ansible --version
~# echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu bionic main" | sudo tee -a /etc/apt/sources.list
~# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
~# sudo apt update
~# sudo apt install ansible -y
~# sudo ansible --version
~$ sudo -i
~# ssh-keygen
~# ssh-copy-id root@192.168.96.15
~# ssh-copy-id root@192.168.96.17
~# vi $HOME/hosts
[Web]
192.168.1.15
[DB]
192.168.1.17
Ansible 預設可以執行的模組指令, 範例如下,
Syntax:
# ansible -i <host_file> -m <module> <host>
如下:
- -i ~/hosts: contains list of ansible hosts
- -m: after -m specify the ansible module like ping & shell
- <host>: Ansible hosts where we want to run the ansible modules
Verify ping connectivity using ansible ping module
~# ansible -i ~/hosts -m ping all
~# ansible -i ~/hosts -m ping Web
~# ansible -i ~/hosts -m ping DB
安裝 jenkins
使用 root 或 用user 加上 sudo privileges 來安裝 Jenkins 在 Debian 10:
[09:10:26 root@Debian10-2-Jenkins-Ansible-02 ~]# apt update
[09:10:26 root@Debian10-2-Jenkins-Ansible-02 ~]# apt install default-jdk
OR
[09:10:26 root@Debian10-2-Jenkins-Ansible-02 ~] $ sudo apt update
[09:10:26 root@Debian10-2-Jenkins-Ansible-02 ~] $ sudo apt install default-jdk
更新 key
安裝新增 Jenkins repository GPG keys
wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
這個指令要return OK 才算成功 如果不行請檢查你的 網路或是防火牆是否有阻擋
將 Jenkins repository 更新到你的系統內
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
### Debian 10.3 才可以行
wget -q -O - https://pkg.jenkins.io/debian/jenkins-ci.org.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
sudo apt-get update
sudo apt-get install jenkins
###
更新套件並安裝 jenkins
sudo apt update
sudo apt install jenkins
設定開機啟動 jenkins
sudo systemctl enable --now jenkins
完成後就可以安裝你的 jenkins
To start the setup process, 打開你的瀏覽器輸入你的Domain 或 IP address, 預設 by port 8080,
http://your_ip_or_domain:8080.
Debian 環境安裝新版 nginx
在 Debian 系統中,我們可以通過 apt-get 安裝系統自帶的 nginx,這樣安裝的 nginx 版本略舊。Nginx 官網提供了一些編輯繹好的 deb 安裝包,
我們只需更新安裝源,就可以通過 apt-get 來安裝最新的穩定版 Nginx 了。
$ echo deb http://nginx.org/packages/debian/ stretch nginx | sudo tee /etc/apt/sources.list.d/nginx.list
$ wget http://nginx.org/keys/nginx_signing.key && sudo apt-key add nginx_signing.key
$ sudo apt update && apt install nginx -y
需要注意的是,這一步安裝的 Nginx 和系統自帶的 nginx 的配置目錄略有區別,可以用一下幾個簡單的命令修正:
sudo mkdir /etc/nginx/{sites-available,sites-enabled}
sudo mv /etc/nginx/conf.d/* /etc/nginx/sites-available
sudo rmdir -f /etc/nginx/conf.d/
sudo perl -pi -e 's/conf.d/sites-enabled/g' /etc/nginx/nginx.conf
或直接安裝
安裝 nginx
apt install nginx
vi /etc/nginx/sites-available/default
新增加
location ^~ /jenkins/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_max_temp_file_size 0;
#proxy_pass http://localhost:8080/jenkins/;
proxy_pass http://127.0.0.1:8080/jenkins/;
# The following settings from https://wiki.jenkins-ci.org/display/JENKINS/Running+Hudson+behind+Nginx
sendfile off;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
# This is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
}
#################
修改 jenkin 路徑
vi /etc/default/jenkins
JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --prefix=/jenkins"
重新啟動 nginx 和 jenkins
systemctl restart nginx.service
systemctl restart jenkins.service
輸入 http://xxx.xxx.xxx.xxx/jenkins
額外安裝設定 mariadb 和 PHP
apt install mariadb-server mariadb-client
mysql_secure_installation
MariaDB [(none)]> CREATE DATABASE example_database;
MariaDB [(none)]> GRANT ALL ON example_database.* TO 'example_user'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> exit
mariadb -u example_user -p
MariaDB [(none)]> SHOW DATABASES;
MariaDB [(none)]> exit
安裝基本 php
apt install php-fpm php-mysql
Installing Additional PHP Extensions
sudo apt update
apt install php-fpm php-common php-curl php-intl php-mbstring php-xmlrpc php-mysql php-gd php-xml php-cli php-tidy php-zip php-soap php-sqlite3
安裝
# Install PHP mcrypt on Debian 10/PHP 7.3
#
# Install pre-requisites
apt-get install php-dev libmcrypt-dev php-pear
# Install mcrypt PHP module
pecl channel-update pecl.php.net
pecl install channel://pecl.php.net/mcrypt-1.0.2
#
#Build process completed successfully
#Installing '/usr/lib/php/20180731/mcrypt.so'
#install ok: channel://pecl.php.net/mcrypt-1.0.2
#configuration option "php_ini" is not set to php.ini location
#You should add "extension=mcrypt.so" to php.ini
#
############ 安裝 php 7.4 #######################################
apt-get install -y apt-transport-https lsb-release ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list
apt-get update
apt-get upgrade
安裝新版 php7.4
apt-get install php7.4 php7.4-cli php7.4-cgi php7.4-fpm php7.4-gd php7.4-mysql php7.4-imap php7.4-curl \
php7.4-intl php7.4-pspell php7.4-sqlite3 php7.4-tidy php7.4-xmlrpc php7.4-xsl php7.4-zip php7.4-mbstring \
php7.4-soap php7.4-opcache libonig5 php7.4-common php7.4-json php7.4-readline php7.4-xml
pecl install mcrypt-1.0.4
# Install PHP mcrypt on Debian 10/PHP 7.4
#
# Install pre-requisites
apt-get install php-dev libmcrypt-dev php-pear
# Install mcrypt PHP module
pecl channel-update pecl.php.net
pecl install channel://pecl.php.net/mcrypt-1.0.3
###########################################################
Build process completed successfully
Installing '/usr/lib/php/20190902/mcrypt.so'
install ok: channel://pecl.php.net/mcrypt-1.0.3
configuration option "php_ini" is not set to php.ini location
You should add "extension=mcrypt.so" to php.ini
Add mcrypt.so to the php.ini file
vi /etc/php/7.3/cli/php.ini
For Nginx, use this:
vi /etc/php/7.3/fpm/php.ini
For Apache
vi /etc/php/7.3/apache2/php.ini
修改 php.ini 設定
file_uploads = On
allow_url_fopen = On
memory_limit = 256M
upload_max_filesize = 100M
cgi.fix_pathinfo = 0
max_execution_time = 360
date.timezone = Asia/Taipei
#########
修改run php
# php-fpm
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#
## 如果使用 nginx 1.18 最新版需修改 www.conf
修改 /etc/php/7.4/fpm/pool.d/www.conf 設定檔,改變執行者及群組
# vi /etc/php/7.4/fpm/pool.d/www.conf
user = nginx
group = nginx
listen = /var/run/php-fpm.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0666
systemctl restart php7.3-fpm.service
systemctl status php* | grep fpm.service
建立php檔案,名稱為: info.php ,擺上下列三行程式碼,在儲存。
<?php
phpinfo();
?>
安裝 NFS 設定檔
/var/nfsshare 192.168.0.0/24(rw,sync,no_root_squash,no_all_squash)
/var/nfsshare 192.168.96.0/24(rw,sync,no_root_squash,no_all_squash)
/var/nfsshare 172.19.4.0/24(rw,sync,no_root_squash,no_all_squash)
## 使用 php 7.4 設定 設定 需要調整
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
# php-fpm
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.3-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
沒有留言:
張貼留言