NAS構築OSのFreeNAS 9に最近話題のWebサーバ Nginxをインストールしてみました
FreeNAS Project – Open Source Storage –
http://www.freenas.org/
nginx
http://nginx.org/ja/
FreeNAS 9にはJail機構が搭載されています。chrootを拡張したようなもので、ひとつの仮想マシンとして動作するイメージでしょうか。プラグインもJail環境で動作します
- 管理画面にログイン
- Add Jails
- Jail Nmae
- JailのIP
- Jailのタイプ
- Jail作成
FreeNAS 9の管理画面にログインします
メニューの[Jails]から[Add Jails]をクリックします
Jailの名前を指定します。この名前がhostnameになります
[行動な設定]をクリックして割り当てるIPを指定します
Jailのタイプを指定します。タイプにはStandard, pluginjail, portjailがありデフォルトはStandardです
違いはJails(http://doc.freenas.org/index.php/Jails)から確認するとPluginjailを選択しておけば大丈夫だと思います
Table 9a: What Type of Software can be Installed Into a Jail?
Type of Jail | FreeNAS PBI | PC-BSD PBI | FreeBSD pkgng package | FreeBSD port |
---|---|---|---|---|
Plugin | yes | yes | yes | yes |
Port | no | no, unless vanilla is unchecked during jail creation | no, unless vanilla is unchecked during jail creation | yes |
Standard | no | no, unless vanilla is unchecked during jail creation | no, unless vanilla is unchecked during jail creation | yes |
[OK]でJailを作成します。作成が完了で自動起動していると思いますが起動していないようならスタートして下さい
Jailが追加できたので次にNginxをインストールします。インストールにはportsコレクションを使用します
Ports Collection
http://www.freebsd.org/doc/ja/books/handbook/ports-using.html
- FreeBSD 9ホストへログオン
- Jailホストへ移動
- Ports Collectionのスナップショット
- スナップショットの展開
- アップデートの確認
- コンパイル
- インストール
- 自動起動の設定
- nginx.confの編集
- Nginx起動
- 確認
インストール作業を行うにはshell環境が必要です。FreeBSD 9のshellを利用するか、sshでログインして下さい
1 2 3 4 5 6 7 8 9 10 11 12 13 |
FreeNAS Jails Last login: Thu Oct 24 11:32:04 2013 from 192.168.1.13 FreeBSD 9.1-STABLE (FREENAS.amd64) #0 r+16f6355: Tue Aug 27 00:38:40 PDT 2013 FreeNAS (c) 2009-2013, The FreeNAS Development Team All rights reserved. FreeNAS is released under the modified BSD license. For more information, documentation, help or support, go here: http://freenas.org Welcome to FreeNAS [root@freenas] ~# |
FreeBSD 9ホストからJailホスト環境へ移動します。最初にJIDを確認してから、指定のJailホストに切り替えます
1 2 3 4 5 6 |
[root@freenas] ~# jls JID IP Address Hostname Path 8 - dlna_1 /mnt/zfs/jails/dlna_1 9 - jhost /mnt/zfs/jails/jhost [root@freenas] ~# jexec 9 /bin/csh root@jhost:/ # |
Ports Collectionのスナップショットをダウンロードします。Jailホストがインターネットへの接続できる環境が必要です
1 2 3 4 5 6 7 8 9 10 11 12 |
root@jhost:/ # portsnap fetch Looking up portsnap.FreeBSD.org mirrors... 7 mirrors found. Fetching public key from ec2-ap-northeast-1.portsnap.freebsd.org... done. Fetching snapshot tag from ec2-ap-northeast-1.portsnap.freebsd.org... done. Fetching snapshot metadata... done. Fetching snapshot generated at Sun Oct 27 09:00:00 JST 2013: b32eba78c9c7cd5a6db94d17adfa0cf21c858eb7334ebe100% of 69 MB 785 kBps 00m00s Extracting snapshot... done. Verifying snapshot integrity... done. Fetching snapshot tag from ec2-ap-northeast-1.portsnap.freebsd.org... done. Ports tree hasn't changed since last snapshot. No updates needed. |
ダウンロードしたスナップショットを展開します
1 2 3 4 5 6 7 8 9 10 11 12 |
root@jhost:/ # portsnap extract /usr/ports/CHANGES /usr/ports/COPYRIGHT /usr/ports/GIDs /usr/ports/KNOBS /usr/ports/Keywords/info.yaml /usr/ports/LEGAL (snip) /usr/ports/x11/yelp/ /usr/ports/x11/zenity/ Building new INDEX files... done. root@jhost:/ # |
最新のスナップショットをダウンロードしたはずなので必要無いと思いますが念の為に。後日このコマンドでPorts Collectionのアップデートができます
1 2 3 4 5 6 7 |
root@jhost:/ # portsnap fetch Looking up portsnap.FreeBSD.org mirrors... 7 mirrors found. Fetching snapshot tag from ec2-ap-northeast-1.portsnap.freebsd.org... done. Ports tree hasn't changed since last snapshot. No updates needed. root@jhost:/ # portsnap update Ports tree is already up to date. |
Nginxをコンパイルするためにディレクトリ移動します、その後makeです
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
root@jhost:/ # cd /usr/ports/www/nginx root@jhost:/usr/ports/www/nginx # ls -l total 100 -rw-r--r-- 1 root wheel 37966 Oct 26 22:39 Makefile -rw-r--r-- 1 root wheel 9811 Oct 26 22:39 distinfo drwxr-xr-x 2 root 1011 18 Oct 27 11:32 files -rw-r--r-- 1 root wheel 398 Jul 14 2012 pkg-descr -rw-r--r-- 1 root wheel 1816 May 4 04:50 pkg-plist root@jhost:/usr/ports/www/nginx # make ===> Building/installing dialog4ports as it is required for the config dialog ===> Cleaning for dialog4ports-0.1.5_2 ===> Skipping 'config' as NO_DIALOG is defined ====> You must select one and only one option from the VIDEO single (snip) make -f objs/Makefile manpage sed -e "s|%%PREFIX%%|/usr/local/etc/nginx|" -e "s|%%PID_PATH%%|/var/run/nginx.pid|" -e "s|%%CONF_PATH%%|/usr/local/etc/nginx/nginx.conf|" -e "s|%%ERROR_LOG_PATH%%|/var/log/nginx-error.log|" < man/nginx.8 > objs/nginx.8 |
インストールします
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
root@jhost:/usr/ports/www/nginx # make install ===> Building/installing dialog4ports as it is required for the config dialog ===> Cleaning for dialog4ports-0.1.5_2 ===> Skipping 'config' as NO_DIALOG is defined ====> You must select one and only one option from the VIDEO single (snip) Installing nginx-1.4.3,1... done ===> SECURITY REPORT: This port has installed the following files which may act as network servers and may therefore pose a remote security risk to the system. /usr/local/sbin/nginx This port has installed the following startup scripts which may cause these network services to be started at boot time. /usr/local/etc/rc.d/nginx If there are vulnerabilities in these programs there may be a security risk to the system. FreeBSD makes no guarantee about the security of ports included in the Ports Collection. Please type 'make deinstall' to deinstall the port if this is a concern. For more information, and contact details about the security status of this software, see the following webpage: http://nginx.org/ |
Nginxが自動起動するように/etc/rc.confにnginx_enable=”YES”を追記します
1 2 3 4 5 6 7 8 9 10 11 12 13 |
root@jhost:/usr/ports/www/nginx # vi /etc/rc.conf root@jhost:/usr/ports/www/nginx # cat /etc/rc.conf portmap_enable="NO" sshd_enable="YES" sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO" hostname="jhost" devfs_enable="YES" devfs_system_ruleset="devfsrules_common" nginx_enable="YES" |
Nginxの設定ファイル/usr/local/etc/nginx/nginx.confを編集します
【標準設定】
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
root@jhost:/usr/ports/www/nginx # cat /usr/local/etc/nginx/nginx.conf #user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root /usr/local/www/nginx; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/www/nginx-dist; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443; # server_name localhost; # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} } |
Nginxを起動します
1 2 3 4 5 |
root@jhost:/usr/ports/www/nginx # service nginx start Performing sanity check on nginx configuration: nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful Starting nginx. |
Ports CollectionやPackageが使えるとは、もうNAS専用OSでは無いですね
どんなサーバでも構築できそうです