리눅스 인프라 구축을 통한 wordpress 구현
프로젝트 환경
환경 구성
- virtual box
- ceontos 환경을 구축하기 위해 설치한 가상화 소프트웨어 - ceontos
- 웹서버, DNS 서버, DB 서버 구축을 위해 사용
web server
리눅스 버전 확인
[root@web ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
Hostname 변경
[root@localhost ~]# hostname web
[root@localhost ~]# su -
[root@web ~]#hostname 변경 후 su - 사용해줘야 이름 변경이 적용된거 확인 가능
웹서버 설치 및 버전 확인
[root@web ~]# yum install httpd
[root@web ~]# rpm -qa httpd
httpd-2.4.6-97.el7.centos.4.x86_64
방화벽 정책 추가
[root@web ~]# firewall-cmd --add-service=http --permanent
success
[root@web ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3 enp0s8 enp0s9
sources:
services: ssh dhcpv6-client http dns
ports: 3306/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
방화벽 리스트 확인 명령어를 통해 연결 확인
php 설치 및 버전 확인
[root@web ~]# yum install php74
[root@web ~]# yum install -y php74-php php-cli php74-scldevel
wordpress 사용을 위해 php 7.4 이상 필요
그냥 설치하면 5.4 버전이 설치 됨
remi와 yum utils로 버전을 번경해줘야 함
[root@web ~]# yum install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
[root@web ~]# yum install -y yum-utils //버전 변경을 위한 yum utills 설치
[root@web ~]# yum-config-manager --disable remi-php54 //php5.4버전 끄기
[root@web ~]# yum-config-manager --enable remi-php74 //php7.4버전 켜기
[root@web ~]# yum install -y php74-php php-cli php74-scldevel \
php74-php-xml php74-php-xmlrpc php74-php-soap \
php74-php-process php74-php-pgsql php74-php-pdo \
php74-php-opcache php74-php-mbstring php74-php-ldap \
php74-php-json php74-php-ioncube-loader php74-php-intl \
php74-php-gmp php74-php-gd php74-php-fpm php74-php-devel \
php74-php-dba php74-php-common php74-php-cli \
php74-php-bcmath php74-php-phpiredis php74-php-pecl-igbinary \
php74-php-pecl-imagick-im7 php74-php-pecl-imagick-im7-devel \
php74-php-pecl-igbinary-devel php74-php-pecl-geoip \
php74-php-pecl-xdebug php74-php-pecl-mysqlnd-azure
버전 변경을 위해 yum-utils 설치
7.4 버전 사용을 위해 5.4 버전 끄기
[root@web ~]# rpm -qa php74
php74-1.0-3.el7.remi.x86_64웹 데몬 시작
[root@web ~]# systemctl restart httpd.service
[root@web ~]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 목 2022-03-17 17:04:57 KST; 7s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 2138 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Main PID: 2143 (httpd)
Status: "Processing requests..."
Tasks: 7
CGroup: /system.slice/httpd.service
├─2143 /usr/sbin/httpd -DFOREGROUND
├─2144 /usr/sbin/httpd -DFOREGROUND
├─2146 /usr/sbin/httpd -DFOREGROUND
|─2147 /usr/sbin/httpd -DFOREGROUND
├─2148 /usr/sbin/httpd -DFOREGROUND
├─2150 /usr/sbin/httpd -DFOREGROUND
└─2151 /usr/sbin/httpd -DFOREGROUND
3월 17 17:04:56 web systemd[1]: Starting The Apache HTTP Server...
3월 17 17:04:56 web httpd[2143]: AH00558: httpd: Could not reliably determine ...ge
3월 17 17:04:57 web systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
고정 ip 설정
[root@web ~]# nmcli con add con-name static ifname enp0s8 type ethernet ipv4 192.168.*.*/24 gw4 192.168.*.1wordpress 구성
wordpress 설치
[root@web ~]# yum install -y wget
[root@web ~]# wget https://wordpress.org/latest.tar.gzURL로 바로 다운로드 위해 wget 설치
[root@web ~]# file latest.tar.gz
[root@web ~]# tar -xvzf latest.tar.gz -C /var/www/html
[root@web ~]# mkdir /var/www/html/wordpress/uploads
tar 명령어를 통해 아카이브 및 압축 해제
mkdir 명령어를 통해 게시판 업로드시 저장 될 디렉토리 생성
wordpress 샘플 확인
[root@web ~]# ls -l /var/www/html/wordpress/wp-config-sample.php
-rw-r--r--. 1 nobody nfsnobody 3001 12월 14 17:44 /var/www/html/wordpress/wp-config-sample.phpwordpress 디렉토리 소유자, 소유 그룹 변경
[root@web ~]# cd /var/www/html/wordpress
[root@web wordpress]# chown -R apache:apache /var/www/html/wordpress
[root@web wordpress]# ls -l /var/www/html/wordpress
-rw-r--r--. 1 apache apache 405 2월 6 2020 index.php
-rw-r--r--. 1 apache apache 19915 1월 1 09:15 license.txt
-rw-r--r--. 1 apache apache 7437 12월 29 02:38 readme.html
drwxr-xr-x. 2 apache apache 6 3월 16 10:40 uploads
-rw-r--r--. 1 apache apache 7165 1월 21 2021 wp-activate.php
drwxr-xr-x. 9 apache apache 4096 3월 11 09:39 wp-admin
-rw-r--r--. 1 apache apache 351 2월 6 2020 wp-blog-header.php.
…
-rw-r--r--. 1 apache apache 8582 9월 23 06:01 wp-mail.php
-rw-r--r--. 1 apache apache 23025 12월 1 02:32 wp-settings.php
-rw-r--r--. 1 apache apache 31959 10월 25 09:23 wp-signup.php
-rw-r--r--. 1 apache apache 4747 10월 9 2020 wp-trackback.php
-rw-r--r--. 1 apache apache 3236 6월 9 2020 xmlrpc.php
chown -R 로 하위 디렉토리까지 소유자와 소유그룹 apache로 변경
wp-config.php 파일 수정
[root@web]# cat wp-config.php
<?php
/**
* The base configuration for WordPress
* The wp-config.php creation script uses this file during the installation.
* You don't have to use the web site, you can copy this file to "wp-config.php"
* and fill in the values.
* This file contains the following configurations:
* * Database settings
* * Secret keys
* * Database table prefix
* * ABSPATH
* @link https://wordpress.org/support/article/editing-wp-config-php/
* @package WordPress
*/
// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'DB이름' );
/** Database username */
define( 'DB_USER', '사용자' );
/** Database password */
define( 'DB_PASSWORD', '사용자 암호' );
/** Database hostname */
define( 'DB_HOST', 'DB서버 ip주소' );
/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );
/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );
DB 서버
hostname 변경
[root@localhost ~]# hostname db
[root@localhost ~]# su -
마지막 로그인: 목 3월 17 17:36:37 KST 2022 192.168.56.1에서 시작 일시 pts/0고정 ip 설정
[root@db ~]# nmcli con add con-name static ifname enp0s8 ip4.192.168.56.*/24 gw4 192.168.*.*MariaDB 설치
[root@db ~]# yum info Mariadb-server MariaDB-client
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
* base: mirror.kakao.com
* extras: mirror.kakao.com
* updates: mirror.kakao.com
…
MaraDB 활성화
[root@db ~]# systemctl start mariadb.service
[root@db ~]# systemctl enable mariadb.service
[root@db ~]# mysql --version
mysql Ver 15.1 Distrib 10.7.3-MariaDB, for Linux (x86_64) using readline 5.1
MariaDB 버전 10.2 이상 필요
[root@db ~]# rpm -qa MariaDB*
MariaDB-client-10.7.3-1.el7.centos.x86_64
MariaDB-compat-10.7.3-1.el7.centos.x86_64
MariaDB-server-10.7.3-1.el7.centos.x86_64
MariaDB-common-10.7.3-1.el7.centos.x86_64
MariaDB 패키지 확인
DB 보안 설정
[root@db ~]# mariadb-secure-installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] y
Enabled successfully!
Reloading privilege tables..
... Success!
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] y //비밀번호 변경 유무
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] n
... skipping.
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n // 원격접속을 위해 No 해줘야 함
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
- DB서버와 웹서버가 다른 서버로 구현되기 때문에 원격접속이 허용이 되어야 한다.
- Disallow root login remotely? 부분은 원격접속을 위해 No
방화벽 설정
[root@db ~]# firewall-cmd --permanent --zone=public --add-port=3306/tcp
success
[root@db ~]# firewall-cmd --reload
success
MariaDB를 위한 3306 포트 설정
[root@db ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3 enp0s8
sources:
services: ssh dhcpv6-client dns
ports: 3306/tcp
protocols:
…
DB 설정
MariaDB [(none)]> CREATE DATABASE wordpress; // 게시판 사용할 DB 생성
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> CREATE USER adminuser@'%' IDENTIFIED BY '패스워드'; // 사용자 생성
Query OK, 0 rows affected (0.006 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON wordpress.* TO adminuser@'%' IDENTIFIED BY '패스워드'; // 게시판 사용 DB에 사용자 권한 부여
Query OK, 0 rows affected (0.001 sec)
워드프레스에 사용할 DB 설정
웹 서버와 DB 서버 연결 확인
DB 서버에서 wordpress 확인
MariaDB [wordpress]> show tables;
+-----------------------+
| Tables_in_wordpress |
+-----------------------+
| wp_commentmeta |
| wp_comments |
| wp_links |
| wp_options |
| wp_postmeta |
| wp_posts |
| wp_term_relationships |
| wp_term_taxonomy |
| wp_termmeta |
| wp_terms |
| wp_usermeta |
| wp_users |
+-----------------------+
12 rows in set (0.000 sec)
자동으로 생성된 테이블 확인
DNS 서버
DNS 패키지 설치
[root@dns ~]# yum -y install bind bind-utils
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
* base: ftp.nara.wide.ad.jp
* extras: ftp-srv2.kddilabs.jp
* updates: ftp-srv2.kddilabs.jp
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
updates/7/x86_64/primary_db | 14 MB 00:00:01
enp0s3 설정
[root@dns ~]# nmcli con add con-name static ifname enp0s3 type ethernet ip4 10.0.2.5/24 gw4 10.0.2.1
[root@dns ~]# nmcli con mod static ipv4.dns 10.0.2.5
[root@dns ~]# nmcli con up static
dns는 enp0s3을 설정
설정 후 nbmcli con up 실행
/etc/named.conf 설정
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { none; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
…
zone "project.example.com" IN {
type master;
file "project.example.com.zone";
};
zone 추가
/var/named 하위 파일 설정
[root@dns ~]# cd /var/named // /var/named로 이동
[root@dns named]# cp named.empty project.example.com.zone
[root@dns named]# ls /var/named
10.0.2.0.zone data named.ca named.loopback slaves
chroot dynamic named.empty project.example.com.zone
chroot_sdb dyndb-ldap named.localhost project.test.com.zone
cp명령어로 named.empty 파일을 project.example.com.zone로 복사본 만들어 수정
$TTL 3H
@ IN SOA project.example.com. root.project.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS project.example.com.
A 10.0.2.2
dns A 10.0.2.1
www A 192.168.56.101
서비스 활성화 & 방화벽 설정
[root@dns named]# chmod 660 project.example.com.zone
[root@dns named]# chown :named project.example.com.zone
[root@dns named]# systemctl start named
[root@dns named]# firewall-cmd --add-service=dns --permanent
success
[root@dns named]# firewall-cmd --reload
success
Named 상태 확인
[root@dns named]# systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: active (running) since 목 2022-03-17 19:39:11 KST; 26min ago
Process: 1285 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 1259 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1303 (named)
Tasks: 4
CGroup: /system.slice/named.service
└─1303 /usr/sbin/named -u named -c /etc/named.conf
…
Hint: Some lines were ellipsized, use -l to show in full.
dns 확인
[root@dns ~]# host project.example.com
project.example.com has address 10.0.2.2
[root@dns ~]# host www.project.example.com
www.project.example.com has address 192.168.56.101
[root@web ~]# nslookup
> projec.example.com
Server: 168.126.63.1
Address: 168.126.63.1#53
결과
오류 과정
[root@web ~]# getenforce
Enfocing
[root@web ~]# setenforce 0[root@db ~]# getenforcee
Enforcing
[root@db ~]# setenforce 0연결과정에서 경로가 서로 달라서 오류 발생
db와 web 서버 둘다 위의 과정 실행 후 연결 됨
Author And Source
이 문제에 관하여(리눅스 인프라 구축을 통한 wordpress 구현), 우리는 이곳에서 더 많은 자료를 발견하고 링크를 클릭하여 보았다 https://velog.io/@luna_0917/리눅스-인프라-구축을-통한-wordpress-구현-ddsyetan저자 귀속: 원작자 정보가 원작자 URL에 포함되어 있으며 저작권은 원작자 소유입니다.
우수한 개발자 콘텐츠 발견에 전념
(Collection and Share based on the CC Protocol.)
좋은 웹페이지 즐겨찾기
