細かい物をインストール
$ sudo yum install nkf telnet logwatch
Rubyのインストール
まずは make してみる。http://www.ruby-lang.org/ja/downloads/ で、最新安定版の URL を調べる。
$ wget ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.#-p###.tar.bz2
$ tar xvf ruby-1.9.#-p###.tar.bz2
$ cd ruby-1.9.#-p###
$ ./configure
$ make
以前は、必要なライブラリが無いとエラーが出ていたが、最近は無くても configure や make はそれなりに通るようだ。
make のログを見て、必要そうなライブラリを追加でインストールして、やり直し。
$ sudo yum install readline-devel openssl-devel gdbm-devel libffi-devel $ sudo yum --enablerepo=epel install libyaml libyaml-devel $ ./configure $ make && make test $ sudo make install
gem と irb の設定。
$ sudo vi /root/.gemrc 以下の内容で新規作成。 gem: --no-ri --no-rdoc $ vi ~/.irbrc 以下の内容で新規作成。Windows用で不要な部分もあるが、使い回しているのでそのまま。 begin require "pp" require "irb/completion" # メソッド補完 require "what_methods" # what? でメソッドを調べる rescue ScriptError => e p e end IRB.conf[:SAVE_HISTORY]=1000 module Kernel def m(obj=nil) if obj.instance_of?(Fixnum) and obj > 0 k=self.class.ancestors[obj] k||=Object STDERR.puts "diff #{k}" (methods-k.instance_methods).sort elsif defined? WIN32OLE and is_a? WIN32OLE ole_methods.sort_by{|x| x.to_s} + (methods-obj.methods).sort elsif is_a? Module (methods-Module.methods).sort else (methods-obj.methods).sort end end end class String def save(filename) open(filename,"w"){|f| f.write self} end end
m メソッドは、id:otn:20091202 で書いた物の改訂版。実際には引数をつけて実行することはほとんどないなあ。
save は、文字列をちょっとファイルに書きたい場合に使うが、存在をよく忘れる。
HTTP-proxy squidのインストール
バージョンが上がって squid.conf が簡素化されてしまったので、http://www.squid-cache.org/Doc/config/ を参考にする。
ポート番号は変更して、認証を掛ける。ダイジェスト認証の場合はパスワードは平文で格納する。
$ sudo yum install squid $ sudo htpasswd -cbp /etc/squid/passwd USER PASSWORD $ sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.orig $ sudo vi /etc/squid/squid.conf 下記の修正を反映。 --- squid.conf.orig 2012-05-10 17:28:12.000000000 +0900 +++ squid.conf 2012-05-13 22:19:20.435728182 +0900 @@ -52,14 +52,23 @@ # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed -http_access allow localnet +#http_access allow localnet http_access allow localhost +auth_param digest program /usr/lib64/squid/digest_pw_auth /etc/squid/passwd +auth_param digest children 20 startup=0 idle=1 +auth_param digest realm Squid proxy-caching web server +auth_param digest nonce_garbage_interval 5 minutes +auth_param digest nonce_max_duration 30 minutes +auth_param digest nonce_max_count 50 +acl password proxy_auth REQUIRED +http_access allow password + # And finally deny all other access to this proxy http_access deny all # Squid normally listens to port 3128 -http_port 3128 +http_port xxxxxx # We recommend you to use at least the following line. hierarchy_stoplist cgi-bin ? @@ -75,3 +84,12 @@ refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 + +request_header_access X-Forwarded-For deny all +request_header_access Via deny all +request_header_access Cache-Control deny all +visible_hostname example.com +httpd_suppress_version_string on + +logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh +access_log /var/log/squid/access.log combined
ファイアーウォールで通すようにして起動。
$ sudo vi /etc/sysconfig/iptables TCPの許可の並びに下記を追加。 -A INPUT -p tcp -m state --state NEW -m tcp --dport xxxxx -j ACCEPT $ sudo sh -c "iptables-restore </etc/sysconfig/iptables" $ sudo chkconfig squid on $ sudo service squid start
http、PHP 関係のインストール
$ sudo yum install httpd php php-mbstring webalizer
Apacheの設定。
$ sudo cp -p /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.orig $ sudo vi /etc/httpd/conf/httpd.conf 下記の修正を反映。 --- httpd.conf.orig 2012-02-07 23:47:02.000000000 +0900 +++ httpd.conf 2012-05-13 20:51:45.397712646 +0900 @@ -41,7 +41,7 @@ # Don't give away too much information about all the subcomponents # we are running. Comment out this line if you don't mind remote sites # finding out what major optional modules you are running -ServerTokens OS +ServerTokens ProductOnly # # ServerRoot: The top of the directory tree under which the server's @@ -73,7 +73,7 @@ # KeepAlive: Whether or not to allow persistent connections (more than # one request per connection). Set to "Off" to deactivate. # -KeepAlive Off +KeepAlive On # # MaxKeepAliveRequests: The maximum number of requests to allow @@ -100,11 +100,11 @@ # MaxClients: maximum number of server processes allowed to start # MaxRequestsPerChild: maximum number of requests a server process serves <IfModule prefork.c> -StartServers 8 +StartServers 5 MinSpareServers 5 -MaxSpareServers 20 -ServerLimit 256 -MaxClients 256 +MaxSpareServers 10 +ServerLimit 64 +MaxClients 64 MaxRequestsPerChild 4000 </IfModule> @@ -328,14 +328,14 @@ # http://httpd.apache.org/docs/2.2/mod/core.html#options # for more information. # - Options Indexes FollowSymLinks + Options ExecCGI FollowSymLinks Includes # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # - AllowOverride None + AllowOverride All # # Controls who can get stuff from this server. @@ -399,7 +399,7 @@ # negotiated documents. The MultiViews Option can be used for the # same purpose, but it is much slower. # -DirectoryIndex index.html index.html.var +DirectoryIndex index.html index.html.var index.cgi # # AccessFileName: The name of the file to look for in each directory @@ -524,6 +524,8 @@ # (Combined Logfile Format), use the following directive: # CustomLog logs/access_log combined +RewriteLog logs/rewrite_log +RewriteLogLevel 0 # # Optionally add a line containing the server version and virtual host @@ -533,7 +535,7 @@ # Set to "EMail" to also include a mailto: link to the ServerAdmin. # Set to one of: On | Off | EMail # -ServerSignature On +ServerSignature Off # # Aliases: Add here as many aliases as you need (with no limit). The format is @@ -793,7 +795,7 @@ # To use CGI scripts outside of ScriptAliased directories: # (You will also need to add "ExecCGI" to the "Options" directive.) # -#AddHandler cgi-script .cgi +AddHandler cgi-script .cgi # # For files that include their own HTTP headers: @@ -918,24 +920,24 @@ # with the URL of http://servername/server-status # Change the ".example.com" to match your domain to enable. # -#<Location /server-status> -# SetHandler server-status -# Order deny,allow -# Deny from all -# Allow from .example.com -#</Location> +<Location /server-status> + SetHandler server-status + Order deny,allow + Deny from all + Allow from mypc +</Location> # # Allow remote server configuration reports, with the URL of # http://servername/server-info (requires that mod_info.c be loaded). # Change the ".example.com" to match your domain to enable. # -#<Location /server-info> -# SetHandler server-info -# Order deny,allow -# Deny from all -# Allow from .example.com -#</Location> +<Location /server-info> + SetHandler server-info + Order deny,allow + Deny from all + Allow from mypc +</Location> # # Proxy Server directives. Uncomment the following lines to
余計な情報の抑止。
プロセス数の削減。
CGIその他の設定。
リライトログの定義。ただしこのままではログレベルゼロなので何も出力しない。
サーバー情報を自分のPCからは参照可能に( mypc は /etc/hosts で定義)。
webalizer の設定。
これはほとんど好みの世界。
$ sudo cp -p /etc/httpd/conf.d/webalizer.conf /etc/httpd/conf.d/webalizer.conf.orig $ sudo vi /etc/httpd/conf.d/webalizer.conf 下記を追加。 Allow from mypc $ sudo cp -p /etc/webalizer.conf /etc/webalizer.conf.orig $ sudo vi /etc/webalizer.conf 下記の修正を反映。 --- webalizer.conf.orig 2004-09-09 23:20:56.000000000 +0900 +++ webalizer.conf 2012-05-14 00:04:34.375724348 +0900 @@ -109,6 +109,8 @@ PageType cgi PageType php PageType shtml +PageType rhtml +PageType txt #PageType phtml #PageType php3 #PageType pl @@ -299,16 +301,16 @@ # search strings and usernames default to 20. Tables may be disabled # by using zero (0) for the value. -#TopSites 30 +TopSites 50 #TopKSites 10 -#TopURLs 30 +TopURLs 50 #TopKURLs 10 -#TopReferrers 30 +TopReferrers 50 #TopAgents 15 #TopCountries 30 #TopEntry 10 #TopExit 10 -#TopSearch 20 +TopSearch 100 #TopUsers 20 # The All* keywords allow the display of all URL's, Sites, Referrers @@ -326,11 +328,11 @@ # pages are generated for each month, which can consume quite a lot # of disk space depending on the traffic to your site. -#AllSites no -#AllURLs no -#AllReferrers no +AllSites yes +AllURLs yes +AllReferrers yes #AllAgents no -#AllSearchStr no +AllSearchStr yes #AllUsers no # The Webalizer normally strips the string 'index.' off the end of @@ -391,6 +393,8 @@ HideURL *.png HideURL *.PNG HideURL *.ra +HideURL *.css +HideURL *.js # Hiding agents is kind of futile #HideAgent RealPlayer @@ -405,6 +409,20 @@ #GroupSite *.aol.com #GroupSite *.compuserve.com +GroupSite *.crawl.yahoo.net +HideSite *.crawl.yahoo.net +GroupSite *.googlebot.com +HideSite *.googlebot.com +GroupSite rate-limited-proxy-*.google.com +HideSite rate-limited-proxy-*.google.com +GroupSite crawl-*.naver.jp +HideSite crawl-*.naver.jp +GroupSite msnbot-*.search.msn.com +HideSite msnbot-*.search.msn.com +GroupSite aiduspider-*.crawl.baidu.com +HideSite aiduspider-*.crawl.baidu.com +GroupSite *.crawl.*.yahoo.co.jp +HideSite *.crawl.*.yahoo.co.jp #GroupReferrer yahoo.com/ Yahoo! #GroupReferrer excite.com/ Excite @@ -472,6 +490,9 @@ #IgnoreSite bad.site.net #IgnoreURL /test* +IgnoreURL /usage/* +IgnoreURL /server-info/* +IgnoreURL /server-status/* #IgnoreReferrer file:/* #IgnoreAgent RealPlayer #IgnoreUser root @@ -514,9 +535,9 @@ # engine, and the second is the URL variable used by that search engine # to define it's search terms. -SearchEngine yahoo.com p= +SearchEngine yahoo p= SearchEngine altavista.com q= -SearchEngine google.com q= +SearchEngine google q= SearchEngine eureka.com q= SearchEngine lycos.com query= SearchEngine hotbot.com MT=
php.ini の設定は、PuwkiWiki の設定時にすることにして、http を起動する。
$ sudo chkconfig httpd on
$ sudo service httpd start