Rocky Linux は RHEL(Red Hat Enterprise Linux) のダウンストリームで互換性100%を目指している。
今回はOCIで構築。初期SSHユーザは rocky だった。
また初期設定で firewall の設定がなかったため、追加で設定している。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 | # cat /etc/rocky-release Rocky Linux release 8.7 (Green Obsidian) # dnf install nginx -y ... # systemctl enable --now nginx # dnf install firewalld -y ... # systemctl enable --now firewalld # firewall-cmd --state running # firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: cockpit dhcpv6-client ssh ports: protocols: forward: no masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: # firewall-cmd --permanent --remove-service=cockpit --remove-service=dhcpv6-client success # firewall-cmd --permanent --add-service=http success # firewall-cmd --reload success # firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: http ssh ports: protocols: forward: no masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: |