redis/service-install.sh

raw link view readme
1 yum install firewalld -y
2 systemctl start firewalld
3 systemctl enable firewalld
4 firewall-cmd --permanent --zone=public --add-interface=eth0
5 sed "s/\"80\"/\"6379\"/;s/WWW (HTTP)/Redis/;/<description>.*/d" /usr/lib/firewalld/services/http.xml > /etc/firewalld/services/redis.xml
6 firewall-cmd --permanent --add-service=redis --zone=public
7 firewall-cmd --reload
8
9 yum install stunnel -y
10
11 cd /etc/pki/tls/certs
12 make stunnel.pem << EOF
13
14
15
16
17
18
19
20
21
22 EOF
23
24
25 useradd -r -m -d /var/run/stunnel -s /bin/nologin stunnel
26
27 cat > /etc/stunnel/stunnel.conf << EOF
28 cert = /etc/pki/tls/certs/stunnel.pem
29 ; Allow only TLS, thus avoiding SSL
30 sslVersion = TLSv1
31 chroot = /var/run/stunnel
32 setuid = stunnel
33 setgid = stunnel
34 pid = /stunnel.pid
35 socket = l:TCP_NODELAY=1
36 socket = r:TCP_NODELAY=1
37
38 [redis]
39 client = no
40 accept = 6379
41 connect = 6379
42 TIMEOUTclose = 0
43 EOF
44
45 cat > /etc/systemd/system/stunnel.service << EOF
46 [Unit]
47 Description=SSL tunnel
48 After=syslog.target
49
50 [Service]
51 ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf
52 ExecStop=/bin/kill -9
53 ExecStatus=pgrep stunnel
54 Type=forking
55
56 [Install]
57 WantedBy=multi-user.target
58 EOF
59
60 yum install redis -y
61
62 systemctl start redis
63 systemctl enable redis
64
65 systemctl start stunnel
66 systemctl enable stunnel
67