vm-ubuntu-fe安装过程

记录时间：2011-03-20

虚拟系统配置

• CPU：1
• 内存：512MB
• 硬盘：系统：2GB
• 服务：Apache2 + WordPress

提供服务

• http://vm-ubuntu-fe/wordpress

添加vm-ubuntu-fe虚拟机

在vmhost-ubuntu-vbox上初始化及设置虚拟机

mount /dev/sdb1 /mnt/backup/ su - vbox VBoxManage createvm --name vm-ubuntu-fe --register VBoxManage modifyvm vm-ubuntu-fe --cpus 1 --memory 512 --vram 8 --acpi on --boot1 dvd --boot2 disk --audio alsa --audiocontroller ac97 --usb on --usbehci on --nic1 bridged --bridgeadapter1 eth0 --vrde on --vrdevideochannel on --vrdevideochannelquality 75 VBoxManage sharedfolder add vm-ubuntu-fe --name vbox-shared --hostpath /opt/vbox-shared --automount VBoxManage createhd --filename /opt/vbox/vm-ubuntu-fe/vm-ubuntu-fe-system.vdi --size 2000 --variant fixed VBoxManage storagectl vm-ubuntu-fe --name "SATA Controller" --add sata VBoxManage storageattach vm-ubuntu-fe --storagectl "SATA Controller" --port 0 --device 0 --type hdd --medium /opt/vbox/vm-ubuntu-fe/vm-ubuntu-fe-system.vdi VBoxManage storageattach vm-ubuntu-fe --storagectl "SATA Controller" --port 1 --device 0 --type dvddrive --medium /mnt/backup/setup/system/ubuntu-10.04.2-server-amd64.iso VBoxManage showvminfo vm-ubuntu-fe VBoxHeadless -s vm-ubuntu-fe

远程VRDP安装

使用Windows上的远程管理工具

• mstsc <vmhost-ubuntu-vbox-ip>:3389
• 选项：640*400, 16bit
• Installer boot menu
  • Language: English
  • <F6>: noacpi=on, nomodeset=on
  • Install Ubuntu Server 10.04 (Rescue mode)
• Ubuntu installer main menu
  • Choose language: English
  • Location: other, Europe, Germany
  • Detect keyboard layout: yes, + y <ENTER> => de:nodeadkeys
• Configure the network
  • DHCP: Auto
  • hostname: vm-ubuntu-fe
• Partition disks
  • GParted, manage entire disk
• Install the base system
• Set up users and passwords
  • Fullname: admin 2cn.de
  • Username: r
  • Password: <password>
  • Encrypt your home directory: No
• Configure the package manager
  • HTTP proxy: 无
• Select and install software: No automatic updates
• Software selection
  • OpenSSH Server
• Configuring grub-pc
  • Install the GRUB boot loader to the MBR: Yes
• Restart

开启代理，更新系统，安装常用软件，删除不需要的软件包

sudo su export http_proxy=http://www-cache.uni-mannheim.de:3128 apt-get update apt-get dist-upgrade apt-get autoremove apt-get install rcconf apt-get install python-software-properties add-apt-repository "deb http://archive.canonical.com/ lucid partner" apt-get remove ubuntu-docs apt-get remove mysql-common apt-get remove samba-common apt-get clean apt-get autoclean apt-get autoremove cat /etc/issue vi /etc/hosts

127.0.0.1 vm-ubuntu-fe 10.20.18.104 vmhost-ubuntu-vbox

为r和root用户设置top

添加nagios远程监测

apt-get install nagios-nrpe-server vi /etc/nagios/nrpe.cfg

修改/添加

allowed_hosts=vmhost-ubuntu-vbox command[check_all_disks]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -e

/etc/init.d/nagios-nrpe-server restart

避免意外删除文件等错误

vi /etc/bash.bashrc

在vi里添加以下几行:

confirm() { echo -n "Please confirm $*? [N/y] " read -N 1 REPLY echo if test "$REPLY" = "y" -o "$REPLY" = "Y"; then "$@" else echo "Cancelled by user" fi } alias rm="rm -i" alias cp="cp -i" alias mv="mv -i" alias halt="confirm halt" alias reboot="confirm reboot" alias shutdown="confirm shutdown"

SSH设置

用PAM限制SSH用户

vi /etc/pam.d/sshd

在vi里写入

auth required pam_listfile.so item=user sense=allow file=/etc/ssh/ssh.allow onerr=fail

添加允许SSH的用户

vi /etc/ssh/ssh.allow

在vi里写入

r

10分钟后自动关闭空闲的SSH链接

vi /etc/ssh/sshd_config

添加以下几行：

ClientAliveInterval 300 ClientAliveCountMax 2 UseDNS no

安装VirtualBox Additions增强功能

在vmhost-ubuntu-vbox上：

su - vbox VBoxManage storageattach vm-ubuntu-fe --storagectl "SATA Controller" --port 1 --device 0 --type dvddrive --medium /usr/share/virtualbox/VBoxGuestAdditions.iso

在vm-ubuntu-fe上：

sudo su mkdir /media/cdrom mount /dev/cdrom1 /media/cdrom apt-get install dkms /media/cdrom/VBoxLinuxAdditions.run --nox11 # 忽略没有视窗的错误：Installing the Window System drivers ...fail! addgroup r vboxrf

安装apache2

apt-get install apache2 vi /etc/apache2/apache2.conf

添加/修改行：

ServerName localhost Timeout 60

vi /etc/apache2/conf.d/security

添加/修改行：

# Disable access, directory indexing and .htaccess files by default <Directory /> Options -Indexes AllowOverride None Order Deny,Allow Deny from all </Directory> # Disable system information be included in the HTTP responses ServerTokens Prod # Disable system information to be included in server-generated pages ServerSignature Off # Disable HTTP TRACE requests TraceEnable Off

groupadd log usermod -a -G log www-data usermod -a -G log r mkdir /opt/logs mkdir /opt/logs/apache2 rm -R /var/log/apache2 ln -s /opt/logs/apache2 /var/log/apache2 chown -R www-data.log /opt/logs chmod -R g+w /opt/logs chmod -R o-r /opt/logs chmod -R o-x /opt/logs

安装WordPress

apt-get install mysql-server apt-get install php5 phpmyadmin adduser --system --shell /bin/sh --gecos 'wordpress admin' --group --disabled-password --home /opt/wordpress wpadmin usermod -a -G log wpadmin usermod -a -G wpadmin www-data mkdir /opt/wordpress cd /opt/wordpress wget http://wordpress.org/latest.tar.gz tar -zxvf latest.tar.gz chown -R www-data.www-data wordpress ln -s /opt/wordpress/wordpress /var/www/wordpress mysql -u root -p

CREATE DATABASE wordpress; CREATE USER wpadmin; SET PASSWORD FOR wpadmin = PASSWORD("<PASSWORD>"); GRANT ALL PRIVILEGES ON wordpress.* TO "wpadmin"@"localhost" IDENTIFIED BY "<PASSWORD>"; FLUSH PRIVILEGES; EXIT

cp /opt/wordpress/wordpress/wp-config-sample.php /opt/wordpress/wordpress/wp-config.php vi /opt/wordpress/wordpress/wp-config.php

define('DB_NAME', 'wordpress'); define('DB_USER', 'wpadmin'); define('DB_PASSWORD', '<PASSWORD>'); # https://api.wordpress.org/secret-key/1.1/salt/ <SALT>

• http://vm-ubuntu-fe/wordpress
  • Site Title: wordpress@2cn.de
  • Username: admin
  • Your E-mail: china-portal@gmx.net

设置固定IP

vi /etc/network/interfaces

删除以下dhcp的设置

auto eth0 iface eth0 inet dhcp

添加IP设置

auto  eth0 iface eth0 inet static address 192.168.178.111 netmask 255.255.255.0 network 192.168.178.0 broadcast 192.168.178.255 gateway 192.168.178.1

vi /etc/resolv.conf

search vm.2cn.de domain vm.2cn.de nameserver 192.168.178.1 nameserver 134.155.96.53

vi /etc/hosts

127.0.0.1 vm-ubuntu-fe 127.0.0.1 vm-ubuntu-fe.vm.2cn.de 192.168.168.11 vmhost-ubuntu-vbox 192.168.168.11 vmhost-ubuntu-vbox.2cn.de

/etc/init.d/networking restart

卸载dhcp

apt-get remove dhcp-client3

TODOs

• http://maketecheasier.com/shrink-your-virtualbox-vm/2009/04/06 (jobs: cleanup, backup)
• ftp server / webdav
• Website
  • http://www.uploadify.com/documentation/
  • http://www.plupload.com/example_all_runtimes.php (http://min.us)
  • http://mediaelementjs.com/
  • http://tympanus.net/codrops/2010/09/08/full-page-image-gallery/
  • http://www.net-and-law.de/de/netlaw/webimpressum/assistent.php
  • http://serverfault.com/questions/25423/apache-virtualhost-with-mod-proxy-and-ssl
  • http://blog.janjonas.net/2010-09-25/ubuntu-10_04-setup-apc-php_5_3-apache2
• caching
  • mod_expires – generates content expiration and cache control headers
  • mod_deflate – compresses content before it is delivered to the client
  • mod_mime – associates the requested file with its type and behavior
  • mod_dir–serves directory index files
  • mod_rewrite–is used to support Search Engine Friendly URL’s
  • mod_authz_host–is required to limit access to specific files
  • mod_authz_user–might be required in a staging environment to setup password authentication, but on a live site it is not necessary

49.484677 8.476724