WebARENA VPSクラウド(360円/月)にtt-rssを入れたメモ
digitaloceanからWebARENAに引っ越し。
変な引っかかり無くていいかんじ。
以下自分用のメモ
WebARENAの設定はマニュアル見て鍵ファイル使ってSSHログイン
ポートも変える
初期設定
yum update yum install mlocate git epel-release yum-utils rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm rpm -ivh http://ftp-srv2.kddilabs.jp/Linux/distributions/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm yum-config-manager --enable remi-php56 yum-config-manager --enable epel yum remove php php-devel php-mbstring php-pdo php-gd php-xml php-pear httpd mysql-libs mysql php-mysql php-mcrypt yum install libwebp php php-devel php-mbstring php-pdo php-gd php-xml php-pear httpd mysql mysql-server mysql-libs php-mysql php-mcrypt mod_ssl
httpd の参考 https://centossrv.com/apache.shtml
sed -i -e 's!ServerTokens OS!ServerTokens Prod!g' /etc/httpd/conf/httpd.conf sed -i -e 's!KeepAlive Off!KeepAlive On!g' /etc/httpd/conf/httpd.conf sed -i -e 's!#ServerName www.example.com:80!ServerName ●●●.jp:80!g' /etc/httpd/conf/httpd.conf sed -i -e 's!Options Indexes FollowSymLinks!Options Includes ExecCGI FollowSymLinks!g' /etc/httpd/conf/httpd.conf sed -i -e 's!AllowOverride None!AllowOverride All!g' /etc/httpd/conf/httpd.conf sed -i -e 's!DirectoryIndex index.html index.html.var!DirectoryIndex index.html index.htm index.cgi!g' /etc/httpd/conf/httpd.conf sed -i -e 's!ErrorLog logs/error_log!ErrorLog /var/log/httpd/error_log!g' /etc/httpd/conf/httpd.conf sed -i -e 's!ServerSignature On!ServerSignature Off!g' /etc/httpd/conf/httpd.conf sed -i -e 's!LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW!LanguagePriority ja en ca cs da de el eo es et fr he hr it ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW!g' /etc/httpd/conf/httpd.conf
オレオレ証明書 (あとでLet's encryptに変更するけど)
cd /etc/httpd/conf openssl genrsa -aes128 1024 > server.key Enter pass phrase:(パスフレーズ) Verifying - Enter pass phrase:(同じパスフレーズ) openssl req -new -key server.key > server.csr openssl x509 -in server.csr -days 36500 -req -signkey server.key > server.crt mv server.key server.key.bak openssl rsa -in server.key.bak > server.key sed -i -e 's!SSLCertificateFile /etc/pki/tls/certs/localhost.crt!SSLCertificateFile /etc/httpd/conf/server.crt!g' /etc/httpd/conf.d/ssl.conf sed -i -e 's!SSLCertificateKeyFile /etc/pki/tls/private/localhost.key!SSLCertificateKeyFile /etc/httpd/conf/server.key!g' /etc/httpd/conf.d/ssl.conf
tt-rssのインストール
cd /var/www/html git clone https://tt-rss.org/git/tt-rss.git tt-rss chmod -R 777 cache/images cache/upload cache/export cache/js feed-icons lock
PHPの設定 参考http://qiita.com/knife0125/items/0e1af52255e9879f9332
cp /etc/php.ini /etc/php.ini.origin sed -i -e 's!;error_log = php_errors.log!error_log = /var/log/php.log!g' /etc/php.ini sed -i -e 's!;mbstring.language = Japanese!mbstring.language = Japanese!g' /etc/php.ini sed -i -e 's!;mbstring.internal_encoding =!mbstring.internal_encoding = UTF-8!g' /etc/php.ini sed -i -e 's!;mbstring.encoding_translation = Off!mbstring.encoding_translation = Off!g' /etc/php.ini sed -i -e 's!;mbstring.http_input =!mbstring.http_input = pass!g' /etc/php.ini sed -i -e 's!;mbstring.http_output =!mbstring.http_output = pass!g' /etc/php.ini sed -i -e 's!;mbstring.detect_order = auto!mbstring.detect_order = auto!g' /etc/php.ini sed -i -e 's!expose_php = On!expose_php = Off!g' /etc/php.ini sed -i -e 's!session.hash_function = 0!session.hash_function = 1!g' /etc/php.ini sed -i -e 's!;session.entropy_length = 32!session.entropy_length = 32!g' /etc/php.ini
MYSQL 参考 http://fedorasrv.com/mysql.shtml
sed -i -e 's!symbolic-links=0!symbolic-links=0\ncharacter-set-server = utf8!g' /etc/my.cnf mysql_secure_installation mysql -u root -p create database ttrss; grant all on ttrss.* to ttrss@localhost identified by 'password'; flush privileges; service httpd start service mysqld start chkconfig httpd on chkconfig mysqld on
Let's encrypt 参考 http://qiita.com/tkykmw/items/9b6ba55bb2a6a5d90963
cd /opt/letsencrypt/ ./certbot-auto certonly --non-interactive --agree-tos --webroot -w /var/www/html -d ●●●.jp --email 【メアド】 service httpd restart sed -i -e 's!SSLCertificateFile /etc/httpd/conf/server.crt!SSLCertificateFile /etc/letsencrypt/live/●●●.jp/fullchain.pem!g' /etc/httpd/conf.d/ssl.conf sed -i -e 's!SSLCertificateKeyFile /etc/httpd/conf/server.key!SSLCertificateKeyFile /etc/letsencrypt/live/●●●.jp/privkey.pem!g' /etc/httpd/conf.d/ssl.conf
tt-rssのupdate設定
sudo -u apache crontab -e */15 * * * * /usr/bin/php /var/www/html/tt-rss/update.php --feeds --quiet