{"id":419,"date":"2024-05-05T15:32:06","date_gmt":"2024-05-05T12:32:06","guid":{"rendered":"https:\/\/road-to-heaven.viro35.ru\/?page_id=419"},"modified":"2024-05-29T18:20:50","modified_gmt":"2024-05-29T15:20:50","slug":"linux","status":"publish","type":"page","link":"https:\/\/road-to-heaven.viro35.ru\/?page_id=419","title":{"rendered":"Linux"},"content":{"rendered":"\n

\u0420\u0415\u0414 \u041e\u0421 v8 \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u0440\u0435\u0434 Red Hat v12. \u041f\u0430\u043a\u0435\u0442\u044b \u0447\u0435\u0440\u0435\u0434 dnf<\/p>\n\n\n\n

\u0421\u0430\u0439\u0442\u044b \u0445\u0440\u0430\u043d\u044f\u0442\u0441\u044f \u0432 var\/www\/html ???\u0441\u0440\u0430\u0437\u0443 \u0432\u044b\u0434\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043b\u044f nginx \u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043d\u043e\u0432\u044b\u0445<\/p>\n\n\n\n

\u0432\u044b\u0434\u0430\u0447\u0430 \u043f\u0440\u0430\u0432 \u043d\u0430 \u0432\u0441\u044f\u043a\u0438\u0439 \u0441\u043b\u0443\u0447\u0430\u0439<\/p>\n\n\n\n

chmod -R 0700 \/var\/lib\/samba\/private\/*<\/code><\/pre>\n\n\n\n
\u0424\u0430\u0439\u043b\u044b nginx \u0432 etc\/nginx.  \u0414\u043b\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u043e\u0432 \u0441\u0430\u0439\u0442\u043e\u0432 \u0441\u043e\u0437\u0434\u0430\u0435\u043c \u043f\u0430\u043f\u043a\u0443 sites-available, \u0435\u0435 \u0436\u0435 \u0438\u043d\u043a\u043b\u0443\u0434\u0438\u043c \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0435. \u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043e\u0431\u0449\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0438 \u0434\u043b\u044f \u0412\u041f \u043c\u043e\u0436\u043d\u043e \u0432\u044b\u043d\u0435\u0441\u0442\u0438 \u0435\u0449\u0435 \u043a\u0443\u0434\u0430 \u0442\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e<\/p>\n\n\n\n
Nginx<\/h2>\n\n\n\n
systemctl stop nginx\nsystemctl start nginx\nsystemctl restart nginx\n#\u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u043f\u0445\u043f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e\nsystemctl restart nginx php-fpm\nsystemctl enable nginx php-fpm\n\nchcon -R -t httpd_sys_rw_content_t \/var\/www\/\nchown -R nginx:nginx \/var\/lib\/php\/\n\n\u043d\u0438\u0436\u043d\u0435\u0435 \u0441\u043e\u043c\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\nsetsebool -P httpd_can_network_connect_db 1\nsetsebool -P httpd_can_network_connect 1\n\n\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0435 \u043f\u0445\u043f \u0444\u043f\u043c\nlisten.acl_users = nginx,apache\n\n\u043f\u043e\u0441\u043b\u0435 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0430\u043f\u043e\u043a \u0434\u0435\u043b\u0430\u0435\u043c \u0441\u0441\u044b\u043b\u043a\u0443\nsudo ln -s \/etc\/nginx\/sites-available\/road-to-rarus \/etc\/nginx\/sites-enabled\/\n\n\u044d\u0442\u0443 \u0445\u0440\u0435\u043d\u044c \u0432 html \u043a\u043e\u043d\u0444\u0438\u0433\u0430 \u043d\u0433\u0438\u043d\u043a\u0441 \u0432 \u043d\u0430\u0447\u0430\u043b\u043e\nclient_max_body_size 200M;<\/code><\/pre>\n\n\n\n
PHP<\/h2>\n\n\n\n
dnf install php81-release\ndnf clean all\ndnf makecache\ndnf update php*\ndnf install -y php php-cli php-common php-fpm php-mysqlnd php-dom php-simplexml php-ssh2 php-xml php-xmlreader php-curl php-date php-exif php-filter php-ftp php-gd php-hash php-iconv php-json php-libxml php-pecl-imagick php-mbstring php-mysqlnd php-openssl php-pcre php-posix php-sockets php-spl php-tokenizer php-zlib php-zip php-intl\nphp -v<\/code><\/pre>\n\n\n\n
\u041f\u0440\u0430\u0432\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0433 php-fpm \u0410 \u0412\u041e\u0422 \u042d\u0422\u041e \u0412\u041e\u041f\u0420\u041e\u0421 \u041a\u041e\u041d\u0415\u0427\u041d\u041e<\/p>\n\n\n\n
kwrite \/etc\/php-fpm.d\/www.conf #\u043f\u043e\u0434 \u0440\u0443\u0442\u043e\u043c\nuser = nginx\ngroup = nginx \n\u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043d\u0438\u0436\u043d\u0435\u0435\nlisten = \/run\/php-fpm\/www.sock<\/code><\/pre>\n\n\n\n
Composer<\/h2>\n\n\n\n
curl -sS https:\/\/getcomposer.org\/installer -o composer-setup.php\nphp composer-setup.php --install-dir=\/usr\/local\/bin --filename=composer<\/code><\/pre>\n\n\n\n
SSL\/TLS<\/h2>\n\n\n\n
dnf install certbot python3-certbot-nginx<\/code><\/pre>\n\n\n\n
certbot -nginx -d linuh-second.viro35.ru -register-unsafely-without-email<\/code><\/pre>\n\n\n\n
<\/p>\n\n\n\n
MySql<\/h2>\n\n\n\n
dnf install mariadb mariadb-server\nsystemctl start mariadb\nsystemctl enable mariadb.service\nmysql_secure_installation #\u0447\u0435 \u044d\u0442\u043e \u0437\u0430 \u0445\u0440\u0435\u043d\u044c \u0432\u044b\u044f\u0441\u043d\u0438\u0442\u044c<\/code><\/pre>\n\n\n\n
\u041a \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c\u0443 \u043b\u0438\u043d\u043a\u0443 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c<\/p>\n\n\n\n
$link->set_charset('utf8mb4');\n# \u0435\u0441\u043b\u0438 PDO \u0447\u0435\u0440\u0435\u0437 DSN $dbh = new PDO('mysql:host=...;charset=utf8mb4');<\/span><\/code><\/pre>\n\n\n\n
\u041f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u0441\u0445\u0435\u043c\u044b \u0441\u0442\u0430\u0432\u0438\u043c utf8mb4<\/p>\n\n\n\n
\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0447\u0442\u043e \u0437\u0430 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0430 \u043c\u043e\u0436\u043d\u043e \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439<\/p>\n\n\n\n
SHOW CREATE TABLE table_name<\/code><\/pre>\n\n\n\n
WordPress<\/h2>\n\n\n\n
\u0412 \u043a\u043e\u043d\u0444\u0438\u0433\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0432 \u043a\u043e\u043d\u0435\u0446<\/p>\n\n\n\n
define(\"FS_METHOD\", \"direct\");<\/code><\/pre>\n\n\n\n
\u0412 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u043f\u043e\u0434 \u0440\u0443\u0442\u043e\u043c<\/p>\n\n\n\n
setenforce 1 #\u0432\u043a\u043b\/\u0432\u044b\u043a\u043b SELinux \u043c\u0435\u0441\u0442\u043d\u0443\u044e \u0437\u0430\u0449\u0438\u0442\u0443 (\u0434\u043e\u043b\u0436\u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c)\n\n#\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043d\u0443\u0436\u043d\u043e \u043d\u043e \u043d\u0435 \u0444\u0430\u043a\u0442 (\u044d\u0442\u043e \u0434\u043b\u044f \u0430\u043f\u0430\u0447\u0430, \u0442\u0430\u043a \u0447\u0442\u043e \u0445\u0437...)\nsemanage fcontext -a -t httpd_sys_rw_content_t \"\/var\/www\/mywebsite(\/.*)?\"\nrestorecon -Rv \/var\/www\/mywebsite\n#\u0435\u0441\u043b\u0438 \u043d\u0435 \u043f\u043e\u043c\u043e\u0433\u043b\u043e \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0442\u043e... \nsetsebool -P httpd_can_network_connect on\nsetsebool -P httpd_can_network_connect_db 1<\/code><\/pre>\n\n\n\n
\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 WP \u0432 nginx <\/h2>\n\n\n\n
##################################\n# WORDPRESS NGINX CONFIGURATIONS\n##################################\nserver {\n        listen 80;\n        root \/var\/www\/mywebsite;\n        server_name mywebsite.com www.mywebsite.com;      # Set valid & correct domain\n\taccess_log \/var\/log\/nginx\/mywebsite_access.log;   # Configure access log file\n\terror_log \/var\/log\/nginx\/mywebsite_error.log;     # Configure error log file\n\n\tlocation \/ {\n    \t\tindex                               index.php index.html;\n    \t\ttry_files                           $uri $uri\/ \/index.php?$args;\n\t}\n\n#############\n# Specify a charset\n############\n        charset                         utf-8;\n\n############\n# GZIP\n###########\n\n        gzip                            on;\n\tgzip_vary on;\n\tgzip_proxied any;\n\tgzip_comp_level 6;\n\tgzip_min_length 1100;\n\tgzip_buffers 16 8k;\n\tgzip_http_version 1.1;\n\tgzip_types image\/svg+xml text\/plain  text\/xml text\/css text\/javascript application\/xml application\/xhtml+xml application\/rss+xml application\/javascript application\/x-javascript application\/x-font-ttf application\/vnd.ms-fontobject font\/opentype font\/ttf font\/eot font\/otf;\n\n############\n# this prevents hidden files (beginning with a period) from being served\n############\n\nlocation ~ \/\\. {\n        access_log                      off;\n        log_not_found                   off;\n        deny                            all;\n}\n\n###########\n# SEND EXPIRES HEADERS AND TURN OFF 404 LOGGING\n###########\n\n        location ~* ^.+.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {\n        access_log                      off;\n        log_not_found                   off;\n        expires                         max;\n}\n\n############\n# Pass uploaded files to wp-includes\/ms-files.php.\n############\n\n#       rewrite                         \/files\/$ \/index.php last;\n\nif ($uri !~ wp-content\/plugins) {\n        rewrite \/files\/(.+)$ \/wp-includes\/ms-files.php?file=$1 last;\n}\n\n\n############\n# Pass all .php files onto a php-fpm or php-cgi server\n############\n\nlocation ~ \\.php$ {\n\n        # Try the files specified in order. In our case, try the requested URI and if\n        # that fails, try (successfully) to pass a 404 error.\n        # zero day exploit defense\n\n        try_files                       $uri =404;\n\n        # Include the fastcgi_params defaults provided by nginx\n\n        include                         \/etc\/nginx\/fastcgi_params;\n\n        # The amount of time for upstream to wait for a fastcgi process to send data.\n        # We keep this *extremely* high so that one can be lazy when remote debugging.\n\n        fastcgi_read_timeout            3600s;\n\n         # Buffer size for reading the header of the backend FastCGI process.\n        # This defaults to the value of a single fastcgi_buffers, so does not\n        # need to be specified in our case, but it's good to be explicit.\n\n        fastcgi_buffer_size             128k;\n\tfastcgi_connect_timeout 3s;\n\tfastcgi_send_timeout 120s;\n\tfastcgi_temp_file_write_size 256k;\n\n\n\n        # The number and size of the buffers into which the reply from the FastCGI\n        # process in the backend is read.\n        #\n        # 4 buffers at 128k means that any reply by FastCGI greater than 512k goes\n        # to disk and replies under 512k are handled directly in memory.\n\n        #fastcgi_buffers                 4 128k;\n        fastcgi_buffers                 256 16k;\n\n        # SCRIPT_FILENAME is a required parameter for things to work properly,\n        # but was missing in the default fastcgi_params on upgrade to nginx 1.4.\n        # We define it here to be sure that it exists.\n\n        fastcgi_param                   SCRIPT_FILENAME $document_root$fastcgi_script_name;\n\n\n # Use the upstream for php7.0-fpm that we defined in nginx.conf\n\n        fastcgi_pass                    unix:\/run\/php-fpm\/www.sock;\n        #fastcgi_pass                    127.0.0.1:9000;\n\n        # And get to serving the file!\n\n        fastcgi_index                   index.php;\n}\n\n\n############\n# ROBOTS\n###########\n\n         location = \/robots.txt {\n               allow all;\n               log_not_found off;\n               access_log off;\n        }\n\n\n############\n# RESTRICTIONS\n############\n\n# Deny access to any files with a .php extension in the uploads directory\n# Works in sub-directory installs and also in multisite network\n# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)\nlocation ~* \/(?:uploads|files)\/.*\\.php$ {\n deny all;\n }\n}<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u0420\u0415\u0414 \u041e\u0421 v8 \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u0440\u0435\u0434 Red Hat v12. \u041f\u0430\u043a\u0435\u0442\u044b \u0447\u0435\u0440\u0435\u0434 dnf \u0421\u0430\u0439\u0442\u044b \u0445\u0440\u0430\u043d\u044f\u0442\u0441\u044f \u0432 var\/www\/html ???\u0441\u0440\u0430\u0437\u0443 \u0432\u044b\u0434\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043b\u044f nginx \u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043d\u043e\u0432\u044b\u0445 \u0432\u044b\u0434\u0430\u0447\u0430 \u043f\u0440\u0430\u0432 \u043d\u0430…<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-419","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/road-to-heaven.viro35.ru\/index.php?rest_route=\/wp\/v2\/pages\/419","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/road-to-heaven.viro35.ru\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/road-to-heaven.viro35.ru\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/road-to-heaven.viro35.ru\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/road-to-heaven.viro35.ru\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=419"}],"version-history":[{"count":48,"href":"https:\/\/road-to-heaven.viro35.ru\/index.php?rest_route=\/wp\/v2\/pages\/419\/revisions"}],"predecessor-version":[{"id":502,"href":"https:\/\/road-to-heaven.viro35.ru\/index.php?rest_route=\/wp\/v2\/pages\/419\/revisions\/502"}],"wp:attachment":[{"href":"https:\/\/road-to-heaven.viro35.ru\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=419"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}