forked from ruby-china/homeland
-
Notifications
You must be signed in to change notification settings - Fork 0
如何安装 Rails 生产环境
chi-chi weng edited this page Aug 8, 2014
·
1 revision
sudo passwd root
sudo su root
echo "UseDNS no" >> /etc/ssh/sshd_config
dpkg-reconfigure tzdata
adduser deploy
adduser deploy sudo
chown -R deploy /varssh-copy-id deploy@11.11.11.11sudo su root
wget http://git.io/M39Kkg -O /etc/apt/sources.list
update-rc.d ssh defaults# 有的主机会安装apache2,需要事先卸载掉
apt-get autoremove
service apache2 stop
apt-get remove apache2*apt-get update
apt-get install curl
curl -L http://git.io/GHUrEg | bash
su deploy
fc-list :lang=zh-cn
convert -list font
curl -L http://git.io/uPbTZQ | bash
source ~/.bashrc
ruby -vsed -i 's!cache.ruby-lang.org/pub/ruby!ruby.taobao.org/mirrors/ruby!' $rvm_path/config/db
gem sources --remove https://rubygems.org/
gem sources -a https://ruby.taobao.org/
gem sources -lgem install rmagick bundler nokogirisudo su root
curl -L http://git.io/u9JK-g | bash
vi /etc/nginx/nginx.conf找到这两行
# passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
# passenger_ruby /usr/bin/ruby;修改成
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
passenger_ruby /home/deploy/.rvm/wrappers/default/ruby;rm /etc/nginx/sites-enabled/default
wget http://git.io/hgzZdA -O /etc/nginx/sites-enabled/my_app_nginx.conf
sudo service nginx restartsudo su root
curl -L http://git.io/mL8L-A | bashrm /etc/nginx/sites-enabled/default
wget http://git.io/3WeE2Q -O /etc/nginx/sites-enabled/my_app_nginx.conf
service nginx restart
wget http://git.io/EKmqlA -O /etc/init.d/unicorn_init
update-rc.d unicorn_init default
sudo su deploy
sudo chmod +x /etc/init.d/unicorn_initsudo apt-get install -y mysql-server mysql-client libmysqlclient-dev
create user 'username'@'localhost' identified by 'secret';
grant all privileges on database_name to 'username'@'localhost';
# 数据库的数据和表结构导出
mysqldump -u user -p my_database >output.sql
# 数据库的数据导出
mysqldump -u user -p my_database --no-create-info >output.sql
# 数据库的导入
mysql -u username -p -h localhost target_database < output.sql
# 关闭
service mysql stopapt-get install -y postgresql postgresql-contrib libpq-dev
sudo su - postgres
createuser --pwprompt
exit
sudo -u postgres psql
\password
create user my_user with password 'secret';
create database database_name owner my_user;
grant all privileges on database database_name to my_user;
\l # 列出所有的数据库和用户
\quit
psql -h 127.0.0.1 -d database_name -U my_user;
# 使用test_user 备份 test_db 数据库为 test.sql
pg_dump -h 127.0.0.1 -f test.sql -U test_user test_db;
# 导入已备份的数据库
psql -U test_user -d database_to_import -f test.sql -h 127.0.0.1
# 关闭
service postgresql stopcurl -L http://git.io/m4TR3g | bash
service mongod start
show dbs;
use database_name;
# 将数据保存在current 文件夹
mongodump --db my_database --out current;
tar -cvf current.tag.gz current;
tar -xvf current.tag.gz;
# 先删除再导入数据
mongorestore -d target_database current/source_db_name --drop;curl -L http://git.io/8H461w | bash
service redis-server restart
# 设置最大内存100MB
vi /etc/redis/redis.conf
maxmemory 100000000
maxmemory-samples 10
redis-cli
# redis-cli 使用
keys *apt-get install -y memcached
# vi /etc/memcached.conf
/etc/init.d/memcached restart# 查看是否有sendmail进程
netstat -lptn
# 如果安装了sendmail 需要卸载掉,否则会冲突
/etc/init.d/sendmail stop
apt-get purge sendmail*
apt-get remove -y procmail sendmail-base m4 sendmail-cf libdb4.8
# 安装发件
apt-get install -y telnet postfix mailutils
# 选项选择Internet Site
# System mail name: 您的域名 比如 rails-application.com
netstat -lptn | grep :25
wget http://git.io/I7XBBA -O /etc/postfix/main.cf
# 注意将myhostname 修改为您的邮件服务器的地址
vi /etc/postfix/main.cf
myhostname = mail.example.com
/etc/init.d/postfix check
/etc/init.d/postfix restart
service postfix reload
# 查看邮件信息
mail
# you will see a email
echo “Mail Content” | mail -s "Mail Subject" 949409306@qq.com
# or you can type this command return and ctrl+d to end
mail 949409306@qq.com
# or use text file as input
mail -s test 949409306@qq.com < test.txt
# use attachment
uuencode attachmentfile attachmentname | mail -s "Mail Subject" 949409306@qq.com
# (可选)如果要收件
apt-get install -y dovecot-imapd dovecot-pop3d
wget http://git.io/n5yyqw -O /etc/dovecot/dovecot.conf
service dovecot reload
service dovecot restart
# POP3 110 IMAP 143 IMAPs 993 POP3s 995
netstat -lptn
apt-get install -y fail2ban ufw monit upstart
# 修改 fail2ban 配置
vi /etc/fail2ban/jail.conf
destemail = your_email@domain.com
mta= postfix
# 启动 fail2ban
/etc/init.d/fail2ban restart
# 测试 fail2ban,可以看到fail2ban
iptables -L
# 禁止所有外部对本机的访问,本机访问外部正常
ufw default deny
# 允许 ssh 登录
ufw allow 22
# ufw 启动
ufw --force enable
# 查看 ufw
ufw status
# ufw 日志
tail -f /var/log/ufw.log
# 修改 monit 配置 使用 upstart 来监控monit
wget http://git.io/vobzjQ -O /etc/monit/monitrc
vi /etc/monit/monitrc
# 修改 告警提示 email ,必要的修改mail format
set alert youremail@yourdomain.com
# 修改 monitrc 登陆的用户名admin和密码monit
allow admin:monit
/etc/init.d/monit stop && update-rc.d -f monit remove
wget http://git.io/PhqZAA -O /etc/init/monit.conf
initctl reload-configuration
start monit
stop monit
start monit
# 记住monit pid 号
netstat -lptn
killall monit
# 判断monit pid 号是否变化,即自动启动
netstat -lptn
monit summary
monit status
# 下载要监控的服务的配置文件,不必全部下载
wget http://git.io/RwPDDQ -O /etc/monit/conf.d/system.conf
wget http://git.io/pT48vQ -O /etc/monit/conf.d/nginx.conf
wget http://git.io/5roJCQ -O /etc/monit/conf.d/mysql.conf
wget http://git.io/lJgBUg -O /etc/monit/conf.d/mongodb.conf
wget http://git.io/xe5gEA -O /etc/monit/conf.d/memcached.conf
wget http://git.io/u1QIug -O /etc/monit/conf.d/redis.conf
wget http://git.io/RNKntQ -O /etc/monit/conf.d/postgresql.conf
wget http://git.io/3ljuOA -O /etc/monit/conf.d/rsyslog.conf
wget http://git.io/rcXNeg -O /etc/monit/conf.d/cron.conf
# 检查是否有语法错误
monit -t
monit reload
# 添加nginx 监控界面
wget http://git.io/QIBmDQ -O /etc/nginx/sites-enabled/monit_nginx.conf
service nginx reload
ufw allow 80
# 注意修改server_name
vi /etc/nginx/sites-enabled/monit_nginx.conf将PasswordAuthentication yes 改为 PasswordAuthentication no
禁止密码登录
将X11Forwarding yes 改为 X11Forwarding no 不用图形界面登录
将UsePAM yes 改为 UsePAM no如果账户密码是空无法通过key 登录
apt-get install -y htop