Apache, NGINX, Tomcat, PHP 설치 - signsys/signsys.github.io GitHub Wiki
참조: https://nginx.org/en/linux_packages.html#Ubuntu
사전설치
sudo apt -y install curl gnupg2 ca-certificates lsb-release ubuntu-keyring policycoreutils-python-utils
nginx signing key 설치
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
nginx용 apt repository 설정(안정화 버전)
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx
설치
sudo apt update
sudo apt -y install nginx
sudo systemctl enable nginx
sudo systemctl start nginx
sudo systemctl status nginx
참고: https://nginx.org/en/linux_packages.html#RHEL
참고: https://docs.mattermost.com/install/install-rhel-7.html#installing-nginx-server
nginx.repo 파일 생성
$ sudo yum install -y yum-utils policycoreutils-python-utils
$ sudo touch /etc/yum.repos.d/nginx.repo
$ sudo vi /etc/yum.repos.d/nginx.repo
--> 내용추가
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
설치
$ sudo yum install -y nginx
$ sudo systemctl start nginx
$ sudo systemctl enable nginx
$ curl http://localhost
에러: nginx: [emerg] chown("/var/cache/nginx", 998) failed (13: permission denied)
$ sudo chown -R nginx:nginx /var/cache/nginx
에러: nginx에서 특정포트 (예를 들어 8989) 포트를 신규로 추가할때 13: Permission denied
$ sudo semanage port -a -t http_port_t -p tcp 8989
에러: 502 Bad Gateway
$ sudo setsebool -P httpd_can_network_connect true
설치
$ sudo apt update
$ sudo apt upgrade
$ sudo apt -y install apache2 libapache2-mod-jk
Listen Port 설정
$ sudo cp /etc/apache2/ports.conf /etc/apache2/ports.conf.20240422
$ sudo nano /etc/apache2/ports.conf
charset.conf 설정
$ sudo cp /etc/apache2/conf-available/charset.conf /etc/apache2/conf-available/charset.conf.20240422
$ sudo nano /etc/apache2/conf-available/charset.conf
--> 내용 변경
AddDefaultCharset UTF-8
security.conf 설정
$ sudo cp /etc/apache2/conf-available/security.conf /etc/apache2/conf-available/security.conf.20240422
$ sudo nano /etc/apache2/conf-available/security.conf
--> 내용 변경
ServerTokens Prod
ServerSignature Off
Virtual Host 설정
$ sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/001-tomcat.conf
$ sudo nano /etc/apache2/sites-available/001-tomcat.conf
$ sudo a2ensite 001-tomcat
SSL 설정
$ sudo a2enmod ssl
$ sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/001-tomcat-ssl.conf
$ sudo nano /etc/apache2/sites-available/001-tomcat-ssl.conf
$ sudo a2ensite 001-tomcat-ssl
workers.properties 설정
$ sudo a2enmod jk
$ sudo cp /etc/libapache2-mod-jk/workers.properties /etc/libapache2-mod-jk/workers.properties.20240422
$ sudo nano /etc/libapache2-mod-jk/workers.properties
설치
$ sudo dnf -y install wget tar net-tools
$ sudo dnf -y install httpd mod_ssl mod_jk policycoreutils-python-utils
mod_jk.conf 설정
$ sudo cp /etc/httpd/conf.d/mod_jk.conf.sample /etc/httpd/conf.d/mod_jk.conf
workers.properties 설정
$ sudo cp /etc/httpd/conf.d/workers.properties.sample /etc/httpd/conf.d/workers.properties
$ sudo vi /etc/httpd/conf.d/workers.properties
ssl.conf 설정
$ sudo cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.20240502
$ sudo vi /etc/httpd/conf.d/ssl.conf
http.conf 설정
$ sudo cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.20240502
$ sudo vi /etc/httpd/conf/httpd.conf
SELinux 허용 포트 추가
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:8989
$ sudo semanage port -a -p tcp -t http_port_t 8989
Tomcat Connector 연결 권한
$ sudo chcon -u system_u -r object_r -t httpd_modules_t /etc/httpd/modules/mod_jk.so
SELinux 설정
$ sudo setsebool -P httpd_can_network_connect=1
사전설치
# yum -y install wget net-tools
# yum -y install gcc make gcc-c++ pcre-devel expat-devel openssl-devel
다운로드 및 압축풀기
# cd /usr/local/src/
# wget https://github.com/PCRE2Project/pcre2/releases/download/pcre2-10.44/pcre2-10.44.tar.gz
# wget https://downloads.apache.org/httpd/httpd-2.4.62.tar.gz
# wget https://downloads.apache.org/apr/apr-1.7.4.tar.gz
# wget https://downloads.apache.org/apr/apr-util-1.6.3.tar.gz
# tar zxvf pcre2-10.44.tar.gz
# tar zxvf httpd-2.4.62.tar.gz
# tar zxvf apr-1.7.4.tar.gz
# tar zxvf apr-util-1.6.3.tar.gz
apr 설치
# cd /usr/local/src/apr-1.7.4/
# ./configure --prefix=/usr/local/src/apr-1.7.4
# make && make install
apr-util 설치
# cd /usr/local/src/apr-util-1.6.3/
# ./configure --prefix=/usr/local/src/apr-util-1.6.3 --with-apr=/usr/local/src/apr-1.7.4
# make && make install
pcre 설치
# cd /usr/local/src/pcre2-10.44/
# ./configure --prefix=/usr/local/src/apr-util-1.6.3 --with-apr=/usr/local/src/apr-1.7.4
# make && make install
httpd 설치
# cd /usr/local/src/httpd-2.4.62/
# ./configure --prefix=/usr/local/apache2 --enable-mods-shared=all --enable-so --enable-rewrite --enable-proxy --enable-proxy-ajp --enable-proxy-balaner --enable-proxy-http --enable-proxy-connect --enable-ssl --with-apr=/usr/local/src/apr-1.7.4 --with-apr-util=/usr/local/src/apr-util-1.6.3
# make && make install
서비스 등록
# vi /usr/lib/systemd/system/httpd.service
--> 내용 추가
[Unit]
Description=The Apache HTTP Server
[Service]
Type=forking
PIDFile=/usr/local/apache2/logs/httpd.pid
ExecStart=/usr/local/apache2/bin/apachectl start
ExecReload=/usr/local/apache2/bin/apachectl graceful
ExecStop=/usr/local/apache2/bin/apachectl stop
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
서비스 등록
# systemctl daemon-reload
# systemctl enable httpd --> 상태
# systemctl start httpd --> 시작
# systemctl stop httpd --> 정지
# systemctl status httpd --> 상태
보안설정
# cp /usr/local/apache2/conf/httpd.conf /usr/local/apache2/conf/httpd.conf.20210108
# vi /usr/local/apache2/conf/httpd.conf
--> 내용 추가
ServerTokens OS --> HTTP 헤더에 OS, 아파치 버전 정보를 숨김
ServerSignature On --> 404 페이지에서 OS, 아파치 버전 정보를 숨김
AddDefaultCharset UTF-8 --> Charset 설정
httpd 재기동
# systemctl restart httpd
참고: https://tomcat.apache.org/connectors-doc/
참고: https://bamdule.tistory.com/130
사전설치
# yum install -y autoconf libtool perl
# vi /usr/local/apache2/bin/apxs
-->내용변경
경로변경 전 #!/replace/with/path/to/perl/interpreter -w
경로변경 후 #!/usr/bin/perl -w
다운로드
# cd /usr/local/src/
# wget https://mirror.navercorp.com/apache/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.49-src.tar.gz
# tar zxvf tomcat-connectors-1.2.49-src.tar.gz
설치
# cd /usr/local/src/tomcat-connectors-1.2.49-src/native
# ./buildconf.sh
# ./configure --with-apxs=/usr/local/apache2/bin/apxs
# make && make install
다운로드: https://tomcat.apache.org/download-10.cgi
선행작업: OpenJDK 17 설치
OpenJDK 17 설치
$ sudo apt update
$ sudo apt -y install openjdk-17-jdk
$ sudo update-alternatives --config java
$ java -version
환경변수 JAVA_HOME 설정
$ sudo vi /etc/environment
--> 내용 추가
JAVA_HOME="/usr/lib/jvm/java-17-openjdk-amd64"
환경변수 적용
$ source /etc/environment
$ echo $JAVA_HOME
방화벽 확인
$ sudo ufw status
Tomcat 다운로드
$ sudo apt -y install net-tools wget tar
$ cd ~
$ wget https://archive.apache.org/dist/tomcat/tomcat-10/v10.1.33/bin/apache-tomcat-10.1.33.tar.gz
Tomcat 압축해제/이동/링크
$ tar zxvf apache-tomcat-10.1.33.tar.gz
$ mv apache-tomcat-10.1.33 tomcat_site_fo
$ tar zxvf apache-tomcat-10.1.33.tar.gz
$ mv apache-tomcat-10.1.33 tomcat_site_bo
server.xml 수정 - fo
$ cp ~/tomcat_site_fo/conf/server.xml ~/tomcat_site_fo/conf/server.xml.20241111
$ vi ~/tomcat_site_fo/conf/server.xml
--> 전체 내용 변경
<?xml version="1.0" encoding="UTF-8"?>
<Server port="11005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina_site_fo">
<Connector port="11080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="11443" />
<Connector port="11009" protocol="AJP/1.3"
address="0.0.0.0"
URIEncoding="UTF-8"
secretRequired="false"
redirectPort="11443" />
<Engine name="Catalina_site_fo" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
server.xml 수정 - bo
$ cp ~/tomcat_site_bo/conf/server.xml ~/tomcat_site_bo/conf/server.xml.20241111
$ vi ~/tomcat_site_bo/conf/server.xml
--> 전체 내용 변경
<?xml version="1.0" encoding="UTF-8"?>
<Server port="12005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina_site_bo">
<Connector port="12080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="12443" />
<Connector port="12009" protocol="AJP/1.3"
address="0.0.0.0"
URIEncoding="UTF-8"
secretRequired="false"
redirectPort="12443" />
<Engine name="Catalina_site_bo" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
어플리케이션 생성 - fo
$ cd ~/tomcat_site_fo/webapps
$ mv ROOT ROOT.bak
$ mkdir -p ./ROOT/WEB-INF
$ cd ROOT
$ cat << EOF | tee index.jsp
Tomcat Site - fo
EOF
$ cd WEB-INF/
$ cat << EOF | tee web.xml
<web-app/>
EOF
어플리케이션 생성 - bo
$ cd ~/tomcat_site_bo/webapps
$ mv ROOT ROOT.bak
$ mkdir -p ./ROOT/WEB-INF
$ cd ROOT
$ cat << EOF | tee index.jsp
Tomcat Site - bo
EOF
$ cd WEB-INF/
$ cat << EOF | tee web.xml
<web-app/>
EOF
다운로드: https://tomcat.apache.org/download-90.cgi
선행작업: OpenJDK 1.8 설치
OpenJDK 설치
$ sudo yum -y install java-1.8.0-openjdk-devel.x86_64
JAVA_HOME 설정
$ sudo vi /etc/profile
--> 내용추가
export JAVA_HOME=$(readlink -f /usr/bin/javac | sed "s:/bin/javac::")
환경변수 적용
$ source /etc/profile
방화벽 포트 오픈
$ sudo firewall-cmd --zone=public --permanent --add-port=11080/tcp
$ sudo firewall-cmd --zone=public --permanent --add-port=11009/tcp
$ sudo firewall-cmd --zone=public --permanent --add-port=12080/tcp
$ sudo firewall-cmd --zone=public --permanent --add-port=12009/tcp
$ sudo firewall-cmd --reload
$ sudo firewall-cmd --list-all
Tomcat 다운로드
$ sudo yum install -y net-tools wget tar
$ cd ~
$ wget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.99/bin/apache-tomcat-9.0.99.tar.gz
Tomcat 압축해제/이동/링크
$ tar zxvf apache-tomcat-9.0.99.tar.gz
$ mv apache-tomcat-9.0.99 tomcat_site_fo
$ tar zxvf apache-tomcat-9.0.99.tar.gz
$ mv apache-tomcat-9.0.99 tomcat_site_bo
server.xml 수정 - fo
$ cp ~/tomcat_site_fo/conf/server.xml ~/tomcat_site_fo/conf/server.xml.20250516
$ vi ~/tomcat_site_fo/conf/server.xml
--> 전체 내용 변경
<?xml version="1.0" encoding="UTF-8"?>
<Server port="11005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina_site_fo">
<Connector port="11080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="11443" />
<Connector port="11009" protocol="AJP/1.3"
address="0.0.0.0"
URIEncoding="UTF-8"
secretRequired="false"
redirectPort="11443" />
<Engine name="Catalina_site_fo" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
server.xml 수정 - bo
$ cp ~/tomcat_site_bo/conf/server.xml ~/tomcat_site_bo/conf/server.xml.20250516
$ vi ~/tomcat_site_bo/conf/server.xml
--> 전체 내용 변경
<?xml version="1.0" encoding="UTF-8"?>
<Server port="12005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina_site_bo">
<Connector port="12080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="12443" />
<Connector port="12009" protocol="AJP/1.3"
address="0.0.0.0"
URIEncoding="UTF-8"
secretRequired="false"
redirectPort="12443" />
<Engine name="Catalina_site_bo" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
어플리케이션 생성 - fo
$ cd ~/tomcat_site_fo/webapps
$ mv ROOT ROOT.bak
$ mkdir -p ./ROOT/WEB-INF
$ cd ROOT
$ cat << EOF | tee index.jsp
Tomcat Site - fo
EOF
$ cd WEB-INF/
$ cat << EOF | tee web.xml
<web-app/>
EOF
어플리케이션 생성 - bo
$ cd ~/tomcat_site_bo/webapps
$ mv ROOT ROOT.bak
$ mkdir -p ./ROOT/WEB-INF
$ cd ROOT
$ cat << EOF | tee index.jsp
Tomcat Site - bo
EOF
$ cd WEB-INF/
$ cat << EOF | tee web.xml
<web-app/>
EOF
다운로드: https://tomcat.apache.org/download-90.cgi
선행작업: OpenJDK 1.8 설치
.
Tomcat 다운로드
$ sudo yum install -y net-tools
$ sudo yum install -y wget
$ mkdir ~/Downloads
$ cd ~/Downloads
$ wget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.62/bin/apache-tomcat-9.0.62.tar.gz
Tomcat 압축해제/이동/링크
$ tar zxvf apache-tomcat-9.0.62.tar.gz
$ sudo mkdir /usr/local/tomcat
$ sudo mv ./apache-tomcat-9.0.62 /usr/local/tomcat/
$ sudo ln -s /usr/local/tomcat/apache-tomcat-9.0.62 /usr/local/tomcat/latest
CATALINA_BASE 복사
$ cd ~/
$ mkdir tomcat_site_fo
$ cd tomcat_site_fo
$ sudo cp -r /usr/local/tomcat/latest/conf ./
$ sudo cp -r /usr/local/tomcat/latest/logs ./
$ sudo cp -r /usr/local/tomcat/latest/temp ./
$ sudo cp -r /usr/local/tomcat/latest/webapps ./
$ sudo cp -r /usr/local/tomcat/latest/work ./
$ cd ~/
$ sudo chown -R name: ~/tomcat_site_fo
$ cp -r tomcat_site_fo tomcat_site_bo
server.xml 수정 - fo
$ vi ~/tomcat_site_fo/conf/server.xml
--> 전체 내용 변경
<?xml version="1.0" encoding="UTF-8"?>
<Server port="11005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina_site_fo">
<Connector port="11080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="11443" />
<Connector port="11009" protocol="AJP/1.3"
address="0.0.0.0"
URIEncoding="UTF-8"
secretRequired="false"
redirectPort="11443" />
<Engine name="Catalina_site_fo" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
<Context docBase="www" path="/" reloadable="true" />
</Host>
</Engine>
</Service>
</Server>
server.xml 수정 - bo
$ vi ~/tomcat_site_bo/conf/server.xml
--> 전체 내용 변경
<?xml version="1.0" encoding="UTF-8"?>
<Server port="12005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina_site_bo">
<Connector port="12080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="12443" />
<Connector port="12009" protocol="AJP/1.3"
address="0.0.0.0"
URIEncoding="UTF-8"
secretRequired="false"
redirectPort="12443" />
<Engine name="Catalina_site_bo" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
어플리케이션 생성 - fo
$ cd ~/tomcat_site_fo/webapps
$ mkdir -p ./www/WEB-INF
$ cd www
$ cat > index.jsp
Tomcat - fo
^C
$ cd WEB-INF/
$ cat > web.xml
<web-app/>
^C
어플리케이션 생성 - bo
$ cd ~/tomcat_site_bo/webapps
$ mkdir -p ./cms/WEB-INF
$ cd cms
$ cat > index.jsp
Tomcat - bo
^C
$ cd WEB-INF/
$ cat > web.xml
<web-app/>
^C
systemd unit file 생성 - fo
$ sudo vi /etc/systemd/system/tomcat_site_fo.service
--> 내용 추가
[Unit]
Description=Apache Tomcat 9 - tomcat_site_fo
After=syslog.target network.target
[Service]
Type=forking
Environment="JAVA_HOME=/usr/lib/jvm/jre"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_HOME=/usr/local/tomcat/latest"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
Environment="CATALINA_BASE=/home/name/tomcat_site_fo"
Environment="CATALINA_PID=/usr/local/tomcat/latest/temp/tomcat_site_fo.pid"
ExecStart=/usr/local/tomcat/latest/bin/startup.sh
ExecStop=/usr/local/tomcat/latest/bin/shutdown.sh
User=root
Group=root
UMask=0007
RestartSec=10
[Install]
WantedBy=multi-user.target
systemd unit file 생성 - bo
$ sudo vi /etc/systemd/system/tomcat_site_bo.service
--> 내용 추가
[Unit]
Description=Apache Tomcat 9 - tomcat_site_bo
After=syslog.target network.target
[Service]
Type=forking
Environment="JAVA_HOME=/usr/lib/jvm/jre"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_HOME=/usr/local/tomcat/latest"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
Environment="CATALINA_BASE=/home/name/tomcat_site_bo"
Environment="CATALINA_PID=/usr/local/tomcat/latest/temp/tomcat_site_bo.pid"
ExecStart=/usr/local/tomcat/latest/bin/startup.sh
ExecStop=/usr/local/tomcat/latest/bin/shutdown.sh
User=root
Group=root
UMask=0007
RestartSec=10
[Install]
WantedBy=multi-user.target
방화벽 포트 오픈
$ sudo firewall-cmd --zone=public --permanent --add-port=11080/tcp
$ sudo firewall-cmd --zone=public --permanent --add-port=11009/tcp
$ sudo firewall-cmd --zone=public --permanent --add-port=12080/tcp
$ sudo firewall-cmd --zone=public --permanent --add-port=12009/tcp
$ sudo firewall-cmd --reload
서비스 등록
$ sudo systemctl daemon-reload
$ sudo systemctl start tomcat_site_fo --> 시작
$ sudo systemctl start tomcat_site_bo --> 시작
Tomcat Manager 사용자 등록
$ sudo vi /usr/local/tomcat/latest/conf/tomcat-users.xml
--> 내용 수정 (username/password 수정 필수)
<tomcat-users>
<!--
Comments
-->
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="admin_password" roles="admin-gui,manager-gui"/>
</tomcat-users>
manager 접속 IP 제한 해제
$ sudo vi /usr/local/tomcat/latest/webapps/manager/META-INF/context.xml
--> 내용 수정
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
host-manager 접속 IP 제한 해제
$ sudo vi /usr/local/tomcat/latest/webapps/host-manager/META-INF/context.xml
--> 내용 수정
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
방화벽 포트 오픈
$ sudo firewall-cmd --zone=public --permanent --add-port=8080/tcp
$ sudo firewall-cmd --reload
참고: https://wookoa.tistory.com/102
애플리케이션 생성 - fo
> cd C:\apache-tomcat-8.5.66-fo\webapps
> mkdir -p .\www\WEB-INF
> cd www
> copy con index.jsp
Tomcat - fo
^Z
> cd WEB-INF
> copy con web.xml
<web-app/>
^Z
애플리케이션 생성 - bo
> cd C:\apache-tomcat-8.5.66-bo\webapps
> mkdir -p .\cms\WEB-INF
> cd cms
> copy con index.jsp
Tomcat - bo
^Z
> cd WEB-INF
> copy con web.xml
<web-app/>
^Z
서비스 설치
> cd C:\apache-tomcat-8.5.66-fo\bin
> service.bat install Tomcat8SiteFo
> cd C:\apache-tomcat-8.5.66-bo\bin
> service.bat install Tomcat8SiteBo
$ sudo vi /etc/yum.repos.d/nginx.repo
--> 내용추가
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
NGINX 설치
$ sudo yum install -y yum-utils
$ sudo yum-config-manager --enable nginx-mainline --> 1.19 설치를 위해 mainline 선택
$ sudo yum install -y nginx
CentOS7 에서 Yum 으로 설치한 Apache 의 경우에는 설정하는데 카테고리별로 디렉토리를 분리를 해놨다.
- 모듈 로딩 설정 디렉토리: /etc/httpd/conf.modules.d
- 모듈별 설정 디렉토리: /etc/httpd/conf.d
mod_jk 로딩
# vi /etc/httpd/conf.modules.d/00-jk.conf -> 아래 줄 추가
LoadModule jk_module modules/mod_jk.so
env.sh의 JAVA_HOME 확인
설치 명령
$ sudo firewall-cmd --zone=public --permanent --add-service=http
$ sudo firewall-cmd --zone=public --permanent --add-service=https
$ sudo firewall-cmd --reload
$ sudo firewall-cmd --list-all
$ sudo yum install -y yum-utils
$ sudo yum install -y httpd
$ sudo systemctl start httpd
$ sudo systemctl enable httpd
$ sudo yum install -y epel-release
$ sudo yum install -y https://rpms.remirepo.net/enterprise/remi-release-7.rpm
$ sudo yum-config-manager --enable remi-php53
$ sudo yum install -y php
$ php -v