编译安装httpd服务

编译安装httpd服务

文章目录

  • 编译安装httpd服务
  • 编译安装httpd
  • 配置三种不同的虚拟主机
  • 配置httpd步骤
  • 一、编译安装httpd
  • 二、配置三种不同的虚拟主机
    • 1.相同ip 不同端口号
    • 不同IP相同端口
    • 3.相同ip不同域名
    • 配置httpd步骤

编译安装httpd

配置三种不同的虚拟主机

配置httpd步骤

一、编译安装httpd

编译安装apache需要三个源代码
httpd依赖于apr-1.4+,apr-util-1.4+,[apr-icon]

apr:apache portable runtime
准备工作

[root@bogon ~]# yum groups mark install "Development Tools"
[root@bogon ~]# useradd -r -M -s /sbin/nologin acache
[root@bogon ~]# id acache
uid=993(acache) gid=990(acache)=990(acache)
[root@bogon ~]#  yum -y install openssl-devel pcre-devel expat-devel libtool

下载源码包并解压安装
源码包地址:https://downloads.apache.org/

//wget 命令下载
[root@bogon ~]# wget https://downloads.apache.org/httpd/httpd-2.4.53.tar.gz
[root@bogon ~]# wget https://downloads.apache.org/apr/apr-1.7.0.tar.gz
[root@bogon ~]# wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz
//解压
[root@bogon ~]# tar -xf apr-1.7.0.tar.gz 
[root@bogon ~]# tar -xf apr-util-1.6.1.tar.gz 
[root@bogon ~]# tar -xf httpd-2.4.53.tar.gz 

安装apr源码包

[root@bogon ~]# cd apr-1.7.0/
[root@bogon apr-1.7.0]# ./configure --prefix=/usr/local/apr
[root@bogon apr-1.7.0]# make
[root@bogon apr-1.7.0]# make install

安装apr-util源码包

[root@bogon ~]# cd apr-util-1.6.1
[root@bogon apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/
[root@bogon apr-util-1.6.1]# make
[root@bogon apr-util-1.6.1]# make install

安装httpd源码包

[root@bogon httpd-2.4.53]# ./configure --prefix=/usr/local/apache \
> --enable-so \
> --enable-ssl \
> --enable-cgi \
> --enable-rewrite \
> --with-zlib \
> --with-pcre \
> --with-apr=/usr/local/apr \
> --with-apr-util=/usr/local/apr-util/ \
> --enable-modules=most \
> --enable-mpms-shared=all \
> --with-mpm=prefork
[root@bogon httpd-2.4.53]# make
[root@bogon httpd-2.4.53]# make install

设置环境变量

[root@bogon ~]# ls /usr/local/
apache  apr  apr-util  bin  etc  games  include  lib  lib64  libexec  sbin  share  src
[root@bogon ~]# cd /usr/local/apache/
[root@bogon apache]# ls
bin  build  cgi-bin  conf  error  htdocs  icons  include  logs  man  manual  modules
//创造环境变量后httpd和apachectl命令
[root@bogon apache]# cd
[root@bogon ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/apache.sh
[root@bogon ~]# source /etc/profile.d/apache.sh 
[root@bogon ~]# which httpd
/usr/local/apache/bin/httpd
[root@bogon ~]# which apachectl
/usr/local/apache/bin/apachectl

配置映射关系

[root@bogon ~]# ls /usr/local//apache/
bin  build  cgi-bin  conf  error  htdocs  icons  include  logs  man  manual  modules
[root@bogon ~]# ln -s /usr/local/apache//include/ /usr/include/apache

配置man文档

[root@bogon ~]# vim /etc/man_db.conf //添加下面一条
MANDATORY_MANPATH                       /usr/local/share/apache

配置防火墙

[root@bogon ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@bogon ~]# setenforce 0  //关闭selinux 当前生效状态
[root@bogon ~]# getenforce 
Permissive
[root@bogon ~]# vim /etc/selinux/config //该设置为永久关闭
SELINUX=disabled //将配置文件的SELINUX修改为disabled
// 查看端口号80是否开启
[root@bogon ~]# ss -antl
State        Recv-Q        Send-Q               Local Address:Port               Peer Address:Port       
LISTEN       0             128                        0.0.0.0:22                      0.0.0.0:*          
LISTEN       0             128                           [::]:22                         [::]:*         
[root@bogon ~]# apachectl start //开启80端口
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
[root@bogon ~]# ss -antl //再次查看80端口已经开启
State        Recv-Q        Send-Q               Local Address:Port               Peer Address:Port       
LISTEN       0             128                        0.0.0.0:22                      0.0.0.0:*          
LISTEN       0             128                              *:80                            *:*          
LISTEN       0             128                           [::]:22                         [::]:*          
[root@bogon ~]# 

访问虚拟主机ip地址

编译安装httpd服务_第1张图片在执行命令时会出现的报错

[root@bogon ~]# cd /usr/local/apache/
[root@bogon apache]# cd conf/
[root@bogon conf]# ls
extra  httpd.conf  magic  mime.types  origina
[root@bogon conf]# vim httpd.conf 
#ServerName www.example.com:80
[root@bogon conf]# apachectl start
[root@bogon conf]# ss -antl
State        Recv-Q        Send-Q               Local Address:Port               Peer Address:Port       
LISTEN       0             128                        0.0.0.0:22                      0.0.0.0:*          
LISTEN       0             128                              *:80                            *:*          
LISTEN       0             128                           [::]:22                         [::]:*        

加粗样式

[root@bogon ~]# cd /usr/lib/systemd/system
[root@bogon system]# ls sshd.service 
sshd.service
[root@bogon system]# cp sshd.service httpd.service
[root@bogon system]# vim httpd.service 
[root@bogon system]# cat httpd.service 
[Unit]
Description=hhttpd server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target sshd-keygen.target
Wants=sshd-keygen.target

[Service]
Type=notify
EnvironmentFile=-/etc/crypto-policies/back-ends/opensshserver.config
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s

[Install]
WantedBy=multi-user.target
[root@bogon system]# vim httpd.service 
[root@bogon system]# cat httpd.service 
[Unit]
Description=httpd server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target sshd-keygen.target
Wants=sshd-keygen.target

[Service]
Type=forking
EnvironmentFile=-/etc/crypto-policies/back-ends/opensshserver.config
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s

[Install]
WantedBy=multi-user.target
[root@bogon system]# systemctl daemon-reload
[root@bogon system]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
     Docs: man:sshd(8)
           man:sshd_config(5)
[root@bogon system]# systemctl start httpd
Job for httpd.service failed because the control process exited with error code.
See "systemctl status httpd.service" and "journalctl -xe" for details.
[root@bogon system]# vim httpd.service 
[root@bogon system]# systemctl daemon-reload
[root@bogon system]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: activating (auto-restart) (Result: exit-code) since Sun 2022-04-17 17:11:26 CST; 27s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 39374 (code=exited, status=255)
    Tasks: 0 (limit: 23790)
   Memory: 0B
   CGroup: /system.slice/httpd.service

417 17:11:26 bogon systemd[1]: httpd.service: Main process exited, code=exited, status=255/n/a
417 17:11:26 bogon systemd[1]: httpd.service: Failed with result 'exit-code'.
417 17:11:26 bogon systemd[1]: Failed to start httpd server daemon.
[root@bogon system]# systemctl start httpd
[root@bogon system]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@bogon system]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2022-04-17 17:12:19 CST; 8min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 39411 (httpd)
    Tasks: 6 (limit: 23790)
   Memory: 4.5M
   CGroup: /system.slice/httpd.service
           ├─39411 /usr/local/apache/bin/httpd -k start
           ├─39412 /usr/local/apache/bin/httpd -k start
           ├─39413 /usr/local/apache/bin/httpd -k start
           ├─39414 /usr/local/apache/bin/httpd -k start
           ├─39415 /usr/local/apache/bin/httpd -k start
           └─39416 /usr/local/apache/bin/httpd -k start

417 17:12:19 bogon systemd[1]: Starting httpd server daemon...
417 17:12:19 bogon systemd[1]: Started httpd server daemon.

二、配置三种不同的虚拟主机

虚拟主机可以使一个服务器放多个网站
虚拟主机有三类:

  • 相同IP不同端口
  • 不同IP相同端口
  • 相同IP相同端口不同域名

1.相同ip 不同端口号

[root@bogon ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 
[root@bogon ~]# vim /usr/local/apache/conf/httpd.conf 
[root@bogon ~]# systemctl restart httpd
[root@bogon ~]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2022-04-17 18:04:03 CST; 38s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 39483 ExecStop=/usr/local/apache/bin/apachectl stop (code=exited, status=0/SUCCESS)
  Process: 39487 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=0/SUCCESS)
 Main PID: 39491 (httpd)
    Tasks: 6 (limit: 23790)
   Memory: 4.6M
   CGroup: /system.slice/httpd.service
           ├─39491 /usr/local/apache/bin/httpd -k start
           ├─39492 /usr/local/apache/bin/httpd -k start
           ├─39493 /usr/local/apache/bin/httpd -k start
           ├─39494 /usr/local/apache/bin/httpd -k start
           ├─39495 /usr/local/apache/bin/httpd -k start
           └─39496 /usr/local/apache/bin/httpd -k start

417 18:04:03 bogon systemd[1]: Stopped httpd server daemon.
417 18:04:03 bogon systemd[1]: Starting httpd server daemon...
417 18:04:03 bogon systemd[1]: Started httpd server daemon.
//添加和删改相应配置
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com" 
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test-host.example.com-access_log" common
</VirtualHost>
//删除或注释掉
Include conf/extra/httpd-vhosts.conf
[root@bogon ~]# ls /usr/local/apache/
bin  build  cgi-bin  conf  error  htdocs  icons  include  logs  man  manual  modules
[root@bogon ~]# cd /usr/local/apache/htdocs/
[root@bogon htdocs]# ls
index.html
[root@bogon htdocs]# mkdir test.example.com
[root@bogon htdocs]# ls
index.html  test.example.com
[root@bogon htdocs]# cd test.example.com/
[root@bogon test.example.com]# ls
[root@bogon test.example.com]# cd
[root@bogon ~]# cd /usr/local/apache/htdocs/
[root@bogon htdocs]# ls
index.html  test.example.com
[root@bogon htdocs]# mkdir blog.example.com
[root@bogon htdocs]# ls
blog.example.com  index.html  test.example.com
[root@bogon htdocs]# cd /usr/local/apache/htdocs/
[root@bogon htdocs]# cd
[root@bogon ~]# cd test.example.com/
-bash: cd: test.example.com/: 没有那个文件或目录
[root@bogon ~]# cd /usr/local/apache/htdocs/
[root@bogon htdocs]# cd test.example.com/
[root@bogon test.example.com]# ls
[root@bogon test.example.com]# echo "xixicc" > abc.html
[root@bogon test.example.com]# ls
abc.html
[root@bogon test.example.com]# mv abc.html index.html //解决网站目录
[root@bogon test.example.com]# ls
index.html

编译安装httpd服务_第2张图片编译安装httpd服务_第3张图片

[root@bogon ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test-host.example.com-access_log" common
</VirtualHost>
Listen 81 //开启监听81端口号
<VirtualHost *:81>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test-host.example.com-access_log" common
</VirtualHost>
[root@bogon ~]# systemctl restart httpd
[root@bogon ~]# systemctl status httpd
[root@bogon ~]# ss -antl
State        Recv-Q        Send-Q               Local Address:Port               Peer Address:Port       
LISTEN       0             128                        0.0.0.0:22                      0.0.0.0:*          
LISTEN       0             128                              *:80                            *:*          
LISTEN       0             128                              *:81                            *:*          
LISTEN       0             128                           [::]:22                         [::]:*         

编译安装httpd服务_第4张图片

不同IP相同端口

[root@bogon ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost 192.168.146.128:80> //添加IP地址
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test-host.example.com-access_log" common
</VirtualHost>
<VirtualHost 192.168.146.129:80> //添加ip地址
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test-host.example.com-access_log" common
</VirtualHost>

[root@bogon ~]# ip addr add 192.168.146.129/24 dev ens160
[root@bogon ~]# ip a s ens160
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:be:32:84 brd ff:ff:ff:ff:ff:ff
    inet 192.168.146.128/24 brd 192.168.146.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet 192.168.146.129/24 scope global secondary ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:febe:3284/64 scope link 
       valid_lft forever preferred_lft forever

编译安装httpd服务_第5张图片编译安装httpd服务_第6张图片

3.相同ip不同域名

[root@bogon ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 

<VirtualHost *:80> //添加*
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test-host.example.com-access_log" common
</VirtualHost>
<VirtualHost *:80> //添加*
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName web.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test-host.example.com-access_log" common
</VirtualHost>

编译安装httpd服务_第7张图片编译安装httpd服务_第8张图片

配置httpd步骤

配置httpd.conf,取消以下内容注释

[root@localhost ~]# vim httpd.conf
LoadModule ssl_module modules/mod_ssl.so

生成证书

[root@localhost ~]# cd /etc/pki/
[root@localhost pki]# mkdir CA
[root@localhost pki]# cd CA/
[root@localhost CA]# mkdir private
[root@localhost CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)   //在private目录下生成私钥文件
Generating RSA private key, 2048 bit long modulus (2 primes)
.....................+++++
...............................................+++++
e is 65537 (0x010001)
[root@localhost CA]# ls private/
cakey.pem
[root@localhost CA]# openssl rsa -in private/cakey.pem -pubout   //查看公钥 可不做

CA生成签署证书

[root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365  //生成一个证书 有效日期为365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN  //国家
State or Province Name (full name) []:HB   //省份
Locality Name (eg, city) [Default City]:WH  //市
Organization Name (eg, company) [Default Company Ltd]:kurumi   //公司
Organizational Unit Name (eg, section) []:kurumi  //单位
Common Name (eg, your name or your server's hostname) []:web.example.com  //域名
Email Address []:[email protected]  //邮箱

[root@localhost CA]# mkdir certs newcerts crl
[root@localhost CA]# touch index.txt && echo 01 > serial

客户端生成密钥

[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# ls
extra  httpd.conf  magic  mime.types  original
[root@localhost conf]# mkdir ssl
[root@localhost conf]# cd ssl/
[root@localhost ssl]# (umask 077;openssl genrsa -out httpd.key 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
.............................................................................+++++
..........................+++++
e is 65537 (0x010001)

客户端生成证书签署请求

[root@localhost ssl]# openssl req -new -key httpd.key -days 365 -out httpd.csr
Ignoring -days; not generating a certificate
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN    
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:kurumi
Organizational Unit Name (eg, section) []:kurumi
Common Name (eg, your name or your server's hostname) []:web.example.com
Email Address []:[email protected]

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@localhost ssl]# ls
httpd.csr  httpd.key

CA签署客户端提交证书

[root@localhost ssl]# openssl ca -in httpd.csr -out httpd.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 1 (0x1)
        Validity
            Not Before: Apr 15 13:58:39 2022 GMT
            Not After : Apr 15 13:58:39 2023 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = HB
            organizationName          = kurumi
            organizationalUnitName    = kurumi
            commonName                = web.example.com
            emailAddress              = 1@123.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                8F:D1:86:60:47:6A:E9:20:B8:97:90:8C:32:1C:54:8E:7F:B4:4F:11
            X509v3 Authority Key Identifier: 
                keyid:40:1B:42:0B:EF:88:2B:F5:BA:76:17:9B:C5:48:60:1C:82:B5:D7:83

Certificate is to be certified until Apr 15 13:58:39 2023 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
[root@localhost ssl]# ls
httpd.crt  httpd.csr  httpd.key

检查配置文件是否有语法上的错误
模块未打开

[root@localhost conf]# httpd -t
AH00526: Syntax error on line 92 of /usr/local/apache/conf/extra/httpd-ssl.conf:
SSLSessionCache: 'shmcb' session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).
[root@localhost conf]# vim extra/httpd-ssl.conf 

[root@localhost conf]# vim /usr/local/apache/conf/httpd.conf   //修改配置文件
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so  //将此行注释取消 让其启动
[root@localhost conf]# httpd -t  //再次检测成功
AH00112: Warning: DocumentRoot [/usr/local/apache/web.example.com] does not exist
Syntax OK


启动或重启服务

[root@localhost conf]# systemctl restart httpd
[root@localhost conf]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                        *:80                      *:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       
LISTEN    0         128                        *:443                     *:*       //重启后端口有了443

此时可以查看
编译安装httpd服务_第9张图片

你可能感兴趣的:(linux,运维)