RHCE第二次作业

一小只刁

已于 2024-01-14 23:10:47 修改

阅读量354

点赞数 8

文章标签： php

于 2024-01-14 22:51:30 首次发布

本文链接：https://blog.csdn.net/m0_74851380/article/details/135587069

版权

1.基于域名[www.openlab.com](http://www.openlab.com)可以访问网站内容为 welcome to openlab!!!

[root@localhost ~]# systemctl stop firewalld ---关闭防火墙
[root@localhost ~]# setenforce 0
[root@localhost ~]# vim /etc/nginx/conf.d/text_name.conf---编辑配置文件
server {
        listen 192.168.246.129:80;
        root /www/name/openlab;
        server_name www.openlab.com;
        location / {
                index index.html;
        }

}

[root@localhost ~]# mkdir /www/name/openlab
[root@localhost ~]# echo welcome to openlab!!! > /www/name/openlab/index.html
[root@localhost ~]# systemctl restart nginx
[root@localhost ~]# vim /etc/hosts
192.168.246.129 www.openlab.com
[root@localhost ~]# curl www.openlab.com
welcome to openlab!!!

2.给该公司创建三个子界面分别显示学生信息，教学资料和缴费网站，基于[www.openlab.com/student](http://www.openlab.com/student) 网站访问学生信息，[www.openlab.com/data](http://www.openlab.com/data)网站访问教学资料[www.openlab.com/money网站访问缴费网站](http://www.openlab.com/money网站访问缴费网站)

要求（1）学生信息网站只有song和tian两人可以访问，其他用户不能访问。

（2）访问缴费网站实现数据加密基于https访问。

# 编辑配置文件
[root@localhost name]# vim /etc/nginx/conf.d/test_alias.conf
server{
        listen 192.168.246.129:80;
        root /www/name/openlab;
        server_name www.openlab.com;
        location /student {
                alias /openlab/student/;
        }
        location /data {
                alias /openlab/data/;
        }
        location /money{
                alias /openlab/money/;
        }
}
[root@localhost name]# mkdir /openlab/student -pv
[root@localhost name]# mkdir /openlab/data 
[root@localhost name]# mkdir /openlab/money
[root@localhost name]# echo this is student > /openlab/student/index.html
[root@localhost name]# echo this is data > /openlab/data/index.html
[root@localhost name]# echo this is money > /openlab/money/index.html

[root@localhost name]# htpasswd  -c /etc/nginx/users song
New password: 
Re-type new password: 
Adding password for user song
[root@localhost name]# htpasswd  -c /etc/nginx/users tian
New password: 
Re-type new password: 
[root@localhost tls]# vim /etc/nginx/conf.d/text_https.conf
server {
        listen 192.168.246.129:443 ssl;
        root /www/name/openlab;
        server_name www.openlab.com;
        ssl_certificate /etc/pki/tls/certs/openlab.crt;
        ssl_certificate_key /etc/pki/tls/private/openlab.key;
        location /money {
                alias /openlab/money/;
        }
}
[root@localhost tls]# openssl genrsa -out /etc/pki/tls/private/openlab.key
[root@localhost tls]# openssl req -utf8 -new -key /etc/pki/tls/private/openlab.key -x509 -days 365 -out /etc/pki/tls/certs/openlab.crt
[root@localhost tls]# systemctl restart nginx

架设一台NFS服务器，并按照以下要求配置

1、开放/nfs/shared目录，供所有用户查询资料

2、开放/nfs/upload目录，为192.168.xxx.0/24网段主机可以上传目录，

并将所有用户及所属的组映射为nfs-upload,其UID和GID均为210

3、将/home/tom目录仅共享给192.168.xxx.xxx这台主机，并只有用户tom可以完全访问该目录

[root@localhost tls]# systemctl start nfs-server
[root@localhost tls]# mkdir /nfs/shared -pv
[root@localhost tls]# mkdir /nfs/upload
[root@localhost tls]# mkdir /home/tom
[root@localhost tls]# vim /etc/exports
/share *(rw)
/nfs/shared *(ro)
/nfs/upload 192.168.246.0/24(rw,all_squash,anonuid=210,anongid=210)
/home/tom 192.168.246.129(rw)
[root@localhost tls]# groupadd nfs-upload -g 210
[root@localhost tls]# useradd nfs-upload -u 210 -g 210
[root@localhost tls]# chmod o+w /nfs/upload
[root@localhost tls]# exportfs -r