사용자 도구

사이트 도구


centos_설정

문서의 이전 판입니다!


개발 설정 on CentOS

CentOS/서버 설정

커널 업데이트

http://aeac.tistory.com/12

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum -y install yum-plugin-fastestmirror
yum --enablerepo=elrepo-kernel install kernel-ml

#after reboot
grub2-set-default 0

timezone

[ec2-user@ip-172-31-7-180 ~]$ date
Fri Aug  8 06:41:49 UTC 2014
 
[ec2-user@ip-172-31-7-180 ~]$ sudo date
Fri Aug  8 06:42:01 UTC 2014
 
[ec2-user@ip-172-31-7-180 ~]$ sudo cat /etc/localtime
TZif2UTCTZif2UTC
UTC0
 
[ec2-user@ip-172-31-7-180 ~]$ sudo rm /etc/localtime
 
[ec2-user@ip-172-31-7-180 ~]$ sudo ln -s /usr/share/zoneinfo/Asia/Seoul /etc/localtime
 
[ec2-user@ip-172-31-7-180 ~]$ date
Fri Aug  8 15:48:27 KST 2014
 
[ec2-user@ip-172-31-7-180 ~]$ sudo date
Fri Aug  8 15:48:40 KST 2014

출처: https://ora-sysdba.tistory.com/entry/Cloud-Computing-Amazon-EC2-인스턴스의-TIMEZONE-변경 [Welcome To Ora-SYSDBA]

원격설정

VNC

https://d2fault.github.io/2018/08/02/20180802-install-vncserver-centos/ 포트설정 방화벽해제 (영구) 5901-5910

sudo yum install tigervnc-server
vncserver
vncserver -geometry 1920x1080
vncserver -kill :[port]

Teamviewer

https://community.teamviewer.com/t5/Knowledge-Base/How-to-install-TeamViewer-on-Red-Hat-and-CentOS/ta-p/30708

wget https://download.teamviewer.com/download/linux/teamviewer-host.x86_64.rpm
yum install epel-release               # must be installed first
yum install ./teamviewer-host*.rpm

selinux

끄는 법 /etc/sysconfig/selinux 에서 SELINUX = disabled
http://itzone.tistory.com/646

nginx 설정

Certbot cron

43 6 * * * certbot renew --post-hook "systemctl reload nginx" > /root/cert_renew.log 2>&1

Proxy

Resilio Sync

#/etc/conf.d/nginx/default.conf

location /btsync/ {
         rewrite ^/btsync/gui(.*) /btsync$1 last;
         proxy_pass http://127.0.0.1:8888/gui/;
         proxy_redirect /gui/ /btsync/;
         proxy_buffering off;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
}

location /gui/ {
        proxy_pass http://127.0.0.1:8888/gui/;
        proxy_buffering off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }

setsebool httpd_can_network_connect 1 -P

ngnix rewriting

location  /foo {
  rewrite /foo/(.*) /$1  break;
  proxy_pass         http://localhost:3200;
  proxy_redirect     off;
  proxy_set_header   Host $host;
}

For Jupyter https://github.com/jupyter/notebook/issues/1311#issuecomment-403256189

# nginx config in server
location /jupyter/ {
        proxy_pass http://localhost:8888;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header Origin "";
}

location ~* /jupyter/(api/kernels/[^/]+/(channels|iopub|shell|stdin)|terminals/websocket)/? {
        proxy_pass http://localhost:8888;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Origin "";
}
#full nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;

## based on https://gist.github.com/cboettig/8643341bd3c93b62b5c2

events {
    worker_connections  1024;
}

http {

  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
    }

  upstream jupyter {
      server localhost:8888 fail_timeout=0;
  }


    server {
        listen 80;
        server_name hands.art.cfa.cmu.edu;
        rewrite        ^ https://$host$request_uri? permanent;
    }

    server {
        listen 443;

        client_max_body_size 50M;
        server_name hands.art.cfa.cmu.edu;

        ssl on;
        ssl_certificate /etc/letsencrypt/live/hands.art.cfa.cmu.edu/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/hands.art.cfa.cmu.edu/privkey.pem;

        ssl_ciphers "AES128+EECDH:AES128+EDH";
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
        add_header X-Content-Type-Options nosniff;
        ssl_stapling on; # Requires nginx >= 1.3.7
        ssl_stapling_verify on; # Requires nginx => 1.3.7
        resolver_timeout 5s;

        location / {
            proxy_pass http://jupyter;

            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
     location ~* /(api/kernels/[^/]+/(channels|iopub|shell|stdin)|terminals/websocket)/? {
            proxy_pass http://jupyter;

            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            # WebSocket support
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;

        }
    }
}
#jupyter settings
c.NotebookApp.allow_origin = '*'
c.NotebookApp.base_url = '/jupyter'
c.NotebookApp.open_browser = False
c.NotebookApp.password = 'sha1:REDACTED'
c.NotebookApp.port = 8888
c.NotebookApp.trust_xheaders = True

php setting

php conf 안에서
user, group listen –> 소켓으로

https 설정

https://certbot.eff.org/lets-encrypt/centosrhel7-nginx

Renewal

certbot renew --dry-run
certbot renew

Remote 환경 (Windows 등)

배경색

Python 개발환경

skmob bash

docker run -it --name skmob-dev -p 28888:8888 -v E:\Clouds_500G\Dev\traccar:/home/centos/src/projects dreamwayjgs/centos-skmob:latest /bin/bash

Python 3.6버전

yum install -y https://centos7.iuscommunity.org/ius-release.rpm
yum search python3

yum install -y python36u python36u-devel python36u-libs python36u-pip

Jupyter

#run
nohup jupyter notebook &
#kill
lsof nohup.out
kill -9 <PID>
nohup jupyter lab > my.log 2>&1 &
echo $! > save_pid.txt

kill -9 `cat save_pid.txt`
rm save_pid.txt
#!/usr/bin/env bash
# 파이썬 3.7 설치
sudo apt update
sudo apt install software-properties-common
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt update
sudo apt install python3.7

python3.7 --version
# **/home/<사용자 이름="">/.bash_aliases**
alias python=python3.7
alias pip=pip3

sudo apt install python3-pip
sudo apt install python3.7-venv
python -m venv venv
source venv/bin/activate

우분투 미러

#!/bin/sh

SL=/etc/apt/sources.list

PARAM="r:hm:dna"

KAKAO=mirror.kakao.com
NEOWIZ=ftp.neowiz.com
HARU=ftp.harukasan.org

function  usage {
    echo "USAGE: $0 [OPTION] ";
    echo -e "\r\n-b : make backup file";
    echo "-r[sources.list] : specify source list file (default ${SL})"
    echo "-m[mirror-url] : speficy mirror site url"
    echo "-k : use kakao mirror (${KAKAO})"
    echo "-n : use neowiz mirror (${NEOWIZ})"
    echo "-a : use harukasan mirror (${HARU})"

    exit 0;
}

REPOS=${KAKAO}

while getopts $PARAM opt; do
    case $opt in
        r)
            echo "-r option was supplied. OPTARG: $OPTARG" >&2
            SL=$OPTARG;
            ;;
        m)
            echo "Using mirror repository(${OPTARG})." >&2
            REPOS=${OPTARG}
            ;;
        k)
            echo "Using Kakao repository(${KAKAO})." >&2
            REPOS=${KAKAO}
            ;;
        n)
            echo "Using neowiz repository(${NEOWIZ})." >&2
            REPOS=${NEOWIZ}
            ;;
        a)
            echo "Using harukasan repository(${HARU})." >&2
            REPOS=${HARU}
            ;;
        h)
            usage;
             ;;
    esac
done

echo "using repository(${REPOS})"

## change mirror
sed -i.bak -re "s/([a-z]{2}.)?archive.ubuntu.com|security.ubuntu.com/${REPOS}/g" ${SL}

## check
apt update
centos_설정.1569835263.txt.gz · 마지막으로 수정됨: 2021/04/13 06:54 (바깥 편집)