- Building Authorized Station
- Download the web directory from https://icloudhub.lanzoul.com/iEqEg1ig73lc as the Cdnfly authorization verification file.
- Create a new website with the domain name filled in as [auth.cdnfly.cn] [monitor.cdnfly.cn] and PHP version 7.2 or above.
- Configure the pseudo-static according to the rules in the directory.
Note: Do not install the bt_safe extension for PHP, otherwise, the TCP type monitoring cannot be used. If you want to use the ping type monitoring, you need to allow the exec function.
Download node building bt.fikkey.com and redirect it to us.centos.bz with a 301 redirect.
-
Building the Control End
Control configuration requirements: minimum 2 cores, 4GB RAM, open ports 80, 88, and 9200. -
Update and disable the firewall:
yum update -y && yum upgrade -y && systemctl stop firewalld.service && systemctl disable firewalld.service && sudo systemctl disable firewalld && sudo systemctl mask –now firewalld && sudo ufw disable
- Modify the hosts file:
vi /etc/hosts
0.0.0.0 auth.cdnfly.cn monitor.cdnfly.cn bt.fikkey.com
- Install the control end:
curl -fsSL https://raw.githubusercontent.com/LoveesYe/cdnflydadao/main/cdnfly/v5.1.13/master/master.sh -o master.sh && chmod +x master.sh && ./master.sh --es-dir /home/es
If bt.fikkey.com/cdnfly/elasticsearch-7.6.1-x86_64.rpm returns a 404 error, replace the download address with us.centos.bz in /opt/cdnfly/master/install.sh, then execute ./install.sh $@ in the /opt/cdnfly/master directory to continue the installation.
If the control end is installed in the Baota environment, you need to add a website in the Baota background with the root directory as /opt/cdnfly/master/panel/.
The control end login address is: http://controlIP/
Administrator username and password: admin/cdnfly
Regular user username and password: jason/cdnfly
- Building the Controlled End
Controlled configuration requirements: at least 2GB of memory, tested with 1GB also works, open ports 80, 443, and 5000, supports Centos-7---Ubuntu-16.04
If the memory is less than 2GB, you can add swap:
Create a 1GB partition file:
dd if=/dev/zero of=/home/swap bs=1024 count=1024000
Convert the partition to swap:
/sbin/mkswap /home/swap
Enable this swap partition:
/sbin/swapon /home/swap
Automatically mount on startup: vi /etc/fstab and add the following line at the bottom:
/home/swap swap swap defaults 0 0
- Update and disable the firewall:
yum update -y && yum upgrade -y && systemctl stop firewalld.service && systemctl disable firewalld.service && sudo systemctl disable firewalld && sudo systemctl mask –now firewalld && sudo ufw disable
- Install the controlled node:
curl -fsSL https://github.com/Steady-WJ/cdnfly-kaixin/raw/main/agent.sh -o agent.sh && chmod +x agent.sh && ./agent.sh --master-ver v5.1.13 --master-ip yourIP --es-ip yourIP --es-pwd password
curl -m 5 https://raw.githubusercontent.com/LoveesYe/cdnflydadao/main/cdnfly/v5.1.13/agent/agent.sh -o agent.sh || curl -m 5 https://raw.githubusercontent.com/LoveesYe/cdnflydadao/main/cdnfly/v5.1.13/agent/agent.sh -o agent.sh && chmod +x agent.sh && ./agent.sh --master-ver v5.1.11 --master-ip [ip] --es-ip [ip] --es-pwd [password]
-
Backend Configuration
-
Add regions, add nodes, and edit node cache size.
-
DNS settings.
-
Line grouping - set up resolution.
-
Global configuration - firewall, etc.
-
Add packages.
-
Security Configuration
-
System Management > System Settings > User Related > Restrict ordinary users to login only from this domain and restrict administrators to login only from this domain.
-
Then, in these two login domains, set to prohibit all access to /v1/.
API settings HTML:
/opt/cdnfly/master/panel/src/views/account/config/api.html
Hide API menu:
/opt/cdnfly/master/panel/console/user_menu.json
[Common Commands]
Panel root directory:
/opt/cdnfly/master/panel/
Uninstall node:
cd /tmp/ && curl -m 5 http://dl2.cdnfly.cn/cdnfly/agent_uninstall.sh -o agent_uninstall.sh || curl -m 5 http://us.centos.bz/cdnfly/agent_uninstall.sh && chmod +x agent_uninstall.sh && ./agent_uninstall.sh