本项目是小型的springboot项目, 整合了docker, ssl证书, nginx, RabbitMQ等功能
zsh
- 解决GitHub的raw.githubusercontent.com无法连接问题
vi /etc/hosts
将下面的host添加进去
# GitHub Start
52.74.223.119 github.com
192.30.253.119 gist.github.com
54.169.195.247 api.github.com
185.199.111.153 assets-cdn.github.com
151.101.76.133 raw.githubusercontent.com
151.101.108.133 user-images.githubusercontent.com
151.101.76.133 gist.githubusercontent.com
151.101.76.133 cloud.githubusercontent.com
151.101.76.133 camo.githubusercontent.com
151.101.76.133 avatars0.githubusercontent.com
151.101.76.133 avatars1.githubusercontent.com
151.101.76.133 avatars2.githubusercontent.com
151.101.76.133 avatars3.githubusercontent.com
151.101.76.133 avatars4.githubusercontent.com
151.101.76.133 avatars5.githubusercontent.com
151.101.76.133 avatars6.githubusercontent.com
151.101.76.133 avatars7.githubusercontent.com
151.101.76.133 avatars8.githubusercontent.com
# GitHub End
- 安装
// 安装zsh
yum -y install zsh
// 切换bash为zsh
chsh -s /bin/zsh
// 查看当前使用的sehll
echo $SHELL
// 如果显示的还是/bin/bash, 重新连接就行
- 安装oh-my-zsh, 并更换主题和安装插件
参考
zsh!oh-my-zsh! 好看的主题和插件以及我的.zshrc
iTerm2+oh-my-zsh 之 隐藏用户名信息
// oh-my-zsh源码是放在github上的,所以先要安装git
yum -y install git
// 安装oh-my-zsh
wget https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh -O - | sh
// 安装 zsh-autosuggestions 自动补全插件
git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions
// 安装 zsh-syntax-highlighting 语法高亮插件
git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
vim ~/.zshrc
找到ZSH_THEME="robbyrussell", 修改为ZSH_THEME="agnoster"
找到plugins=()修改为
plugins=(
git
pip
sudo
last-working-dir
zsh-autosuggestions
zsh-syntax-highlighting
)
// 隐藏用户名信息
vim ~/.oh-my-zsh/themes/agnoster.zsh-theme
prompt_segment black default "%(!.%{%F{yellow}%}.)%n@%m"-----将该行 注释( prompt 前面 加 " # " ) 即可
docker
参考
centos下安装docker以及docker-composer
- 安装
yum install docker-ce -y
// 开机自启
systemctl enable docker
// 启动docker
systemctl start docker
// 安装 mysql
docker pull mysql
docker run --name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=xxxxxx -e TZ=Asia/Shanghai --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --default-time_zone='+8:00' --restart=always mysql
// 如果mysql刚开始没有设置时区, 可以执行下面命令
docker cp /usr/share/zoneinfo/Asia/Shanghai 容器ID:/etc/localtime
// 如果开始时没有设置开机自启动. 可以执行下面语句
docker container update --restart=always 容器ID
// 如果出现group by语法错误, 可以使用下面的语句临时处理
set global sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION';
set session sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION';
// 安装redis
docker pull redis
docker run -itd --name redis -p 6379:6379 --restart=always redis
nginx
// 安装
yum install nginx
// 开机自启动
systemctl enable nginx
// 启动
systemctl start nginx
ssl证书
参考
certbot官网
https://learnku.com/articles/19999
// 更新python-urllib3和python-requests依赖
pip uninstall requests
pip uninstall urllib3
yum remove python-urllib3
yum remove python-requests
yum install python-urllib3 -y
yum install python-requests -y
// 安装certbot和nginx配置
yum install certbot python2-certbot-nginx -y
- 在执行下面的命令之前先配置好nginx
- /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
- /etc/nginx/conf.d/api.conf
server {
server_name xxx.yourdomain.cn;
location /aslk/ {
proxy_pass http://localhost:8080/;
if ($request_method = 'OPTIONS') {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE, OPTIONS';
add_header Access-Control-Allow-Headers 'token,authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
return 204;
}
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
// 执行命令, 这样, 它会去改你的nginx配置文件, 找到server_name为xxx.yourdomain.cn的配置文件然后修改
certbot --nginx -d xxx.yourdomain.cn
// 查看你的api.conf, 他应该已经被修改为https的类型了
cat /etc/nginx/conf.d/api.conf
// 因为现在的lets encrypt证书在ios上打开很慢, 网上说是有一个域名被墙, 所以要开启OCSP Stapling, 在你的nginx配置里加上这个就行了
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=60s ipv6=off;
resolver_timeout 5s;
// 定时刷新证书
echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew -q" | sudo tee -a /etc/crontab > /dev/null
安装JDK:
// 有一些软件只认:/usr/java/default
rpm -i jdk-8u181-linux-x64.rpm
// 设置环境变量
vi /etc/profile
export JAVA_HOME=/usr/java/default
export PATH=$PATH:$JAVA_HOME/bin
// 使环境变量立即生效
source /etc/profile
alibaba cloud toolkit
具体使用链接
common编写
restart-springboot.sh
source /etc/profile
ps -fe|grep yourPorjectName |grep -v grep
if [ $? -ne 0 ]
then
nohup java -Xmx512M -jar /root/web-project/yourPorjectName/yourPorjectName.jar > yourPorjectName.jar.log 2>&1 &
else
kill -9 `ps -aux | grep yourPorjectName | awk '{print $2}'`
nohup java -Xmx512M -jar /root/web-project/yourPorjectName/yourPorjectName.jar > yourPorjectName.jar.log 2>&1 &
fi
nacos
安装包下载https://github.com/alibaba/nacos/releases
下载后解压到你想装的目录, 如装到/home/pi/nacos/nacos
修改conf/application.yml
#*************** Config Module Related Configurations ***************#
### If user MySQL as datasource:
spring.datasource.platform=mysql
### Count of DB:
db.num=1
### Connect URL of DB:
db.url.0=jdbc:mysql://localhost:3306/nacos_config?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true
db.user=user
db.password=password
### If enable spring security, this option is deprecated in 1.2.0:
spring.security.enabled=false
### If turn on auth system:
nacos.core.auth.enabled=true
安装nacos并配置开机启动
编写开机启动文件
vim /lib/systemd/system/nacos.service
文件内容如下(注意里面的脚本路径是你们自己的安装路径, -m standalone表示作为单机启动,不加的话表示集群启动)
[Unit]
Description=nacos
After=network.target
[Service]
Type=forking
ExecStart=/home/pi/nacos/nacos/bin/startup.sh -m standalone
ExecReload=/home/pi/nacos/nacos/bin/shutdown.sh
ExecStop=/home/pi/nacos/nacos/bin/shutdown.sh
PrivateTmp=true
[Install]
WantedBy=multi-user.target
设置开机启动
# 先进行文件生效配置
systemctl daemon-reload
# 设置为开机启动
systemctl enable nacos.service
# 启动nacos服务
systemctl start nacos.service
systemctl stop nacos.service
RabbitMQ
这里采用的都是rpm进行安装
erlang Rabbit推荐下载地址
rabbitmq官网下载地址
rabbitmq华为镜像下载地址
yum -y install socat
rpm -i erlang-22.3.4.2-1.el7.x86_64.rpm
rpm -i rabbitmq-server-3.8.3-1.el7.noarch.rpm
# 启动rabbitmq
systemctl start rabbitmq-server.service
# 设置开机自启
systemctl enable rabbitmq-server.service
# 启用web管理界面
rabbitmq-plugins enable rabbitmq_management
# guest用户只能用于localhost访问
# 添加新用户及授权
rabbitmqctl add_user admin admin
rabbitmqctl set_user_tags admin administrator
rabbitmqctl set_permissions -p / admin '.*' '.*' '.*'
rabbitmqctl list_permissions
# 访问ip:15672即可进入管理界面(记得阿里云开放端口)
插件管理:
插件列表: rabbitmq-plugins list
启动插件: rabbitmq-plugins enable XXX (XXX为插件名)
停用插件: rabbitmq-plugins disable XXX
用户管理:
添加用户: rabbitmqctl add_user username password
删除用户: rabbitmqctl delete_user username
修改密码: rabbitmqctl change_password username newpassword
设置用户角色: rabbitmqctl set_user_tags username tag
列出用户: rabbitmqctl list_users
权限管理:
列出所有用户权限: rabbitmqctl list_permissions
查看制定用户权限: rabbitmqctl list_user_permissions username
清除用户权限: rabbitmqctl clear_permissions [-p vhostpath] username
设置用户权限: rabbitmqctl set_permissions [-p vhostpath] username conf write read
conf: 一个正则匹配哪些资源能被该用户访问
write:一个正则匹配哪些资源能被该用户写入
read:一个正则匹配哪些资源能被该用户读取
这些都是参考了网上的现有材料, 我只是根据我们的生产环境进行了一次整合, 不适用所有人的需求