CentOS 7 上配置 Let’s Encrypt 的 SSL 免费证书

参考官方文档:https://certbot.eff.org/lets-encrypt/centosrhel7-apache

启用EPEL储存库

$ yum -y install yum-utils
$ yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional

安装 certbot 工具

$ sudo yum install python2-certbot-apache

安装 SSL 证书

$ sudo certbot --apache

续订证书 (证书有效期3个月)

$ sudo certbot renew

自定续订证书 (systemd timer)

创建 certbot 的 systemd service

$ sudo vi /etc/systemd/system/certbot.service
# certbot.service

[Unit]
Description=Certbot renew

[Service]
ExecStart=/usr/bin/certbot renew
ExecStartPost=/bin/systemctl reload httpd.service 

[Install]
WantedBy=multi-user.target

创建 certbot 的 systemd timer

$ sudo vi /etc/systemd/system/certbot.timer
[Unit]
Description=Auro certbot renew
 
[Timer]
OnCalendar=daily  
Persistent=true
 
[Install]
WantedBy=timers.target

启用 certbot 的服务以及它的定时器

$ sudo systemctl enable certbot.service
$ sudo systemctl start certbot.timer

查看定时器列表

$ systemctl list-timers --all

CentOS7 LAMP环境安装

httpd

$ yum install -y httpd

开启防火墙http与https的端口

$ firewall-cmd --permanent --zone=public --add-service=http
$ firewall-cmd --permanent --zone=public --add-service=https

mariadb

$ yum install -y mariadb mariadb-server

初始化 mariadb 的账户配置

$ mysql_secure_installation

使用合适的配置文件

$ ls /usr/share/mysql/my-*
my-huge.cnf  my-innodb-heavy-4G.cnf  my-large.cnf  my-medium.cnf  my-small.cnf
$ mv /etc/my.cnf /usr/share/mysql/my.default.cnf # 备份默认配置
$ cp /usr/share/mysql/my-small.cnf /etc/my.cnf  # 复制新的配置文件

php56

# 安装 yum 支持库
$ rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
# 查看可安装的 php 列表
$ yum list php*
# 安装 php
$ yum install -y php56w php56w-mysql php56w-gd libjpeg* php56w-ldap php56w-odbc php56w-pear php56w-xml php56w-xmlrpc php56w-mbstring php56w-bcmath

配置默认时区

$ vi /etc/php.ini
# 修改行内容如下
date.timezone = PRC

服务的启动与关闭

$ systemctl start [server name]  // 启动
$ systemctl stop [server name] // 停止
$ systemctl restart [server name] // 重启
$ systemctl enable [server name] // 启用开机启动
$ systemctl disable [server name]// 禁用开机启动

MAC 常用命令以及简单使用方式

figlet 图形字符生成

$ figlet 'string'

tree 以树状图列出目录的内容

# 只显示目录
$ tree -d
# 只显示第一层目录
$ tree -L 1

wget 下载文件

nvm 管理多个Node.js版本

# 显示已安装版本
$ nvm ls
# 安装对应版本的node
$ nvm install v0.0.0
# 应用版本到命令
nvm use v0.0.0

ssh-copy-id 将公钥添加到远程机器的authorized_keys文件

# 添加远程主机key到本机
$ ssh-copy-id user@123.123.123.123

Centos7 下 Yum 安装 PHP5.5,5.6,7.0

默认的版本太低了,手动安装有一些麻烦,想采用Yum安装的可以使用下面的方案:

1.检查当前安装的PHP包

yum list installed | grep php
如果有安装的PHP包,先删除他们
yum remove php.x86_64 php-cli.x86_64 php-common.x86_64 php-gd.x86_64 php-ldap.x86_64 php-mbstring.x86_64 php-mcrypt.x86_64 php-mysql.x86_64 php-pdo.x86_64

2. 添加源

CentOs 5.x

rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm

CentOs 6.X

rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm

CentOs 7.X

rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
如果想删除上面安装的包,重新安装
rpm -qa | grep webstatic
rpm -e  上面搜索到的包即可

3.运行yum install

yum install php55w.x86_64 php55w-cli.x86_64 php55w-common.x86_64 php55w-gd.x86_64 php55w-ldap.x86_64 php55w-mbstring.x86_64 php55w-mcrypt.x86_64 php55w-mysqlnd.x86_64 php55w-pdo.x86_64 php55w-xml.x86_64
yum install php56w.x86_64 php56w-cli.x86_64 php56w-common.x86_64 php56w-gd.x86_64 php56w-ldap.x86_64 php56w-mbstring.x86_64 php56w-mcrypt.x86_64 php56w-mysqlnd.x86_64 php56w-pdo.x86_64 php56w-xml.x86_64
yum install php70w.x86_64 php70w-cli.x86_64 php70w-common.x86_64 php70w-gd.x86_64 php70w-ldap.x86_64 php70w-mbstring.x86_64 php70w-mcrypt.x86_64 php70w-mysqlnd.x86_64 php70w-pdo.x86_64 php70w-xml.x86_64

注:如果想升级到5.6把上面的55w换成56w就可以了。

4.安装PHP FPM

yum install php55w-fpm
yum install php56w-fpm
yum install php70w-fpm
注:如果想升级到5.6把上面的55w换成56w就可以了。我们要使用yum来安装php-fpm和比较新版本的php,nginx,MySQL-server的话, 首先得给yum添加几个源,CentOS默认的源里面软件比较旧,有些软件、库还没有。

Ubuntu 修改SSH欢迎文字

运行 man update-motd 命令获得描述信息

UNIX/Linux system adminstrators often communicate important information to console and remote users by maintaining text in the file /etc/motd, which is displayed by the
 pam_motd(8) module on interactive shell logins.
Traditionally, this file is static text, typically installed by the distribution and only updated on release upgrades, or overwritten by the local administrator with
 pertinent information.
Ubuntu introduced the update-motd framework, by which the motd(5) is dynamically assembled from a collection of scripts at login.
Executable scripts in /etc/update-motd.d/* are executed by pam_motd(8) as the root user at each login, and this information is concatenated in /var/run/motd. The order
 of script execution is determined by the run-parts(8) --lsbsysinit option (basically alphabetical order, with a few caveats).
On Ubuntu systems, /etc/motd is typically a symbolic link to /var/run/motd.

直接编辑vi /etc/motd文件加入内容,可以使用figlet工具生成图形字符