【RHCE-第三天作业】
文章目录
- 综合练习:请给openlab搭建web网站
- 一、准备工作
- 二、搭建web网站
- 三、测试
综合练习:请给openlab搭建web网站
网站需求:
1.基于域名www.openlab.com可以访问网站内容为 welcome to openlab!!!
2.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站,基于
www.openlab.com/student 网站访问学生信息,
www.openlab.com/data 网站访问教学资料,
www.openlab.com/money 网站访问缴费网站。
3.要求
(1)学生信息网站只有song和tian两人可以访问,其他用户不能访问。
(2)访问缴费网站实现数据加密基于https访问。
一、准备工作
1.安装yum源
[root@localhost ~]# mount /dev/cdrom /mnt/cdrom
[root@localhost ~]# vim /etc/yum.repos.d/rhel8.repo
[RHEL8-BaseOS]
name=RHEL8-BaseOS
baseurl=file:///mnt/cdrom/BaseOS
gpgcheck=0
#gpgcheck=1 #如果gpgcheck为1,需要写秘钥文件路径
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
[RHEL8-AppStream]
name=RHEL8-AppStream
baseurl=file:///mnt/cdrom/AppStream
gpgcheck=0
#gpgcheck=1
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
2.安装httpd、mod_ssl
yum install httpd
yum install mod_ssl
3.关闭防火墙和selinux
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
4.开启httpd服务
[root@localhost ~]# systemctl start httpd
二、搭建web网站
1.编写配置文件(/etc/httpd/conf.d/自己命名.conf),我这里使用www.openlab.com.conf
[root@localhost ~]# vim /etc/httpd/conf.d/www.openlab.com.conf
<Directory /www>
AllowOverride none
Require all granted
</Directory>
<VirtualHost 192.168.229.136>
DocumentRoot /www/openlab
ServerName www.openlab.com
</VirtualHost>
<VirtualHost 192.168.229.136:443>
DocumentRoot /www/openlab/money
Alias /money /www/openlab/money
ServerName www.openlab.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
</VirtualHost>
<Directory /www/openlab/student>
AuthType Basic
AuthName "Please login:..."
AuthUserFile /etc/httpd/user
Require user song tian
</Directory>
2.创建符合要求的相关文件与路径
[root@localhost conf.d]# vim userdir.conf #注释17行,释放24行
[root@localhost conf.d]# cd
[root@localhost ~]# mkdir /www/openlab -pv
mkdir: created directory '/www'
mkdir: created directory '/www/openlab'
[root@localhost ~]# echo welcome to openlab!!! > /www/open/index.html
[root@localhost ~]# ll /www/openlab
total 4
-rw-r--r--. 1 root root 39 Aug 30 07:08 index.html
[root@localhost ~]# mkdir /www/openlab/{student,data,money} -pv
mkdir: created directory '/www/openlab/student'
mkdir: created directory '/www/openlab/data'
mkdir: created directory '/www/openlab/money'
[root@localhost ~]# echo this is student.com > /www/openlab/student/index.html
[root@localhost ~]# echo this is data.com > /www/openlab/data/index.html
[root@localhost ~]# echo this is money.com > /www/openlab/money/index.html
3.配置各用户的密码
[root@localhost ~]# cd /etc/httpd/conf.d/
[root@localhost conf.d]# htpasswd /etc/httpd/user song
New password:
Re-type new password:
Adding password for user song
[root@localhost conf.d]# htpasswd /etc/httpd/user tian
New password:
Re-type new password:
Adding password for user tian
4.重启httpd服务
[root@localhost ~]# systemctl restart httpd
5.做认证
[root@localhost tls]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout /etcvate/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt
Generating a RSA private key
....++++
.................................++++
writing new private key to '/etc/pki/tls/private/localhost.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shannxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:openlab
Organizational Unit Name (eg, section) []:ce
Common Name (eg, your name or your server's hostname) []:localhost
Email Address []:123456
[root@localhost tls]# cd
[root@localhost ~]# systemctl restart httpd
三、测试