LOVAPI

Windows 10(11) pro에서 도커 이미지 경로 변경하기 

---- 

도커 이미지 경로 변경하려면 탐색기에서 아래 주소를 기입하면 보이는 폴더 중 docker-desktop-data을 이전 및 도커에 등록해 주어야 한다.

%LOCALAPPDATA%/Docker/wsl 

----

자 그럼 도커 이미지를 D:\docker-desktop 으로 이동해보자

1. 도커 데스크탑 종료  (도커 종료)

2. 파워쉘로 이동

  - WSL 종료

PS> wsl shutdown

  - 현재 도커 이미지를 백업 

PS>  wsl --export docker-desktop-data d:\docker-desktop\docker-desktop-data.tar

  - 도커로부터 현재 도커 이미지 등록 해제

PS> wsl --unregister docker-desktop-data

  - 백업한 도어 이미지 가져오기 

PS> wsl --import docker-desktop-data D:\docker-desktop\data D:\docker-desktop\docker-desktop-data.tar --version 2

3. 도커 데스크탑 기동(도커 기동)

PowerShell 을 관리자 권한으로 실행 한 후 

그리고 재부팅!

경우에 따라서는 또 실행 하고 재부팅해야할 수 있음.

아래와 같은 워닝이 뜨고 업데이트가 되지 않는다면

Total download size: 63 M
Downloading packages:
No Presto metadata available for jenkins
warning: /var/cache/yum/x86_64/7/jenkins/packages/jenkins-2.235.3-1.1.noarch.rpm: Header V4 RSA/SHA512 Signature, key ID 45f2c3d5: NOKEY
Public key for jenkins-2.235.3-1.1.noarch.rpm is not installed
jenkins-2.235.3-1.1.noarch.rpm 

아래와 같이 레포지토리 사이닝 키를 업데이트 하시면 됩니다.

데비안 계열(우분투 포함)
# wget -qO - https://pkg.jenkins.io/debian-stable/jenkins.io.key | apt-key add -


레드햇 계열(CentOS포함)
# rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key

일반

RewriteEngine On
RewriteBase /

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]

AWS ELB 사용 시

RewriteEngine On 
RewriteBase / 

RewriteCond %{HTTP:X-Forwarded-Proto} =http 
RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=302] 

참고

1. Webtatic 저장소 정보 넣기

먼저 CentOS 판에 맞는 Webtatic EL yum 저장소 정보를 넣어 준다.

CentOS 7.x:

yum install epel-release -y
rpm -Uvh https://centos7.iuscommunity.org/ius-release.rpm


# yum-config-manager --enable remi-php71   [Install PHP 7.1]

또는 

# yum install -y epel-release
# rpm -ivh http://rpms.remirepo.net/enterprise/remi-release-7.rpm
# yum --enablerepo=remi update remi-release 

3. PHP 7.0 or 7.1 
--# yum install php70

--# yum --enablerepo=remi-php70 install -y php php-fpm php-mysql

# yum --enablerepo=remi-php71 --skip-broken install -y yum install php php-mcrypt php-cli php-gd php-curl php-mysql php-ldap php-zip php-fileinfo 

4. 다른 꾸러미
# yum --enablerepo=remi-php71 --skip-broken install -y php-bcmath php-dba php-devel php-embedded php-enchant php-fpm php-gd php-imap php-intl php-ldap php-mbstring php-mssql php-mysqlnd php-odbc php-pear php-pdo php-pecl-geoip php-pecl-memcache php-pecl-xdebug php-pgsql php-process php-pspell php-recode php-snmp php-soap php-tidy php-tidy php-xmlrpc 

# yum --enablerepo=remi-php71 php-gmp

  Opcode Cache(opcache) 기능을 함께 깔았다면, http://php.net/manual/kr/opcache.installation.php에서 권장한 아래 값들을 참고하여 /etc/php.d/opcache.ini의 opcache 설정값들을 서버 환경에 맞게 고쳐 넣는다.

opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.enable_cli=1


5. phalcon


# yum install php-phalcon


https://www.tqhosting.com/kb/473/How-to-install-PHP-70-on-CentOS-7.html
https://www.tecmint.com/install-php-7-in-centos-7/
https://docs.phalconphp.com/en/3.3/installation

참고

1. Webtatic 저장소 정보 넣기

먼저 CentOS 판에 맞는 Webtatic EL yum 저장소 정보를 넣어 준다.

CentOS 7.x:

rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

CentOS 6.x:

rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm

CentOS 5.x:

rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm


2. Remi리포지토리 추가
먼저 Remi의 yum 리포지토리를 추가해야 한다. (root권한을 가진 사용자 필요) Remi에서 제공되고 있는 소프트웨어를 설치하려면 EPEL의 리포지토리도 필수 요건이므로, EPEL의 리포지토리를 추가 한 뒤에 Remi의 리포지토리를 추가한다.

EPEL리포지토리 추가라고는 하지만 EPEL의 리포지토리 정보는 CentOS 7의 표준 yum 리포지토리에서 제공되어 있으므로 다음의 yum instal l명령으로 설치할 수 있다.

# yum -y install epel-release


EPEL의 리포지토리 정보가 설치되면, 다음은 Remi의 리포지토리 정보를 인스톨 한다. EPEL의 리포지토리 정보는 yum으로 설치했지만 Remi의 리포지토리 정보는 리포지토리 정보 파일을 직접 다운로드 해야 한다. yum의 리포지토리는 다음 디렉토리 /etc/yum.repos.d에서 repo파일을 다운로드 한다.

# cd /etc/yum.repos.d 
# wget http://rpms.famillecollet.com/enterprise/remi.repo

다운로드가 완료되면 Remi 리포지토리 인스톨도 완료다.


3. PHP 5.6 인스톨
emi 리포지토리에서 PHP 5.6을 설치할 준비가 갖추어졌으니 PHP 5.6을 설치해보자.

단 Remi 리포지토리는 일반적인 yum명령으로 검색 대상이 되지 않도록 설정되어 있으므로 Remi 리포지토리를 사용할 때는 yum 명령 옵션에 ?enablerepo 옵션을 주어야 한다. PHP 5.6을 설치할 경우 remi와 remi-php56을 지정한다.

Apache httpd+PHP 5.6의 조합으로 설치

PHP는 WEB 서버에서 대부분 사용되므로 Apache httpd와 같이 PHP 5.6을 설치해보자. 다음과 같이 httpd와 php를 yum으로 설치한다.

# yum -y --enablerepo=remi,remi-php56 install php php-common



4. 다른 꾸러미
# yum install php-bcmath php-dba php-devel php-embedded php-enchant php-fpm php-gd php-imap php-intl php-ldap php-mbstring php-mssql php-mysqlnd php-odbc php-pear php-pdo php-pecl-geoip php-pecl-memcache php-pecl-xdebug php-pgsql php-process php-pspell php-recode php-snmp php-soap php-tidy php-tidy php-xmlrpc -y --enablerepo=remi,remi-php56

  Opcode Cache(opcache) 기능을 함께 깔았다면, http://php.net/manual/kr/opcache.installation.php에서 권장한 아래 값들을 참고하여 /etc/php.d/opcache.ini의 opcache 설정값들을 서버 환경에 맞게 고쳐 넣는다.

opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.enable_cli=1


5. phalcon

yum install php-phalcon3 --enablerepo=remi,remi-php56


6 APC (PHP Alternative cache)

sudo yum install php-pecl-apcu  --enablerepo=remi,remi-php56


7. 유니코드 정규화에 intl PECL 확장 기능을 사용합니다.
sudo yum --enablerepo=remi,remi-php56 install php-intl

참고: https://lovapi.tistory.com/167

1. Webtatic 저장소 정보 넣기

먼저 CentOS 판에 맞는 Webtatic EL yum 저장소 정보를 넣어 준다.

CentOS 7.x:

rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

CentOS 6.x:

rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm

CentOS 5.x:

rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm

2. PHP 5.5과 PHP 꾸러미 깔기

  PHP 5.5.x을 새로 깐다.

yum install php55w

  opcache나 더 필요한 기능이 있는 PHP 꾸러미(php-cli, php-common, php-opcache 등)가 있으면 골라서 더 깐다.

yum install php55w php55w-cli php55w-common php55w-opcache

※  다른 꾸러미 : yum install php55w-bcmath php55w-dba php55w-devel php55w-embedded php55w-enchant php55w-fpm php55w-gd php55w-imap php55w-intl php55w-ldap php55w-mbstring php55w-mssql php55w-mysqlnd php55w-odbc php55w-pear php55w-pdo php55w-pecl-geoip php55w-pecl-memcache php55w-pecl-xdebug php55w-pgsql php55w-process php55w-pspell php55w-recode php55w-snmp php55w-soap php55w-tidy php55w-tidy php55w-xmlrpc

  Opcode Cache(opcache) 기능을 함께 깔았다면, http://php.net/manual/kr/opcache.installation.php에서 권장한 아래 값들을 참고하여 /etc/php.d/opcache.ini의 opcache 설정값들을 서버 환경에 맞게 고쳐 넣는다.

opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.enable_cli=1

# mkdir -p /root/source/archive
# cd /root/source/archive

1. 레포지토리 추가

# wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
# wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
 => http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
# wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1.0-6.ius.el5.noarch.rpm 
 => http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1.0-8.ius.el5.noarch.rpm

# wget http://repo.webtatic.com/yum/webtatic.repo 를 /etc/yum.repos.d/ 에
# rpm --import http://repo.webtatic.com/yum/RPM-GPG-KEY-webtatic-andy 

# rpm -Uvh epel-release-5-4.noarch.rpm
# rpm -Uvh remi-release-5.rpm
# rpm -Uvh rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
# rpm -Uvh ius-release-1.0-6.ius.el5.noarch.rpm 

[확인]
# ls -al /etc/yum.repos.d/
# vi /etc/yum.repos.d/CentOS-Base.repo

-epel.repo
enabled = 1

-ius.repo
baseurl=http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/$basearch
exclude=mysql*

-remi.repo
enabled = 0

-rpmforge.repo
enabled = 0

-webtatic.repo
enabled = 1
exclude=php*

1-1 기본 업데이트
yum -y update kernel
yum -y install yum-fastestmirror

--enablerepo=remi

yum clean all
yum update glibc*
yum update yum* rpm* python*
yum clean all

yum update
shutdown -r now

1-2 시스템 라이브러리 설치
sudo yum -y install zlib.x86_64 curl.x86_64
sudo yum -y install gcc.x86_64 g++.x86_64 cpp.x86_64 gcc-c++.x86_64 compat-gcc-34-g77.x86_64
sudo yum -y install libxml2.x86_64 libxml2-devel.x86_64
sudo yum -y install gd.x86_64 gd-devel.x86_64
sudo yum -y install freetype.x86_64 freetype-devel.x86_64
sudo yum -y install libpng.x86_64 libpng-devel.x86_64
sudo yum -y install libjpeg.x86_64 libjpeg-devel.x86_64
sudo yum -y install fontconfig.x86_64  fontconfig-devel.x86_64
sudo yum -y install mhash.x86_64 mhash-devel.x86_64
sudo yum -y install libmcrypt.x86_64 libmcrypt-devel.x86_64
sudo yum -y install openssl.x86_64 openssl-devel.x86_64
sudo yum -y install gmp.x86_64 gmp-devel.x86_64
sudo yum -y install flex.x86_64
sudo yum -y install libtermcap-devel.x86_64 ncurses-devel.x86_64 libc-client-devel.x86_64 bzip2-devel.x86_64


2. httpd 설치 

# whereis httpd
httpd:

# yum install httpd.x86_64 --enablerepo=remi
# whereis httpd
httpd: /usr/sbin/httpd /usr/sbin/httpd.event /usr/sbin/httpd.worker /etc/httpd /usr/share/man/man8/httpd.8.gz


3. mysql 설치 
# yum install mysql.x86_64 mysql-server.x86_64 --enablerepo=remi
# whereis mysql
mysql: /usr/bin/mysql /usr/share/mysql /usr/share/man/man1/mysql.1.gz


4. php 설치 
# yum install php.x86_64 --enablerepo=remi
# whereis php
php: /usr/bin/php /etc/php.ini /etc/php.d /usr/share/php /usr/share/man/man1/php.1.gz

# yum --enablerepo=remi install php-devel.x86_64 php-mysql.x86_64 php-eaccelerator.x86_64 php-gd.x86_64 php-mhash.x86_64 php-mcrypt.x86_64 php-mbstring.x86_64 php-xml.x86_64

>> 오라클 익스텐션 설치 
 http://www.oracle.com/technetwork/articles/technote-php-instant-084410.html
  download oracle-instantclient11.2-basic-11.2.0.2.0.x86_64.rpm
  download oracle-instantclient11.2-devel-11.2.0.2.0.x86_64.rpm
 http://pecl.php.net/package/oci8
  # wget http://pecl.php.net/get/oci8-1.4.5.tgz


# rpm -Uvh oracle-instantclient11.2-basic-11.2.0.2.0.x86_64.rpm
# rpm -Uvh oracle-instantclient11.2-devel-11.2.0.2.0.x86_64.rpm

# tar xvfz oci8-1.4.5.tgz
# cd oci8-1.4.5
# phpize
# ./configure --with-oci8=instantclient,/usr/lib/oracle/11.2/client64/lib/ --with-php-config=/usr/bin/php-config && make
# cp ./modules/oci8.so /usr/lib64/php/modules/

# echo "extension=oci8.so" >> /etc/php.d/oci8.ini
# service httpd restart
# php -m | grep oci8
oci8


[확인]
# echo "" >> /var/www/html/index.html
# echo -e "\n\nDirectoryIndex index.php index.html index.htm" >> /etc/httpd/conf.d/php.conf

# echo -e "\nAddType application/x-httpd-php .php .htm .html .inc" >> /etc/httpd/conf.d/php.conf
# echo -e "AddType application/x-httpd-php-source .phps" >> /etc/httpd/conf.d/php.conf
# echo -e "AddType application/x-tar .tgz" >> /etc/httpd/conf.d/php.conf
# echo -e "AddType image/x-icon .ico" >> /etc/httpd/conf.d/php.conf
# echo -e "AddType application/x-httpd-cgi .cgi" >> /etc/httpd/conf.d/php.conf
# echo -e "AddType application/json .json" >> /etc/httpd/conf.d/php.conf


-> 필요한 정도로 정리, 설정은 두번 한다고 해서 에러뜨지 않음, 뭐 필요하면 바꾸등가~
# vi /etc/httpd/conf.d/php.conf 
# service httpd restart 
# wget http://localhost

----------  설정 ---------

# 추가 패키지
cronolog.x86_64, awstats, mod_security, mod_evasive, mod_geoip, mod_ssl, clamav.x86_64, clamd, clamav-milter


httpd 부팅시 자동 구동

$ sudo systemctl enable httpd
$ systemctl status httpd

php-memcache 모듈설치

#sudo yum install php-pecl-memcache



[memcached]

설치
sudo yum -y install memcached


부팅시 자동 구동
$ sudo systemctl enable memcached
$ systemctl status memcached

sudo  vi /etc/sysconfig/memcached
CACHESIZE="1024" 로 변경

sudo systemctl restart memcached



[apc 설치]
$ sudo yum install php-pear php-devel httpd-devel pcre-devel gcc make
$ sudo pecl install apc

echo "extension=apc.so" > /etc/php.d/apc.ini

# vi /etc/php.d/apc.ini

apc.mode=shm
apc.enabled=0
apc.shm_segments=1

apc.shm_size=512M

apc.num_files_hint=7000

apc.user_entries_hint=4096

apc.ttl=7200
apc.user_ttl=7200
apc.gc_ttl=3600

apc.stat=1

apc.include_once_override=0

apc.enable_cli=0

apc.file_update_protection=2

apc.max_file_size=20M


apc.cache_by_default=0
apc.use_request_time=1
apc.slam_defense=0
apc.stat_ctime=0
apc.canonicalize=1
apc.write_lock=1
apc.report_autofilter=0
apc.rfc1867=0
apc.rfc1867_prefix=upload_
apc.rfc1867_name=APC_UPLOAD_PROGRESS
apc.rfc1867_freq=0
apc.rfc1867_ttl=3600
apc.lazy_classes=0
apc.lazy_functions=0


[modsecurity]
# sudo mkdir /etc/httpd/modsecurity.d

http://modsecurity.org/rules.html 에서 
일단 modsecurity 홈페이지 우측 core rules 에 들어가시면 OWASP crs을 제공하고 있으며 zip 파일을 다운 받아 사용하시면 됩니다. 

# vi /etc/httpd/conf.d/mod_security.conf


    # ModSecurity Core Rules Set configuration
        IncludeOptional modsecurity.d/*.conf
        IncludeOptional modsecurity.d/activated_rules/*.conf

    # Default recommended configuration
    SecRuleEngine On
    SecRequestBodyAccess On
    SecRule REQUEST_HEADERS:Content-Type "text/xml" \
         "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
    SecRequestBodyLimit 13107200
    SecRequestBodyNoFilesLimit 131072
    SecRequestBodyInMemoryLimit 131072
    SecRequestBodyLimitAction Reject
    SecRule REQBODY_ERROR "!@eq 0" \
    "id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
    SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
    "id:'200002',phase:2,t:none,log,deny,status:44,msg:'Multipart request body \
    failed strict validation: \
    PE %{REQBODY_PROCESSOR_ERROR}, \
    BQ %{MULTIPART_BOUNDARY_QUOTED}, \
    BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
    DB %{MULTIPART_DATA_BEFORE}, \
    DA %{MULTIPART_DATA_AFTER}, \
    HF %{MULTIPART_HEADER_FOLDING}, \
    LF %{MULTIPART_LF_LINE}, \
    SM %{MULTIPART_MISSING_SEMICOLON}, \
    IQ %{MULTIPART_INVALID_QUOTING}, \
    IP %{MULTIPART_INVALID_PART}, \
    IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
    FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"

    #SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
    #"id:'200003',phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'"

    SecPcreMatchLimit 1000
    SecPcreMatchLimitRecursion 1000

    SecRule TX:/^MSC_/ "!@streq 0" \
            "id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"

    SecResponseBodyAccess Off
    SecDebugLog /var/log/httpd/modsec_debug.log
    SecDebugLogLevel 0
    SecAuditEngine RelevantOnly
    SecAuditLogRelevantStatus "^(?:5|4(?!04))"
    SecAuditLogParts ABIJDEFHZ
    SecAuditLogType Serial
    SecAuditLog /var/log/httpd/modsec_audit.log
    SecArgumentSeparator &
    SecCookieFormat 0
    SecTmpDir /var/lib/mod_security
    SecDataDir /var/lib/mod_security

https://technet.microsoft.com/ko-kr/library/cc732742(v=ws.10).aspx

http://askubuntu.com/questions/423514/how-to-enable-mod-rewrite-for-virtual-host

**/etc/httpd/conf/httpd.conf** 에서
`AllowOverride None -> All` 로 모두 바꿈