Debian12生产环境配置笔记
在 Debian 12 上进行生产环境配置的详细步骤,涵盖软件更新、基础软件安装、Docker 及 Redis 部署,以及 Nginx 配置多个虚拟主机等内容。所有命令均以 root 用户身份执行,无需添加 sudo
1. 更新软件
首先,确保系统上的所有软件包列表是最新的,并升级已安装的软件包。
apt update
apt upgrade -y
2. 安装Git、Python、Screen、Nginx等工具
apt install build-essential python3 python3-pip git screen nginx -y
配置pip
pip3 config set global.index-url https://pypi.tuna.tsinghua.edu.cn/simple
配置git
# 配置ssh 如上图
ssh-keygen #按3下回车
cd ~/.ssh
cat id_rsa.pub
#把公钥放到git平台上
# 配置用户名和邮箱
git config --global user.name 'xuehu96'
git config --global user.email 'xuehu96@xxx.com'
3. 安装Golang编译环境
mkdir go
cd go
wget https://go.dev/dl/go1.24.1.linux-amd64.tar.gz
tar -xzf go1.24.1.linux-amd64.tar.gz
mkdir src bin pkg
cd
vi ~/.bashrc
在.bashrc最后一行添加:export PATH=$PATH:$HOME/go/bin
source ~/.bashrc
go env -w GO111MODULE=on
go env -w GOPROXY=https://goproxy.cn,direct
4. 安装Docker并启动Redis
# Add Docker's official GPG key:
apt-get update
apt-get install ca-certificates curl
install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
速度还可以,再配置以下加速
nano /etc/docker/daemon.json
阿里:
{
"registry-mirrors": ["https://xxx.mirror.aliyuncs.com"]
}
腾讯:
{
"registry-mirrors": [
"https://mirror.ccs.tencentyun.com"
]
}
重启一下
systemctl daemon-reload
systemctl restart docker
Docker启动一个redis服务器,端口6379
docker run -p 6379:6379 --name redis -v /data/redis:/data -d redis --appendonly yes
docker ps
5. 配置Nginx
systemctl enable nginx
配置文件/etc/nginx/nginx.conf
user root;
worker_processes 4;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
# pid logs/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
directio 4m;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
#include /etc/nginx/conf.d/*.conf;
include /etc/nginx/xxxx/*;
}
nginx -t
nginx -s reload
添加服务器安全组,开放80、433端口
(完)