1.1. introduction

By default, network access is turned off to a ECS instance. You can specify rules in a security group that allows access from an IP address range, port, or ECS security group.

You must specify port numbers (for TCP):

  • 22 (ssh)
  • 80 (http)
  • 443 (https)
  • 21, 20000~30000 (ftp)

Security groups document URL: https://www.alibabacloud.com/help/doc-detail/25475.htm

1.2. image environment description

1.2.1. image version description

Software version:

  • Apache2.4.41
  • PHP7.4.0、7.3.12、7.2.25、7.1.33、7.0.33、5.6.40、5.5.38、5.4.45、5.3.29
  • MySQL5.7.28
  • Redis5.0.7
  • Memcached1.5.20
  • Jemalloc5.2.1
  • Pure-FTPd1.0.49
  • phpMyAdmin4.4.15.10

Image Feature:

  • Source compiler installation, download the latest and most stable version from the official, security optimization
  • Providing multiple PHP versions (PHP-7.4, PHP-7.3, PHP-7.2, PHP-7.1,PHP-7.0, PHP-5.6, PHP-5.5, PHP-5.4, PHP-5.3)
  • Jemalloc optimize MySQL/MariaDB
  • Providing add a virtual host script, include Let's Encrypt SSL certificate
  • Add ftp acount to manage via the shell script menu
  • Provide MySQL/MariaDB, PHP, Redis, Memcached, phpMyAdmin upgrade script
  • Provide local backup and remote backup (rsync between servers),Alibaba cloud OSS backup(Intranet) script

1.2.2. application installation directories

Install directory:

  • Nginx:/usr/local/nginx
  • PHP:/usr/local/php
  • MySQL:/usr/local/mysql
  • Pureftpd:/usr/local/pureftpd
  • Redis:/usr/local/redis
  • Memcached:/usr/local/memcached
  • phpMyAdmin:/data/wwwroot/default/phpMyAdmin

Data directory:

  • Database data directory: /data/mysql
  • Web logs directory: /data/wwwlogs
  • Web Context default document root: /data/wwwroot/default
  • Index demo url: http://<Public net IP>
  • PHPINFO url: http://<Public net IP>/phpinfo.php
  • Opcache Control Panel url:http://<Public net IP>/ocp.php
  • phpMyAdmin install directory: http://<Public net IP>/phpMyAdmin
  • PHP xprober url: http://<Public net IP>/xprober.php

1.2.3. how do use scripts to optimize the parameters

Because this image was build based on 1 Core 1G ECS,the configuration and parameters for MySQL/MariaDB,PHP are original without any change, highly recommended If this is not the case, run the following optimization script:

cd /root/oneinstack
./optimize.sh

[!WARNING]

  • It may take 1 minute, please do not interrupt
  • This script will automatically optimize Nginx, MySQL, PHP and other parameters according to the system configuration

As shown below:

alt optimize

1.3. how to change your php version

cd /root/oneinstack
./change_php_version.sh

As shown below:

alt change_php_version

1.4. migrating website from os disk to data disk

[!WARNING] If you purchased a data disk (And only one data disk), It is recommended to mount the data disk first, the site content, database storage data cloud disk, If there is no purchase data cloud disk Ignore the tutorial!

cd /root/oneinstack
./move_auto_fdisk.sh

As shown below:

alt move_auto_fdisk

1.5. db management

1.5.1. display default db root password

cd /root/oneinstack
grep dbrootpwd options.conf

As shown below:

alt dbrootpwd

1.5.2. change db root password

cd /root/oneinstack
./reset_db_root_password.sh

As shown below:

alt reset_db_root_password

1.5.3. create database

Method 1: Command line creation

For example: create a database named oneinstack

mysql -uroot –p #Enter mysql console
Enter password: #Enter mysql root password
MySQL [(none)]> create database oneinstack; #Notice the semicolon at the end
MySQL [(none)]> show databases;
MySQL [(none)]> exit; #quit mysql console,Notice the semicolon at the end

As shown below:

alt createdb

Method 2: Via phpMyAdmin

Use following URL to open phpMyAdmin page:

http://<Public net IP>/phpMyAdmin

1.5.4. delete database

Method 1: Command line delete

For example: delete oneinstack database

mysql -uroot –p #Enter mysql console
Enter password: #Enter mysql root password
MySQL [(none)]> drop database oneinstack;
MySQL [(none)]> show databases;
MySQL [(none)]> exit; #quit mysql console,Notice the semicolon at the end

Method 2: Via phpMyAdmin

Use following URL to open phpMyAdmin page:

http://<Public net IP>/phpMyAdmin

1.5.5. create a database user

[!WARNING] Remote Connection Create a new account (Account name can not be root)

For security purposes, we usually create a unique database connection account for each web application(Account name can not be root). E.g:add a user named: db_user,password: 123456, Authorization for the localhost to the oneinstack database all permissions,the commands are as follows:

mysql -uroot -p #Enter mysql console
Enter password: #Enter mysql root password
MySQL [(none)]> grant all privileges on db_name.* to db_user@'localhost' identified by '123456';
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit; #quit mysql console,Notice the semicolon at the end

As shown below:

alt createuser

1.5.6. how to setup a remote db connection

For security reasons, OneinStack only allows the cloud host localhost to connect to the database,if you need a remote connection to the database,the following operations are required:

1. You must open port 3306 for Security groups

Reference documents:《Security group

Database authorization

[!WARNING] Remote Connection Create a new account(Account name can not be root)

E.g:add a user named db_user, password db_pass,Authorized as % (% Represents all ip can connect, you can set the designated ip) db_name database all authority, the commands are as follows

# mysql -uroot -p
MySQL [(none)]> grant all privileges on db_name.* to db_user@'%' identified by 'db_pass';
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit;

As shown below:

alt createuserall

1.6. how to manage virtual host

1.6.1. how to add a virtual host

cd /root/oneinstack
./vhost.sh

As shown below: alt lampvhost

In the above figure, the directory is the root directory of the Web site,the script is created automatically,Upload the code to the directory when deploying the site(the directory, subdirectories, and file permissions are all: www), Add a virtual host will automatically create this directory.

  • Apache the configuration file path: /usr/local/apache/conf/vhost/demo.oneinstack.com.conf
  • Apache .htaccess file path: /data/wwwroot/demo.oneinstack

1.6.2. how to delete a virtual host

cd /root/oneinstack
./vhost.sh --del

As shown below: alt vhostdel

1.7. how to manage fto user accounts

cd /root/oneinstack
./pureftpd_vhost.sh

As shown below: alt pureftpd

1.8. how to backup

Backup Set Parameters

cd /root/oneinstack
./backup_setup.sh

As shown below: alt backup_setup_oss

Perform the backup immediately:

cd /root/oneinstack
./backup.sh

Set Scheduled Task Automatic Scheduled Backup:

Example: Can be added to scheduled tasks, such as automatic backups every day 1:00

echo '0 1 * * * cd ~/oneinstack;./backup.sh > /dev/null 2>&1 & ' >> /var/spool/cron/root

View the local backup:

ls -l /data/backup

As shown below: alt backup_local

1.9. how to manage service

[!WARNING] If the operating system has systemd, perform a service restart, it will jump to systemd directly, if you see the following prompt, please ignore, it has been restarted Redirecting to /bin/systemctl restart example.service

Apache:

service httpd {start|stop|status|restart|reload|configtest}

[!WARNING] Change the Nginx configuration file, it is strongly recommended to reload

PHP:

service php-fpm {start|stop|restart|reload|status}

MySQL:

service mysqld {start|stop|restart|reload|status}

Pure-Ftpd:

service pureftpd {start|stop|restart|status}

Redis:

service redis-server {start|stop|status|restart|reload}

Memcached:

service memcached {start|stop|status|restart|reload}

1.10. how to upgrade

cd /root/oneinstack
./upgrade.sh

As shown below: alt upgrade

1.11. how to add extensions

1.11.1. Add PHP Extensions

If swoole extension is added, the following command:

cd /root/oneinstack
./install.sh --php_extensions swoole

[!WARNING] ./install.sh --help

1.11.2. Add system components

cd /root/oneinstack
./addons.sh

[!WARNING] Support install and uninstall function

As shown below: alt addons

1.12. how to uninstall

[!WARNING] Some items can be uninstalled separately, such as RDS database, the database can be uninstalled separately

cd /root/oneinstack
./uninstall.sh

[!WARNING] Please backup your data

As shown below: alt uninstall

1.13. more

1.13.1. How to deploy a PHP website on a server

[!WARNING] Ftp upload code do not need to modify permissions,default is already www; Download the code in server , you must modify the site root and subdirectories,Directory file permissions are www; If there is a problem with site permissions,Please refer to《About site root permissions

wget Download the code to deploy a WordPress,As shown below: alt wordpress_download

Access http://demo.oneinstack.com,enter the database address (localhost), user named (root), password(database root password).

As shown below:: alt wordpress_dbinfo

1.13.2. about the php opcode cache

by default,in order to reduce PHP compile time,improve performance(Opcache is recommended for production environments), The PHP environment loads the Opcache module by default(PHP7.4~5.5), Please refer to the principle:《In-depth understanding of PHP Opcode caching principles》

But this will appear PHP code updates, take 2 to 3 minutes to take effect,This affects the efficiency of the site during the commissioning phase suggest that you close or refresh the cache every time there is a code update (Recommended method 2)

Method 1: Uninstall Opcache

cd /root/oneinstack
./addons.sh

As shown below: alt uninstallopcache

Method 2: Refresh the PHP cache

Access http://<Public net IP>/ocp.php,

Or direct access http://<Public net IP>/ocp.php?RESET=1

As shown below: alt resetocp

1.13.3. about site root permissions

Web site root permissions to follow:

file 644, folder 755, Permissions Users and groups www

If there is a file permissions problem, execute the following three commands:

chown -R www.www /data/wwwroot/
find /data/wwwroot/ -type d -exec chmod 755 {} \;
find /data/wwwroot/ -type f -exec chmod 644 {} \;

1.13.4. about redis and memcached

  • Redis default port: 6379
  • Memcached default port: 11211
  • default only listen IP: 127.0.0.1

How to increase the maximum memory size of Redis?

vi /usr/local/redis/etc/redis.conf

maxmemory 1024000000 Unit: bytes

service redis-server restart   # restart the redis for changes to take effect

How to increase the maximum memory size of memcached?

vi /etc/init.d/memcached

CACHESIZE=256 Unit: Megebyte

service memcached restart  # restart the memcached for changes to take effect

How to change the listening port for redis?

vi /usr/local/redis/etc/redis.conf

bind 127.0.0.1 change to bind 0.0.0.0

service redis-server restart   # restart the redis for changes to take effect

How to change the listening port for memcached?

vi /etc/init.d/memcached

OPTIONS="-l 127.0.0.1" change to OPTIONS=""

service memcached restart  # restart the memcached for changes to take effect

1.13.5. about iptables firewall

By default, iptables firewall is not running.

Copyright © OneinStack 2021 all right reserved,powered by GitbookRevision time: 2021-01-05 14:31:22

results matching ""

    No results matching ""