Skip to content

Instantly share code, notes, and snippets.

@axross

axross/provisioning_sakuravps.md

Last active August 29, 2015 13:57
Show Gist options
  • Save axross/9908256 to your computer and use it in GitHub Desktop.
Save axross/9908256 to your computer and use it in GitHub Desktop.
Download ZIP
さくらVPS上のCentOS6.4にオレオレ開発環境を構築するための覚書
Raw
provisioning_sakuravps.md

Login (root user)

ssh [email protected]

Create user

useradd axross
passwd axross

Type your password 2 times.

User settings

  • Modify /etc/pam.d/su
  • Modify /etc/login.defs
  • Modify visudo

Check if the installed "sudo", "yum", "git"

  • Check "sudo"
sudo -V
  • Check "yum"
yum --version
  • Check "git"
git --version

Update yum

yum update

Install devel-packages

yum install openssl-devel sqlite-devel

Install zsh

yum install zsh
  • Check if the installed zsh
cat /etc/shells

Set zsh to default shell

usermod -s /bin/zsh axross

Re-login new user

exit

ssh [email protected]

Set .zshrc

vi ~/.zshrc

Install rbenv

git clone git://github.com/sstephenson/rbenv.git ~/.rbenv
  • Reload .zshrc
source ~/.zshrc

Install ruby-build

git clone https://github.com/sstephenson/ruby-build.git ~/.ruby-build
cd ~
sudo .ruby-build/install.sh

Install Ruby

rbenv install 2.0.0-p451
rbenv global 2.0.0-p451

Install Dropbox

mkdir -p ~/bin && cd ~/bin && wget "https://www.dropbox.com/download?dl=packages/dropbox.py" -O dropbox.py && chmod +x ~/bin/dropbox.py
  • Link account

Install dropbox.py

cd ~ && wget -O - "https://www.dropbox.com/download?plat=lnx.x86_64" | tar xzf - && ~/.dropbox-dist/dropboxd

Install nginx

sudo yum install nginx
  • Check to services
sudo chkconfig nginx on

Update gems

gem update --system --no-ri --no-rdoc

gem install bundler rake rbenv-rehash --no-ri --no-rdoc

Bundler setting

bundle config --global path vendor/bundle

Firewall

Edit /etc/sysconfig/iptables

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]

-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 4567 -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

sudo service iptables restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment