专栏首页程序生涯lnmp应用服务器安装手册

lnmp应用服务器安装手册

环境准备

  • yum -y install vim wget zip unzip lrzsz gcc gcc-c++ autoconf automake libtool make openssl openssl-devel pcre-devel libxml2-devel libcurl-devel libicu-devel openldap openldap-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libpng libpng-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses curl gdbm-devel db4-devel libXpm-devel libX11-devel gd-devel gmp-devel readline-devel libxslt-devel expat-devel xmlrpc-c xmlrpc-c-devel libvpx-devel libzip libzip-devel
  • cd /opt

[1]安装nginx

完整+nginx-http-concat
./configure \
--prefix=/usr/local/webserver/nginx  \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--add-module=/opt/nginx-http-concat-master
只安装nginx
./configure \
--prefix=/usr/local/webserver/nginx  \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_gzip_static_module \
--with-http_stub_status_module 
  • make && make install

[2]安装nginx lua

./configure \
--prefix=/usr/local/webserver/nginx  \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--add-module=/opt/nginx-http-concat-master \
--add-module=/opt/openresty-1.11.2.4/bundle/ngx_devel_kit-0.3.0 \
--add-module=/opt/lua-nginx-module-0.10.10  
  • make && make install

安装imagemagick

./configure \
--with-bzlib=yes \
--with-autotrace=yes \
--with-djvu=yes \        
--with-dps=yes \          
--with-fftw=yes \
--with-flif=yes \
--with-fpx=yes \
--with-fontconfig=yes \  
--with-freetype=yes \        
--with-gslib=no            
--with-gvc=yes \             
--with-jbig=yes \            
--with-jpeg=yes \            
--with-lcms=yes \            
--with-lqr=yes \             
--with-ltdl=yes \            
--with-lzma=yes \            
--with-magick-plus-plus=yes \
--with-openexr=yes \         
--with-openjp2=yes \         
--with-pango=yes \           
--with-perl=no             
--with-png=yes \             
--with-raqm=yes \            
--with-raw=yes \             
--with-rsvg=no             
--with-tiff=yes \            
--with-webp=yes \            
--with-wmf=yes \             
--with-x=                  
--with-xml=yes \             
--with-zlib=yes

安装mysql

  • cd /opt
  • wget https://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.18-linux-glibc2.5-x86_64.tar.gz
  • tar zxvf mysql-5.7.18-linux-glibc2.5-x86_64.tar.gz
  • mv mysql-5.7.18-linux-glibc2.5-x86_64 /usr/local/webserver/mysql
  • cd /usr/local/webserver/mysql
  • groupadd -r mysql
  • useradd -s /sbin/nologin -g mysql -r mysql
  • mv /etc/my.cnf ./ #移动默认my.cnf配置
  • vim my.cnf #设置基本配置basedir、datadir等,参考一下案例
  • cd support-files/
  • vim mysql.server #修改basedir、datadir与my.cnf保持一致
  • cd /usr/local/webserver
  • chown mysql.mysql ./mysql -R
  • mkdir -p /data/mysql3306/data
  • chown mysql.mysql /data/mysql3306/ -R
  • mysql/bin/mysqld --initialize --user=mysql --basedir=/opt/mysql/ --datadir=/data/mysql3306/data
  • (注:这时候会显示出root的默认密码,需要记录下来)
  • #记录初始化root密码
  • /usr/local/webserver/mysql/support-files/mysql.server start
  • /usr/local/webserver/mysql/bin/mysql -uroot -p -S/data/mysql3306/mysql.sock --default-character-set=utf8
  • mysql> set password for root@localhost = password('root'); #初始化root密码
  • mysql> grant select,update,delete,insert on erp_doraemon.* to erp_doraemon@localhost identified by 'qz0OYN5ANiZuT7aV#c';
  • mysql> flush privileges;
  • mysql> \q
  • /usr/local/webserver/mysql/support-files/mysql.server restart

#创建有所有权限的用户(慎用)

  • mysql> CREATE USER 'yuzhenque'@'%'IDENTIFIED BY '88888888'; //添加用户
  • mysql> GRANT ALL ON . TO 'yuzhenque'@'%'; //赋值权限
  • mysql> GRANT ALL ON . TO 'yuzhenque'@'%'; GRANT ALL ON . TO 'yuzhenque'@'%'; GRANT ALL ON . TO 'yuzhenque'@'%'; //刷新权限
  • mysql> SHOW GRANTS FOR 'yuzhenque'@'%'; //验证用户权限是否赋值成功
  • 附:my.cnf 配置如下
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/5.7/en/server-configuration-defaults.html
# *** DO NOT EDIT THIS FILE. It's a template which will be copied to the
# *** default location during install, and will be replaced if you
# *** upgrade to a newer version of MySQL.

[mysqld]

# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M

# Remove leading # to turn on a very important data integrity option: logging
# changes to the binary log between backups.
# log_bin

# These are commonly set, remove the # and set as required.
# basedir = .....
# datadir = .....
# port = .....
# server_id = .....
# socket = .....

# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M 
basedir = /usr/local/webserver/mysql
datadir = /data/mysql3306/data
port = 3306
# server_id = .....
#socket = /data/mysql3306/mysql3306.sock
pid-file = /data/mysql3306/mysql.pid

max_connections=200
key_buffer_size=200M
low_priority_updates=1
table_open_cache = 8000
back_log=1500
query_cache_type=0
table_open_cache_instances=16

innodb_buffer_pool_size=4000M
innodb_buffer_pool_instances=32
innodb_log_buffer_size=64M
join_buffer_size=32K
sort_buffer_size=32K

innodb_file_per_table=1
innodb_checksums=0
innodb_doublewrite=0
innodb_support_xa=0
innodb_thread_concurrency=0
innodb_flush_log_at_trx_commit=2
innodb_max_dirty_pages_pct=50
innodb_use_native_aio=1
innodb_stats_persistent=1

slow_query_log = 1
slow_query_log_file = /data/logs/mysql3306_slow_query.log
long_query_time = 5
log_queries_not_using_indexes = ON

server-id = 1
log-bin=mysql-bin
expire_logs_days=15

sql_mode=NO_ENGINE_SUBSTITUTION

安装libmcrypt

安装php5.6

vi /etc/ld.so.conf.d/local.conf     # 编辑库文件
/usr/local/lib                                 # 添加该行
/usr/local/lib64                             # 添加该行
:wq                                              # 保存退出
ldconfig -v 
  • cd php-5.6.31
./configure \
--prefix=/usr/local/webserver/php5.6 \
--with-config-file-path=/usr/local/webserver/php5.6/etc \
--enable-fpm \
--with-fpm-user=www \
--with-fpm-group=www \
--enable-soap \
--enable-gd-native-ttf \
--enable-ftp \
--enable-mbstring \
--enable-exif \
--enable-pdo \
--enable-mbstring \
--enable-opcache \
--enable-sockets \
--enable-pcntl \
--enable-zip \
--enable-calendar \
--enable-bcmath \
--enable-intl \
--with-pdo-mysql \
--with-mysql \
--with-mysqli \
--with-libxml-dir \
--with-pcre-dir \
--with-gd \
--with-vpx-dir \
--with-jpeg-dir \
--with-png-dir \
--with-freetype-dir \
--with-xpm-dir \
--with-iconv-dir \
--with-zlib-dir \
--with-mcrypt \
--with-zlib \
--with-curl \
--with-openssl \
--with-gettext \
--with-mhash \
--with-ldap \
--with-libdir=lib64 \
--without-pear \
--disable-phar
  • make && make install
  • cd /usr/local/webserver/php5.6/etc
  • cp /opt/zend-loader-php5.6-linux-x86_64/ZendGuardLoader.so ../lib/php/extensions/no-debug-non-zts-20131226/
  • ###cp /opt/zend-loader-php5.6-linux-x86_64/opcache.so ./lib/php/extensions/no-debug-non-zts-20131226/
  • cp /opt/php-5.6.37/php.ini-development php.ini
  • cp php-fpm.conf.default php-fpm.conf
  • 编辑php.ini,在末尾加入
zend_extension= /usr/local/webserver/php5.6/lib/php/extensions/no-debug-non-zts-20131226/ZendGuardLoader.so
zend_loader.enable=3
zend_loader.disable_licensing=0
zend_loader.obfuscation_level_support=3

部署应用

  • mkdir -p /data/www/erp_doraemon/sitedata

相关文件路径

  • nginx
    • 安装路径/usr/local/webserver/nginx
    • 配置文件/usr/local/webserver/nginx/conf
    • 启动/usr/local/webserver/nginx/sbin/nginx
    • 强制关闭 pkill -9 nginx
  • mysql
    • 安装路径/opt/mysql/
    • 配置文件/opt/mysql/my.cnf
    • 启动/opt/mysql/support-files/mysql.server start
    • 帐号密码:
      • root/root@isnosafe
      • op/t1234567(程序使用)
  • php&php-fpm
    • 安装路径/usr/local/webserver/php5.6/
    • 配置文件/usr/local/webserver/php5.6/etc
    • 启动 /usr/local/webserver/php5.6/sbin/php-fpm start
  • 开机启动
    • /usr/local/webserver/auto_start

root防护

  • useradd tripdc
  • passwd tripdc
  • vi /etc/ssh/sshd_config
  • port/PermitRootLogin
  • service sshd restart

附:配置笔记

nginx配置

  • 文件/usr/local/webserver/nginx/conf/nginx.conf 末添加
include /usr/local/webserver/nginx/conf/vhost/*.conf;
  • 文件/usr/local/webserver/nginx/conf/nginx.conf参考配置
  • 其中 worker_processes 根据cpu核数配置,多少核就配置多少,可通过命令top,按1查看
user  www www;
worker_processes  8;
#worker_cpu_affinity auto;
error_log  /data/logs/nginx_error.log;
pid        /usr/local/webserver/nginx/nginx.pid;

worker_rlimit_nofile 65535;
events {
    use epoll;
    worker_connections  1024;
}


http {
  include       mime.types;
  default_type  application/octet-stream;

      
  server_names_hash_bucket_size 128;
  client_header_buffer_size 32k;
  large_client_header_buffers 4 32k;
  client_max_body_size 16m;
      
  sendfile on;
  tcp_nopush     on;

  keepalive_timeout 10;

  tcp_nodelay on;

  fastcgi_connect_timeout 300;
  fastcgi_send_timeout 300;
  fastcgi_read_timeout 300;
  fastcgi_buffer_size 64k;
  fastcgi_buffers 8 128k;
  fastcgi_busy_buffers_size 128k;
  fastcgi_temp_file_write_size 128k;

  gzip on;
  gzip_min_length  1k;
  gzip_buffers     4 16k;
  gzip_http_version 1.0;
  gzip_comp_level 6;
  gzip_types       text/plain application/x-javascript text/css application/xml;
  gzip_vary on;

  #limit_zone  crawler  $binary_remote_addr  10m;


  log_format combined_hx '$remote_addr - $server_addr [$time_local] $request_method $http_host $request_uri $request_time $status $body_bytes_sent "$http_referer" '  '"$http_user_agent" $http_x_forwarded_for';
  log_not_found off;  
  #access_log off; 
  access_log /data/logs/nginx_access.log combined_hx;

  #server{
  #      listen 80;
  #      root /data/www/test/;
  #      index index.php index.html;
  #     include php_ci.conf;

  #}

  include vhosts/*.conf;
}

-创建配置文件目录/usr/local/webserver/nginx/conf/vhosts

mkdir /usr/local/webserver/nginx/conf/vhosts
  • 目录/usr/local/webserver/nginx/conf添加文件php_ci.conf
location ~ ^(.*)\/\.svn\/
{
    deny all;
}
location ~ .*\.php?
{
    #fastcgi_pass  unix:/tmp/php-cgi.sock;
    fastcgi_pass  127.0.0.1:9000;
    fastcgi_index index.php;

    if ($request_filename ~* (.*)\.php) {
        set $php_url $1;
    }
    if (!-e $php_url.php) {
        return 403;
    }

    fastcgi_split_path_info ^(.+\.php)(.*)$;
    fastcgi_param   PATH_INFO         $fastcgi_path_info;

    fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
    fastcgi_param  SERVER_SOFTWARE    nginx;

    fastcgi_param  QUERY_STRING       $query_string;
    fastcgi_param  REQUEST_METHOD     $request_method;
    fastcgi_param  CONTENT_TYPE       $content_type;
    fastcgi_param  CONTENT_LENGTH     $content_length;

    fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
    fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
    fastcgi_param  REQUEST_URI        $request_uri;
    fastcgi_param  DOCUMENT_URI       $document_uri;
    fastcgi_param  DOCUMENT_ROOT      $document_root;
    fastcgi_param  SERVER_PROTOCOL    $server_protocol;

    fastcgi_param  REMOTE_ADDR        $remote_addr;
    fastcgi_param  REMOTE_PORT        $remote_port;
    fastcgi_param  SERVER_ADDR        $server_addr;
    fastcgi_param  SERVER_PORT        $server_port;
    fastcgi_param  SERVER_NAME        $server_name;

    # PHP only, required if PHP was built with --enable-force-cgi-redirect
    fastcgi_param  REDIRECT_STATUS    200;

}
  • 目录/usr/local/webserver/nginx/conf添加文件extra.conf
 location ~ .*\.(gif|jpg|ico|png)$
    {
        expires      7d;
        access_log off;
    }

    location ~ .*\.(js|css)?$
    {
        expires      6h;
        access_log off;
    }
  • 目录/usr/local/webserver/nginx/conf/vhost添加文件erp.conf
server
{
    listen  80;
    server_name erp.domain.com;
    index index.html index.php;
    root  /data/www/erp_doraemon/webapp;

    include php_ci.conf;
    include extra.conf;

    location /static/ {
        location ~ .*\.(php)?$
        {
            deny all;
        }
    }
    location /static_m/ {
        location ~ .*\.(php)?$
        {
            deny all;
        }
    }

    location / {
        if (!-e $request_filename) {
            rewrite ^/(.*)$ /index.php/$1 last;
        }
    }
    access_log /data/logs/web/erp_doraemon.log combined_hx;
}

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

我来说两句

0 条评论
登录 后参与评论

相关文章

  • CentOS 7 解决丢失 nginx.pid

    出现错误就要解决错误。从上图中可以看出,错误原因是缺少 nginx.pid 这个文件,这个文件中的内容只有一行,记录的是相应进程的 pid,即进程号。 解决的...

    用户7657330
  • 应用服务器安装手册

    用户7657330
  • linux下的定时任务处理

    cron是linux的一个定时任务执行工具,而crondtab是周期性执行命令,crond则是定时任务的守护进程。下面我们进行一些实践,希望小伙伴看完能跟着练习...

    用户7657330
  • Git Reset命令

    Git分为三个区: 工作区(Working Directory):没有修改、修改后未使用git add的文件 暂存区(Staged):新增/修改后的文件调用...

    None_Ling
  • docker学习(6) docker中搭建java服务及nginx反向代理

    上图中mysql容器的搭建见上篇博客,service1/2为java rest service,创建脚本如下:

    菩提树下的杨过
  • Python爬虫解析奥斯卡最佳影片《寄生虫》

    在看厌了各种关于武汉疫情的新闻报道和自媒体文章产生之后,今天小编来讲讲文娱方面的大事儿。大洋彼岸的“奥斯卡”电影节上,韩国电影《寄生虫》出人意料的赢得了最佳影片...

    用户6888863
  • centos7 nginx加入服务

    将以下内容写入到文件 /lib/systemd/system/nginx.service

    小贝壳
  • Ubuntu环境编译安装PHP和Nginx的方法

    本文实例讲述了Ubuntu环境编译安装PHP和Nginx的方法。分享给大家供大家参考,具体如下:

    砸漏
  • 某CMS后台拿shell

    接触渗透时间,按暑假来算的话已经2个月多了,接触渗透几天,瞎打瞎闹拿了个shell,之后各种查资料查姿势,终于提权成功了。 然后就自认为渗透真简单,天天批量扫注...

    用户1467662
  • Python爬虫解析奥斯卡最佳影片《寄生虫》

    在看厌了各种关于武汉疫情的新闻报道和自媒体文章产生之后,今天小编来讲讲文娱方面的大事儿。大洋彼岸的“奥斯卡”电影节上,韩国电影《寄生虫》出人意料的赢得了最佳影片...

    用户6888863

扫码关注云+社区

领取腾讯云代金券