堂-DayDayUP VIM Linux Life
堂-DayDayUP
VIM Linux Life

行车安全部署-备忘

已发表 -更新 
环境要求:CentOS7、MYSQL 5.7、SUPERVISOR、JAVA1.8及以上、NGINX、REDIS

# 1、前期准备
## 1.1 系统环境
域名解析正常、IP地址:static、onboot、检查时区、date
## 1.2 系统配置
```shell
# 安装wget
yum install -y wget
# 更换阿里云镜像源
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
# 安装epel源
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

# 更新
yum update -y
# 重启
reboot
```
## 1.3 安装软件包
```shell
yum install -y lrzsz unzip net-tools bash-completion supervisor chrony nginx redis java-1.8.0-openjdk


# 配置开机启动
systemctl enable nginx 
systemctl enable supervisord
systemctl enable redis
systemctl enable chronyd


# 若不需要防火墙则关闭
systemctl stop firewalld
systemctl disable firewalld
```
# 2、 应用部署
## 2.1 mysql安装配置
```shell
cat > /etc/yum.repos.d/mysql-community.repo <<EOF
[mysql-connectors-community]
name=MySQL Connectors Community
baseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-connectors-community-el7-\$basearch/
enabled=1
gpgcheck=1
gpgkey=https://repo.mysql.com/RPM-GPG-KEY-mysql

[mysql-tools-community]
name=MySQL Tools Community
baseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-tools-community-el7-\$basearch/
enabled=1
gpgcheck=1
gpgkey=https://repo.mysql.com/RPM-GPG-KEY-mysql

[mysql-5.6-community]
name=MySQL 5.6 Community Server
baseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-5.6-community-el7-\$basearch/
enabled=0
gpgcheck=1
gpgkey=https://repo.mysql.com/RPM-GPG-KEY-mysql

[mysql-5.7-community]
name=MySQL 5.7 Community Server
baseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-5.7-community-el7-\$basearch/
enabled=1
gpgcheck=1
gpgkey=https://repo.mysql.com/RPM-GPG-KEY-mysql

[mysql-8.0-community]
name=MySQL 8.0 Community Server
baseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-8.0-community-el7-\$basearch/
enabled=0
gpgcheck=1
gpgkey=https://repo.mysql.com/RPM-GPG-KEY-mysql
EOF
```
```shell
yum install -y mysql-community-server
# 启动mysql
systemctl start mysqld

# 查看临时密码
grep "password" /var/log/mysqld.log

# 添加sqlmode
vi /etc/my.cnf
mysql5.7
sql_mode = STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

mysql8.0 
sql_mode=STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION
url: jdbc:mysql://192.168.100.124:3306/safept?characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true

systemctl restart mysqld
# 登录数据库密码修改密码
mysql -uroot -p
# 注意密码长度和字符要求
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'Passw0rd.';

# 刷新
mysql> flush privileges;
```
## 2.2 数据库配置
```shell
mysql> use mysql;

mysql> CREATE DATABASE  `safept` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

mysql> CREATE USER 'safept'@'%' IDENTIFIED BY 'Safept@123';

mysql> GRANT ALL PRIVILEGES ON safept.* to safept;

mysql> exit

mysql -usafe -p
mysql> use safept;
mysql> source /root/safept.sql

```
## 2.3 用户配置
```shell
# 创建用户
useradd safe

# nginx加入safe用户组
usermod -G nginx safe

# 修改目录权限
chmod 710 safe

su  - safe
上传 safe-pt-0.0.1-SNAPSHOT.jar

mkdir front logs
cd front

上传dist.zip
unzip dist.zip


```
## 2.4 redis配置
```shell
# 设置密码 取消注释
vi /etc/redis.conf
requirepass   password.

systemctl start redis
```
## 2.5 supervisor配置
```shell
vi /etc/supervisord.d/safept-prod.ini

[program: safept-prod]
directory = /home/safe ; 程序的启动目录
command = java -jar safe-pt-0.0.1-SNAPSHOT.jar --spring.profiles.active=prod ; 启动命令,与命令行启动的命令是一样的
autostart = true     ; 在 supervisord 启动的时候也自动启动
startsecs = 15       ; 启动 5 秒后没有异常退出,就当作已经正常启动了
autorestart = true   ; 程序异常退出后自动重启
startretries = 5     ; 启动失败自动重试次数,默认是 3
user = safe          ; 用哪个用户启动
redirect_stderr = true  ; 把 stderr 重定向到 stdout,默认 false
stdout_logfile_maxbytes = 20MB  ; stdout 日志文件大小,默认 50MB
stdout_logfile_backups = 5     ; stdout 日志文件备份数
; stdout 日志文件,需要注意当指定目录不存在时无法正常启动,所以需要手动创建目录(supervisord 会自动创建日志文件)
stdout_logfile = /home/safe/logs/safept_stdout.log ;日志统一放在log目录下
stopasgroup = true
killasgroup = true

# 启动supervisor
systemctl start supervisord
# 检查程序运行情况
supervisorctl status all
```
## 2.6 nginx配置
```shell

server {
    listen       80;
    root  /home/safe/front/dist;
    client_max_body_size 500M;

        proxy_http_version  1.1;
        location /safept {
        rewrite ^/safept/(.*) /api/safept/$1 break;
        proxy_pass http://127.0.0.1:8060;
        proxy_set_header Host $host;
        #proxy_set_header X-Real-IP $remote_addr; #保留代理之前的真实客户端ip
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #记录代理过程
        #proxy_ssl_server_name  on;
              }
        location /buswash {
        rewrite ^/buswash/(.*) /buswash/$1 break;
        proxy_pass http://127.0.0.1:8896;
        proxy_set_header Host $host;
        #proxy_set_header X-Real-IP $remote_addr; #保留代理之前的真实客户端ip
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #记录代理过程      
        #proxy_http_version  1.1;
        #proxy_ssl_server_name  on;
                 }
        location /download {
        root  /home/safe/front/dist;
        autoindex on;
        autoindex_exact_size off;
        autoindex_localtime on;
        }
        location / {  
           index  index.html;
         }
           #防止浏览器缓存该页面,导致每次前端发版都需要清除缓存
         location ~ .*\.(htm|html)?$ {
         add_header Cache-Control "no-cache";
         }
         }
         
         
# 启动nginx
systemctl start nginx
# 配置文件检查
nginx -t 
# 重新加载
nginx -s reload
```