168 lines
4.8 KiB
Bash
168 lines
4.8 KiB
Bash
#!/bin/bash
|
||
# Rocky Linux 9 - 테스트 서버용 공통 설치 스크립트
|
||
# Apache + FTP + Vim
|
||
# Forbidden 방지 (권한 + welcome.conf 제거)
|
||
|
||
set -euo pipefail
|
||
|
||
WEB_USER="$USER"
|
||
WEB_HOME="$(eval echo "~$WEB_USER")"
|
||
WEB_ROOT="/var/www/html"
|
||
|
||
APACHE_CONF="/etc/httpd/conf.d/${WEB_USER}.conf"
|
||
PHP_CONF="/etc/httpd/conf.d/10-php-${WEB_USER}.conf"
|
||
|
||
########################################
|
||
# 오류 발생 시 Apache 설정 롤백
|
||
########################################
|
||
cleanup() {
|
||
EXIT_CODE=$?
|
||
if [ $EXIT_CODE -ne 0 ]; then
|
||
echo "❌ 오류 발생 ($EXIT_CODE) – Apache 설정 롤백"
|
||
sudo rm -f "$APACHE_CONF"
|
||
sudo rm -f "$PHP_CONF"
|
||
sudo systemctl restart httpd 2>/dev/null || true
|
||
fi
|
||
exit $EXIT_CODE
|
||
}
|
||
trap cleanup EXIT
|
||
|
||
echo "▶ 설치 사용자 : $WEB_USER"
|
||
echo "▶ 웹 루트 : $WEB_ROOT"
|
||
|
||
########################################
|
||
# 시스템 업데이트 / 필수 패키지
|
||
########################################
|
||
sudo dnf -y update
|
||
sudo dnf -y install \
|
||
vim curl wget tar \
|
||
httpd vsftpd \
|
||
policycoreutils-python-utils
|
||
|
||
########################################
|
||
# firewalld 비활성화
|
||
########################################
|
||
sudo systemctl stop firewalld 2>/dev/null || true
|
||
sudo systemctl disable firewalld 2>/dev/null || true
|
||
|
||
########################################
|
||
# Apache 기본 Welcome 페이지 제거
|
||
########################################
|
||
if [ -f /etc/httpd/conf.d/welcome.conf ]; then
|
||
sudo mv /etc/httpd/conf.d/welcome.conf \
|
||
/etc/httpd/conf.d/welcome.conf.disabled
|
||
echo "✓ Apache welcome.conf 비활성화"
|
||
fi
|
||
|
||
########################################
|
||
# 웹 루트 생성 및 권한 (403 방지 핵심)
|
||
########################################
|
||
sudo mkdir -p "$WEB_ROOT"
|
||
|
||
# Apache가 반드시 접근 가능해야 함
|
||
sudo chown -R apache:apache "$WEB_ROOT"
|
||
sudo chmod 755 "$WEB_ROOT"
|
||
|
||
# 디렉토리/파일 권한 정규화
|
||
sudo find "$WEB_ROOT" -type d -exec chmod 755 {} \;
|
||
sudo find "$WEB_ROOT" -type f -exec chmod 644 {} \;
|
||
|
||
########################################
|
||
# 홈 디렉토리 심볼릭 링크 (~/www)
|
||
########################################
|
||
if [ -d "$WEB_HOME/www" ] && [ ! -L "$WEB_HOME/www" ]; then
|
||
rm -rf "$WEB_HOME/www"
|
||
fi
|
||
|
||
if [ ! -L "$WEB_HOME/www" ]; then
|
||
ln -s "$WEB_ROOT" "$WEB_HOME/www"
|
||
echo "✓ ~/www → /var/www/html"
|
||
fi
|
||
|
||
########################################
|
||
# 기본 index.html 생성 (없을 경우)
|
||
########################################
|
||
if [ ! -f "$WEB_ROOT/index.html" ] && [ ! -f "$WEB_ROOT/index.php" ]; then
|
||
sudo tee "$WEB_ROOT/index.html" >/dev/null <<EOF
|
||
<!DOCTYPE html>
|
||
<html>
|
||
<head>
|
||
<meta charset="utf-8">
|
||
<title>Rocky Linux Test Server</title>
|
||
</head>
|
||
<body>
|
||
<h1>✅ Apache 정상 동작</h1>
|
||
<p>WebRoot: $WEB_ROOT</p>
|
||
</body>
|
||
</html>
|
||
EOF
|
||
sudo chown apache:apache "$WEB_ROOT/index.html"
|
||
fi
|
||
|
||
########################################
|
||
# Apache VirtualHost
|
||
########################################
|
||
sudo tee "$APACHE_CONF" >/dev/null <<EOF
|
||
<VirtualHost *:80>
|
||
ServerAdmin webmaster@localhost
|
||
DocumentRoot $WEB_ROOT
|
||
|
||
<Directory $WEB_ROOT>
|
||
Options -Indexes +FollowSymLinks
|
||
AllowOverride All
|
||
Require all granted
|
||
</Directory>
|
||
|
||
ErrorLog /var/log/httpd/${WEB_USER}-error.log
|
||
CustomLog /var/log/httpd/${WEB_USER}-access.log combined
|
||
</VirtualHost>
|
||
EOF
|
||
|
||
########################################
|
||
# PHP 연동 설정 (php-fpm 설치 후 자동 활성)
|
||
########################################
|
||
sudo tee "$PHP_CONF" >/dev/null <<'EOF'
|
||
<IfModule proxy_fcgi_module>
|
||
<FilesMatch "\.php$">
|
||
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
|
||
</FilesMatch>
|
||
</IfModule>
|
||
EOF
|
||
|
||
########################################
|
||
# SELinux 컨텍스트 복구
|
||
########################################
|
||
sudo restorecon -Rv "$WEB_ROOT"
|
||
|
||
########################################
|
||
# Apache / FTP 활성화
|
||
########################################
|
||
sudo systemctl enable --now httpd
|
||
sudo systemctl enable --now vsftpd
|
||
|
||
########################################
|
||
# SELinux - Apache/PHP 통합 허용
|
||
########################################
|
||
sudo setsebool -P httpd_unified 1
|
||
|
||
########################################
|
||
# 완료 메시지
|
||
########################################
|
||
IP_ADDR=$(hostname -I | awk '{print $1}')
|
||
|
||
echo ""
|
||
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
||
echo "✅ 테스트 서버 설정 완료 (Forbidden 해결)"
|
||
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
||
echo "✔ WebRoot : $WEB_ROOT"
|
||
echo "✔ Welcome 페이지 제거됨"
|
||
echo "✔ Apache 접근 권한 정상"
|
||
echo ""
|
||
echo "🌐 접속 주소"
|
||
echo " http://$IP_ADDR/"
|
||
echo ""
|
||
echo "📄 로그"
|
||
echo " /var/log/httpd/${WEB_USER}-access.log"
|
||
echo " /var/log/httpd/${WEB_USER}-error.log"
|
||
echo ""
|