WebARENA VPSクラウド(360円/月)にtt-rssを入れたメモ

computer


digitaloceanからWebARENAに引っ越し。
変な引っかかり無くていいかんじ。


以下自分用のメモ
WebARENAの設定はマニュアル見て鍵ファイル使ってSSHログイン
ポートも変える


初期設定

yum update
yum install mlocate git epel-release yum-utils
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -ivh http://ftp-srv2.kddilabs.jp/Linux/distributions/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm

yum-config-manager --enable remi-php56
yum-config-manager --enable epel

yum remove php php-devel php-mbstring php-pdo php-gd php-xml php-pear httpd mysql-libs mysql php-mysql php-mcrypt
yum install libwebp php php-devel php-mbstring php-pdo php-gd php-xml php-pear httpd mysql mysql-server mysql-libs php-mysql php-mcrypt mod_ssl


httpd の参考 https://centossrv.com/apache.shtml

sed -i -e 's!ServerTokens OS!ServerTokens Prod!g' /etc/httpd/conf/httpd.conf
sed -i -e 's!KeepAlive Off!KeepAlive On!g' /etc/httpd/conf/httpd.conf
sed -i -e 's!#ServerName www.example.com:80!ServerName ●●●.jp:80!g' /etc/httpd/conf/httpd.conf
sed -i -e 's!Options Indexes FollowSymLinks!Options Includes ExecCGI FollowSymLinks!g' /etc/httpd/conf/httpd.conf
sed -i -e 's!AllowOverride None!AllowOverride All!g' /etc/httpd/conf/httpd.conf
sed -i -e 's!DirectoryIndex index.html index.html.var!DirectoryIndex index.html index.htm index.cgi!g' /etc/httpd/conf/httpd.conf
sed -i -e 's!ErrorLog logs/error_log!ErrorLog /var/log/httpd/error_log!g' /etc/httpd/conf/httpd.conf
sed -i -e 's!ServerSignature On!ServerSignature Off!g' /etc/httpd/conf/httpd.conf
sed -i -e 's!LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW!LanguagePriority ja en ca cs da de el eo es et fr he hr it ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW!g' /etc/httpd/conf/httpd.conf

オレオレ証明書 (あとでLet's encryptに変更するけど)

cd /etc/httpd/conf
openssl genrsa -aes128 1024 > server.key
   Enter pass phrase:(パスフレーズ)
   Verifying - Enter pass phrase:(同じパスフレーズ)

openssl req -new -key server.key > server.csr

openssl x509 -in server.csr -days 36500 -req -signkey server.key > server.crt

mv server.key server.key.bak

openssl rsa -in server.key.bak > server.key


sed -i -e 's!SSLCertificateFile /etc/pki/tls/certs/localhost.crt!SSLCertificateFile /etc/httpd/conf/server.crt!g' /etc/httpd/conf.d/ssl.conf
sed -i -e 's!SSLCertificateKeyFile /etc/pki/tls/private/localhost.key!SSLCertificateKeyFile /etc/httpd/conf/server.key!g' /etc/httpd/conf.d/ssl.conf

tt-rssのインストール

cd /var/www/html
git clone https://tt-rss.org/git/tt-rss.git tt-rss

chmod -R 777 cache/images cache/upload cache/export cache/js feed-icons lock

PHPの設定 参考http://qiita.com/knife0125/items/0e1af52255e9879f9332

cp /etc/php.ini /etc/php.ini.origin

sed -i -e 's!;error_log = php_errors.log!error_log = /var/log/php.log!g' /etc/php.ini
sed -i -e 's!;mbstring.language = Japanese!mbstring.language = Japanese!g' /etc/php.ini
sed -i -e 's!;mbstring.internal_encoding =!mbstring.internal_encoding = UTF-8!g' /etc/php.ini
sed -i -e 's!;mbstring.encoding_translation = Off!mbstring.encoding_translation = Off!g' /etc/php.ini
sed -i -e 's!;mbstring.http_input =!mbstring.http_input = pass!g' /etc/php.ini
sed -i -e 's!;mbstring.http_output =!mbstring.http_output = pass!g' /etc/php.ini
sed -i -e 's!;mbstring.detect_order = auto!mbstring.detect_order = auto!g' /etc/php.ini
sed -i -e 's!expose_php = On!expose_php = Off!g' /etc/php.ini
sed -i -e 's!session.hash_function = 0!session.hash_function = 1!g' /etc/php.ini
sed -i -e 's!;session.entropy_length = 32!session.entropy_length = 32!g' /etc/php.ini

MYSQL 参考 http://fedorasrv.com/mysql.shtml

sed -i -e 's!symbolic-links=0!symbolic-links=0\ncharacter-set-server = utf8!g' /etc/my.cnf

mysql_secure_installation

mysql -u root -p
create database ttrss;
grant all on ttrss.* to ttrss@localhost identified by 'password';
flush privileges;

service httpd start
service mysqld start

chkconfig httpd on
chkconfig mysqld on

Let's encrypt 参考 http://qiita.com/tkykmw/items/9b6ba55bb2a6a5d90963

cd /opt/letsencrypt/

./certbot-auto certonly --non-interactive --agree-tos --webroot -w /var/www/html -d ●●●.jp --email 【メアド】      

service httpd restart     

sed -i -e 's!SSLCertificateFile /etc/httpd/conf/server.crt!SSLCertificateFile /etc/letsencrypt/live/●●●.jp/fullchain.pem!g' /etc/httpd/conf.d/ssl.conf
sed -i -e 's!SSLCertificateKeyFile /etc/httpd/conf/server.key!SSLCertificateKeyFile /etc/letsencrypt/live/●●●.jp/privkey.pem!g' /etc/httpd/conf.d/ssl.conf

tt-rssのupdate設定

sudo -u apache crontab -e
 */15 * * * * /usr/bin/php /var/www/html/tt-rss/update.php --feeds --quiet