FREEBSD5.3架站纪实

这篇文章采用了FREEBSD5.3 RELEASE,如果你想使用权用STABLE的FREEBSD的话,把STABLE-SUPFILE里的 tag=RELENG_5_3 改成 tag=RELENG_5 文章介绍了在一台服务器上提供最常用的互联网服务为基础,主要介绍了APACHE+MYSQL+QMAIL+JAVA+BIND FREECHOICE原创 安装系统我就不多说了，我选的是STANDARD，并支持LINUXCOMPAT 在安装之前，首先要安装PORTS，如果没有的话 运行 #/stand/sysinstall configure->distributions->ports server# cd /usr/ports/net/cvsup-without-gui 如果你没有装PORTS的话,请运行/stand/sysinstall 选configure-->distributions-->ports,然后选OK,系统会自动完成安装 server# make install clean 安装完之后 server# cp /usr/share/examples/cvsup/ports-supfile /etc server# cp /usr/share/examples/cvsup/stable-supfile /etc server# chmod 755 /etc/ports-supfile server# chmod 755 /etc/stable-supfile 注:chmod 数字前加0代表目录,不加0代表文件 server# vi /etc/ports-supfile 修改其中的*default host=CHANG_THIS.FreeBSD.org 为*default host=cvsup.freebsdchina.org server# vi /etc/stable-supfile 修改其中的*default host=CHANG_THIS.FreeBSD.org 为*default host=cvsup.freebsdchina.org 修改*default release=cvs tag=RELENG_4 为 *default release=cvs tag=RELENG_5_3 server# /usr/local/bin/cvsup -g -L 2 /etc/ports-supfile server# /usr/local/bin/cvsup -g -L 2 /etc/stable-supfile 完了之后 cd /usr/src 我的CPU频率较高,内存较大,所以执行的是 server# make -j 80 buildworld server# make -j 80 buildkernel server# make -j 80 installkernel server# make -j 80 installworld 第一部分，安装MYSQL服务器 server# cd mysql50-server/ server# make install clean 第二部分，安装APACHE2服务器 安装APACHE2服务器 倚赖的软件包 server# cd /usr/ports/textproc/libxml2 server# make install clean 安装openssl,在安装apache时用的着 server# cd /usr/ports/security/openssl server# make install clean server# cd /usr/ports/www/apache2 server# ls Makefile Makefile.modules.3rd files pkg-message Makefile.doc README.html pkg-descr pkg-plist Makefile.modules distinfo pkg-install server# make install clean 在安装的过程中会出现expat版本冲突，再执行make reinstall就行了 安装php5 server# cd /usr/ports/databases/php5-mysql server# make install clean server# cd /usr/ports/lang/php5-extensions 选择自己需要的模块后 推荐安装的插件在以前发的贴子中已经提到过，这里就不说了 server# make install clean 设定/etc/rc.conf,添加如下几行 apache2_enable=yes apache2ssl_enable=yes mysql_enable=yes 产生apache使用的ssl密钥和证书 server# cd /usr/local/etc/apache2/ server# mkdir ssl.crt ssl.key server# openssl genrsa -des3 -out server.key 1024 Generating RSA private key, 1024 bit long modulus .........................++++++ ......++++++ e is 65537 (0x10001) Enter pass phrase for server.key: Verifying - Enter pass phrase for server.key: server# openssl req -new -x509 -days 30 -key server.key -out server.crt Enter pass phrase for server.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:CN State or Province Name (full name) [Some-State]:FuJian Province Locality Name (eg, city) []:Xia Men city Organization Name (eg, company) [Internet Widgits Pty Ltd]:City Towona T channel Organizational Unit Name (eg, section) []:NetWork Dept Common Name (eg, YOUR name) []:Johnathan Chiang Email Address []:pcsoldier@vip.sina server# mv server.key ssl.key/ server# mv server.crt ssl.crt/ server#vi ssl.conf 更改ssl.conf，到你自己所需要的参数 DocumentRoot "/var/htdocs" ServerName www.server.com:443 ServerAdmin you@yoursite.com ErrorLog /var/log/httpd-error.log TransferLog /var/log/httpd-aclearcase/" target="_blank" >ccess.log DocumentRoot "/var/htdocs" 更改httpd.conf到自己需要的参数 ServerName www.towona.com:80 ServerAdmin webmaster@towona.com DocumentRoot "/var/htdocs" DefaultLanguage zh-cn AddDefaultCharset gb2312 AddType application/x-http-php .php .php3 AddType application/x-http-php-source .phps DirectoryIndex index.php index.php3 index.htm index.html 注意下面这一段也要改 # # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs-2.0/mod/core.html#options # for more information. # Options Indexes FollowSymLinks # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride None # # Controls who can get stuff from this server. # Order allow,deny Allow from all 启动mysql并更改密码 server# /usr/local/etc/rc.d/mysql-server.sh start Starting mysql. server# /usr/local/bin/mysqladmin -u root password 'yourpassword' 启动apache2 server# /usr/local/etc/rc.d/apache2.sh start Starting apache2. Apache/2.0.52 mod_ssl/2.0.52 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide us with the pass phrases. Server www.towona.com:443 (RSA) Enter pass phrase: Ok: Pass Phrase Dialog successful. 第三部分 安装JAVA环境 安装JDK环境 首先拷贝 bsd-jdk14-patches-6.tar.gz(安装时会提示到哪里下载) j2sdk-1_4_2-src-scsl.zip (java.sun.com) j2sdk-1_4_2-bin-scsl.zip(java.sun.com) j2sdk-1_4_2_05-linux-i586.bin(http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=22&PartDetailId=j2sdk-1.4.2_05-oth-JPR&SiteId=JSC&TransactionId=noreg) 到/usr/ports/distfiles server# kldload linprocfs server# mount -t linprocfs linprocfs /compat/linux/proc server# cd /usr/ports/java/jdk14 server# make install clean 完成后 编辑~/.cshrc server# vi ~/.cshrc，加入以下的内容(这是安装其它的软件的时候用的到的，像JBOSS，RESIN之类的） setenv ALT_JAVAWS_BOOTDIR /usr/local/jdk1.4.2 setenv ALT_BOOTDIR /usr/local/linux-sun-jdk1.4.2/ 注：在安装时可能有错误 make 时可能要用到环境变量。。 （应按错误提示，自己改我这句话，此例中我的需要在make 前加 server# unsetenv LANG server# unsetenv JAVA_HOME server# unsetenv CLASSPATH server# setenv ALT_JAVAWS_BOOTDIR /usr/local/jdk1.4.2 server# setenv ALT_BOOTDIR /usr/local/linux-sun-jdk1.4.2/ 编辑/etc/profile 加入 JAVA_HOME=/usr/local/jdk1.4.2 export JAVA_HOME CLASSPATH=$JAVA_HOME/lib:$JAVA_HOME/jre/lib export CLASSPATH PATH=$PATH:$JAVA_HOME/bin:$JAVA_HOME/jre/bin export PATH 第四部分 安装DNS服务器 server# cd /usr/ports/dns/bind9 server# make install clean 制作RNDC.KEY server# cd /etc/namedb server# /usr/local/sbin/rndc-confgen > rndc.conf 配置bind的配置文件，位于/etc/named/named.conf,下面是我的例子 options { directory "/etc/namedb"; pid-file "/var/run/named/pid"; }; //下面这一段是从rndc.conf中下面注释的部分摘来的 key "rndc-key" { algorithm hmac-md5; secret "PFt4noew6Xsq3A5DcYBVpw=="; }; controls { inet 192.168.0.254 port 953 allow { 0.0.0.0; } keys { "rndc-key"; }; }; //摘录完毕 zone "." { type hint; file "named.root"; }; zone "0.0.127.IN-ADDR.ARPA" { type master; file "localhost.rev"; }; zone "towona.com" { type master; file "towona.zone"; }; zone "0.168.192.in-addr.arpa" { type master; file "towona.arpa"; }; 配置正向主区域文件，我的例子如下 $TTL 3600 @ IN SOA server.towona.com. root.towona.com. ( 20041124 ; Serial 3600 ; Refresh 900 ; Retry 3600000 ; Expire 3600 ) ; Minimum @ IN NS server.towona.com. @ IN A 192.168.0.254 choice IN A 192.168.0.251 server IN A 192.168.0.254 www IN CNAME server ftp IN CNAME server mail IN CNAME server @ IN MX 10 server 配置反向主区域文件，我的例子如下 $TTL 3600 @ IN SOA server.towona.com. root.towona.com. ( 20041124 ; Serial 3600 ; Refresh 900 ; Retry 3600000 ; Expire 3600 ) ; Minimum @ IN NS server.towona.com. 254 IN PTR server.towona.com. 251 IN PTR choice.towona.com. 编写named启动脚本，我的如下 server #vi /usr/local/etc/rc.d/named.sh #!/bin/sh case "" in start) if [ -x /usr/sbin/named ]; then /usr/sbin/named -c /etc/namedb/named.conf && echo -n 'named started' fi ;; stop) killall named && echo -n 'named stoped' ;; *) echo "" echo "Usage: '' { start | stop }" echo "" exit 64 ;; esac chmod 755 /usr/local/etc/rc.d/named.conf 第五部分 安装QMAIL server# cd /usr/ports/security/cmd5checkpw server# make install clean server# cd /home/choice/soft server# tar -zxvf ucspi-tcp-0.88.tar.gz server# cd ucspi-tcp-0.88 server# make install clean 添加所需要的帐号 server# pw groupadd nofiles server# pw groupadd qmail server# pw useradd alias -g nofiles -d /home/qmail/alias -s /none server# pw useradd qmaild -g nofiles -d /home/qmail -s /none server# pw useradd qmaill -g nofiles -d /home/qmail -s /none server# pw useradd qmailp -g nofiles -d /home/qmail -s /none server# pw useradd qmailq -g qmail -d /home/qmail -s /none server# pw useradd qmailr -g qmail -d /home/qmail -s /none server# pw useradd qmails -g qmail -d /home/qmail -s /none server# vi /etc/tcp.smtp 添加如下一行 127.0.0.1:allow,RELAYCLIENT="" server# /usr/local/bin/tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp server# cd /home/choice/soft server# tar -zxvf qmail-1.03.tar.gz server# cd qmail-1.03 server# patch -p1 < ../qmail-103.patch Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |--- qmail-1.03/dns.c.103 Mon Aug 17 16:06:58 1998 |+++ qmail-1.03/dns.c Wed Aug 26 16:28:56 1998 -------------------------- Patching file dns.c using Plan A... Hunk #1 succeeded at 21. Hunk #2 succeeded at 47. Hunk #3 succeeded at 83. done server# vi conf-qmail 将QMAIL的安装路径更改一下,我的是/home/qmail server# make setup check server# ./config-fast towona.com server# touch /home/qmail/alias/.qmail-root server# touch /home/qmail/alias/.qmail-postmaster server# touch /home/qmail/alias/.qmail-mailer-daemon server# echo postmaster > /home/qmail/control/bouncefrom server# cd ../ server# pw groupadd vchkpw -g 89 server# pw useradd vpopmail -u 89 -g 89 -d /home/vpopmail -s /none server# mkdir -p /home/vpopmail/etc server# echo ":allow" > /home/vpopmail/etc/tcp.smtp server# cd /usr/local/sbin server# mysqladmin -u root password "yourpassword" server# mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 4 to server version: 5.0.1-alpha Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> create database vpopmail; Query OK, 1 row affected (0.00 sec) mysql> grant select,insert,delete,update,create,drop on vpopmail.* to vpopmail@localhost identified by 'towonamail'; Query OK, 0 rows affected (0.03 sec) mysql> exit; Bye server# echo "localhost|0|mysql用户名|mysql密码|vpopmail" > ~vpopmail/etc/vpopmail.mysql server# tar -zxvf vpopmail-5.4.6.tar.gz server# cd vpopmail-5.4.6 server# patch -p1 < ../vpopmail-547-snap.patch Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: ChangeLog |=================================================================== |RCS file: /cvsroot/vpopmail/vpopmail/ChangeLog,v |retrieving revision 1.103.2.22 |retrieving revision 1.103.2.31 |diff -u -r1.103.2.22 -r1.103.2.31 |--- ChangeLog 1 Jul 2004 05:09:59 -0000 1.103.2.22 |+++ ChangeLog 27 Aug 2004 17:57:44 -0000 1.103.2.31 -------------------------- Patching file ChangeLog using Plan A... Hunk #1 succeeded at 1. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: vconvert.c |=================================================================== |RCS file: /cvsroot/vpopmail/vpopmail/vconvert.c,v |retrieving revision 1.2.2.1 |retrieving revision 1.2.2.2 |diff -u -r1.2.2.1 -r1.2.2.2 |--- vconvert.c 10 Mar 2004 15:18:50 -0000 1.2.2.1 |+++ vconvert.c 24 Aug 2004 17:17:39 -0000 1.2.2.2 -------------------------- Patching file vconvert.c using Plan A... Hunk #1 succeeded at 1. Hunk #2 succeeded at 188. Hunk #3 succeeded at 229. Hunk #4 succeeded at 247. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: vpalias.c |=================================================================== |RCS file: /cvsroot/vpopmail/vpopmail/vpalias.c,v |retrieving revision 1.6 |retrieving revision 1.6.2.1 |diff -u -r1.6 -r1.6.2.1 |--- vpalias.c 14 Jan 2004 23:55:21 -0000 1.6 |+++ vpalias.c 19 Aug 2004 05:42:34 -0000 1.6.2.1 -------------------------- Patching file vpalias.c using Plan A... Hunk #1 succeeded at 1. Hunk #2 succeeded at 59. Hunk #3 succeeded at 116. Hunk #4 succeeded at 155. Hunk #5 succeeded at 183. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: vpopmail.c |=================================================================== |RCS file: /cvsroot/vpopmail/vpopmail/vpopmail.c,v |retrieving revision 1.28.2.4 |retrieving revision 1.28.2.8 |diff -u -r1.28.2.4 -r1.28.2.8 |--- vpopmail.c 26 Jun 2004 02:20:56 -0000 1.28.2.4 |+++ vpopmail.c 27 Aug 2004 17:57:45 -0000 1.28.2.8 -------------------------- Patching file vpopmail.c using Plan A... Hunk #1 succeeded at 1. Hunk #2 succeeded at 101. Hunk #3 succeeded at 174. Hunk #4 succeeded at 262. Hunk #5 succeeded at 313. Hunk #6 succeeded at 381. Hunk #7 succeeded at 451. Hunk #8 succeeded at 606. Hunk #9 succeeded at 1338. Hunk #10 succeeded at 1563. Hunk #11 succeeded at 1583. Hunk #12 succeeded at 1742. Hunk #13 succeeded at 1783. Hunk #14 succeeded at 1876. Hunk #15 succeeded at 1928. Hunk #16 succeeded at 1965. Hunk #17 succeeded at 1976. Hunk #18 succeeded at 2304. Hunk #19 succeeded at 2809. Hunk #20 succeeded at 2951. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: vsybase.c |=================================================================== |RCS file: /cvsroot/vpopmail/vpopmail/vsybase.c,v |retrieving revision 1.9.2.1 |retrieving revision 1.9.2.2 |diff -u -r1.9.2.1 -r1.9.2.2 |--- vsybase.c 26 Jun 2004 02:20:56 -0000 1.9.2.1 |+++ vsybase.c 19 Aug 2004 16:32:35 -0000 1.9.2.2 -------------------------- Patching file vsybase.c using Plan A... Hunk #1 succeeded at 1. Hunk #2 succeeded at 101. Hunk #3 succeeded at 126. Hunk #4 succeeded at 175. Hunk #5 succeeded at 294. done server# vi ./configure 将其中 echo "$as_me:$LINENO: checking whether we can locate the qmail directory" >&5 echo $ECHO_N "checking whether we can locate the qmail directory... $ECHO_C" >&6qmaildir="" for f in /var/qmail do if test -d $f then qmaildir=$f fi done 改为 for f in /home/qmail server# ./configure --disable-roaming-users --enable-logging=p --disable-ip-alias-domains --disable-passwd --enable-clear-passwd --disable-domain-quotas --enable-auth-module=mysql --enable-auth-logging --enable-mysql-logging --enable-valias --disable-mysql-limits --enable-tcprules-prog=/usr/local/bin/tcpserver --enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp --enable-vpopgroup=vchkpw --enable-vpopuser=vpopmail --enable-ip-alias-domain=n server# make server# cd /home/qmail server# cp boot/home rc server# cd /home/vpopmail/bin server# ./vadddomain towona.com Please enter password for postmaster: enter password again: server# vi /usr/local/etc/rc.d/qmail.sh #!/bin/sh csh -cf '/home/qmail/rc &' /usr/local/bin/tcpserver -c 100 -v -l towona.com -H -U -R 0 pop3 \ /home/qmail/bin/qmail-popup towona.com \ /home/vpopmail/bin/vchkpw /home/qmail/bin/qmail-pop3d Maildir & /usr/local/bin/tcpserver -H -R -l towona.com -t 1 -c 100 -v -p \ -x /etc/tcp.smtp.cdb -u 1003 -g 1001 0 smtp \ /home/qmail/bin/qmail-smtpd towona.com /home/vpopmail/vchkpw /usr/bin/ture /bin/cmd5checkpw /usr/bin/true & server# chmod 644 /usr/local/etc/rc.d/qmail.sh 至此QMAIL己经安装的差不多了，从www.igenus.org下载最近版本的igenus 1. # mv igenus_2.0.2_20040901_release.tgz /var/htdocs/ # tar -zxvf igenus_2.0.2_20040901_release.tgz # mv igenus mail 2. # cd /var/htdocs/mail 3. # mkdir temp (建立临时文件夹给igenus使用） 4. # chown -R vpopmail.vchkpw temp 5. # tar xvzf igenus_2_20010815_snap.tgz 6. # cd /var/www/iGENUS/config 7. # 修改 config_inc.php $CFG_BASEPATH = "/var/htdocs/mail"; --->是iGNEUS webmail安装在系统的路径 // Mysql $CFG_MYSQL_HOST = 'localhost'; $CFG_MYSQL_USER = 'root'; ------------->对vpopmail数据库有读写操作的用户 $CFG_MYSQL_PASS = ''; ------------->用户密码 $CFG_MYSQL_DB = 'vpopmail'; $CFG_HOSTNAME = "http://mail.test.com"; ------>服务器的主机名 $CFG_LANGUAGE = gb; -----> 是系统默认语言，可有中英日可选。 $CFG_GMT = +8; -----> 是时区设置，中国选+8。 $CFG_TEMP = $CFG_BASEPATH."/temp";----->临时目录位置 设置Apche 1.# vi /etc/httpd/conf/httpd.conf (修改apache的配置) 修改以下内容: User vpopmail Group vchkpw 2. # /usr/local/etc/rc.d/apache2.sh restart (重新启动httpd服务) 3. http://192.168.0.254/mail访问你的webmail!

原文转自：http://www.ltesting.net