AJout de contenu ...à mettre en forme
This commit is contained in:
parent
6feb91da4a
commit
40adbd768e
|
@ -18,7 +18,7 @@
|
||||||
<link rel="stylesheet" href="reveal.js/css/theme/beige.css" id="theme">
|
<link rel="stylesheet" href="reveal.js/css/theme/beige.css" id="theme">
|
||||||
|
|
||||||
<!-- Theme used for syntax highlighting of code -->
|
<!-- Theme used for syntax highlighting of code -->
|
||||||
<link rel="stylesheet" href="reveal.js/lib/css/zenburn.css">
|
<link rel="sftylesheet" href="reveal.js/lib/css/zenburn.css">
|
||||||
|
|
||||||
<!-- Printing and PDF exports -->
|
<!-- Printing and PDF exports -->
|
||||||
<script>
|
<script>
|
||||||
|
@ -57,6 +57,8 @@
|
||||||
<pre><code data-trim class="hljs nohighlight">
|
<pre><code data-trim class="hljs nohighlight">
|
||||||
# apt install apache2-mpm-itk \
|
# apt install apache2-mpm-itk \
|
||||||
libapache2-mod-evasive apachetop libwww-perl
|
libapache2-mod-evasive apachetop libwww-perl
|
||||||
|
|
||||||
|
# apachectl configtest
|
||||||
</code></pre>
|
</code></pre>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
@ -106,14 +108,14 @@
|
||||||
MinSpareServers 20
|
MinSpareServers 20
|
||||||
MaxSpareServers 30
|
MaxSpareServers 30
|
||||||
MaxRequestsPerChild 100
|
MaxRequestsPerChild 100
|
||||||
<Directory /home/>
|
<Directory /home/>
|
||||||
AllowOverride None
|
AllowOverride None
|
||||||
Require all granted
|
Require all granted
|
||||||
</Directory>
|
</Directory>
|
||||||
<IfModule mod_ssl.c>
|
<IfModule mod_ssl.c>
|
||||||
SSLProtocol all -SSLv2 -SSLv3
|
SSLProtocol all -SSLv2 -SSLv3
|
||||||
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
|
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
|
||||||
</IfModule>
|
</IfModule>
|
||||||
</code></pre>
|
</code></pre>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
@ -138,15 +140,15 @@ umask 007
|
||||||
<h4>VirtualHost basé sur un nom de domaine</h4>
|
<h4>VirtualHost basé sur un nom de domaine</h4>
|
||||||
<!-- Je n'ai pas trouvé le moyen d'avoir du code à balise qui soit proprement affiché tout en conservant le texte brut intacte. -->
|
<!-- Je n'ai pas trouvé le moyen d'avoir du code à balise qui soit proprement affiché tout en conservant le texte brut intacte. -->
|
||||||
<pre><code data-trim class="hljs nohighlight" style="max-height: 600px">
|
<pre><code data-trim class="hljs nohighlight" style="max-height: 600px">
|
||||||
<VirtualHost *:80>
|
<VirtualHost *:80>
|
||||||
ServerName www.example.com
|
ServerName www.example.com
|
||||||
ServerAlias example.com
|
ServerAlias example.com
|
||||||
|
|
||||||
DocumentRoot /home/example/www/
|
DocumentRoot /home/example/www/
|
||||||
<Directory /home/example/www/>
|
<Directory /home/example/www/>
|
||||||
Options SymLinksIfOwnerMatch
|
Options SymLinksIfOwnerMatch
|
||||||
AllowOverride AuthConfig Limit FileInfo Indexes
|
AllowOverride AuthConfig Limit FileInfo Indexes
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
AssignUserID www-example example
|
AssignUserID www-example example
|
||||||
MaxClientsVHost 150
|
MaxClientsVHost 150
|
||||||
|
@ -159,7 +161,7 @@ umask 007
|
||||||
UseCanonicalName On
|
UseCanonicalName On
|
||||||
RewriteCond %{HTTP_HOST} !^www.example.com$
|
RewriteCond %{HTTP_HOST} !^www.example.com$
|
||||||
RewriteRule ^/(.*) http://%{SERVER_NAME}/$1 [L,R]
|
RewriteRule ^/(.*) http://%{SERVER_NAME}/$1 [L,R]
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
</code></pre>
|
</code></pre>
|
||||||
|
|
||||||
</section>
|
</section>
|
||||||
|
@ -206,7 +208,7 @@ umask 007
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
<h4>Attention !</h4>
|
<h4>Attention !</h4>
|
||||||
<p><strong>Ne jamais forcer les droits<br>récursivement sur toute l’arborescence.</strong></p>
|
<p><strong>Ne jamais forcer les droits<br>récursivement sur toute l’arborescence.</strong> #NEVER777</p>
|
||||||
<p>Si la restriction en écriture pour Apache est impossible :</p>
|
<p>Si la restriction en écriture pour Apache est impossible :</p>
|
||||||
<ul>
|
<ul>
|
||||||
<li>plus d’utilisateur distinct</li>
|
<li>plus d’utilisateur distinct</li>
|
||||||
|
@ -337,7 +339,7 @@ RewriteRule ^/foo.txt [L,F]
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
<h3>Apachetop</h3>
|
<h3>Apachetop</h3>
|
||||||
Affiche en direct des stats sur le traffic, d'après les logs.
|
Affiche en direct des stats sur le trafic, d'après les logs.
|
||||||
<pre><code data-trim class="hljs nohighlight">
|
<pre><code data-trim class="hljs nohighlight">
|
||||||
$ apachetop -f access.log -T 3600 -q
|
$ apachetop -f access.log -T 3600 -q
|
||||||
</code></pre>
|
</code></pre>
|
||||||
|
@ -370,16 +372,100 @@ RewriteRule ^/foo.txt [L,F]
|
||||||
<section>
|
<section>
|
||||||
<h3>Installation</h3>
|
<h3>Installation</h3>
|
||||||
<pre><code data-trim class="hljs nohighlight">
|
<pre><code data-trim class="hljs nohighlight">
|
||||||
# aptitude install nginx
|
# apt install nginx
|
||||||
# nginx -v
|
|
||||||
|
# nginx -t -c /etc/nginx/nginx.conf
|
||||||
</code>
|
</code>
|
||||||
nginx version: nginx/1.10.3
|
|
||||||
</pre>
|
</pre>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
https://wiki.evolix.org/HowtoNginx
|
<h3>Fichiers de configuration</h3>
|
||||||
|
<pre>
|
||||||
|
/etc/nginx/
|
||||||
|
├── conf.d
|
||||||
|
├── fastcgi.conf
|
||||||
|
├── fastcgi_params
|
||||||
|
├── koi-utf
|
||||||
|
├── koi-win
|
||||||
|
├── mime.types
|
||||||
|
├── nginx.conf
|
||||||
|
├── proxy_params
|
||||||
|
├── scgi_params
|
||||||
|
├── sites-available
|
||||||
|
│ └── default
|
||||||
|
├── sites-enabled
|
||||||
|
│ └── default -> /etc/nginx/sites-available/default
|
||||||
|
├── snippets
|
||||||
|
│ ├── fastcgi-php.conf
|
||||||
|
│ └── snakeoil.conf
|
||||||
|
├── uwsgi_params
|
||||||
|
└── win-utf
|
||||||
|
</pre>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
<section>
|
||||||
|
<h3>Optimisations "Evolix"</h3>
|
||||||
|
<pre><code data-trim style="max-height: 500px">
|
||||||
|
user www-data;
|
||||||
|
worker_processes 8;
|
||||||
|
pid /var/run/nginx.pid;
|
||||||
|
|
||||||
|
events {
|
||||||
|
use epoll;
|
||||||
|
worker_connections 10240;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
keepalive_timeout 15;
|
||||||
|
[...]
|
||||||
|
|
||||||
|
# disable Nginx version
|
||||||
|
server_tokens off;
|
||||||
|
</code></pre>
|
||||||
|
</section>
|
||||||
|
|
||||||
|
<section>
|
||||||
|
<h3>VirtualHost</h3>
|
||||||
|
<pre><code data-trim class="hljs nohighlight" style="max-height: 600px">
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
server_name static.example.com assets.example.com;
|
||||||
|
access_log /var/log/nginx/access.log;
|
||||||
|
root /home/static/www;
|
||||||
|
location /crossdomain.xml {
|
||||||
|
alias /home/static/www/crossdomain.xml;
|
||||||
|
}
|
||||||
|
error_page 500 502 503 504 /50x.html;
|
||||||
|
location = /50x.html {
|
||||||
|
root /var/www/nginx-default;
|
||||||
|
}
|
||||||
|
location ~\.(jpeg|jpg|gif|png)$ {
|
||||||
|
add_header Cache-Control "public";
|
||||||
|
expires 2w;
|
||||||
|
}
|
||||||
|
location ~\.(js|pdf|css|swf)$ {
|
||||||
|
add_header Cache-Control "public";
|
||||||
|
expires 3w;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</code></pre>
|
||||||
|
</section>
|
||||||
|
|
||||||
|
<section>
|
||||||
|
<pre><code data-trim class="hljs nohighlight" style="max-height: 600px">
|
||||||
|
server {
|
||||||
|
listen 443;
|
||||||
|
server_name static.example.com assets.example.com;
|
||||||
|
|
||||||
|
ssl on;
|
||||||
|
ssl_certificate /etc/ssl/certs/static.example.com.crt;
|
||||||
|
ssl_certificate_key /etc/ssl/private/static.example.com.key;
|
||||||
|
#add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
|
||||||
|
}
|
||||||
|
</code></pre>
|
||||||
|
</section>
|
||||||
|
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
|
@ -392,10 +478,9 @@ https://wiki.evolix.org/HowtoNginx
|
||||||
<h3>Installation</h3>
|
<h3>Installation</h3>
|
||||||
<pre><code data-trim class="hljs nohighlight">
|
<pre><code data-trim class="hljs nohighlight">
|
||||||
# apt install haproxy
|
# apt install haproxy
|
||||||
# varnishd -v
|
|
||||||
|
# haproxy -c -f /etc/haproxy/haproxy.cfg
|
||||||
</code>
|
</code>
|
||||||
HA-Proxy version 1.7.5-2 2017/05/17
|
|
||||||
Copyright 2000-2017 Willy Tarreau <willy@haproxy.org>
|
|
||||||
</pre>
|
</pre>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
@ -423,7 +508,7 @@ listen www
|
||||||
<h3>Configuration avancée</h3>
|
<h3>Configuration avancée</h3>
|
||||||
<ul>
|
<ul>
|
||||||
<li>gestion fine des performances</li>
|
<li>gestion fine des performances</li>
|
||||||
<li>multiples IP/domaines écoutés</li>
|
<li>multiples IP/domaines</li>
|
||||||
<li>différents algorithmes de load-balancing</li>
|
<li>différents algorithmes de load-balancing</li>
|
||||||
</ul>
|
</ul>
|
||||||
</section>
|
</section>
|
||||||
|
@ -479,11 +564,7 @@ listen mysql 127.0.0.1:3306
|
||||||
<h3>Installation</h3>
|
<h3>Installation</h3>
|
||||||
<pre><code data-trim class="hljs nohighlight">
|
<pre><code data-trim class="hljs nohighlight">
|
||||||
# apt install varnish
|
# apt install varnish
|
||||||
# varnishd -V
|
|
||||||
</code>
|
</code>
|
||||||
varnishd (varnish-4.0.2 revision bfe7cd1)
|
|
||||||
Copyright (c) 2006 Verdens Gang AS
|
|
||||||
Copyright (c) 2006-2014 Varnish Software AS
|
|
||||||
</pre>
|
</pre>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
@ -517,6 +598,28 @@ Filtres possibles
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
<h3>Syntaxe VCL</h3>
|
<h3>Syntaxe VCL</h3>
|
||||||
|
<pre><code data-trim class="hljs nohighlight">
|
||||||
|
sub vcl_recv {
|
||||||
|
if (req.http.host == "boutique.example.com") {
|
||||||
|
|
||||||
|
if (req.url ~ "^/" || req.url ~ "/newsletter" ) {
|
||||||
|
unset req.http.cookie;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
sub vcl_backend_response {
|
||||||
|
if (bereq.http.host == "boutique.example.com") {
|
||||||
|
|
||||||
|
if (bereq.url ~ "^/" || bereq.url ~ "/newsletter" ) {
|
||||||
|
unset beresp.http.Set-Cookie;
|
||||||
|
set beresp.ttl = 1h;
|
||||||
|
return (deliver);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
</section>
|
</section>
|
||||||
|
@ -527,7 +630,133 @@ Filtres possibles
|
||||||
<p>Langage de programmation très adapté au web.</p>
|
<p>Langage de programmation très adapté au web.</p>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
https://wiki.evolix.org/HowtoLAMP/PHP
|
<section>
|
||||||
|
<h2>Versions de PHP</h2>
|
||||||
|
<ul>
|
||||||
|
<li>PHP 3 (1997)</li>
|
||||||
|
<li>PHP 4 (2000)</li>
|
||||||
|
<li>PHP 5 (2004)</li>
|
||||||
|
<li>PHP 5.4 (Debian 7)</li>
|
||||||
|
<li>PHP 5.6 (Debian 8)</li>
|
||||||
|
<li>PHP 7 (Debian 9)</li>
|
||||||
|
</ul>
|
||||||
|
</section>
|
||||||
|
|
||||||
|
<section>
|
||||||
|
<h2>Installation</h2>
|
||||||
|
<pre><code data-trim class="hljs nohighlight">
|
||||||
|
# apt install php5 libapache2-mod-php5 php5-gd php5-imap php5-ldap php5-mcrypt php5-mhash php5-mysql php5-pgsql php-gettext librsvg2-bin
|
||||||
|
$ php -v
|
||||||
|
|
||||||
|
# apt install php5-fpm
|
||||||
|
|
||||||
|
php.ini
|
||||||
|
|
||||||
|
short_open_tags = Off
|
||||||
|
disable_functions = exec, shell-exec, system, passthru, putenv, popen
|
||||||
|
expose_php = Off
|
||||||
|
display_errors = Off
|
||||||
|
log_errors = On
|
||||||
|
allow_url_fopen = Off
|
||||||
|
memory_limit = 128M
|
||||||
|
max_execution_time = 10
|
||||||
|
open_basedir = /home
|
||||||
|
|
||||||
|
|
||||||
|
Délégation dans VortualHost Apache :
|
||||||
|
|
||||||
|
#php_admin_flag engine off
|
||||||
|
#AddType text/html .html
|
||||||
|
#php_admin_flag safe_mode off
|
||||||
|
#php_admin_value safe_mode_exec_dir /usr/bin
|
||||||
|
#php_admin_flag display_errors on
|
||||||
|
#php_flag short_open_tag on
|
||||||
|
#php_flag register_globals on
|
||||||
|
#php_admin_value upload_tmp_dir "/home/bloginfo/tmp/
|
||||||
|
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f www-bloginfo"
|
||||||
|
php_admin_value error_log "/home/bloginfo/log/php.log"
|
||||||
|
php_admin_value memory_limit "64M"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
fpm/php-fpm.conf
|
||||||
|
|
||||||
|
[global]
|
||||||
|
pid = /run/php5-fpm.pid
|
||||||
|
error_log = /var/log/php5-fpm.log
|
||||||
|
|
||||||
|
|
||||||
|
fpm/pool.d/www.conf
|
||||||
|
|
||||||
|
[www]
|
||||||
|
listen = /var/run/php5-fpm.sock
|
||||||
|
;listen = 127.0.0.1:9000
|
||||||
|
user = www-data
|
||||||
|
group = www-data
|
||||||
|
pm = dynamic
|
||||||
|
|
||||||
|
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f return-path@example.com
|
||||||
|
php_flag[display_errors] = off
|
||||||
|
php_admin_value[error_log] = /var/log/fpm-php.www.log
|
||||||
|
php_admin_flag[log_errors] = on
|
||||||
|
php_admin_value[memory_limit] = 32M
|
||||||
|
|
||||||
|
|
||||||
|
pm = dynamic
|
||||||
|
pm.max_children = 100
|
||||||
|
pm.start_servers = 50
|
||||||
|
pm.min_spare_servers = 20
|
||||||
|
pm.max_spare_servers = 30
|
||||||
|
pm.max_requests = 100
|
||||||
|
|
||||||
|
OU
|
||||||
|
|
||||||
|
pm = ondemand
|
||||||
|
pm.max_children = 100
|
||||||
|
pm.process_idle_timeout = 10s
|
||||||
|
|
||||||
|
|
||||||
|
slowlog = log/$pool.log.slow
|
||||||
|
request_slowlog_timeout = 5s
|
||||||
|
|
||||||
|
pm.status_path = /fpm-status
|
||||||
|
request_terminate_timeout = 60s
|
||||||
|
chroot = /home/foo
|
||||||
|
access.log = log/$pool.access.log
|
||||||
|
|
||||||
|
|
||||||
|
Avec Apache :
|
||||||
|
|
||||||
|
# a2enmod proxy_fcgi
|
||||||
|
|
||||||
|
DocumentRoot /home/foo/www/
|
||||||
|
#ProxyPassMatch "^/(.*\.php(/.*)?)$" "fcgi://127.0.0.1:9000//home/foo/www/$1"
|
||||||
|
ProxyPassMatch "^/(.*\.php(/.*)?)$" "unix:/var/run/php5-fpm.sock|fcgi://localhost/home/foo/www/"
|
||||||
|
|
||||||
|
|
||||||
|
Avec Nginx :
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
server_name www.example.com example.com;
|
||||||
|
root /home/foo/www;
|
||||||
|
index index.php;
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
try_files $uri =404;
|
||||||
|
#fastcgi_pass 127.0.0.1:9000;
|
||||||
|
fastcgi_pass unix:/var/run/php5-fpm.sock;
|
||||||
|
fastcgi_param SCRIPT_FILENAME /home/foo/www$fastcgi_script_name;
|
||||||
|
include fastcgi_params;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$ echo "<?php phpinfo() ; ?>" > /var/www/info.php
|
||||||
|
|
||||||
|
|
||||||
|
</code></pre>
|
||||||
|
</section>
|
||||||
|
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
|
|
Loading…
Reference in a new issue