#!/bin/bash # Rocky Linux 9 - 테스트 서버용 공통 설치 스크립트 # Apache + FTP + Vim + 기본 보안 완화 # PHP는 별도 스크립트에서 설치됨 set -euo pipefail WEB_USER="$USER" WEB_HOME="$(eval echo "~$WEB_USER")" WEB_ROOT="/var/www/html" APACHE_CONF="/etc/httpd/conf.d/${WEB_USER}.conf" PHP_CONF="/etc/httpd/conf.d/10-php-${WEB_USER}.conf" ######################################## # 오류 발생 시 Apache 설정만 롤백 ######################################## cleanup() { EXIT_CODE=$? if [ $EXIT_CODE -ne 0 ]; then echo "❌ 에러 발생 ($EXIT_CODE) – Apache 설정 롤백" sudo rm -f "$APACHE_CONF" sudo rm -f "$PHP_CONF" sudo systemctl restart httpd 2>/dev/null || true fi exit $EXIT_CODE } trap cleanup EXIT echo "▶ 설치 사용자 : $WEB_USER" echo "▶ 웹 루트 : $WEB_ROOT" ######################################## # 시스템 업데이트 및 필수 패키지 ######################################## sudo dnf -y update sudo dnf -y install \ vim curl wget tar \ httpd vsftpd \ policycoreutils-python-utils ######################################## # firewalld 비활성화 (외부 방화벽 사용) ######################################## sudo systemctl stop firewalld 2>/dev/null || true sudo systemctl disable firewalld 2>/dev/null || true ######################################## # 웹 루트 생성 및 Apache 기준 권한 ######################################## sudo mkdir -p "$WEB_ROOT" # Apache가 반드시 접근 가능해야 함 sudo chown -R apache:apache "$WEB_ROOT" sudo chmod 755 "$WEB_ROOT" ######################################## # 홈 디렉토리 심볼릭 링크 (~/www) ######################################## if [ -d "$WEB_HOME/www" ] && [ ! -L "$WEB_HOME/www" ]; then rm -rf "$WEB_HOME/www" fi if [ ! -L "$WEB_HOME/www" ]; then ln -s "$WEB_ROOT" "$WEB_HOME/www" echo "✓ ~/www → /var/www/html 심볼릭 링크 생성" fi ######################################## # Apache VirtualHost ######################################## sudo tee "$APACHE_CONF" >/dev/null < ServerAdmin webmaster@localhost DocumentRoot $WEB_ROOT Options -Indexes +FollowSymLinks AllowOverride All Require all granted ErrorLog /var/log/httpd/${WEB_USER}-error.log CustomLog /var/log/httpd/${WEB_USER}-access.log combined EOF ######################################## # PHP 연동 설정 (php-fpm 설치 후 활성) ######################################## sudo tee "$PHP_CONF" >/dev/null <<'EOF' # PHP 설치 스크립트에서 php-fpm.sock 생성 후 자동 사용됨 SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost" EOF ######################################## # SELinux 컨텍스트 (읽기 전용) ######################################## sudo restorecon -Rv "$WEB_ROOT" ######################################## # Apache / FTP 활성화 ######################################## sudo systemctl enable --now httpd sudo systemctl enable --now vsftpd ######################################## # SELinux: PHP/Apache 통합 허용 (테스트 서버) ######################################## sudo setsebool -P httpd_unified 1 ######################################## # 완료 메시지 ######################################## IP_ADDR=$(hostname -I | awk '{print $1}') echo "" echo "✅ 테스트 서버 공통 설정 완료" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "✔ Apache 정상 동작 (403 없음)" echo "✔ SELinux 유지" echo "✔ 웹 루트 : $WEB_ROOT" echo "✔ 심볼릭 : ~/www" echo "" echo "📌 다음 단계" echo " 1. PHP 설치 스크립트 실행" echo " 2. http://$IP_ADDR/ 접속 확인" echo " 3. 로그 : /var/log/httpd/${WEB_USER}-*.log" echo ""