| 1 |
|
| 2 |
semanage fcontext -at httpd_sys_rw_content_t "/srv(/.*)?" |
| 3 |
|
| 4 |
yum install firewalld -y |
| 5 |
systemctl start firewalld |
| 6 |
systemctl enable firewalld |
| 7 |
firewall-cmd --permanent --zone=public --add-interface=eth0 |
| 8 |
firewall-cmd --permanent --add-service=http --add-service=https --zone=public |
| 9 |
firewall-cmd --reload |
| 10 |
|
| 11 |
yum install httpd mod_ssl -y |
| 12 |
|
| 13 |
systemctl start httpd |
| 14 |
systemctl enable httpd |
| 15 |
|
| 16 |
export PUBLIC_IP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/') |
| 17 |
|
| 18 |
cat >> /etc/hosts << EOF |
| 19 |
$PUBLIC_IP aleph bet webapi |
| 20 |
EOF |
| 21 |
|
| 22 |
create () |
| 23 |
{ |
| 24 |
|
| 25 |
mkdir -p /srv/$1 |
| 26 |
|
| 27 |
cat > /srv/$1/index.html << EOF |
| 28 |
$1 here |
| 29 |
EOF |
| 30 |
|
| 31 |
mkdir -p /srv/_cert |
| 32 |
openssl req -nodes -new -x509 -keyout /srv/_cert/$1.key -out /srv/_cert/$1.crt << EOF |
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
EOF |
| 43 |
|
| 44 |
cat > /etc/httpd/conf.d/$1.conf << EOF |
| 45 |
|
| 46 |
Require all granted |
| 47 |
|
| 48 |
|
| 49 |
ServerAdmin someone@$1 |
| 50 |
DocumentRoot /srv/$1 |
| 51 |
ServerName $1 |
| 52 |
SSLEngine On |
| 53 |
SSLCertificateFile /srv/_cert/$1.crt |
| 54 |
SSLCertificateKeyFile /srv/_cert/$1.key |
| 55 |
ErrorLog logs/$1-error.log |
| 56 |
CustomLog logs/$1-access.log common |
| 57 |
|
| 58 |
EOF |
| 59 |
|
| 60 |
} |
| 61 |
|
| 62 |
create aleph |
| 63 |
create bet |
| 64 |
|
| 65 |
restorecon -R -v /srv |
| 66 |
chown -R nobody:apache /srv |
| 67 |
|
| 68 |
systemctl restart httpd |
| 69 |
|