/sudoers www ALL=(ALL) PASSWD:ALL [root@10-255-20-98 ~]# chmod -v u-w /etc/sudoers
- 配置ssh免登录
- 域名:
liangmydeMacBook-Pro:~ liangmy$ ssh-copy-id www@www.limeyu.com liangmydeMacBook-Pro:~ liangmy$ ssh-keygen -R www.limeyu.com
- IP:
liangmydeMacBook-Pro:~ liangmy$ ssh-copy-id www@117.51.137.xx
- 域名:
- 设置服务器时区
- 查看系统当前的时区
[www@10-255-20-98 ~]$ timedatectl
- 展示所有的时区
[www@10-255-20-98 ~]$ timedatectl list-timezones
- 修改系统使用的时区
[www@10-255-20-98 ~]$ sudo timedatectl set-timezone Europe/Berlin
- 设置JVM系统使用时区(CentOs中环境变量和配置文件)
[www@10-255-20-98 ~]$ cd /etc/profile.d/ [www@10-255-20-98 profile.d]$ sudo vim tz.sh export TZ="Europe/London"
- 查看系统当前的时区
- 更新yum源
[www@10-255-20-98 ~]$ cd /etc/yum.repos.d/ [www@10-255-20-98 yum.repos.d]$ sudo mv CentOS-Base.repo CentOS-Base.repo.backup [www@10-255-20-98 yum.repos.d]$ sudo wget http://mirrors.163.com/.help/CentOS7-Base-163.repo [www@10-255-20-98 yum.repos.d]$ sudo mv CentOS7-Base-163.repo CentOS-Base.repo [www@10-255-20-98 yum.repos.d]$ yum clean all [www@10-255-20-98 yum.repos.d]$ yum makecache
- 安装MySQL
[www@10-255-20-98 ~]$ wget https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm [www@10-255-20-98 ~]$ sudo rpm -ivh mysql57-community-release-el7-9.noarch.rpm [www@10-255-20-98 ~]$ sudo yum -y install mysql-server [www@10-255-20-98 ~]$ sudo systemctl start mysqld [www@10-255-20-98 ~]$ sudo grep 'temporary password' /var/log/mysqld.log [www@10-255-20-98 ~]$ mysql -uroot -p mysql> set password for root@localhost = password('zjlm@123456A'); mysql> CREATE USER 'prod'@'localhost' IDENTIFIED BY 'Prod123456,'; mysql> GRANT INSERT,UPDATE, SELECT,DELETE ON *.* TO 'prod'@'localhost' identified by 'Prod123456,'; mysql> FLUSH PRIVILEGES; mysql> mysql> CREATE USER 'lmy'@'%' IDENTIFIED BY 'Lmy123456,'; mysql> GRANT INSERT,UPDATE, SELECT,DELETE,INDEX,CREATE, ALTER,CREATE VIEW ON *.* TO 'lmy'@'%' identified by 'Lmy123456,' WITH GRANT OPTION; mysql> GRANT CREATE USER ON *.* TO 'lmy'@'%' identified by 'Lmy123456,' WITH GRANT OPTION; mysql> FLUSH PRIVILEGES; mysql> mysql> mysql> CREATE USER 'lg'@'%' IDENTIFIED BY 'Lg123456,'; mysql> GRANT SELECT ON *.* TO 'lg'@'%' identified by 'Lg123456,'; mysql> FLUSH PRIVILEGES; mysql> mysql> CREATE USER 'hyl'@'%' IDENTIFIED BY 'Hyl123456,'; mysql> GRANT SELECT ON *.* TO 'hyl'@'%' identified by 'Hyl123456,'; mysql> FLUSH PRIVILEGES; mysql> mysql> drop user prod@'localhost'; mysql> mysql> sudo systemctl restart mysqld mysql> mysql> exit
- MySQL宽松模式
mysql> select @@global.sql_mode; [www@10-255-20-98 ~]$ vim /etc/my.cnf sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION' [www@10-255-20-98 ~]$ sudo systemctl restart mysqld
- 打开3306端口
- 项目目录结构
[www@10-255-20-98 ~]$ scp -r www@www.limeyu.club:~/deploy_files . [www@10-255-20-98 ~]$ cd deploy_files/ [www@10-255-20-98 deploy_files]$ vim admin/application.properties spring.datasource.druid.url=jdbc:mysql://localhost:3306/das_my?characterEncoding=utf8&&useAffectedRows=true&useSSL=false mysql redis im asr pns oss [www@10-255-20-98 deploy_files]$ vim admin/etc.properties staffRegisterUrl/staffRedirectHtmlUrl [www@10-255-20-98 ~]$ mkdir jars [www@10-255-20-98 ~]$ mkdir -p log/das log/das-front_en [www@10-255-20-98 ~]$ scp -r www@www.limeyu.club:~/script . [www@10-255-20-98 ~]$ mkdir src
- 安装Redis
[www@10-255-20-98 ~]$ sudo yum -y install redis [www@10-255-20-98 ~]$ sudo vim /etc/redis.conf requirepass 654321 [www@10-255-20-98 ~]$ cd script/ [www@10-255-20-98 script]$ vim redis-start redis-server /etc/redis.conf > redis.log & [www@10-255-20-98 script]$ sudo ./redis-start
- 安装Nodejs
[www@10-255-20-98 ~]$ node -v [www@10-255-20-98 ~]$ sudo yum -y install nodejs [www@10-255-20-98 ~]$ npm config list -ls [www@10-255-20-98 ~]$ npm set registry https://registry.npm.taobao.org/ [www@10-255-20-98 ~]$ npm config rm registry ## 升级nodesj ### 安装n #### n是nodejs管理工具 [www@10-255-20-98 ~]$ npm install -g n ### 安装nodejs版本 #### 安装最新版 [www@10-255-20-98 ~]$ n latest [www@10-255-20-98 ~]$ n stable #### 安装指定版本 [www@10-255-20-98 ~]$ n 8.11.3 #### 切换nodejs版本 [www@10-255-20-98 ~]$ n ## 切换失效的解决办法 ### 查看 node 当前安装路径 [www@10-255-20-98 ~]$ which node /usr/local/bin/node #举个例子 #### 而 n 默认安装路径是 /usr/local,若你的 node 不是在此路径下,n 切换版本就不能把bin、lib、include、share 复制该路径中,所以我们必须通过N_PREFIX变量来修改 n 的默认node安装路径。 #### 编辑环境配置文件: [www@10-255-20-98 ~]$ vim ~/.bash_profile export N_PREFIX=/usr/local #node实际安装位置 export PATH=$N_PREFIX/bin:$PATH [www@10-255-20-98 ~]$ source ~/.bash_profile
- 安装Maven
[www@10-255-20-98 ~]$ mvn -v [www@10-255-20-98 ~]$ sudo yum install -y maven [www@10-255-20-98 ~]$ sudo vim /etc/maven/settings.xml
- 安装git
[www@10-255-20-98 ~]$ git --version [www@10-255-20-98 ~]$ sudo yum -y install git [www@10-255-20-98 ~]$ git config --global user.name www.limeyu.com [www@10-255-20-98 ~]$ git config --global user.email open@limeyu.com [www@10-255-20-98 ~]$ ssh-keygen -t rsa -C open@limeyu.com [www@10-255-20-98 ~]$ cat /home/www/.ssh/id_rsa.pub [www@10-255-20-98 ~]$ cd src/ [www@10-255-20-98 src]$ git clone git@gitee.com:limeyu/das_en.git [www@10-255-20-98 src]$ git clone git@gitee.com:limeyu/das-front_en.git [www@10-255-20-98 ~]$ cd /home/www/src/das_en/ [www@10-255-20-98 das_en]$ git checkout autox3_cn_master [www@10-255-20-98 ~]$ cd /home/www/src/das-front_en/ [www@10-255-20-98 das-front_en]$ git checkout autox3_cn_master [www@10-255-20-98 ~]$ cd /home/www/src/das-front_en/www.bba.vip/ [www@10-255-20-98 www.bba.vip]$ npm install
- 安装zip unzip
[www@10-255-20-98 ~]$ sudo yum install -y unzip zip
- 替换element-ui
liangmydeMacBook-Pro:~ liangmy$ scp ~/Documents/kangxiaoli/element-ui.zip www@www.limeyu.club:/home/www/src/das-front_en/www.bba.vip/node_modules/element-ui.zip [www@10-255-20-98 ~]$ cd /home/www/src/das-front_en/www.bba.vip/node_modules [www@10-255-20-98 node_modules]$ unzip -o element-ui.zip
- 安装nginx
[www@10-255-20-98 ~]$ sudo yum -y install nginx [www@10-255-20-98 ~]$ sudo vim /etc/hosts 23.44.51.8 ocsp.int-x3.letsencrypt.org [www@10-255-20-98 ~]$ sudo vim /etc/nginx/nginx.conf user www; charset utf-8; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; sendfile on; client_max_body_size 300m; keepalive_timeout 3000; # 启用OCSP订书机功能 ssl_stapling on; ssl_stapling_verify on; #后端平台管理系统接口 location ^~ /admin/api-v1/ { proxy_read_timeout 3000; proxy_pass http://127.0.0.1:18080/admin/api-v1/; } #后端门店管理系统接口 location ^~ /branch/api-v1/ { proxy_read_timeout 3000; proxy_pass http://127.0.0.1:18081/branch/api-v1/; } #后端客户端app接口 location ^~ /carowner/api-v1/ { proxy_read_timeout 3000; proxy_pass http://127.0.0.1:18082/carowner/api-v1/; } #后端技师端app接口 location ^~ /mechanic/api-v1/ { proxy_read_timeout 3000; proxy_pass http://127.0.0.1:18083/mechanic/api-v1/; } #移动端h5页面 location /carapp/ { try_files $uri $uri/; root /home/www/src/das-front_en/; index /serve/serve-apply.html; } # 体验卡活动h5页面 location /wxh5/ { try_files $uri $uri/; root /home/www/src/das-front_en/; index /experienceCard/experience-card.html; } #动静分离,前端静态页面 location / { try_files $uri $uri/ /index.html; root /home/www/src/www.bba.vip/dist/; index index.html; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } #车主端h5的后台接口请求 location ^~ /carowner/api-v1/ { proxy_read_timeout 3000; proxy_pass http://127.0.0.1:18082/carowner/api-v1/; } #后端技师端app接口 location ^~ /mechanic/api-v1/ { proxy_read_timeout 3000; proxy_pass http://127.0.0.1:18083/mechanic/api-v1/; } #移动端h5页面 location / { try_files $uri $uri/ /index.html; root /home/www/src/das-front_en/; index index.html; } [www@10-255-20-98 ~]$ sudo nginx -t [www@10-255-20-98 ~]$ sudo systemctl start nginx.service [www@10-255-20-98 ~]$ sudo systemctl restart nginx.service [www@10-255-20-98 ~]$ sudo nginx -s reload [www@10-255-20-98 ~]$ systemctl status nginx.service [www@10-255-20-98 ~]$ [www@10-255-20-98 ~]$ [www@10-255-20-98 ~]$ sudo chown www -R /var/lib/nginx/
意外:访问失败多半是前端请求路径不正确
修复路径即可
- 启动服务
[www@10-255-20-98 ~]$ cd script/ [www@10-255-20-98 script]$ vim deploy_jars nohup java -Duser.language=en -Duser.country=GB -jar $jar & [www@10-255-20-98 script]$ ./deploy_jars
- 配置SSL
[www@10-255-20-98 ~]$ sudo yum -y install certbot python2-certbot-nginx [www@10-255-20-98 ~]$ sudo certbot --nginx Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): autox3global@gmail.com Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Which names would you like to activate HTTPS for? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: router.autox3.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 Obtaining a new certificate Performing the following challenges: http-01 challenge for router.autox3.com Waiting for verification... Cleaning up challenges Deploying Certificate to VirtualHost /etc/nginx/nginx.conf Redirecting all traffic on port 80 to ssl in /etc/nginx/nginx.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://router.autox3.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Subscribe to the EFF mailing list (email: autox3global@gmail.com). Starting new HTTPS connection (1): supporters.eff.org IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/router.autox3.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/router.autox3.com/privkey.pem Your cert will expire on 2021-01-09. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le [www@10-255-20-98 ~]$ [www@10-255-20-98 ~]$ echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew -q" | sudo tee -a /etc/crontab > /dev/null
意外:certbot --nginx 报错
PIP版本错误导致。先卸载错误的版本,再安装正确的版本。[www@10-255-20-98 ~]$ sudo pip uninstall urllib3 [www@10-255-20-98 ~]$ sudo pip uninstall requests [www@10-255-20-98 ~]$ sudo pip uninstall chardet [www@10-255-20-98 ~]$ sudo pip install --upgrade --force-reinstall 'requests==2.6.0' urllib3
意外:字符集错误
设置Python默认字符集[www@10-255-20-98 ~]$ sudo vim /usr/lib/python2.7/site-packages/sitecustomize.py import sys reload(sys) sys.setdefaultencoding('utf-8')
-
SSL续约(certbot)
[www@10-255-20-98 ~]$ sudo certbot renew
-
啦啦啦