#!/bin/bash # Rocky Linux 9 - 테스트 서버용 공통 설치 스크립트 # Apache + FTP + Vim # WebRoot = /home/$USER/www # Forbidden 방지 (권한 + SELinux + welcome.conf) set -euo pipefail WEB_USER="$USER" WEB_HOME="$(eval echo "~$WEB_USER")" WEB_ROOT="$WEB_HOME/www" APACHE_CONF="/etc/httpd/conf.d/${WEB_USER}.conf" PHP_CONF="/etc/httpd/conf.d/10-php-${WEB_USER}.conf" ######################################## # 오류 발생 시 Apache 설정 롤백 ######################################## cleanup() { EXIT_CODE=$? if [ $EXIT_CODE -ne 0 ]; then echo "❌ 오류 발생 ($EXIT_CODE) – Apache 설정 롤백" sudo rm -f "$APACHE_CONF" "$PHP_CONF" sudo systemctl restart httpd 2>/dev/null || true fi exit $EXIT_CODE } trap cleanup EXIT echo "▶ 설치 사용자 : $WEB_USER" echo "▶ 웹 루트 : $WEB_ROOT" ######################################## # 시스템 업데이트 / 필수 패키지 ######################################## sudo dnf -y update sudo dnf -y install \ vim curl wget tar \ httpd vsftpd \ policycoreutils-python-utils ######################################## # firewalld 비활성화 ######################################## sudo systemctl stop firewalld 2>/dev/null || true sudo systemctl disable firewalld 2>/dev/null || true ######################################## # Apache 기본 Welcome 페이지 제거 ######################################## if [ -f /etc/httpd/conf.d/welcome.conf ]; then sudo mv /etc/httpd/conf.d/welcome.conf \ /etc/httpd/conf.d/welcome.conf.disabled echo "✓ welcome.conf 비활성화" fi ######################################## # WebRoot 생성 ######################################## mkdir -p "$WEB_ROOT" ######################################## # ★ 권한 설정 (403 방지 핵심) ######################################## # 홈 디렉토리는 execute 권한 필요 chmod 711 "$WEB_HOME" # Apache가 webroot에 접근 가능해야 함 chown -R apache:apache "$WEB_ROOT" chmod 755 "$WEB_ROOT" find "$WEB_ROOT" -type d -exec chmod 755 {} \; find "$WEB_ROOT" -type f -exec chmod 644 {} \; ######################################## # 기본 index.html (없을 경우) ######################################## if [ ! -f "$WEB_ROOT/index.html" ] && [ ! -f "$WEB_ROOT/index.php" ]; then tee "$WEB_ROOT/index.html" >/dev/null < Rocky Linux Test Server

✅ Apache 정상 동작

WebRoot: $WEB_ROOT

EOF chown apache:apache "$WEB_ROOT/index.html" fi ######################################## # Apache VirtualHost ######################################## sudo tee "$APACHE_CONF" >/dev/null < ServerAdmin webmaster@localhost DocumentRoot $WEB_ROOT Options -Indexes +FollowSymLinks AllowOverride All Require all granted ErrorLog /var/log/httpd/${WEB_USER}-error.log CustomLog /var/log/httpd/${WEB_USER}-access.log combined EOF ######################################## # PHP 연동 설정 (php-fpm 설치 후 사용) ######################################## sudo tee "$PHP_CONF" >/dev/null <<'EOF' SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost" EOF ######################################## # SELinux 컨텍스트 (홈 디렉토리 웹 허용) ######################################## sudo semanage fcontext -a -t httpd_sys_content_t "${WEB_ROOT}(/.*)?" sudo restorecon -Rv "$WEB_HOME" ######################################## # Apache / FTP 활성화 ######################################## sudo systemctl enable --now httpd sudo systemctl enable --now vsftpd ######################################## # SELinux - Apache 통합 허용 ######################################## sudo setsebool -P httpd_unified 1 ######################################## # 완료 메시지 ######################################## IP_ADDR=$(hostname -I | awk '{print $1}') echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "✅ 테스트 서버 설정 완료" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "✔ WebRoot : $WEB_ROOT" echo "✔ 홈 디렉토리 기반 웹 서비스" echo "✔ SELinux / 권한 / Forbidden 해결" echo "" echo "🌐 접속 주소" echo " http://$IP_ADDR/" echo ""