猫猫手札
一、依赖环境安装
#系统使用debian 10或CentOS 7版本,高于此版本php超过7将不适配网页传输。
安装 JAVA 服务
# Debian
$ apt-get install default-jre default-jdk
# CentOS 7
$ sudo yum install java
$ sudo yum install java-devel
安装 MySQL 服务
# 安装 MySQL
# 树莓派 & Debian
$ sudo apt-get install default-mysql-server
# CentOS 7
$ wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm
$ yum -y install mysql-community-server
$ systemctl start mysqld.service
### 安装 `OpenSSL` 服务
# 下载 OpenSSL
$ wget https://www.openssl.org/source/openssl-1.0.2q.tar.gz
# 解压
$ tar xzvf openssl-1.0.2q.tar.gz
# 编译安装
$ cd openssl-1.0.2q
$ ./config --prefix=/opt/openssl-1.0.2 --openssldir=/etc/ssl shared enable-weak-ssl-ciphers enable-ssl3 enable-ssl3-method enable-ssl2 -Wl,-rpath=/opt/openssl-1.0.2/lib # 配置
$ make # 编译
$ make install # 安装
# 测试密钥
$ openssl ciphers -V 'ALL' | grep 0x13
0xC0,0x13 - ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1
0x00,0x13 - EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
安装 Apache 2 服务
# 安装依赖包
$ sudo apt update
$ sudo apt install libpcre3 libpcre3-dev libexpat1 libexpat1-dev libxml2 libxml2-dev libxslt1-dev libxslt1.1
# centos7 需要依赖包 pcre zlib
$ yum -y install pcre pcre-devel zlib zlib-devel
# 注:CentOS 7 不要用 yum install httpd 安装 apache2
# 否则会与编译安装的方式冲突
# 下载 Apache 2, Apache Apr, Apache apr-util
$ wget https://mirrors.tuna.tsinghua.edu.cn/apache//httpd/httpd-2.4.48.tar.gz
$ wget http://ftp.unicamp.br/pub/apache//apr/apr-1.7.0.tar.gz
$ wget http://ftp.unicamp.br/pub/apache//apr/apr-util-1.6.1.tar.gz
# 解压 Apache 2, Apache Apr, Apache apr-util
# 将解压后的 Apache Apr, Apache apr-util 放入 ./httpd-2.4.48/srclib 目录下
$ tar zxvf httpd-2.4.48.tar.gz
$ tar zxvf apr-1.7.0.tar.gz
$ tar zxvf apr-util-1.6.1.tar.gz
# 进入 Apache 2 下的 srclib 目录
# 建立软链接
$ ln -s apr-1.7.0 apr
$ ln -s apr-util-1.6.1 apr-util
# 回到 ./httpd-2.4.48 目录下
# 配置安装
$ sudo ./configure --prefix=/opt/apache --with-included-apr --with-ssl=/opt/openssl-1.0.2 --enable-ssl
# 编译安装
$ sudo make
$ sudo make install
# 打开 /opt/apache/bin/envvars 文件,添加如下信息
$ vim /opt/apache/bin/envvars
if test "x$LD_LIBRARY_PATH" != "x" ; then
LD_LIBRARY_PATH="/opt/apache/lib:$LD_LIBRARY_PATH"
else
LD_LIBRARY_PATH="/opt/apache/lib"
fi
# Add the below line between "fi" and "export LD_LIBRARY_PATH"
LD_LIBRARY_PATH="/opt/openssl-1.0.2/lib:$LD_LIBRARY_PATH"
export LD_LIBRARY_PATH
# 添加 /etc/systemd/system/apache.service 服务文件,添加如下信息
$ vim /etc/systemd/system/apache.service
[Unit]
Description=Apache Server for Outbreak
[Service]
Type=forking
EnvironmentFile=/opt/apache/bin/envvars
PIDFile=/opt/apache/logs/httpd.pid
ExecStart=/opt/apache/bin/apachectl -k start
ExecReload=/opt/apache/bin/apachectl graceful
ExecStop=/opt/apache/bin/apachectl -k stop
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
# 开启 apache 服务 (需要 root 密码)
# 注: 若 CentOS 7 有安装 httpd 服务,则需要保证默认 httpd 服务已关闭
# $ systemctl status httpd
# $ systemctl stop httpd
$ systemctl enable apache.service
$ systemctl start apache
# 在浏览器输入服务器 IP 地址,会显示 "Its works!" 的字样
# 代表 apache 环境配置成功
-----------------------------------------------------------------------------
# 打开 /opt/apache/conf/httpd.conf 服务文件,修改如下信息
$ sudo vim /opt/apache/conf/httpd.conf
# 查询以下每一行的信息,并取消注释
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
#LoadModule ssl_module modules/mod_ssl.so
#LoadModule rewrite_module modules/mod_rewrite.so
# 将下面这段
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User daemon
Group daemon
</IfModule>
# 替换成:
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User www-data
Group www-data
</IfModule>
# 在文件最后添加以下信息
<IfModule ssl_module>
Listen *:443
SSLEngine on
SSLCipherSuite DHE:!DSS:!AES:!SEED:!CAMELLIA!TLSv1.2
SSLCertificateFile /etc/dnas/cert-jp.pem
SSLCertificateKeyFile /etc/dnas/cert-jp-key.pem
SSLCertificateChainFile /etc/dnas/ca-cert.pem
ServerName gate1.jp.dnas.playstation.org
ServerAdmin webmaster@localhost
DocumentRoot /var/www/dnas
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/dnas">
Options -Indexes
Require all granted
</Directory>
RewriteEngine on
RewriteRule ^(/.*)/v2\.5_i-connect$ $1/connect.php [PT]
RewriteRule ^(/.*)/i-connect$ $1/connect.php [PT]
RewriteRule ^(/.*)/v2\.5_d-connect$ $1/connect.php [PT]
RewriteRule ^(/.*)/v2\.5_others$ $1/others.php [PT]
RewriteRule ^(/.*)/others$ $1/others.php [PT]
# send this to php-fpm socket (needs write access!)
# 注意这里根据 php7.x-fpm.sock 对应的版本切换
<FilesMatch "\.php$">
SetHandler "proxy:unix:/var/run/php/php7.0-fpm.sock|fcgi://127.0.0.1"
</FilesMatch>
ErrorLog /opt/apache/logs/dnas_error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
CustomLog /opt/apache/logs/dnas_access.log combined
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
# we need to downgrade protocol for the DNAS browser
BrowserMatch "open sesame asdfjkl" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfModule>
# 重启 apache 服务
$ sudo systemctl restart apache
安装 PHP 7
# 树莓派
$ sudo apt install php7.0-fpm
# Debian
$ sudo apt install php7.3-fpm php7.3-mysql
# CentOS 7
$ sudo yum install php70w-fpm php70w-mysqlnd php-mysqli
# 完整安装
$ sudo yum install php70w php70w-cli php70w-common php70w-devel php70w-embedded php70w-fpm php70w-gd php70w-mbstring php70w-opcache php70w-pdo php70w-xml php70w-mysqlnd php-mysqli
$ systemctl enable php-fpm
$ systemctl start php-fpm
### 安装其他服务
# 树莓派
$ sudo apt install mariadb-server
$ sudo apt install php7.0-mysql openjdk-8-jre-headless openjdk-8-jre openjdk-8-jdk-headless openjdk-8-jdk
二、安装爆发服务端
解压服务端文件
# 进入 ./obsrv 目录下,设置 DNAS 验证
$ sudo cp -r DNAS/etc/dnas/ /etc/dnas
$ sudo chown -R 0:0 /etc/dnas
$ sudo mkdir /var/www
$ sudo mv DNAS/www/dnas /var/www/dnas
$ sudo chown -R www-data:www-data /var/www/dnas
# 设置软链接
$ sudo ln -sf /var/www/dnas/eu-gw/connect.php /var/www/dnas/eu-gw/v2.5_i-connect
$ sudo ln -sf /var/www/dnas/eu-gw/others.php /var/www/dnas/eu-gw/v2.5_others
$ sudo ln -sf /var/www/dnas/gai-gw/connect.php /var/www/dnas/gai-gw/v2.5_i-connect
$ sudo ln -sf /var/www/dnas/gai-gw/others.php /var/www/dnas/gai-gw/v2.5_others
$ sudo ln -sf /var/www/dnas/us-gw/connect.php /var/www/dnas/us-gw/v2.5_i-connect
$ sudo ln -sf /var/www/dnas/us-gw/others.php /var/www/dnas/us-gw/v2.5_others
# 复制服务端大厅页面文件 (FILE1, FILE2)
$ cd ./obsrv/FILE1
$ sudo mkdir /var/www/bhof1
$ sudo cp -r www/* /var/www/bhof1
$ sudo chown -R www-data:www-data /var/www/bhof1
$ sudo ln -s /var/www/bhof1 /var/www/dnas/00000002
$ sudo vim /var/www/bhof1/db_cred.php
<?php
$serv = 'localhost';
$datb = 'bioserver'; # 修改数据库名
$user = 'bioserver'; # 修改数据库用户名
$pass = 'admin'; # 修改数据库密码
$conn = mysqli_connect($serv, $user, $pass)
or die ("connection error");
mysqli_select_db($conn, $datb)
or die("database failure");
?>
$ cd ./obsrv/FILE2
$ sudo mkdir /var/www/bhof2
$ sudo cp -r www/* /var/www/bhof2
$ sudo chown -R www-data:www-data /var/www/bhof2
$ sudo ln -s /var/www/bhof2 /var/www/dnas/00000010
$ sudo vim /var/www/bhof2/db_cred.php
<?php
$serv = 'localhost';
$datb = 'bioserver2'; # 修改数据库名
$user = 'bioserver'; # 修改数据库用户名
$pass = 'admin'; # 修改数据库密码
$conn = mysqli_connect($serv, $user, $pass)
or die ("connection error");
mysqli_select_db($conn, $datb)
or die("database failure");
?>
# FILE1 FILE2 有区别的网页文件
db_cred.php - 数据库文件
startsession.php - 启动会话页面
enterareas.html - 大厅分区页面
# 针对 php7 源码 login_form.php 需要修改访问 mysql 的代码,完整代码如下
# 主要是将旧的 mysql 方法改为 mysqli 方法
导入数据库文件
安装完数据库后,添加 bioserver 用户名,并导入服务端数据
# 添加 bioserver 用户,密码设置为 admin
MariaDB [(none)]> create user "bioserver"@"localhost" identified by "admin";
# 授予 bioserver 用户权限
MariaDB [(none)]> GRANT ALL ON *.* TO 'bioserver'@'localhost';
# 导入数据库文件
MariaDB [(none)]> mysql -u bioserver -p < ./database/bioserver.sql
# 删除 bioserver 用户密码 (参考)
MariaDB [(none)]> use mysql; # 选择 mysql 数据库
MariaDB [mysql]> select host, user, password from user; # 查看用户, 密码信息
MariaDB [mysql]> update user set password=password("") where user="bioserver"; # 删除用户 bioserver 密码信息
MariaDB [(none)]> flush privileges; # 刷新权限信息
# 查看当前所有用户
MariaDB [(none)]> select user,host from mysql.user;
# 若导入数据时出现 Access Denied,则注释掉开头的这几行(`--`),并手动建立数据库
CREATE USER 'bioserver'@'localhost' IDENTIFIED BY 'admin';
CREATE DATABASE IF NOT EXISTS `bioserver2` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci;
GRANT ALL PRIVILEGES ON `bioserver2`.* TO 'bioserver'@'localhost';
配置服务器地址
这里将根据自己的服务器地址配置爆发的 JAVA 服务端
# 检查服务器本机 IP
# 其中 eth0:inet 即为本地 IP
# 如果部署在云端,则需要外部访问的公网 IP
$ ifconfig
# 修改爆发的 JAVA 服务端配置文件 config.properties
# 或修改对应的脚本 file1config.sh, file2config.sh
$ sudo vim /home/pi/Documents/biof1/config.properties
# Configuration for the server
# IP address for gameserver (your machine IP)
# 注意这里在云端需要用公网 IP
gs_ip=XXX.XXX.XXX.XXX
# credentials for the database
db_user=bioserver
db_password=admin
安装爆发服务端
# 安装 screen 后台执行
$ sudo apt-get install screen
$ sudo yum install screen
# 进入 ./obsrv 目录下
# 安装 mysql-connecter
$ wget https://cdn.mysql.com//Downloads/Connector-J/mysql-connector-java-5.1.49.tar.gz -O ~/mysql-connector-java-5.1.49.tar.gz
$ mkdir lib
$ mv mysql-connector-java-5.1.49-bin.jar lib/
# 赋予执行权限
$ sudo chmod +x observice.sh
# 编译服务端
$ ./observice.sh build
启动爆发服务端
# 启动服务端
$ ./observice.sh start
---------------------------------------------------------------
# 虚拟机自动脚本
# 注意设置脚本的运行权限,脚本文件分别在其服务端根目录下
$ cd /home/pi/Documents/biof1
$ chmod 760 ./runf1.sh
$ cd /home/pi/Documents/biof2
$ chmod 760 ./runf2.sh
# 执行脚本,后台执行
$ ./runf1.sh &
$ ./runf2.sh &
三、服务器维护工作
设置定时任务
编写重启脚本 reboot_ob_server.sh
#!/bin/bash
cd /{ob_server_path}/obsrv-chn/FILE1
./observice.sh restart
cd /{ob_server_path}/obsrv-chn/FILE2
./observice.sh restart
使用 crontab -e 设置定时任务
# 使用 crontab -e 设置定时任务
# 结果存储在 reboot.log
$ crontab -e
# 每天的早 9 点重启服务器
# min hour dayofmonth * dayoweek command
0 9 * * * /{ob_server_path}/reboot_ob_server.sh >> /{ob_server_path}/reboot.log
Comments | 0 条评论