Step 1 - Redmine application
# pkg install redmine
Step 2 - Create an empty database and accompanying user
【sudo MySQL】
# sysrc mysql_enable=yes
# service mysql-server start
# mysql_secure_installation
$ mysql -u root -p // qwertyui
mysql> CREATE DATABASE redmine CHARACTER SET utf8;
mysql> CREATE USER 'redmine'@'localhost' IDENTIFIED BY '12345678';
mysql> GRANT ALL PRIVILEGES ON redmine.* TO 'redmine'@'localhost';
mysql> quit
Step 3 - Database connection configuration
Copy config/database.yml.example to config/database.yml & Edit it.
# cd /usr/local/www/redmine/
# cp config/database.yml.example config/database.yml
# ee config/database.yml
production:
adapter: mysql2
database: redmine
host: localhost
username: redmine
password: 12345678
encoding: utf8
Step 4 - Dependencies installation
# bundle install --without development test
Step 5 - Session store secret generation
# bundle exec rake generate_secret_token
Step 6 - Database schema objects creation
# bundle exec rake db:migrate RAILS_ENV="production"
Step 7 - Database default data set
# bundle exec rake redmine:load_default_data RAILS_ENV="production"
Select language: ar, az, bg, bs, ca, cs, da, de, el, en, en-GB, es, et, eu, fa, fi, fr, gl, he, hr, hu, id, it, ja, ko, lt, lv, mk, mn, nl, no, pl, pt, pt-BR, ro, ru, sk, sl, sq, sr, sr-YU, sv, th, tr, uk, vi, zh, zh-TW [en] zh-TW
====================================
Default configuration data loaded.
Step 8 - File system permissions
# mkdir -p tmp tmp/pdf public/plugin_assets
# chown -R redmine:redmine files log tmp public/plugin_assets
# chmod -R 755 files log tmp public/plugin_assets
Step 9 - Test the installation
# cd /usr/local/www/redmine/
# bundle exec ruby script/rails server webrick -e production
Step 10 - Logging into the application
http://host or IP:3000
login: admin
password: admin
2016年3月17日 星期四
2016年3月15日 星期二
FreeBSD 10.2 設定 apache24 php
apache24-2.4.18:
一、CONFIGURE
# ee /usr/local/etc/apache24/httpd.conf
(~211)
# ServerAdmin you@example.com
ServerAdmin admin@testbsd.com
(~220)
#ServerName www.example.com:80
ServerName ns1.testbsd.com:80
# ee /etc/rc.conf
apache24_enable="YES"
# /usr/local/etc/rc.d/apache24 restart
Performing sanity check on apache24 configuration:
Syntax OK
apache24 not running? (check /var/run/httpd.pid).
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
已能正常啟動
測試組態是否正常
# apachectl configtest
Performing sanity check on apache24 configuration:
Syntax OK
!!!! 如果沒使用 SSL 就到此。
二、CONFIGURE
# ee /usr/local/etc/apache24/httpd.conf
(~89)
LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so
(~141)
LoadModule ssl_module libexec/apache24/mod_ssl.so
(~511)
Include etc/apache22/extra/httpd-ssl.conf
Save, exit, and open Apache's SSL configuration file:
# ee /usr/local/etc/apache24/extra/httpd-ssl.conf
(~125)
ServerName ns1.testbsd.com:443
ServerAdmin admin@testbsd.com
(144~147)修改路徑
SSLCertificateFile "/usr/local/openssl/SSL/ns1.testbsd.com-cert.pem"
(154~157)
SSLCertificateKeyFile "/usr/local/openssl/SSL/ns1.testbsd.com-unencrypted-key.pem"
Save and exit.
# /usr/local/etc/rc.d/apache24 restart
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 744.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
測試運行狀況
# openssl s_client -connect localhost:443
------------------------------------------------------
三、PHP CONFIGURE
# ee /usr/local/etc/apache24/httpd.conf
(~278)
<IfModule dir_module>
DirectoryIndex index.php index.html index.htm
</IfModule>
Scroll down to the bottom of httpd.conf and add these lines:
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
# /usr/local/etc/rc.d/apache24 restart
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 812.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
四、PHP TESTING
# ee /usr/local/www/apache24/data/phpinfo.php
and add this line:
<?php phpinfo(); ?>
Save and exit.
http://IP/phpinfo.php
https://IP/phpinfo.php
一、CONFIGURE
# ee /usr/local/etc/apache24/httpd.conf
(~211)
# ServerAdmin you@example.com
ServerAdmin admin@testbsd.com
(~220)
#ServerName www.example.com:80
ServerName ns1.testbsd.com:80
# ee /etc/rc.conf
apache24_enable="YES"
# /usr/local/etc/rc.d/apache24 restart
Performing sanity check on apache24 configuration:
Syntax OK
apache24 not running? (check /var/run/httpd.pid).
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
已能正常啟動
測試組態是否正常
# apachectl configtest
Performing sanity check on apache24 configuration:
Syntax OK
!!!! 如果沒使用 SSL 就到此。
二、CONFIGURE
# ee /usr/local/etc/apache24/httpd.conf
(~89)
LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so
(~141)
LoadModule ssl_module libexec/apache24/mod_ssl.so
(~511)
Include etc/apache22/extra/httpd-ssl.conf
Save, exit, and open Apache's SSL configuration file:
# ee /usr/local/etc/apache24/extra/httpd-ssl.conf
(~125)
ServerName ns1.testbsd.com:443
ServerAdmin admin@testbsd.com
(144~147)修改路徑
SSLCertificateFile "/usr/local/openssl/SSL/ns1.testbsd.com-cert.pem"
(154~157)
SSLCertificateKeyFile "/usr/local/openssl/SSL/ns1.testbsd.com-unencrypted-key.pem"
Save and exit.
# /usr/local/etc/rc.d/apache24 restart
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 744.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
測試運行狀況
# openssl s_client -connect localhost:443
------------------------------------------------------
三、PHP CONFIGURE
# ee /usr/local/etc/apache24/httpd.conf
(~278)
<IfModule dir_module>
DirectoryIndex index.php index.html index.htm
</IfModule>
Scroll down to the bottom of httpd.conf and add these lines:
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
# /usr/local/etc/rc.d/apache24 restart
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 812.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
四、PHP TESTING
# ee /usr/local/www/apache24/data/phpinfo.php
and add this line:
<?php phpinfo(); ?>
Save and exit.
http://IP/phpinfo.php
https://IP/phpinfo.php
FreeBSD 10.2 設定 openssl
Message from openssl-1.0.2_11:
一、Generate a Certificate Request for CA Submission
# 確認版本
# openssl version
OpenSSL 1.0.1p-freebsd 9 Jul 2015
# cp /usr/local/openssl/openssl.cnf.sample /usr/local/openssl/openssl.cnf
# cd /usr/local/openssl
# mkdir CA
# cp misc/CA.pl CA
# cd CD
# ./CA.pl -newreq
按照問題回答:
Generating a 1024 bit RSA private key
...................................++++++
...++++++
writing new private key to 'newkey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
.
.
Country Name (2 letter code) [AU]:TW
State or Province Name (full name) [Some-State]:Taiwan
Locality Name (eg, city) []:Taoyuan
Organization Name (eg, company) [Internet Widgits Pty Ltd]:TestSBD
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:ns1.testbsd.com
Email Address []:admin@testbsd.com
.
.
二、Create a Self-Signed SSL Certificate
# cd /usr/local/openssl
# mkdir SSL
# cp misc/CA.pl SSL
# cd /usr/local/openssl/SSL
# ./CA.pl -newca
.
.
Making CA certificate ...
Generating a 1024 bit RSA private key
...............++++++
........++++++
.
.
Country Name (2 letter code) [AU]:TW
State or Province Name (full name) [Some-State]:Taiwan
Locality Name (eg, city) []:Taoyuan
Organization Name (eg, company) [Internet Widgits Pty Ltd]:TestBSD
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:ns1.testbsd.com
Email Address []:admin@testbsd.com
.
.
Certificate Details:
Serial Number: 12485983489805965089 (0xad471fd49546d721)
Validity
Not Before: Mar 14 11:34:09 2016 GMT
Not After : Mar 14 11:34:09 2019 GMT
Subject:
countryName = TW
stateOrProvinceName = Taiwan
organizationName = TestBSD
organizationalUnitName = IT
commonName = ns1.testbsd.com
emailAddress = admin@testbsd.com
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:07:10:E3:51:2E:3F:27:07:68:89:19:69:55:5B:C1:2B:47:EE:38
X509v3 Authority Key Identifier:
keyid:E1:07:10:E3:51:2E:3F:27:07:68:89:19:69:55:5B:C1:2B:47:EE:38
X509v3 Basic Constraints:
CA:TRUE
Certificate is to be certified until Mar 14 11:34:09 2019 GMT (1095 days)
.
.
# ./CA.pl -newreq
.
.
過程同上
.
.
# ./CA.pl -signreq
.
.
過程同上
.
.
Certificate is to be certified until Mar 14 11:39:08 2017 GMT (365 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
# cp newcert.pem ns1.testbsd.com-cert.pem
# cp newkey.pem ns1.testbsd.com-encrypted-key.pem
# cp demoCA/cacert.pem ./testbsd.com-CAcert.pem
# cp demoCA/private/cakey.pem ./testbsd.com-encrypted-CAkey.pem
# openssl rsa -in ns1.testbsd.com-encrypted-key.pem -out ns1.testbsd.com-unencrypted-key.pem
# chmod 400 ns1.testbsd.com-unencrypted-key.pem
# openssl x509 -in testbsd.com-CAcert.pem -inform PEM -out testbsd.com-CAcert.cer -outform DER
# uuencode testbsd.com-CAcert.cer testbsd.com-CAcert.cer | mail -s "Subject" admin@testbsd.com
# ls
CA.pl ns1.testbsd.com-encrypted-key.pem
demoCA ns1.testbsd.com-unencrypted-key.pem
newcert.pem testbsd.com-CAcert.cer
newkey.pem testbsd.com-CAcert.pem
newreq.pem testbsd.com-encrypted-CAkey.pem
ns1.testbsd.com-cert.pem
一、Generate a Certificate Request for CA Submission
# 確認版本
# openssl version
OpenSSL 1.0.1p-freebsd 9 Jul 2015
# cp /usr/local/openssl/openssl.cnf.sample /usr/local/openssl/openssl.cnf
# cd /usr/local/openssl
# mkdir CA
# cp misc/CA.pl CA
# cd CD
# ./CA.pl -newreq
按照問題回答:
Generating a 1024 bit RSA private key
...................................++++++
...++++++
writing new private key to 'newkey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
.
.
Country Name (2 letter code) [AU]:TW
State or Province Name (full name) [Some-State]:Taiwan
Locality Name (eg, city) []:Taoyuan
Organization Name (eg, company) [Internet Widgits Pty Ltd]:TestSBD
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:ns1.testbsd.com
Email Address []:admin@testbsd.com
.
.
二、Create a Self-Signed SSL Certificate
# cd /usr/local/openssl
# mkdir SSL
# cp misc/CA.pl SSL
# cd /usr/local/openssl/SSL
# ./CA.pl -newca
.
.
Making CA certificate ...
Generating a 1024 bit RSA private key
...............++++++
........++++++
.
.
Country Name (2 letter code) [AU]:TW
State or Province Name (full name) [Some-State]:Taiwan
Locality Name (eg, city) []:Taoyuan
Organization Name (eg, company) [Internet Widgits Pty Ltd]:TestBSD
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:ns1.testbsd.com
Email Address []:admin@testbsd.com
.
.
Certificate Details:
Serial Number: 12485983489805965089 (0xad471fd49546d721)
Validity
Not Before: Mar 14 11:34:09 2016 GMT
Not After : Mar 14 11:34:09 2019 GMT
Subject:
countryName = TW
stateOrProvinceName = Taiwan
organizationName = TestBSD
organizationalUnitName = IT
commonName = ns1.testbsd.com
emailAddress = admin@testbsd.com
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:07:10:E3:51:2E:3F:27:07:68:89:19:69:55:5B:C1:2B:47:EE:38
X509v3 Authority Key Identifier:
keyid:E1:07:10:E3:51:2E:3F:27:07:68:89:19:69:55:5B:C1:2B:47:EE:38
X509v3 Basic Constraints:
CA:TRUE
Certificate is to be certified until Mar 14 11:34:09 2019 GMT (1095 days)
.
.
# ./CA.pl -newreq
.
.
過程同上
.
.
# ./CA.pl -signreq
.
.
過程同上
.
.
Certificate is to be certified until Mar 14 11:39:08 2017 GMT (365 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
# cp newcert.pem ns1.testbsd.com-cert.pem
# cp newkey.pem ns1.testbsd.com-encrypted-key.pem
# cp demoCA/cacert.pem ./testbsd.com-CAcert.pem
# cp demoCA/private/cakey.pem ./testbsd.com-encrypted-CAkey.pem
# openssl rsa -in ns1.testbsd.com-encrypted-key.pem -out ns1.testbsd.com-unencrypted-key.pem
# chmod 400 ns1.testbsd.com-unencrypted-key.pem
# openssl x509 -in testbsd.com-CAcert.pem -inform PEM -out testbsd.com-CAcert.cer -outform DER
# uuencode testbsd.com-CAcert.cer testbsd.com-CAcert.cer | mail -s "Subject" admin@testbsd.com
# ls
CA.pl ns1.testbsd.com-encrypted-key.pem
demoCA ns1.testbsd.com-unencrypted-key.pem
newcert.pem testbsd.com-CAcert.cer
newkey.pem testbsd.com-CAcert.pem
newreq.pem testbsd.com-encrypted-CAkey.pem
ns1.testbsd.com-cert.pem
訂閱:
文章 (Atom)