①实现一个 WEB 服务
httpd 程序, httpd-manual 手册, mod_ssl ,模块 mod_wsgi ,动态
yum -y install httpd httpd-manual mod_ssl mod_wsgi
rpm -qc httpd-manual
systemctl restart httpd
firewall-cmd --permanent --add-service=http
firewall-cmd --reload
打开浏览器查看手册,输入:http://s0/manual
rpm -ql httpd |grep vhost ,虚拟机做权限配置
过滤DocumentRoot,找到主目录 /var/www/html
grep DocumentRoot /etc/httpd/conf/httpd.conf
wget http://classroom.example.com/content/base.html -O /var/www/html/index.html
文件不能使用mv命令,会有上下文关系问题,使用cp复制
拷贝虚拟主机配置文件
cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf /etc/hpptd/conf.d/
vim /etc/hpptd/conf.d/httpd-vhosts.conf,编辑虚拟主机
rpm查询主配置文件: rpm-qc httpd
编辑主配置文件: vim /etc/httpd/conf/httpd.conf
:set nu
/director ,查找权限
在124行,找到 /var/www
在157行,把Require all granted ,所有人都可以访问命令注释掉
文档,找到,Upgrading to 2.4 from 2.2
下拉,点击require all
根据题目修改:
systemctl restart httpd
systemctl enable httpd
firewall-cmd --list -all ,之前防火墙有放行,确认一下http
测试,新开一个终端
ssh -X root@desktop0
firefox http://www0.example.com ,不要关,下一题刷新测试
================================================================================================================================================================================================
先做配置虚拟主机
④配置虚拟主机
host webapp0.example.com
mkdir /var/www/virtual
wget http://classroom.example.com/content/extend.html -O /var/www/virtual/index.html
chown floyd /var/www/virtual
编辑虚拟主机
vim /etc/httpd/conf.d/httpd-vhosts.conf
在配置文件里,复制一个配置文件:4yy,P
修改:
保存退出
Ctrl+r 搜索历史命令res ,重启服务:systemctl restart httpd
测试,通过火狐浏览器,输入http://webapp0.example.com/
刷新上一题开的终端,可以正常显示hello,over
================================================================================================================================================================================================
⑤配置安全 web 服务
rpm -qc mod_ssl
vim /etc/httpd/conf.d/ssl.conf
*:443 代表所有的IP都通过443端口
59 ,去掉#
60, 去掉#,www后面加上0
100, /localhost 改成www0
107, 改成www0.key
116, 证书量,改成 /example-ca.crt
保存退出
grep找到路径,下载
grep www0 /etc/httpd/conf.d/ssl.conf
wget http://classroom/pub/tls/certs/www0.crt -O /etc/pki/tls/certs/www0.crt
wget http://classroom/pub/tls/private/www0.key -O /etc/pki/tls/private/www0.key
grep example-ca /etc/httpd/conf.d/ssl.conf
wget http://classroom/pub/example-ca.crt -O /etc/pki/tls/certs/example-ca.crt
systemctl restart httpd
firewall-cmd --permanent --add-service=https
测试,在desktop0终端,火狐浏览器: https://www0.example.com
================================================================================================================================================================================================
⑥配置 web 内容访问
mkdir /var/www/{html,virtual}/private
wget http://classroom.example.com/content/permission.html -O /var/www/virtual/private/index.html
wget http://classroom.example.com/content/permission.html -O /var/www/html/private/index.html
vim /etc/httpd/conf/httpd.conf
6yy ,P ,复制一行
7 <Directory "/var/www/html/private">
128 Require host server0.example.com
129 </Directory>
3yy,P
<Directory "/var/www/virtual/private">
125 Require host server0.example.com
126 </Directory>
保存退出
systemctl restart httpd ,重启服务
把之前开的火狐浏览器关掉,再次做重导,退出server0,重新登录
ssh root@s0 -X
测试,在server0终端: firefox https://www0.example.com/private
================================================================================================================================================================================================
⑦在server0上实现动态web 内容
vim /etc/httpd/conf.d/httpd-vhosts.conf
4yy ,P
先listen 8909 ,才能使用端口
从 http://classroom.example.com/content/webapp.wsgi 下载一个脚本,然后放在适当的位置,不要修改文件内容
wget http://classroom.example.com/content/webapp.wsgi -O /var/www/html/webapp.wsgi
查询配置文件:
rpm -ql mod_wsgi
grep -i alias /usr/share/doc/mod_wsgi-3.4/README ,查看别名的用法
复制 WSGIScriptAlias /myapp /usr/local/wsgi/scripts/myapp.wsgi
重复打开!v, vim /etc/httpd/conf.d/httpd-vhosts.conf
粘贴,WSGIScriptAlias /myapp /usr/local/wsgi/scripts/myapp.wsgi
不需要子目录,删除DocumentRoot "/var/www/virtual"
把下载的路径读进来
因为selinux关系,端口要做标签 semanage
man semanage port | grep \#
semanage port -a -t http_port_t -p tcp 81 -a表示add, -t表示类型, -p表示协议
systemclt restart httpd ,重启服务
firewall-cmd --permanent --add-port=8909/tcp
firewall-cmd --reload
测试:
在之前打开的sever0火狐浏览器上新开一个tab ,打开网站,刷新网站,时间会变化