Shell脚本朴素方式实现http服务和防火墙策略一键自定义配置
一.准备工作
1.关闭防火墙
2.关闭selinux
3.yum源能够正常下载包
二.代码
三.测试
1.存在httpd和firewalld的情况
2.不存在httpd和firewalld情况
一.准备工作
1.关闭防火墙
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemonLoaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)Active: inactive (dead)Docs: man:firewalld(1)Apr 07 19:33:48 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
Apr 07 19:33:52 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Apr 07 19:33:52 localhost.localdomain firewalld[1079]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed i>
Apr 07 19:35:35 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon...
Apr 07 19:35:36 localhost.localdomain systemd[1]: firewalld.service: Succeeded.
Apr 07 19:35:36 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.
2.关闭selinux
[root@localhost ~]# setenforce 0
setenforce: SELinux is disabled
[root@localhost ~]# getenforce
Disabled
3.yum源能够正常下载包
[root@localhost ~]# yum install -y httpd
Updating Subscription Management repositories.
Unable to read consumer identityThis system is not registered with an entitlement server. You can use subscription-manager to register.Last metadata expiration check: 3:51:46 ago on Sat 08 Apr 2023 05:56:33 PM CST.
Package httpd-2.4.37-41.module+el8.5.0+11772+c8e0c271.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
二.代码
(1)判断是否安装有httpd
(2)有httpd再通过进程和端口占用情况查看httpd是否运行,运行则进入防火墙判断,未运行则启动httpd再判断防火墙
(3)判断是否安装有firewalld,有则开启服务服务并允许http的流量通过,没有就仔仔了再开启服务并允许流量通过
(4)自定义httpd服务相关文件配置
(5)重启测试
(6)没有安装有httpd就先安装httpd再启动再重复上述流程
#!/bin/bash
rpm_http=`rpm -qa httpd |wc -l` #查看httpd是否下载
ps_ef=`ps -ef | grep "httpd" | grep -v grep | wc -l` #查看httpd进程是否运行
port_web=`ss -lntup | grep -w "80" | wc -l` #查看http端口80是否监听
rpm_firewall=`rpm -qa firewalld |wc -l` #查看firewalld是否下载
if [ $rpm_http -ge 1 ]
thenif [ $ps_ef -ge 1 ] && [ $port_web -ge 1 ] #进程和端口条件同时满足thenecho "http已运行"elseecho "稍后为您开启web服务!"systemctl start httpd;fiif [ $rpm_firewall -ge 1 ] thensystemctl start firewalld;firewall-cmd --add-service=http --permanent; #添加防火墙策略允许http服务echo "防火墙策略已允许http服务!";elseyum install -y firewalld;systemctl start firewalld;firewall-cmd --add-service=http --permanent;echo "防火墙策略已允许http服务!";fiecho "接下来请自定义您的各项文件信息!"read -p "请输入您的IP地址(http服务需要配置的ip):" ipread -p "请输入您的html文件路径(放置自己html文件的目录):" htmllujingread -p "请输入您的html文件所在位置(自己html文件的位置—路径加文件名):" wenjianlujing
#这里写自己html文件的位置,在后面会自动写入工作目录并改名echo "<VirtualHost $ip>" >/etc/httpd/conf.d/httphost.confecho "documentroot $htmllujing" >>/etc/httpd/conf.d/httphost.confecho "<Directory $htmllujing>" >>/etc/httpd/conf.d/httphost.confecho "allowoverride none" >>/etc/httpd/conf.d/httphost.confecho "require all granted" >>/etc/httpd/conf.d/httphost.confecho "</Directory>" >>/etc/httpd/conf.d/httphost.confecho "</VirtualHost>" >>/etc/httpd/conf.d/httphost.confmkdir $htmllujing &>/dev/null 2>&1 ;cp $wenjianlujing $htmllujing/index.htmlsystemctl restart httpd;echo httpd 重启;curl $ip;
elseyum install -y httpd;systemctl start httpd;echo httpd 安装并开启;if [ $rpm_firewall -ge 1 ]thensystemctl start firewalld;firewall-cmd --add-service=http --permanent;echo "防火墙策略已允许http服务!";elseyum install -y firewalld;systemctl start firewalld;firewall-cmd --add-service=http --permanent;echo "防火墙策略已允许http服务!";fiecho "接下来请自定义您的各项文件信息!"read -p "请输入您的IP地址(http服务需要配置的ip):" ipread -p "请输入您的html文件路径(放置自己html文件的目录):" htmllujingread -p "请输入您的html文件所在位置(自己html文件的位置—路径加文件名):" wenjianlujingecho "<VirtualHost $ip>" >/etc/httpd/conf.d/httphost.confecho "documentroot $htmllujing" >>/etc/httpd/conf.d/httphost.confecho "<Directory $htmllujing>" >>/etc/httpd/conf.d/httphost.confecho "allowoverride none" >>/etc/httpd/conf.d/httphost.confecho "require all granted" >>/etc/httpd/conf.d/httphost.confecho "</Directory>" >>/etc/httpd/conf.d/httphost.confecho "</VirtualHost>" >>/etc/httpd/conf.d/httphost.confmkdir $htmllujing &>/dev/null 2>&1 ;cp $wenjianlujing $htmllujing/index.htmlsystemctl restart httpd;echo httpd 重启;curl $ip;
fi
三.测试
1.存在httpd和firewalld的情况
[root@localhost aaa]# cat df.html
777
[root@localhost aaa]# bash server.sh
http已运行
Warning: ALREADY_ENABLED: http
success
防火墙策略已允许http服务!
接下来请自定义您的各项文件信息!
请输入您的IP地址(http服务需要配置的ip):192.168.2.226
请输入您的http配置文件名称(http配置文件前缀):httphost
请输入您的html文件路径(放置自己html文件的目录):/www/qwe
请输入您的html文件所在位置(自己html文件的位置—路径加文件名):/aaa/df.html
httpd 重启
777
[root@localhost ~]# cat /etc/httpd/conf.d/httphost.conf
<VirtualHost 192.168.2.226>
documentroot /www/qwe
<Directory /www/qwe>
allowoverride none
require all granted
</Directory>
</VirtualHost>
2.不存在httpd和firewalld情况
[root@localhost aaa]# yum remove -y firewalld httpd
[root@localhost aaa]# bash server.sh
Complete!
httpd 安装并开启
Complete!
Warning: ALREADY_ENABLED: http
success
防火墙策略已允许http服务!
接下来请自定义您的各项文件信息!
请输入您的IP地址(http服务需要配置的ip):192.168.2.226
请输入您的http配置文件名称(http配置文件前缀):iphosts
请输入您的html文件路径(放置自己html文件的目录):/www/adeade
请输入您的html文件所在位置(自己html文件的位置—路径加文件名):/aaa/df.html
httpd 重启
777
[root@localhost ~]# cat /etc/httpd/conf.d/iphosts.conf
<VirtualHost 192.168.2.226>
documentroot /www/adeade
<Directory /www/adeade>
allowoverride none
require all granted
</Directory>
</VirtualHost>