4-Laboratoriya topshirig’i Mavzu: iscsi ni o’rnatish va sozlash. Lamp server. Ishdan maqsad
/iscsi/iqn.20...w.initiator01> exit
Download 432.26 Kb.
|
linux 4
- Bu sahifa navigatsiya:
- LISTEN 0 256 0.0.0.0:3260 0.0.0.0:* root@dlp: systemctl enable rtslib-fb-targetctl
Apache, MySQL, PHP (LAMP) Stack-ni Ubuntu-ga qanday o'rnatish kerak 20.04 / 20.10 Ushbu qo'llanmada biz Ubuntu Server 20.04 / 20.10 da LAMP Stack (Apache, MySQL, PHP) o'rnatamiz va veb-serverni sozlaymiz. 1. Apache O'rnatish Ubuntu 20.04 / 20.10 da LAMP Stack-ning birinchi komponenti Apache. Paket ro'yxatlarini yangilash va Apache-ni o'rnatish bilan boshlang. Davom etish so'ralganda y va ENTER tugmalarini bosing. sudo apt update && sudo apt install apache2 O'rnatish bir necha daqiqa davom etishi mumkin. O'rnatilgandan so'ng, Ubuntu 20.04 / 20.10 da xavfsizlik devorini sozlash uchun 2-bosqichga o'ting. 2. Configure Firewall Ubuntu 20.04 / 20.10 da LAMP Stack-ga qo'shimcha xavfsizlik ta'minlaydigan xavfsizlik devorini sozlash tavsiya etiladi. Biz SSH uchun xavfsizlik devori qoidasini qo'shishni boshlaymiz, chunki agar siz serveringizni masofadan sozlayotgan bo'lsangiz, xavfsizlik devorini yoqishda qulflanib qolishni xohlamaysiz. Siz buni Ubuntu 20.04 / 20.10 qo'llanmasiga Dastlabki server sozlamalarida qilgan bo'lishingiz mumkin, ammo ehtimol uni yana qo'shib qo'yish zarar qilmaydi. Agar qoida allaqachon mavjud bo'lsa, buyruq shunchaki uni o'tkazib yuboradi. sudo ufw allow OpenSSH Agar sizda "XATO: openSSH ga mos keladigan profil topilishi mumkin" degan xato bo'lsa, bu siz serverni masofadan sozlamaganligingizni va unga e'tibor bermasligingizni anglatishi mumkin. Endi biz Apache uchun xavfsizlik devori qoidalarini qo'shishimiz mumkin. sudo ufw allow in "Apache Full" Agar u allaqachon bo'lmasa, xavfsizlik devorini yoqing. sudo ufw enable Agar "Buyruq mavjud ssh ulanishlarini buzishi mumkin" degan xabarni ko'rsangiz y tugmasini bosing. Agar xavfsizlik devori to'g'ri yoqilgan bo'lsa, siz "Firewall is active and enabled on system startup - xavfsizlik devori tizimni ishga tushirishda faol va yoqilgan" ni ko'rishingiz kerak. Siz shuningdek xavfsizlik devori holatini quyidagicha tekshirishingiz mumkin: sudo ufw status Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere Apache Full ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6) Apache Full (v6) ALLOW Anywhere (v6) Yuqorida biz xavfsizlik devori faolligini ko'rayapmiz va har bir xizmat uchun ikkita qoidaga ega. v6 IPv6 uchun qisqa. 3. Test Apache Apache Ubuntu 20.04 / 20.10 da to'g'ri o'rnatilganligini bilish uchun biz xizmatning amaldagi holatini tekshirib ko'rishimiz mumkin. sudo service apache2 status Agar u ishlayotgan bo'lsa, siz yashil faol holatni ko'rishingiz kerak. ● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/apache2.service.d └─apache2-systemd.conf Active: active (running) since Sat 2020-03-31 08:44:04 CEST; 15min ago Main PID: 5727 (apache2) Tasks: 55 (limit: 4915) CGroup: /system.slice/apache2.service ├─5727 /usr/sbin/apache2 -k start ├─5728 /usr/sbin/apache2 -k start └─5729 /usr/sbin/apache2 -k start Mar 31 08:44:04 ubuntu2004 systemd[1]: Starting The Apache HTTP Server... Mar 31 08:44:04 ubuntu2004 apachectl[5675]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Mar 31 08:44:04 ubuntu2004 systemd[1]: Started The Apache HTTP Server. Agar siz to'liq malakali domen nomi haqida yuqoridagi xatoga duch kelsangiz, uni e'tiborsiz qoldirishingiz mumkin. SSH mijozidan foydalansangiz, server holatidan chiqish uchun q tugmachasini bosishingiz kerak bo'lishi mumkin. Endi Apache xizmati ishga tushganligi sababli, siz sinovdan o'tgan Apache veb-sahifasini veb-brauzeringiz orqali ko'rishingiz kerak. Serveringizning IP-manzilini manzil satriga kiriting va ENTER tugmasini bosing. Agar siz IP-ni bilmasangiz, buni quyidagi buyruq bilan bilib olishingiz mumkin. ip addr show enp1s0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//' Hammasi tayyor! Ushbu Apache standart sahifasini / var / www / html papkasida topishingiz mumkin. Ushbu faylni tahrirlash uchun: sudo nano /var/www/html/index.html Nano matn muharriridan chiqish uchun CTRL + X tugmalarini bosing. Agar sizda domen nomi bo'lsa, uni qo'shimcha konfiguratsiyasiz serveringizning IP-manziliga yo'naltirishingiz mumkin va Apache ushbu standart sahifani yuklashi kerak. Ammo, agar siz serveringizda bir nechta domenlarni joylashtirmoqchi bo'lsangiz yoki Let’s Encrypt bilan SSL sertifikatlarini o'rnatmoqchi bo'lsangiz, ushbu qo'llanmaning oxirida 8-qadamda virtual xostni o'rnatishingiz kerak. 4. Install MySQL Ubuntu 20.04 / 20.10 da LAMP Stack-ning keyingi komponenti MySQL-dir. Omborlarni yangilash va MySQL paketini o'rnatish bilan boshlang. O'rnatish kerak bo'lsa, y va ENTER tugmachalarini bosing. sudo apt update && sudo apt install mysql-server Paket o'rnatuvchisi tugagandan so'ng, biz MySQL xizmatining ishlayotganligini tekshirib ko'rishimiz mumkin. sudo service mysql status sudo systemctl status mysql Ishlayotgan bo'lsa, quyida ko'rsatilgan yashil faol holatini ko'rasiz. ● mysql.service - MySQL Community Server Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2020-04-02 02:40:59 CEST; 2min 47s ago Main PID: 18476 (mysqld) Status: "Server is operational" Tasks: 27 (limit: 4915) CGroup: /system.slice/mysql.service └─18476 /usr/sbin/mysqld Apr 02 02:40:59 ubuntu2004 systemd[1]: Starting MySQL Community Server... Apr 02 02:40:59 ubuntu2004 systemd[1]: Started MySQL Community Server. Agar SSH mijozidan foydalansangiz, xizmat holatidan chiqish uchun q tugmachasini bosishingiz kerak bo'lishi mumkin. 5. Configure MySQL Security Endi Ubuntu 20.04 / 20.10 da MySQL-serveringiz uchun xavfsizlikni sozlash uchun mysql_secure_installation dasturini ishga tushirishingiz kerak. sudo mysql_secure_installation 5.1. Validate Password Component (Optional) Parolni tasdiqlash plaginini o'rnatishni xohlaysizmi, sizdan so'raladi. Agar biron sababga ko'ra qat'iy parol siyosatini amalga oshirishni xohlamasangiz, bu aslida zarur emas. Securing the MySQL server deployment. Connecting to MySQL using a blank password. VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD component? Press y|Y for Yes, any other key for No: Parol plaginini tasdiqlashni xohlamasangiz, ENTER tugmasini bosing. 5.2. Create Root Password Agar siz MySQL uchun hali parol yaratmagan bo'lsangiz, uni hozir yaratishingiz kerak. Please set the password for root here. New password: Re-enter new password:
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Anonim foydalanuvchilarni olib tashlash uchun y va ENTER tugmalarini bosing. 5.4. Masofaviy Root ga kirishni o'chirib qo'ying Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Masofadan root kirish huquqini berish uchun y va ENTER tugmalarini bosing. 5.5. Test Database ni o’chirish. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Sinov ma'lumotlar bazasini olib tashlash uchun y va ENTER tugmalarini bosing. 5.6. Privilege Tables larni qayta yuklash. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Imtiyozli jadvallarni qayta yuklash uchun y va ENTER tugmalarini bosing. All done! 5.7. MySQL Service ni testlash. Ubuntu 20.04 / 20.10 da LAMP Stack-ning MySQL komponentisi tayyor. Uning to'g'ri ishlashini ta'minlash uchun MySQL-serverga kirishingiz kerak. Ushbu buyruqni sudo sifatida ishlatganingiz uchun, u MySQL-ga root hisob qaydnomasi yordamida avtomatik ravishda MySQL-ga kiradi. Agar sizdan parol so'ralsa, MySQL emas, Linux hisob qaydnomangiz parolini kiriting. sudo mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 15 Server version: 8.0.19-0ubuntu5 (Ubuntu) Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
Agar PHP to'g'ri o'rnatilgan bo'lsa, quyida shunga o'xshash narsani ko'rishingiz kerak: PHP 7.4.3 (cli) (built: Mar 26 2020 20:24:23) ( NTS ) Copyright (c) The PHP Group Zend Engine v3.4.0, Copyright (c) Zend Technologies with Zend OPcache v7.4.3, Copyright (c), by Zend Technologies 7.2. Apache uchun PHP ni testlash. Keling, PHP-ni Apache uchun sinovdan o'tkazamiz. Hujjat ildiz katalogida info.php deb nomlangan yangi fayl yarating. sudo nano /var/www/html/info.php Nano muharriri ochilgach, quyidagi PHP kodini kiriting. /var/www/html/info.php phpinfo(); Saqlash va chiqish (CTRL + X tugmachalarini bosing, Y tugmachasini bosing va keyin ENTER tugmachasini bosing) Endi ushbu faylni http: //your_ip/info.php yoki http://example.com/info.php sahifalariga kirib brauzerga yuklashimiz mumkin. Agar siz IP-ni bilmasangiz, quyidagilarni bilib olishingiz mumkin: ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//' Quyida PHP ma'lumot sahifasi to'g'ri ishlashini ko'rishimiz mumkin. PHP to'g'ri ishlashini tasdiqlaganingizdan so'ng, info.php-ni o'chirib tashlashingiz kerak, chunki unda xakerlar uchun foydali bo'lishi mumkin bo'lgan ma'lumotlar mavjud. sudo rm /var/www/html/info.php Eslatma: Agar siz WordPress yoki shunga o'xshash 2 MB dan katta fayllarni yuklashni rejalashtirmoqchi bo'lsangiz, PHP konfiguratsiya faylini o'zgartirishingiz va yuklashning maksimal hajmini belgilashingiz kerak bo'ladi. Qarang: PHP / Apache: maksimal fayl yuklanishi va xabar hajmini o'rnating. Ubuntu 20.04 / 20.10-dagi LAMP stackingiz tugallandi! Agar siz virtual xostlarni o'rnatmoqchi bo'lsangiz yoki Apache uchun qo'shimcha konfiguratsiyani o'rnatmoqchi bo'lsangiz, o'qing. 8. Virtual xostni sozlash (ixtiyoriy) Agar siz Ubuntu 20.04 / 20.10 LAMP serveringizda bir nechta domenlarni joylashtirmoqchi bo'lsangiz yoki Let's Encrypt bilan SSL sertifikatlarini o'rnatmoqchi bo'lsangiz, virtual xostni o'rnatishingiz kerak bo'ladi. Agar sizda domen nomingiz bo'lmasa, uning o'rniga Ubuntu 20.04 / 20.10 serveringiz IP manziliga domenni hal qilish uchun operatsion tizimingizni (Linux/Mac/Windows) aldashingiz mumkin. Bu haqda ko'proq ma'lumot 8.4-bo'limda. quyida. 8.1. Katalog va index.html yarating Domeningiz uchun /var/www/ da yangi katalog yarating. Faqat mydomain.com saytini o'zingizniki bilan almashtiring. sudo mkdir -p /var/www/mydomain.com/public_html index.html faylni yarating. sudo nano /var/www/mydomain.com/public_html/index.html Quyidagi kodni kiriting: /var/www/mydomain.com/public_html/index.html Welcome to mydomain.com!Download 432.26 Kb. Do'stlaringiz bilan baham: |
ma'muriyatiga murojaat qiling