Anye
Anye
Published on 2024-01-29 / 70 Visits
0
0

如何在OpenEuler中安装1Panel

前言

OpenEuler 作为面向数字基础设施的开源操作系统,越来越广泛地应用于金融、运营商、能源、物流、高校&科研、云计算等领域,1Panel 是新一代的 Linux 服务器运维管理面板,它们之间会擦出怎样的火花呢?

准备工作

  • OpenEuler 服务器一台;

  • 服务器架构:x86_64、aarch64、armv7l、ppc64le、s390x;

  • 内存要求:建议可用内存在 1GB 以上;

  • 浏览器要求:请使用 Chrome、FireFox、IE10+、Edge等现代浏览器;

  • 可访问互联网。

安装步骤

手动安装 docker

与常规 RedHat / CentOS 发行版不同,docker 官方的一键安装脚本尚且不可以直接在 OpenEuler 服务器中运行,故需要手动安装 docker 。

sudo dnf install docker-engine

安装 1Panel

执行 1panel 官方的一键安装脚本

curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_start.sh && sh quick_start.sh

1Panel 中的一些工具

进程守护

  1. 从 pip 安装

pip install supervisor
  1. 创建启动脚本

vi /etc/systemd/system/supervisor.service

填入

[Unit]
Description=Supervisor process control system for UNIX
Documentation=http://supervisord.org
After=network.target

[Service]
ExecStart=/usr/local/bin/supervisord -n -c /etc/supervisor/supervisord.conf
ExecStop=/usr/local/bin/supervisorctl $OPTIONS shutdown
ExecReload=/usr/local/bin/supervisorctl -c /etc/supervisor/supervisord.conf $OPTIONS reload
KillMode=process
Restart=on-failure
RestartSec=50s

[Install]
WantedBy=multi-user.target
  1. 创建必要文件夹

mkdir /etc/supervisor/
mkdir /var/log/supervisor/
  1. 创建基本配置文件

vi /etc/supervisor/supervisord.conf

填入

; supervisor config file
[unix_http_server]
; (the path to the socket file)
file  = /var/run/supervisor.sock
; sockef file mode (default 0700)
chmod = 0700

[supervisord]
; (main log file;default $CWD/supervisord.log)
logfile     = /var/log/supervisor/supervisord.log
; (supervisord pidfile;default supervisord.pid)
pidfile     = /var/run/supervisord.pid
; ('AUTO' child log dir, default $TEMP)
childlogdir = /var/log/supervisor

; the below section must remain in the config file for RPC
; (supervisorctl/web interface) to work, additional interfaces may be
; added by defining them in separate rpcinterface: sections
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisorctl]
; use a unix:// URL  for a unix socket
serverurl = unix:///var/run/supervisor.sock

; The [include] section can just contain the "files" setting.  This
; setting can list multiple files (separated by whitespace or
; newlines).  It can also contain wildcards.  The filenames are
; interpreted as relative to this file.  Included files *cannot*
; include files themselves.
[include]
files  = /opt/1panel/tools/supervisord/supervisor.d/*.ini
;files = /etc/supervisor/conf.d/*.conf
  1. 设置开机自启

systemctl enable supervisor
  1. 在 1Panel 中进行初始化操作。

Fail2ban

  1. 安装 git

dnf install git
  1. 从源码安装

git clone https://github.com/fail2ban/fail2ban.git
cd fail2ban
sudo python setup.py install 
  1. 创建启动脚本

vi /etc/systemd/system/fail2ban.service

输入

[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service
PartOf=iptables.service firewalld.service ip6tables.service ipset.service nftables.service

[Service]
User=root
Type=simple
Environment="PYTHONNOUSERSITE=1"
Environment="PYTHONPATH=$PYTHONPATH:/usr/local/lib/python3.9/site-packages"
ExecStartPre=/bin/mkdir -p /run/fail2ban
ExecStart=/usr/local/bin/fail2ban-server -xf start
ExecStop=/usr/local/bin/fail2ban-client stop
ExecReload=/usr/local/bin/fail2ban-client reload
PIDFile=/run/fail2ban/fail2ban.pid
Restart=on-failure
RestartPreventExitStatus=0 255


[Install]
WantedBy=multi-user.target
  1. 在 1Panel 中启动Fail2ban


Comment