记录一下自己的工作,干净的系统。如何部署用到线上?
1,网络配置
为了方便安装软件包,一般都是需要设置yum源的。我这里两块网卡,eth0用于设置内网IP,访问外网要走公司的网关。dns也要走公司dns服务器,所以需要设置内网IP。eth1用于设置外网IP,用于外网访问ftp服务器。网络配置,主要是内网设置的时候会有一些工作量。主要是要设置路由转发。
设置内网IP vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
IPV6INIT=yes
MTU=1500
NM_CONTROLLED=yes
ONBOOT=yes
TYPE=Ethernet
IPADDR=10.0.5.213
NETMASK=255.255.255.0
默认你的网络配置文件下是没有路由转发配置文件的,如果你的通过eth0的请求要经过路由,那么就在/etc/sysconfig/network-scripts/下创建route-eth0。对应的,如果是eth1也是这样。我这里是通过eth0来走内网的,
vim /etc/sysconfig/network-scripts/route-eth0
10.0.0.0/8 via 10.0.5.1
当然你也可以通过ip ro命令去添加路由。关于ip ro可以去google。
然后是设置dns,
vim /etc/resolv.conf
nameserver 10.0.0.6
这里的地址,是公司的dns服务器。如果你只是通过虚拟机去实验,可以参考我的CentOS设置yum源去设置网络。
这样下来,你的服务器访问外网就没问题了。
总结一下,如果你是公司的网络,一般你是要设置3个地方,内网ip,路由,dns。如果你是虚拟机,一般你只需要设置dns即可。
2,yum源设置
源有很多,163,雅虎等等。一般用的多的好像都是163源。这一步可以参考我的博客http://www.cnblogs.com/chenxiaojian/p/3667649.html
3,安装mysql
设置好了yum源,就可以很方便安装需要的软件包。
可以使用yum list |grep mysql来查看一下你的环境是否已经安装了mysql。
如果有,而且你也可以使用,就不必看接下来的内容。
如果你想重新安装,你可以yum remove mysql来移除现有的mysql。
我这里是安装的mysql-server。装就装个全的。免得麻烦,菜鸟就是这么搞。
yum install mysql-server
yum install mysql-devel //这个东西如果不装的话,pureftpd源码安装的时候会出现问题。
安装好之后,就可以启动mysql了。如果是第一次启动,会出现一些提示信息,提示你去设置root密码之类的。
可以使用mysqladmin -u root password rootpass来设置你的mysql的root密码。
设置好了之后,可以使用mysql -u root -p,然后用你的密码登录。
接下来,为你的ftp服务器创建数据库,
create databse pureftpd;
创建用户,grant all on pureftpd.* to 'ftpuser'@'localhost' identified by 'ftpuser_pass';
创建admin表,用于ftp用户的后台管理。
CREATE TABLE `admin` (
`Username` varchar(35) NOT NULL DEFAULT '',
`Password` char(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '',
PRIMARY KEY (`Username`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
创建users表,存储ftp用户信息。
CREATE TABLE `users` (
`User` varchar(16) NOT NULL DEFAULT '',
`Password` varchar(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '',
`Uid` int(11) NOT NULL DEFAULT '14',
`Gid` int(11) NOT NULL DEFAULT '5',
`Dir` varchar(128) NOT NULL DEFAULT '',
`QuotaFiles` int(10) NOT NULL DEFAULT '500',
`QuotaSize` int(10) NOT NULL DEFAULT '30',
`ULBandwidth` int(10) NOT NULL DEFAULT '80',
`DLBandwidth` int(10) NOT NULL DEFAULT '80',
`Ipaddress` varchar(15) NOT NULL DEFAULT '*',
`Comment` tinytext,
`Status` enum('0','1') NOT NULL DEFAULT '1',
`ULRatio` smallint(5) NOT NULL DEFAULT '1',
`DLRatio` smallint(5) NOT NULL DEFAULT '1',
PRIMARY KEY (`User`),
UNIQUE KEY `User` (`User`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
然后>quit;
4,通过源码安装pure-ftpd-1.0.36
首先,你要去下载pure-ftpd-1.0.36.tar.gz。去哪里下就不说了。一般规范点,你下下来的源码,可以建议都放在/usr/local/src/下面。
然后tar -zxvf pure-ftpd-1.0.36.tar.gz
linux源码的安装,相信大家都没问题。pure-ftpd的源码安装网上的资料很乱,configure会有特别的配置项,其实如果你不是那么的了解,或者你的ftp服务器不是那么的专业级,你不需要去管那么多。你一般你需要加如下几个:
--prefix=/usr/local/pureftpd/ 指定安装目录,值得说一下的是,对于我们这种新人,一般都不会指定这个。可以将自己安装的软件都放在/usr/local/目录下面。
--with-mysql 使用mysql来管理你的ftp用户。
--with-language=english 设置语言,要用中文的话simple-chinese
--with-everything 这就是我们可以不用去管那么多特定配置的原因。如果你不懂就指定everything就好,就相当于我们平时安装软件时,选择全部安装。
通过以下命令来完成安装。
./configure --prefix=/usr/local/pureftpd/ --with-mysql --with-language=english --with-everything
make && make install
configure出现错误,一般都是你的环境下,没有安装mysql-devel。使用yum install mysql-devel安装即可。
安装好pureftpd之后,接下来就是配置了。
我们将配置文件放到安装目录下的/etc/下面,你会发现安装目录下是没有/etc目录的,自己创建一个
mkdir /usr/local/pureftpd/etc
赋予读写权限,chmod 755 /usr/local/pureftpd/etc
pureftpd的两个主要配置文件是pure-ftpd.conf pureftpd-mysql.conf。他们在你解压出来的源码目录下的configuration-file目录下,
我们将他们复制到/usr/local/pureftpd/etc下,
进入到你的源码目录下面,cd /usr/local/src/pure-ftpd-1.0.36
cp ./configuration-file/pure-ftpd.conf /usr/local/pureftpd/etc/ //配置pureftpd属性
cp ./configuration-file/pureftpd-mysql.conf /usr/local/pureftpd/etc/ //配置pureftpd与mysql连接的属性
这里我直接将我的两个配置给出,需要注意的是
AnonymousOnly,NoAnonymous,他们两个的逻辑是相反的。如果你需要用户先认证,才能访问你的ftp服务器,那么你就讲后者设置为yes,否则将后者设置为no,前者设置为yes
MySQLConfigFile,路径是你上面设置的存放pureftpd-mysql.conf的地址
PIDFile 如果你在一台服务器上跑了两个pureftp实例,那么你要注意,将进程文件设置为不同的名字,否则。进程文件会冲突,有一个进程会杀不掉。因为,停止pureftpd服务是去找到进程文件,然后去杀掉进程的。
ChrootEveryone yes
BrokenClientsCompatibility no
MaxClientsNumber 200
# Fork in background
Daemonize yes
# Maximum number of sim clients with the same IP address
MaxClientsPerIP 50
# If you want to log all client commands, set this to "yes".
# This directive can be duplicated to also log server responses.
VerboseLog no
DisplayDotFiles yes
# Don't allow authenticated users - have a public anonymous FTP only.
AnonymousOnly no
# Disallow anonymous connections. Only allow authenticated users.
NoAnonymous yes
# Syslog facility (auth, authpriv, daemon, ftp, security, user, local*)
# The default facility is "ftp". "none" disables logging.
SyslogFacility ftp
DontResolve yes
# Maximum idle time in minutes (default = 15 minutes)
MaxIdleTime 15
# LDAP configuration file (see README.LDAP)
# LDAPConfigFile /etc/pureftpd-ldap.conf
# MySQL configuration file (see README.MySQL)
MySQLConfigFile /usr/local/pureftpd/etc/pureftpd-mysql.conf
LimitRecursion 10000 8
# Are anonymous users allowed to create new directories ?
AnonymousCanCreateDirs no
# If the system is more loaded than the following value,
# anonymous users aren't allowed to download.
MaxLoad 4
AntiWarez yes
# IP address/port to listen to (default=all IP and port 21).
Bind 122.226.64.213,2121
# Maximum bandwidth for anonymous users in KB/s
# AnonymousBandwidth 8
# Maximum bandwidth for *all* users (including anonymous) in KB/s
# Use AnonymousBandwidth *or* UserBandwidth, both makes no sense.
# UserBandwidth 8
# File creation mask. <umask for files>:<umask for dirs> .
# 177:077 if you feel paranoid.
Umask 133:022
AllowUserFXP no
# Allow anonymous FXP for anonymous and non-anonymous users.
AllowAnonymousFXP no
# Users can't delete/write files beginning with a dot ('.')
# even if they own them. If TrustedGID is enabled, this group
# will have access to dot-files, though.
ProhibitDotFilesWrite no
# Prohibit *reading* of files beginning with a dot (.history, .ssh...)
ProhibitDotFilesRead no
# Never overwrite files. When a file whose name already exist is uploaded,
# it get automatically renamed to file.1, file.2, file.3, ...
AutoRename no
# Disallow anonymous users to upload new files (no = upload is allowed)
AnonymousCantUpload no
# Minimum UID for an authenticated user to log in.
MinUID 100
CreateHomeDir yes
# Enable virtual quotas. The first number is the max number of files.
# The second number is the max size of megabytes.
# So 1000:10 limits every user to 1000 files and 10 Mb.
#Quota 1000:10
# If your pure-ftpd has been compiled with standalone support, you can change
# the location of the pid file. The default is /var/run/pure-ftpd.pid
PIDFile /var/run/pure-ftpd.pid
MaxDiskUsage 99
# Set to 'yes' if you don't want your users to rename files.
#NoRename yes
# Be 'customer proof' : workaround against common customer mistakes like
# 'chmod 0 public_html', that are valid, but that could cause ignorant
# customers to lock their files, and then keep your technical support busy
# with silly issues. If you're sure all your users have some basic Unix
# knowledge, this feature is useless. If you're a hosting service, enable it.
CustomerProof yes
下面这个是pureftpd-mysql.conf配置,
MYSQLServer localhost
# Optional : MySQL port. Don't define this if a local unix socket is used.
MYSQLPort 3306
# Optional : define the location of mysql.sock if the server runs on this host.
MYSQLSocket /var/lib/mysql/mysql.sock
# Mandatory : user to bind the server as.
MYSQLUser pureftpduser
# Mandatory : user password. You must have a password.
MYSQLPassword pureftpdpass
# Mandatory : database to open.
MYSQLDatabase pureftpd
# Mandatory : how passwords are stored
# Valid values are : "cleartext", "crypt", "sha1", "md5" and "password"
# ("password" = MySQL password() function)
# You can also use "any" to try "crypt", "sha1", "md5" *and* "password"
MYSQLCrypt md5
MYSQLGetPW SELECT Password FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetUID SELECT Uid FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetGID SELECT Gid FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetDir SELECT Dir FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
千万注意,一定要保证mysql用户名和密码正确。不然后期,你设置都没问题,ftp客户端就是访问不了你的服务器,你很难定位到问题是出现在你的手误。
配置文件设置好了之后,接下来就是配置你的服务了,
cp configuration-file/pure-config.pl /usr/local/pureftpd/sbin/
chmod u+x /usr/local/pureftpd/sbin/pure-config.pl
ftpd服务的启动和停止都是调用pure-config.pl去操作配置文件去完成的。所以我们要对默认的pure-config.pl进行相应的更改,主要是更改里面pure-ftpd.conf的路径。
最后,我们处理启动服务的文件。我也不知道怎么称呼,举个例子来说明这个东东。
比如,我们启动http服务,我们用service httpd start。在源码目录下的contrib目录下有个redhat.init,我们将他复制到/etc/init.d/下,自己随便起个名字,记住就ok。
cp contrib/redhat.init /etc/init.d/pureftpd
至此,pureftpd的安装和配置就算完成了。
今天先写到这里吧,累死了。从小就不会写作文啊,关于pureftpd的测试,改日再另外的一篇博客写。