install_r45_on_ubuntu_1804l.../README.md

557 lines
17 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Ubuntu 18.04 LTS 安裝 R4.5 標準流程
## 前置作業
* Ubuntu 18.04 LTS 已安裝完畢並能遠端連線進入
* 當前帳號可以使用 sudo 指令
## 建立 rulingcom 帳號(若已是 rulingcom 帳號,前往下一步驟)
```sh
$ sudo su # 從當前帳號切換到 root
$ adduser rulingcom
$ # set the password for rulingcom
$ # fill in user information, it's ok to leave all blank
$ usermod -aG sudo rulingcom # 讓 rulingcom 可用 sudo
$ su - rulingcom
$ sudo ls -la /root # 測試 rulingcom sudo 是否可用
$ exit; exit # 第一次 exit 退回 root 帳號,第二次 exit 退回剛登入的帳號
```
## 安裝 Nginx 1.14
```sh
$ sudo apt update
$ sudo apt install nginx
$ nginx -v # 確認版本為 1.14
$ sudo systemctl status nginx # 查看 nginx 是否啟動
$ sudo systemctl restart nginx # 安全重啟 nginx若已啟動則可跳過此步驟
$ cd /etc/nginx/
$ sudo mkdir orbit_sites/
$ vim nginx.conf # add `include /etc/nginx/orbit_sites/*;` to Virtual Host Configs block
$ sudo vim orbit_sites/xxx_ooo # 建立網站 nginx 設定檔xxx 為學校縮寫ooo 為系所、單位縮寫。內容參考附註 nginx 設定檔
```
```nginx
# 此為附註 nginx 設定檔
# upstream xxx_sock {
upstream orbit_sock {
# server unix:/path/to/your/r45/tmp/unicorn.sock;
server unix:/home/rulingcom/orbit_sites/orbit/tmp/unicorn.sock;
}
server {
listen 80;
# root /path/to/your/r45/public;
root /home/rulingcom/orbit_sites/orbit/public;
# server_name your.website.address;
server_name localhost;
client_max_body_size 500m;
location / {
try_files $uri $uri/index.html $uri.html @app;
}
location @app {
proxy_redirect off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_connect_timeout 360;
# proxy_pass http://xxx_sock;
proxy_pass http://orbit_sock;
}
}
```
## 安裝 MongoDB 3.2.22
```sh
$ # 匯入 MongoDB 公鑰到套件管理系統
$ wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl1.0/libssl1.0.0_1.0.2n-1ubuntu5.3_amd64.deb #Ubuntu 20.04LTS
$ sudo dpkg -i libssl1.0.0_1.0.2n-1ubuntu5.3_amd64.deb #Ubuntu 20.04LTS
$ wget -qO - https://www.mongodb.org/static/pgp/server-3.2.asc | sudo apt-key add -
$ # 建立 list file
$ echo "deb http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
$ sudo apt-get update # 更新套件管理系統
$ # 下載並安裝 MongoDB 3.2.22
$ sudo apt-get install -y mongodb-org=3.2.22 mongodb-org-server=3.2.22 mongodb-org-shell=3.2.22 mongodb-org-mongos=3.2.22 mongodb-org-tools=3.2.22
$ mongo --version # 查看 MongoDB 版本
$ sudo systemctl status mongod # 查看 MongoDB 是否啟動
$ sudo systemctl restart mongod # 安全啟動 MongoDB若已啟動則可跳過此步驟
```
## 安裝 ImageMagick 6.9.7-4 (部份預設模組需要處理圖片,此為相依軟體)
```sh
$ sudo apt install imagemagick
$ convert -version # 檢查是否安裝成功,並確認版本
```
## 安裝 RVM (Ruby 版本和套件的管理程式)
```sh
$ sudo apt install gnupg2
$ gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
$ \curl -sSL https://get.rvm.io | bash -s stable
$ source /home/rulingcom/.rvm/scripts/rvm
# $ sudo sudo vi /etc/apt/sources.list # Ubuntu 20.04LTS add `deb http://security.ubuntu.com/ubuntu bionic-security main`
$ rvm install 2.1.2
$ rvm install 2.1.10
$ rvm --default use 2.1.10
```
## 安裝 R4.5
### 一、建立 ssh key pair
```sh
$ cd /home/rulingcom/.ssh # 如果沒有該資料夾則自行建立 `mkdir /home/rulingcom/.ssh`,接著進入 .ssh 資料夾
$ ssh-keygen # 設定 key pair name -> 設定密碼(不設定直接 enter) -> 確認密碼(不設定直接 enter)
$ cat ~/.ssh/your_key.pub # 將公鑰轉交給禾綸(注意:不是私鑰)
$ # 確認禾綸將公鑰加入 GitLab 後再接續下列指令與步驟二
$ eval "$(ssh-agent -s)"
$ ssh-add ~/.ssh/your_private_key
```
### 二、安裝 R4.5 Web App
```sh
$ git clone git@gitlab.tp.rulingcom.com:saurabh/orbit4-5.git your_site_name
$ cd your_site_name
$ vim config/mongoid.yml # 所有 orbit_4_5 換成 your_site_name, :wq 存檔離開
$ vim Gemfile # 加井字號註解掉 gem 'sassc-rails', '~>1.3.0' 並拿掉此行 #gem 'sass-rails', '~> 4.0.2' 井字號取消註解
$ $ gem install nokogiri -v 1.7.0.1 #For Ubuntu 20.04LTS
$ bundle install
$ RAILS_ENV=production bundle exec rake assets:precompile
$ bundle exec unicorn_rails -c config/unicorn.rb -D -E production
$ sudo service nginx restart
$ # Login the new create site with rulingcom account and choose “Admin Area” to complete the registration of this new created site.
```
## 開啟crontab的log(獨立顯示)
### Open the file
```sh
sudo vim /etc/rsyslog.d/50-default.conf
```
### Find the line that starts with: #cron.*
```sh
uncomment that line, save the file, and restart rsyslog:
sudo service rsyslog restart
You should now see a cron log file here: /var/log/cron.log
```
## 設定備份(以備份一週內容為例)
### 一、資料庫備份
```sh
#### 安裝postfix以避免NO MTA installed.
sudo apt-get install -y postfix
sudo service postfix start
$ sudo crontab -e
# 內容如下:
# 0 3 * * * mongodump -o /home/backup/db/`date "+\%Y\%m\%d"`_db
# 0 4 * * * rm -fr /home/backup/db/`date --date="1 week ago" "+\%Y\%m\%d"`_db
```
### 二、R4.5 網站目錄備份
```sh
# 安裝 rsnapshot如已安裝則直接編輯 /etc/rsnapshot.conf
$ sudo apt-get install rsnapshot -y
$ sudo vim /etc/rsnapshot.conf # 內容建附註 rsnapshot
$ sudo mkdir /home/backup
$ sudo mkdir /home/backup/orbit
$ sudo chmod 777 /home/backup/orbit
$ rsnapshot -t daily # 測試是否設定正確
$ sudo crontab -e # 加入下行內容後,儲存退出
# 15 4 * * * /usr/bin/rsnapshot daily
```
```txt
# 此為附註 rsnapshot
# 注意!該檔使用 tab 而非 space
# find BACKUP LEVELS /INTERVALS part
# at this part, remove every lines with `retain` and then add the line below:
retain daily 7
# find SNAPSHOT ROOT DIRECTORY part
# modify the snapshot dir path
snapshot_root /home/backup/orbit
# find BACKUP POINTS / SCRIPTS part
# add R4.5 site backup
backup /home/rulingcom localhost/
```
### 三、定期壓縮與刪除 log
```sh
$ sudo vim /etc/logrotate.d/orbit # 內容見附註 logrotate
$ sudo logrotate -d /etc/logrotate.conf # 確認系統是否有使用 /etc/logrotate.d/orbit
```
```txt
# 附註 logrotate
/home/rulingcom/*/*/log/*.log {
daily
rotate 7
compress
missingok
notifempty
create 644 rulingcom rulingcom
postrotate
[ ! -f /run/nginx.pid ] || kill -USR1 `cat /run/nginx.pid`
endscript
}
/home/rulingcom/*/*/*/log/*.log {
daily
rotate 7
compress
missingok
notifempty
create 644 rulingcom rulingcom
postrotate
[ ! -f /run/nginx.pid ] || kill -USR1 `cat /run/nginx.pid`
endscript
}
/var/log/mongodb/*.log {
daily
rotate 7
compress
missingok
notifempty
create 644 mongodb mongodb
postrotate
[ ! -f /var/lib/mongodb/mongod.lock ] || kill -SIGUSR1 `cat /var/lib/mongodb/mongod.lock`
endscript
}
```
### 四、主機開機網站自動起始
```sh
# 開機網站自動起始
$ sudo vim /etc/init.d/orbit # 內容見附註 orbit
$ sudo chmod 755 /etc/init.d/orbit
$ update-rc.d orbit defaults
$ sudo vim /etc/init.d/rc.local #內容見附註 rc.local1
$ sudo chmod 755 /etc/init.d/rc.local
$ sudo vim /etc/rc.local #內容見附註 rc.local
$ sudo chmod 755 /etc/rc.local
$ update-rc.d rc.local defaults
$ sudo systemctl start orbit
$ sudo systemctl start rc.local
#
```
```txt
# 附註 orbit
#!/bin/bash
ORBIT_USER=rulingcom
if [ -f "/home/$ORBIT_USER/.rvm/scripts/rvm" ]; then
source /home/$ORBIT_USER/.rvm/scripts/rvm
rvm use default
else
if [ "$1" != "setup" ]; then
echo ""
echo "-----------------------------------------------------"
echo "Orbit server dependencies is missing. Please run setup first."
echo "command: service orbit setup"
echo "-----------------------------------------------------"
echo ""
exit 0;
fi
fi
ORBIT_SITES=`pwd`
ORBIT_GIT=http://gitlab.tp.rulingcom.com/saurabh/orbit4-5.git
NGINX_ORBIT_SITES=/etc/nginx/orbit_sites
RAILS_ENV=production
sig () {
test -s "$ORBIT_ROOT/tmp/pids/unicorn.pid" && kill -$1 `cat $ORBIT_ROOT/tmp/pids/unicorn.pid`
}
get_orbit_root () {
if [ ! -f $NGINX_ORBIT_SITES/$1 ]; then echo "Site $1 not found" && exit 0; fi
ORBIT_ROOT=`cat $NGINX_ORBIT_SITES/$1 | grep 'root'`;
ORBIT_ROOT=${ORBIT_ROOT//"/public;"/""};
ORBIT_ROOT=${ORBIT_ROOT//"root"/""};
ORBIT_ROOT=${ORBIT_ROOT//" "/""};
if [ ! -d $ORBIT_ROOT ]; then echo "Site folder $ORBIT_ROOT not fount" && exit 0; fi
}
start_orbit () {
sig 0 $ORBIT_ROOT && echo >&2 "$ORBIT_ROOT Already running" && continue;
if [ ! -d "$ORBIT_ROOT/public/assets" ]; then
sudo su -l $ORBIT_USER -c "cd $ORBIT_ROOT && git fetch origin && git pull origin master && bundle"
sudo su -l $ORBIT_USER -c "cd $ORBIT_ROOT && bundle exec rake assets:precompile RAILS_ENV=production"
fi
echo "Starting $ORBIT_ROOT";
sudo su -l $ORBIT_USER -c "cd $ORBIT_ROOT && bundle exec unicorn_rails -D -E $RAILS_ENV -c $ORBIT_ROOT/config/unicorn.rb";
}
case $1 in
start)
if [ ! -z "$2" ]; then
get_orbit_root $2
start_orbit
else
for APP in `ls -1 $NGINX_ORBIT_SITES`; do
get_orbit_root $APP;
start_orbit;
done
fi
exit 0;
;;
stop)
while [ `whoami` != "root" ]; do
if [ ! -z "$2" ]; then
read -p "Stop Orbit $2? (y/n) " CONFIRM
else
read -p "Stop All Orbits? (y/n) " CONFIRM
fi
case "$CONFIRM" in
y|Y ) break;;
n|N ) exit 0;;
* ) echo "(y/n)";;
esac
done
if [ ! -z "$2" ]; then
get_orbit_root $2
echo "Stopping $ORBIT_ROOT"
sig QUIT
else
for APP in `ls -1 $NGINX_ORBIT_SITES`; do
get_orbit_root $APP;
echo "Stopping $ORBIT_ROOT";
sig QUIT && continue;
done
fi
exit 0;
;;
force-stop)
while true; do
if [ ! -z "$2" ]; then
read -p "Stop Orbit $2? (y/n) " CONFIRM
else
read -p "Stop All Orbits? (y/n) " CONFIRM
fi
case "$CONFIRM" in
y|Y ) break;;
n|N ) exit 0;;
* ) echo "(y/n)";;
esac
done
if [ ! -z "$2" ]; then
get_orbit_root $2
echo "Stopping $ORBIT_ROOT"
sig TERM
else
for APP in `ls -1 $NGINX_ORBIT_SITES`; do
get_orbit_root $APP;
echo "Stopping $ORBIT_ROOT";
sig TERM && continue;
done
fi
exit 0;
;;
restart|reload)
if [ ! -z "$2" ]; then
get_orbit_root $2
sig USR2 && echo "$ORBIT_ROOT reloaded OK" && exit 0
echo >&2 "Couldn't reload $ORBIT_ROOT, starting instead"
start_orbit
else
for APP in `ls -1 $NGINX_ORBIT_SITES`; do
get_orbit_root $APP;
sig USR2 && echo "$ORBIT_ROOT reloaded OK" && continue;
echo >&2 "Couldn't reload $ORBIT_ROOT, starting instead";
start_orbit;
done
fi
exit 0;
;;
create)
if [ "$0" == "/etc/init.d/orbit" ]; then
echo "Don't use service to create."
echo "Use: orbit create $2"
exit 0
fi
test -s "$NGINX_ORBIT_SITES/$2" && echo "Site $2 already exist." && exit 0
test -s "$ORBIT_SITES/$2" && echo "File $ORBIT_SITES/$2 already exist." && exit 0
while true; do
read -p "nginx server name: " SERVER_NAME
if [ ! -z "$SERVER_NAME" ]; then break; fi
done
while true; do
read -p "port number: " PORT
if [ ! -z "$PORT" ]; then break; fi
done
while true; do
read -p "database name: " DATABASE
if [ ! -z "$DATABASE" ]; then break; fi
done
echo "-----------------------------------------------------"
echo "Path: $ORBIT_SITES/$2"
echo "Database: $DATABASE"
echo http://$SERVER_NAME:$PORT
echo "-----------------------------------------------------"
while true; do
read -p "Create Orbit $2? (y/n) " CONFIRM
case "$CONFIRM" in
y|Y ) break;;
n|N ) exit 0;;
* ) echo "(y/n)";;
esac
done
cd ~
sudo wget http://installer.tp.rulingcom.com/nginx4-5.conf
sudo cp nginx4-5.conf $NGINX_ORBIT_SITES/$2
sudo rm nginx4-5.conf
sudo perl -pi -e "s/{{ORBIT}}/$2/g" $NGINX_ORBIT_SITES/$2
sudo perl -pi -e "s#{{ORBIT_SITES}}#${ORBIT_SITES}#g" $NGINX_ORBIT_SITES/$2
sudo perl -pi -e "s/{{PORT}}/$PORT/g" $NGINX_ORBIT_SITES/$2
sudo perl -pi -e "s/{{SERVER_NAME}}/$SERVER_NAME/g" $NGINX_ORBIT_SITES/$2
sudo service nginx reload
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES && git clone $ORBIT_GIT $2 && cd $2 && bundle"
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$2 && perl -pi -e \"s/orbit_4_5/$DATABASE/g\" config/mongoid.yml"
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$2 && bundle exec rake assets:precompile RAILS_ENV=production"
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$2 && bundle exec unicorn_rails -D -E $RAILS_ENV -c $ORBIT_SITES/$2/config/unicorn.rb"
sudo su -l $ORBIT_USER -c "cd $ORBIT_SITES/$2 && bundle exec rake orbit_cron:install"
echo "-----------------------------------------------------"
echo "$2 is ready"
echo "Path: $ORBIT_SITES/$2"
echo http://`ifconfig eth0 2>/dev/null|awk '/inet addr:/ {print $2}'|sed 's/addr://'`:$PORT
echo "-----------------------------------------------------"
exit 0
;;
setup)
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
sudo echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list
sudo apt-get update
sudo apt-get -y upgrade
sudo apt-get install -y nginx git-core mongodb-org imagemagick curl openssh-server nano
sudo mkdir $NGINX_ORBIT_SITES
sudo perl -pi -e "s/sites-enabled/orbit_sites/g" /etc/nginx/nginx.conf
sudo rm -r /etc/nginx/sites-*
sudo apt-get --no-install-recommends --yes install gawk g++ gcc make libc6-dev libreadline6-dev zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgdbm-dev libncurses5-dev automake libtool bison pkg-config libffi-dev
sudo su -l $ORBIT_USER -c "\curl -sSL https://get.rvm.io | bash -s stable"
sudo su -l $ORBIT_USER -c "rvm install 2.1 --default"
echo "gem: --no-ri --no-rdoc" > /home/$ORBIT_USER/.gemrc
source /home/$ORBIT_USER/.rvm/scripts/rvm
echo ""
echo "-----------------------------------------------------"
echo "System is ready. You can start creating Orbit servers."
echo "command: orbit create Orbit_Folder_Name"
echo "-----------------------------------------------------"
echo ""
exit 0
;;
*)
echo >&2 "Usage $0 <start|stop|restart|force-stop|create|setup>"
exit 1
;;
esac
```
```txt
# 附註 rc.local1
#! /bin/sh
### BEGIN INIT INFO
# Provides: rc.local
# Required-Start: $all
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop:
# Short-Description: Run /etc/rc.local if it exist
### END INIT INFO
PATH=/sbin:/usr/sbin:/bin:/usr/bin
. /lib/init/vars.sh
. /lib/lsb/init-functions
do_start() {
if [ -x /etc/rc.local ]; then
[ "$VERBOSE" != no ] && log_begin_msg "Running local boot scripts (/etc/rc.local)"
/etc/rc.local
ES=$?
[ "$VERBOSE" != no ] && log_end_msg $ES
return $ES
fi
}
case "$1" in
start)
do_start
;;
restart|reload|force-reload)
echo "Error: argument '$1' not supported" >&2
exit 3
;;
stop)
;;
*)
echo "Usage: $0 start|stop" >&2
exit 3
;;
esac
```
```txt
# 附註 rc.local
#! /bin/sh
sudo mongod --config /etc/mongod.conf &
exit 0
```
```
### 五、網路設定
```sh
# 開機網站自動起始
$ sudo vim /etc/netplan/50-cloud-init.yaml # 內容見附註 50-cloud-init.yaml 18.04開始設定改這
#
```
```txt
# 50-cloud-init.yaml
# 本範例有兩塊網卡第一塊是DHCP第二塊是固定IP
# 其中因為子網路遮罩為255.255.255.0 ,所以是 /24
# This file is generated from information provided by the datasource. Changes
# to it will not persist across an instance reboot. To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
ethernets:
enp0s29u1u1u5:
dhcp4: true
enp6s0:
addresses:
- 192.168.1.142/24
gateway4: 192.168.1.1
nameservers:
addresses:
- 8.8.8.8
search:
- rulingcom.com
version: 2