Skip to main content

JAVA Image Guide

By default, network access is turned off to a ECS instance. You can specify rules in a security group that allows access from an IP address range, port, or ECS security group.

You must specify port numbers (for TCP):

  • 22 (ssh)
  • 80 (http)
  • 443 (https)
  • 21, 20000~30000 (ftp)

Security groups document URL: Alibabacloud Security group

Image environment description

Image version description

Software version

  • Nginx1.22
  • Tomcat9.0.x Or 8.5.x Or 7.0.9x
  • OpenJDK11.0, OpenJDK1.8
  • MySQL5.7
  • Redis7.0
  • Memcached1.6
  • Jemalloc5.2.1
  • Pure-FTPd1.0.49

Image Feature

  • Source compiler installation, download the latest and most stable version from the official, security optimization
  • Providing multiple JDK versions (OpenJDK11.0, OpenJDK1.8)
  • Jemalloc optimize Nginx, MySQL/MariaDB
  • Providing add a virtual host script, include Let's Encrypt SSL certificate
  • Add ftp acount to manage via the shell script menu
  • Provide Nginx, MySQL/MariaDB, Redis, Memcached, phpMyAdmin upgrade script
  • Provide local backup and remote backup (rsync between servers), Alibaba cloud OSS backup(Intranet) script

Application installation directories

Install directory

  • Nginx:/usr/local/nginx
  • Tomcat:/usr/local/tomcat
  • JDK: /usr/lib/jvm or /usr/java
  • MySQL:/usr/local/mysql
  • Pureftpd:/usr/local/pureftpd
  • Redis:/usr/local/redis
  • Memcached:/usr/local/memcached

Data directory

  • Database data directory: /data/mysql
  • Webroot directory: /data/wwwroot/www.example.com
  • Web logs directory: /data/wwwlogs
  • Web Context document root: /data/wwwroot/default
  • Index demo url: http://<Public net IP>

How do use scripts to optimize the parameters

Because this image was build based on 1 Core 1G ECS,the configuration and parameters for MySQL/MariaDB,PHP are original without any change, highly recommended If this is not the case, run the following optimization script:

Exec command
sudo /root/oneinstack/optimize.sh
danger
  • Do not execute bash optimize.sh (or sh) for documentation commands
  • It may take 1 minute to wait, please do not interrupt
  • This script will automatically optimize Nginx, MySQL, JVM and other parameters according to the system configuration
e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/optimize.sh 
Shutting down MySQL.. [ OK ]
Starting MySQL. [ OK ]

Change JDK Version

Exec command
sudo /root/oneinstack/change_jdk_version.sh
e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/change_jdk_version.sh 

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 8+ and Ubuntu 16+ #
# Change your JDK version #
# For more information please visit https://oneinstack.com #
#######################################################################

Current JDK Version: 1.8.0_352

Please select a version of the JDK:
1. openjdk-8-jdk
2. openjdk-11-jdk
Please input a number:(Default 1 press Enter) 2

You have successfully changed to openjdk-11-jdk

[root@OneinStack ~]# java -version
openjdk version "11.0.17" 2022-10-18 LTS
OpenJDK Runtime Environment (Red_Hat-11.0.17.0.8-2.el8_6) (build 11.0.17+8-LTS)
OpenJDK 64-Bit Server VM (Red_Hat-11.0.17.0.8-2.el8_6) (build 11.0.17+8-LTS, mixed mode, sharing)

Migrating website from os disk to data disk

tip

If you purchased a data disk (And only one data disk), It is recommended to mount the data disk first, the site content, database storage data cloud disk, If there is no purchase data cloud disk Ignore the tutorial!

Exec command
sudo /root/oneinstack/move_auto_fdisk.sh
e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/move_auto_fdisk.sh

#######################################################################
# OneinStack for CentOS/RedHat 6+ Debian 8+ and Ubuntu 16+ #
# Auto fdisk #
# For more information please visit http://oneinstack.com #
#######################################################################

Step 1.No lock file, begin to create lock file and continue

Step 2.Begin to check free disk
You have a free disk, Now will fdisk it and mount it
This system have free disk :
/dev/vdb

Step 3.Begin to fdisk free disk

Step 4.Begin to make directory

Step 5.Begin to write configuration to /etc/fstab and mount device

Filesystem Size Used Avail Use% Mounted on
devtmpfs 1.8G 0 1.8G 0% /dev
tmpfs 1.8G 24K 1.8G 1% /dev/shm
tmpfs 1.8G 432K 1.8G 1% /run
tmpfs 1.8G 0 1.8G 0% /sys/fs/cgroup
/dev/vda1 50G 8.8G 39G 19% /
tmpfs 361M 0 361M 0% /run/user/0
/dev/vdb1 9.8G 37M 9.3G 1% /data

DB Management

Display DB default root password

Display DB default root password, Exec command
sudo grep dbrootpwd /root/oneinstack/options.conf
e.g.: Execute command process
[root@OneinStack ~]# sudo grep dbrootpwd /root/oneinstack/options.conf
dbrootpwd='A0R3Ru5Z' #Tip: Random Password

Change DB root password

Exec command
sudo /root/oneinstack/reset_db_root_password.sh
e.g.: Execute command process
[root@OneinStack ~]# sudo grep dbrootpwd /root/oneinstack/options.conf
dbrootpwd='A0R3Ru5Z'
[root@OneinStack ~]# sudo /root/oneinstack/reset_db_root_password.sh

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# Reset Database root password for OneinStack #
# For more information please visit https://oneinstack.com #
#######################################################################

Please input the root password of database: VrTN4k5PYHsw

Password reset succesfully!
The new password: VrTN4k5PYHsw

[root@OneinStack ~]# mysql -uroot -p
Enter password: #Tip: Enter the database root password, it will not be displayed on the screen when entering

MySQL [(none)]>

Create a database

e.g.: create a database name oneinstack

Exec command
mysql -uroot –p
Enter password:
MySQL [(none)]> create database oneinstack;
MySQL [(none)]> show databases;
MySQL [(none)]> exit;
e.g.: Execute command process
[root@OneinStack ~]# mysql -uroot -p 
Enter password:

MySQL [(none)]> create database oneinstack;
Query OK, 1 row affected (0.01 sec)

MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| oneinstack |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)

MySQL [(none)]> exit;
Bye

Delete a database

elete a database name oneinstack

Exec command
mysql -uroot –p
Enter password:
MySQL [(none)]> drop database oneinstack;
MySQL [(none)]> show databases;
MySQL [(none)]> exit;
e.g.: Execute command process
[root@OneinStack ~]# mysql -uroot -p
Enter password:

MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| oneinstack |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)

MySQL [(none)]> drop database oneinstack;
Query OK, 0 rows affected (0.00 sec)

MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.00 sec)

MySQL [(none)]> exit;
Bye

Create a database user

danger

For security purposes, we usually create a unique database connection account for each web application(Account name can not be root).

E.g: Add a user named: db_user,password: 123456, Authorization for the localhost to the oneinstack database all permissions, the commands are as follows:

Exec command
mysql -uroot -p #Tip: Enter mysql console
Enter password: #Tip: Enter mysql root password
MySQL [(none)]> grant all privileges on db_name.* to db_user@'localhost' identified by 'db_pass';
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit; #Tip: quit mysql console,Notice the semicolon at the end
e.g.: Execute command process
[root@OneinStack ~]# mysql -uroot -p
Enter password:

MySQL [(none)]> grant all privileges on db_name.* to db_user@'localhost' identified by 'db_pass';
Query OK, 0 rows affected, 2 warnings (0.01 sec)

MySQL [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MySQL [(none)]> exit;
Bye

How to setup a remote DB connection

For security reasons, OneinStack only allows the cloud host localhost to connect to the database,if you need a remote connection to the database,the following operations are required:

caution

The cloud host security group port, iptables (some cloud hosts do not have iptables enabled and can be skipped), and grant authorized users are indispensable.

1. You must open port 3306 for Security groups

Security groups document URL: Alibabacloud Security group

2. Open iptables port 3306

tip

V2.0 or later, iptables is not enabled, please ignore this step 2

Reference: About iptables firewall

3. Database authorization

caution

Create a new account for remote connection (the account name cannot be root, the remote database account is not recommended to be root, if you need root remote connection, please update the corresponding row of the mysql.user table).

e.g.: Add a user named db_user, password db_pass,Authorized as % (% Represents all ip can connect, you can set the designated ip) db_name database all authority, the commands are as follows

Exec command
mysql -uroot -p
MySQL [(none)]> grant all privileges on db_name.* to db_user@'%' identified by 'db_pass';
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit;
e.g.: Execute command process
[root@OneinStack ~]# mysql -uroot -p
Enter password:

MySQL [(none)]> grant all privileges on db_name.* to db_user@'%' identified by 'db_pass';
Query OK, 0 rows affected, 2 warnings (0.01 sec)

MySQL [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MySQL [(none)]> exit;
Bye

How to manage virtual host

How to add a virtual host

Exec command
sudo /root/oneinstack/vhost.sh
e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/vhost.sh

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# For more information please visit https://oneinstack.com #
#######################################################################

Please choose to use environment:
1. Use php
2. Use java
Please input a number:(Default 1 press Enter) 2

What Are You Doing?
1. Use HTTP Only
2. Use your own SSL Certificate and Key
3. Use Let's Encrypt to Create SSL Certificate and Key
q. Exit
Please input the correct option: 3

Please input domain(example: www.example.com): demo.oneinstack.com
domain=demo.oneinstack.com

Please input the directory for the domain:demo.oneinstack.com :
(Default directory: /data/wwwroot/demo.oneinstack.com):
Virtual Host Directory=/data/wwwroot/demo.oneinstack.com

Create Virtul Host directory......
set permissions of Virtual Host directory......

Do you want to add more domain name? [y/n]: y

Type domainname or IP(example: example.com other.example.com): demo2.oneinstack.com
domain list=demo2.oneinstack.com

Do you want to redirect from demo2.oneinstack.com to demo.oneinstack.com? [y/n]: y

Do you want to redirect all HTTP requests to HTTPS? [y/n]: y

Please select domain cert key length.
Enter one of 2048, 3072, 4096, 8192 will issue a RSA cert.
Enter one of ec-256, ec-384, ec-521 will issue a ECC cert.

Please enter your cert key length (default 2048): 2048

Please enter your email: lj2007331@mail.com

[Sun Oct 30 04:27:06 PM CST 2022] Create account key ok.
[Sun Oct 30 04:27:06 PM CST 2022] No EAB credentials found for ZeroSSL, let's get one
[Sun Oct 30 04:27:13 PM CST 2022] Registering account: https://acme.zerossl.com/v2/DV90
[Sun Oct 30 04:27:15 PM CST 2022] Could not get nonce, let's try again.
[Sun Oct 30 04:27:39 PM CST 2022] Registered
[Sun Oct 30 04:27:39 PM CST 2022] ACCOUNT_THUMBPRINT='LMG4Elq-AFm-IH17QAk3yjmp-8TNoxi__gWTIIT1tzY'
....
[Sun Oct 30 04:28:20 PM CST 2022] Cert success.

nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

Do you want to add hotlink protection? [y/n]: n

Allow Rewrite rule? [y/n]: y

Please input the rewrite of programme :
wordpress,opencart,magento2,drupal,joomla,codeigniter,laravel
thinkphp,pathinfo,discuz,typecho,ecshop,nextcloud,zblog,whmcs rewrite was exist.
(Default rewrite: other): oneinstack
You choose rewrite=oneinstack

Allow Nginx/Tengine/OpenResty access_log? [y/n]: y
You access log file=/data/wwwlogs/demo.oneinstack.com_nginx.log

nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
Reload Nginx......

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# For more information please visit https://oneinstack.com #
#######################################################################
Your domain: demo.oneinstack.com
Virtualhost conf: /usr/local/nginx/conf/vhost/demo.oneinstack.com.conf
Tomcat Virtualhost conf: /usr/local/tomcat/conf/vhost/demo.oneinstack.com.xml
Directory of: /data/wwwroot/demo.oneinstack.com
Rewrite rule: /usr/local/nginx/conf/rewrite/oneinstack.conf
Let's Encrypt SSL Certificate:/usr/local/nginx/conf/ssl/demo.oneinstack.com.crt
SSL Private Key: /usr/local/nginx/conf/ssl/demo.oneinstack.com.key

The above Directory of is the website root directory (/data/wwwroot/demo.oneinstack.com), which will be automatically created after the script is executed. Please upload the code to this directory when deploying the website (directory, subdirectory and file permissions are: www).

  • Nginx the configuration file path: /usr/local/nginx/conf/vhost/demo.oneinstack.com.conf
  • Nginx the rewrite file path: /usr/local/nginx/conf/rewrite/oneinstack.conf
  • Tomcat the configuration file path: /usr/local/tomcat/conf/vhost/demo.oneinstack.com.xml

How to delete a virtual host

Exec command
sudo /root/oneinstack/vhost.sh --del
e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/vhost.sh --del

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# For more information please visit https://oneinstack.com #
#######################################################################

Virtualhost list:
demo1.oneinstack.com demo.oneinstack.com www.linuxeye.com

Please input a domain you want to delete: demo.oneinstack.com

Do you want to delete Virtul Host directory? [y/n]: y
Press Ctrl+c to cancel or Press any key to continue...

Domain: demo.oneinstack.com has been deleted.

How to manage fto user accounts

Exec command
 sudo /root/oneinstack/pureftpd_vhost.sh
e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/pureftpd_vhost.sh 

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# FTP virtual user account management #
# For more information please visit https://oneinstack.com #
#######################################################################

What Are You Doing?
1. UserAdd #Tip: Add Ftp account
2. UserMod #Tip: Change the webroot directory permissions of an Ftp account
3. UserPasswd #Tip: Change a ftp password
4. UserDel #Tip: Delete a ftp account
5. ListAllUser #Tip: List all Ftp accounts
6. ShowUser #Tip: Display a Ftp account details
q. Exit #Tip: Quit
Please input the correct option: 1

Please input a username: ftpuser

Please input the password: UArUDjLZ12HD

Please input the directory(Default directory: /data/wwwroot): #Tip: ftpuser webroot directory, it is recommended to default, you can directly press Enter.
Password:
Enter it again:
#####################################

[ftpuser] create successful!

You user name is : ftpuser
You Password is : UArUDjLZ12HD
You directory is : /data/wwwroot
tip

It is recommended that the local PC use the "Filezilla" client to log in to the Ftp server.

How to backup

Backup Set Parameters

Exec command
sudo /root/oneinstack/backup_setup.sh
e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/backup_setup.sh

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# Setup the backup parameters #
# For more information please visit https://oneinstack.com #
#######################################################################

Please select your backup destination:
1. Localhost
2. Remote host
3. Aliyun OSS
4. Qcloud COS
5. UPYUN
6. QINIU
7. Amazon S3
8. Dropbox
Please input numbers:(Default 1 press Enter) 1

Please select your backup content:
1. Only Database
2. Only Website
3. Database and Website
Please input a number:(Default 1 press Enter) 1

Please enter the directory for save the backup file:
(Default directory: /data/backup):

Please enter a valid backup number of days:
(Default days: 5): 10

Please enter one or more name for database, separate multiple database names with commas:
(Default database: linuxeye,oneinstack) oneinstack,linuxeye

You have to backup the content:
Database: oneinstack,linuxeye

Perform the backup immediately

Exec command
sudo /root/oneinstack/backup.sh

Setup scheduled tasks to automatically schedule backup

Set up a daily backup at 1am
sudo echo '0 1 * * * sudo /root/oneinstack/backup.sh > /dev/null 2>&1' >> /var/spool/cron/root
note

Do not repeat the above command.

View the local backup

Exec command
ls -l /data/backup
e.g.: Execute command process
[root@OneinStack ~]# ls -l /data/backup/
total 12
-rw-r--r-- 1 root root 637 Oct 30 19:15 DB_linuxeye_20221030_191506.tgz
-rw-r--r-- 1 root root 258 Oct 30 19:15 db.log
-rw-r--r-- 1 root root 641 Oct 30 19:15 DB_oneinstack_20221030_191506.tgz

If you set up remote cloud storage backup, view a cloud storage

Login to a cloud management console

As shown below: alt backup_oss

如何管理服务

Nginx
systemctl {start|stop|status|restart|reload} nginx
tip

Change the Nginx configuration file, it is recommended to reload, ie systemctl reload nginx

Tomcat
systemctl {start|stop|status|restart} tomcat
MySQL
systemctl {start|stop|restart|status} mysqld
PureFtpd
systemctl {start|stop|restart|status} pureftpd
Redis
systemctl {start|stop|status|restart|reload} redis-server
Memcached
systemctl {start|stop|status|restart|reload} memcached

How to upgrade

Exec command
sudo /root/oneinstack/upgrade.sh
e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/upgrade.sh -h
#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# Upgrade Software versions for OneinStack #
# For more information please visit https://oneinstack.com #
#######################################################################

Usage: /root/oneinstack/upgrade.sh command ...[version]....
--help, -h Show this help message
--nginx [version] Upgrade Nginx
--tengine [version] Upgrade Tengine
--openresty [version] Upgrade OpenResty
--apache [version] Upgrade Apache
--tomcat [version] Upgrade Tomcat
--db [version] Upgrade MySQL/MariaDB/Percona
--php [version] Upgrade PHP
--redis [version] Upgrade Redis
--memcached [version] Upgrade Memcached
--phpmyadmin [version] Upgrade phpMyAdmin
--oneinstack Upgrade OneinStack latest
--acme.sh Upgrade acme.sh latest

[root@OneinStack ~]# sudo /root/oneinstack/upgrade.sh

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# Upgrade Software versions for OneinStack #
# For more information please visit https://oneinstack.com #
#######################################################################

What Are You Doing?
1. Upgrade Nginx/Tengine/OpenResty
2. Upgrade Apache
3. Upgrade Tomcat
4. Upgrade MySQL/MariaDB/Percona
5. Upgrade PHP
6. Upgrade Redis
7. Upgrade Memcached
8. Upgrade phpMyAdmin
9. Upgrade OneinStack latest
10. Upgrade acme.sh latest
q. Exit

Please input the correct option: q

Add addons component

Exec command
sudo /root/oneinstack/addons.sh
tip

Execute sudo /root/oneinstack/addons.sh --help to view supported parameters

e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/addons.sh -h

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# Install/Uninstall Extensions #
# For more information please visit https://oneinstack.com #
#######################################################################

Usage: /root/oneinstack/addons.sh command ...
--help, -h Show this help message
--install, -i Install
--uninstall, -u Uninstall
--composer Composer
--fail2ban Fail2ban
--ngx_lua_waf Ngx_lua_waf
--python Python (PATH: /usr/local/python)

[root@OneinStack ~]# sudo /root/oneinstack/addons.sh

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# Install/Uninstall Extensions #
# For more information please visit https://oneinstack.com #
#######################################################################

What Are You Doing?
1. Install/Uninstall PHP Composer
2. Install/Uninstall fail2ban
3. Install/Uninstall ngx_lua_waf
4. Install/Uninstall Python3.6
q. Exit
Please input the correct option: 3

Please select an action:
1. install
2. uninstall
Please input a number:(Default 1 press Enter) 1

How to uninstall

Exec command
sudo /root/oneinstack/uninstall.sh
tip

Some items can be uninstalled separately. For example, if the database uses a cloud vendor RDS, the database can be uninstalled separately. Pay attention to backing up the data.

e.g.: Execute command process
[root@OneinStack ~]# sudo /root/oneinstack/uninstall.sh -h
#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# Uninstall OneinStack #
# For more information please visit https://oneinstack.com #
#######################################################################

Usage: /root/oneinstack/uninstall.sh command ...[parameters]....
--help, -h Show this help message, More: https://oneinstack.com
--quiet, -q quiet operation
--all Uninstall All
--web Uninstall Nginx/Tengine/OpenResty/Apache/Tomcat
--mysql Uninstall MySQL/MariaDB/Percona
--postgresql Uninstall PostgreSQL
--mongodb Uninstall MongoDB
--php Uninstall PHP (PATH: /usr/local/php80)
--mphp_ver [53~81] Uninstall another PHP version (PATH: /usr/local/php80${mphp_ver})
--allphp Uninstall all PHP
--phpcache Uninstall PHP opcode cache
--php_extensions [ext name] Uninstall PHP extensions, include zendguardloader,ioncube,
sourceguardian,imagick,gmagick,fileinfo,imap,ldap,calendar,phalcon,
yaf,yar,redis,memcached,memcache,mongodb,swoole,xdebug
--pureftpd Uninstall PureFtpd
--redis Uninstall Redis-server
--memcached Uninstall Memcached-server
--phpmyadmin Uninstall phpMyAdmin
--python Uninstall Python (PATH: /usr/local/python)
--node Uninstall Nodejs (PATH: /usr/local/node)

[root@OneinStack ~]# sudo /root/oneinstack/uninstall.sh

#######################################################################
# OneinStack for CentOS/RedHat 7+ Debian 9+ and Ubuntu 16+ #
# Uninstall OneinStack #
# For more information please visit https://oneinstack.com #
#######################################################################

What Are You Doing?
0. Uninstall All
1. Uninstall Nginx/Tengine/OpenResty/Apache/Tomcat
2. Uninstall MySQL/MariaDB/Percona
3. Uninstall PostgreSQL
4. Uninstall MongoDB
5. Uninstall all PHP
6. Uninstall PHP opcode cache
7. Uninstall PHP extensions
8. Uninstall PureFtpd
9. Uninstall Redis
10. Uninstall Memcached
11. Uninstall phpMyAdmin
12. Uninstall Python (PATH: /usr/local/python)
13. Uninstall Nodejs (PATH: /usr/local/node)
q. Exit

Please input the correct option: q

More

How to deploy a java website on a server

caution

Ftp upload code do not need to modify permissions,default is already www; Download the code in server, you must modify the site root and subdirectories,Directory file permissions are www; If there is a problem with site permissions,Please refer to《About site root permissions

e.g.: demo.war deployment JAVA website
[root@OneinStack ~]# ls
demo.war oneinstack ReadMe
[root@OneinStack ~]# cd /data/wwwroot/demo.oneinstack.com
[root@OneinStack demo.oneinstack.com]# jar xf /root/demo.war
[root@OneinStack demo.oneinstack.com]# ls -l
total 4
drwxr-xr-x 4 root root 4096 Oct 30 19:26 demo
[root@OneinStack demo.oneinstack.com]# mv demo/* .
[root@OneinStack demo.oneinstack.com]# rm -rf demo
[root@OneinStack demo.oneinstack.com]# chown -R www.www ./
[root@OneinStack demo.oneinstack.com]# systemctl restart tomcat

Create deploy JAVA website

The default mirror is static and dynamic separation, that is, nginx handles static resources (JSS, CCC, pictures, etc.), and the rest goes to Tomcat processing. The default (non binding domain) corresponding to the site root directory /data/wwwroot/default (not webapps), the deployment of code recommendations will pack War (such as example.war, jar xf example.war, unzip: note that permissions must be WWW), the code into the corresponding web site root directory.

  • If you upload the code, the directory structure is /data/wwwroot/default/WEB-INF, and the access address is: http://IP
  • If you upload the code, the directory structure is: /data/wwwroot/default/example/WEB-INF, access the web site address is: http://IP/example.
caution
  • The war package can also be uploaded to the corresponding web root without decompression, but you must pay attention to access paths and static resource directory issues. If you visit the site, the static loading of resources may be the reason is not, do separate static resources directly with nginx, please confirm whether nginx can find relevant static resources (nginx web site root directory: /data/wwwroot/default)
  • If the vhost.sh binds the domain name, such as www.example.com, the tool automatically generates the corresponding root directory: /data/wwwroot/www.example.com, put the code in this directory.
  • Tomcat parameter, please modify: /usr/local/tomcat/bin/setenv.sh

About site root permissions

Webroot permissions to follow::

file 644, folder 755, Permissions Users and groups www

If there is a file permissions problem, execute the following three commands:

Exec command
chown -R www.www /data/wwwroot/
find /data/wwwroot/ -type d -exec chmod 755 {} \;
find /data/wwwroot/ -type f -exec chmod 644 {} \;

About redis and memcached

  • Redis default port: 6379
  • Memcached default port: 11211
  • default only listen IP: 127.0.0.1

How to increase the maximum memory size of Redis?

Edit the Redis configuration file
vi /usr/local/redis/etc/redis.conf

maxmemory 1024000000 #Unit byte

Exec command, Restart to take effect
systemctl restart redis-server

How to increase the maximum memory size of Redis?

Edit the Memcached configuration file
vi /lib/systemd/system/memcached.service

Environment=CACHESIZE=256 #Unit MB

Memcached configuration takes effect
systemctl daemon-reload
systemctl restart memcached

Change Redis listening port

Edit the Redis configuration file
vi /usr/local/redis/etc/redis.conf

bind 127.0.0.1 change to bind 0.0.0.0

tip

systemd is the latest initialization system (init) of the Linux system. Its function is to improve the startup speed of the system, start as few processes as possible, and start as many processes as possible concurrently. The corresponding process management command is systemctl, which is supported by CentOS7 and Ubuntu/Debian. It is recommended to use sytemd to manage services.

Restart Redis to take effect
systemctl restart redis-server

Change Memcached listening port

Edit the Memcached configuration file
vi /lib/systemd/system/memcached.service

OPTIONS="-l 127.0.0.1" change to OPTIONS=""

Memcached configuration takes effect
systemctl daemon-reload
systemctl restart memcached

About iptables firewall

By default, 22 (SSH) 80, 443 (Nginx) 21, 20000~30000 (FTP) are enabled

tip

V2.0 or later, iptables is disabled

All other ports are rejected. Other ports need to be allowed as follows, such as opening port 8080, please do the following.

Exec command
iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
service iptables save
e.g.: Execute command process
[root@OneinStack ~]# iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
[root@OneinStack ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@OneinStack ~]# iptables -nvL
Chain INPUT (policy DROP 14 packets, 586 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
206 15880 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:20000:30000
29 812 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 219 packets, 38990 bytes)
pkts bytes target prot opt in out source destination

Chain syn-flood (0 references)
pkts bytes target prot opt in out source destination