redis/service-install.sh

raw link view readme

1	systemctl start firewalld
2	systemctl enable firewalld
3	firewall-cmd --permanent --zone=public --add-interface=eth0
4	sed "s/\"80\"/\"6379\"/;s/WWW (HTTP)/Redis/;/.*/d" /usr/lib/firewalld/services/http.xml > /etc/firewalld/services/redis.xml
5	firewall-cmd --permanent --add-service=redis --zone=public
6	firewall-cmd --reload
7
8	yum install stunnel -y
9
10	cd /etc/pki/tls/certs
11	make stunnel.pem << EOF
12
13
14
15
16
17
18
19
20
21	EOF
22
23
24	useradd -r -m -d /var/run/stunnel -s /bin/nologin stunnel
25
26	cat > /etc/stunnel/stunnel.conf << EOF
27	cert = /etc/pki/tls/certs/stunnel.pem
28	; Allow only TLS, thus avoiding SSL
29	sslVersion = TLSv1
30	chroot = /var/run/stunnel
31	setuid = stunnel
32	setgid = stunnel
33	pid = /stunnel.pid
34	socket = l:TCP_NODELAY=1
35	socket = r:TCP_NODELAY=1
36
37	[redis]
38	client = no
39	accept = 6379
40	connect = 6379
41	TIMEOUTclose = 0
42	EOF
43
44	cat > /etc/systemd/system/stunnel.service << EOF
45	[Unit]
46	Description=SSL tunnel
47	After=syslog.target
48
49	[Service]
50	ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf
51	ExecStop=/bin/kill -9
52	ExecStatus=pgrep stunnel
53	Type=forking
54
55	[Install]
56	WantedBy=multi-user.target
57	EOF
58
59	yum install redis -y
60
61	systemctl start redis
62	systemctl enable redis
63
64	systemctl start stunnel
65	systemctl enable stunnel
66