Tencent Cloud Server Linux Development Environment Construction Notes

Basic console configuration

Tencent Cloud's instructions are still very detailed and popular, and the link is attached below:

Tencent Cloud official document platform

1. Select the installation system

System installation

I chose the latest CentOS7.5 here, and waited about 10 minutes for the system to be installed.

2. Change password & use SSH key

We first change the initial password, but in addition to the password login method, there is a more convenient and safe way to log in using SSH keys.

Create SSH key

Create key

Here choose to create a key, and then choose to create a new key pair. Enter the key name to confirm, then a download prompt will pop up, please download within 10 minutes (Save it and use it later).

Key binding server

Select the key you just created, click Bind Instance, select your own server and confirm, and then follow the prompts.

3. Create Security Group

We can configure security groups to control which ports can be accessed from the external network.

Create a security group


New Security Group

I chose the default template of the system here, if necessary, you can also modify the rules.

After configuring the security group, click Manage instance on the right → Add Association → Select your own server to confirm the association.

Remote Connection

We use PuTTY to connect to the cloud server:

1. Install PuTTY

Download PuTTY

After installing PuTTY, you can see these two software:

Screenshots

Next we will use these two software.

2. Key Conversion

Open PuTTYgen, load the key file we downloaded earlier, and then enter the key name in the key comment field, enter the password for the encrypted private key, click [Save private key], and select the place to save it in the pop-up window.


Screenshots

Screenshots

3. Connect to the server

Open PuTTY, and then operate as shown:

Screenshots

Find the SSH → Auth option as shown in the figure above, and load the key converted with PuTTYgen just now

Screenshots

Then click Seesion to enter the IP address of the cloud server, click Save to save it for direct access next time, and finally click Open to open it.

Screenshots

Direct input: root to log in to the server remotely.

Update system and software

yum update -y

The system installed by Tencent Cloud comes with software such as net-tools and vim, which is not installed here. If not, it is recommended to install it.

yum install vim
yum install net-tools

node installation

1. Add source

curl -sL https://rpm.nodesource.com/setup_10.x | bash -

2. Installation

yum install nodejs -y

3. Install cnpm

npm install -g cnpm --registry=https://registry.npm.taobao.org

Reference: https://github.com/nodesource/distributions

nginx installation

1. Add source

Create a file:

vim /etc/yum.repos.d/nginx.repo

Add the following content:

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key

Reference: http://nginx.org/en/linux_packages.html

2. Installation

yum install nginx -y

3. Run

nginx

At this point, you can enter your cloud server ip address in the browser to see if there is any response. If it is displayed, congratulations you can proceed to the next configuration. If not, check whether nginx is installed successfully, whether the server firewall is closed, and whether the security group is configured properly.

4. Common commands

// 启动
nginx
systemctl start nginx.service

// 停止
nginx -s stop  // 立即停止
nginx -s quit  // 从容停止
killall nginx  // 杀死进程
systemctl stop nginx.service

// 重启
systemctl restart nginx.service

// 重新载入配置
nginx -s reload

// 查看进程
ps aux | grep nginx

// 查看开启的端口
netstat -tlnp

mongodb installation

1. Add source

create a new file:

vim /etc/yum.repos.d/mongodb-org-4.0.repo

Add the following content:

[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc

2. Installation

yum install -y mongodb-org

3. Common commands

service mongod start  // 启动
service mongod stop  // 关闭
service mongod restart  // 重启
chkconfig mongod on  // 验证是否启动

// centos7 建议使用如下命令
systemctl start mongod.service  // 启动
cat /var/log/mongodb/mongod.log  // 验证是否成功启动
ystemctl enable mongod.service  // 设置开机启动
systemctl stop mongod.service  // 关闭
systemctl restart mongod.service  // 重启

Official website description

server configuration

1. Create a new directory

/data Create the following directory under the directory:

  • www/blog Used to store blog site files
  • mongo/db Used to store database files
  • mongo/log Used to store database log files

mongo/logNew directory mongod.logfile

2. nginx configuration

Create a new user www, and let nginx also use this user:

groupadd www  // 创建用户

chown www:www /data  // 添加用户权限

Open the main nginx configuration file:

vim /etc/nginx/nginx.conf

Make the following changes:

user  www;  // 默认用户修改为 www
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

Open the nginx server configuration file:

vim /etc/nginx/conf.d/default.conf

Make the following changes:

server {
    listen       80;
    server_name  localhost;

    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /data/www;  // 网站文件存放目录
        index  index.html index.htm;
        proxy_set_header host $host;  // 重定义请求头host为转发的host
        proxy_pass http://localhost:3000/;  // 端口转发
        proxy_cookie_domain localhost xxx.xxx.xxx.xxx;  // 使转发的cookie到新的域名
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

Pay attention to the three configurations above:

proxy_set_header host $host;
proxy_pass http://localhost:3000/;
proxy_cookie_domain localhost xxx.xxx.xxx.xxx; 

Because the blog project will use node as the server program, it will occupy port 3000, and the client cannot access port 3000 of the server, so it needs to be forwarded with nginx.

After nginx forward, it will be the first request localhost:3000, which we do not want to allow customers to see, so the need proxy_set_header host $host;to request headers to our domain.

Our website will be stored in the client some of the cookie, this also needs to be redefined, otherwise the client will not receive these cookie, use here proxy_cookie_domain localhost xxx.xxx.xxx.xxx;will reposition the cookie, xxx.xxx.xxx.xxxis our domain.

After completing the above configuration, we enter the following command to reload the configuration items:

nginx -s reload

3. Database configuration

Open the mongodb configuration file:

vim /etc/mongod.conf

Make the following configuration:

# mongod.conf

# for documentation of all options, see:
#   http://docs.mongodb.org/manual/reference/configuration-options/

# where to write logging data.
systemLog:
  destination: file
  logAppend: true
  path: /data/mongo/log/mongod.log  // log文件位置

# Where and how to store data.
storage:
  dbPath: /data/mongo/db  // 数据存储目录
  journal:
    enabled: true
#  engine:
#  mmapv1:
#  wiredTiger:

# how the process runs
processManagement:
  fork: true  # fork and run in background
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
  timeZoneInfo: /usr/share/zoneinfo

# network interfaces
net:
  port: 27017
  bindIp: 0.0.0.0  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.

# security:

#operationProfiling:

#replication:

#sharding:

## Enterprise-Only Options

#auditLog:

#snmp:

After saving, give /data/mongoand all files in subdirectories add users: mongod

chown -R mongod:mongod mongo

Now enter the command to run the database:

systemctl start mongod.service

If an error, lack pid file, enter the directory /var/run/mongodbnew filemongod.pid

touch mongod.pid

Just restart the database:

systemctl restart mongod.service

4. Add users to the database and enable authentication

Connect to the database:

mongo

Add user:

// 超级管理员
use admin

db.createUser({
  user: 'root',  // 用户名
  pwd: 'password',  // 密码
  roles:[{
    role: 'root',
    db: 'admin'
  }]
})

use blog  // 创建数据库 blog,并切换到 blog

// blog管理员,用于创建集合,管理数据库,添加删除blog用户等的操作
db.createUser({
  user: 'blogadmin',
  pwd: 'password',
  roles:[{
    role: 'dbOwner',
    db: 'blog'
  }]
})


// blog用户,用户端用于连接数据库的用户,只有读写操作的权限
db.createUser({
  user: 'blog',
  pwd: 'password',
  roles:[{
    role: 'readWrite',
    db: 'blog'
  }]
})

Open the configuration file:

vim /etc/mongod.conf

Find the following statement and modify it:

# security:

// 修改为:
security:
  authorization: enabled  // 开启验证

I wanted to remotely use visualization software to connect to the database, but I tried several online methods and failed. However, a few pieces of data can be obtained through the command line. Many pieces of data can be obtained by my stupid method: write the js file locally, and then Upload to the server and run node.

5. Upload files

Download and install WinSCP:

WinSCP download address

New site:

WinSCP

Choose Advanced, add our SSH key, fill in the server's IP address, and the server's username and save it. Select the saved site in the list on the left and log in.

Just drag our packaged files into the corresponding directory on the right side: (note that some links should be changed to our current server ip or domain name when packaging)

Screenshots

In PuTTY into the directory /data/www/blogenter the command setup project dependencies:

npm i  // 或者 cnpm i

After the installation is complete, run:

node index.js

Then enter the server IP in the browser, then you can visit our website normally.

Original address: http://tencent.yundashi168.com/868.html