记录下CentOS7下手动部署Nginx+MySQL+PHP的方法[附修改Nginx的Hearder名称]
介绍:
Nginx (读“engine x”)是一款免费、开源、高性能的HTTP服务器。
更新系统 [root@www ~]# yum -y update && yum -y update
安装用到的工具 安装开发工具
$ yum -y update && yum -y upgrade //更新系统组件 $ yum install -y vim screen //安装实用工具 $ screen -S install //使用screen防止ssh链路故障导致后续的编译步骤中断 $ yum install -y gcc gcc-c++ make cmake libxml2 libxml2-devel openssl-devel bison bison-devel make autoconf automake curl-devel gcc zlib-devel openssl pcre-devel gd kernel keyutils patch perl kernel-headers compat* mpfr cpp glibc libgomp libstdc++-devel ppl cloog-ppl keyutils-libs-devel libcom_err-devel libsepol-devel libselinux-devel krb5-devel zlib-devel libXpm* freetype libjpeg* libpng* ncurses* libtool* libxml2 libxml2-devel freetype-devel --skip-broken
建立运行网站和数据库必要的用户和组 添加运行nginx服务进程的用户
groupadd -r nginx useradd -r -g nginx nginx
建立安装临时目录 下载源码包 【以下源码截至2018年11月9日均为最新】
Nginx:http://nginx.org/en/download.html http://php.net/downloads.php https://dev.mysql.com/get/Downloads/MySQL-5.7/
$ wget http://nginx.org/download/nginx-1.15.6.tar.gz $ wget http://au1.php.net/distributions/php-7.2.12.tar.gz $ wget https://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.24-el7-x86_64.tar.gz
编译Nginx 安装 vim 和 unzip 下载软件用于编辑和解压缩文件。运行命令:
$ yum install -y vim unzip
linux 终端颜色修改 $ yum install -y vim $ vim ~/.bashrc PS1="\[\e[36;40m\][\[\e[31;40m\]\h\[\e[33;40m\]@\[\e[32;40m\]\u\[\e[33;40m\]@\[\e[36;40m\]\w\[\e[33;40m\]@\[\e[35;40m\]\#\[\e[36;40m\]]\[\e[34;40m\]~$ \[\e[0m\]"
在PS1中设置字符颜色的格式为:\[\e[F;Bm\]........\[\e[0m\],其中“F“为字体颜色,编号为30-37,“B”为背景颜色,编号为40-47,\[\e[0m\]作为颜色设定的结束。
颜色对照表:
F
B
color
备注
30
40
黑色
31
41
红色
32
42
绿色
33
43
黄色
34
44
蓝色
在cmd里显示效果很差
35
45
紫红色
和powershell的紫色背景完全融为一体
36
46
青蓝色
37
47
白色
要使用颜色只需将对应数字套入设置格式中即可。 比如要设置命令行的格式为绿字黑底(\[\e[32;40m\]),显示当前用户的账号名称(\u)、主机的第一个名字(\h)、完整的当前工作目录名称(\w)、24小时格式时间(\t)。
设置vim 行号 在里面输入
下载完成后目录如下
[root@www make]$ ls php-7.2.12.tar.gz nginx-1.15.6.tar.gz mysql-5.7.24-el7-x86_64.tar.gz
修改Nginx+编译 [root@www make]$ tar zxvf nginx-1.15.6.tar.gz
以下为修改nginx名称和版本号步骤【无需要可跳过】 以下选做
nginx.h [root@www make]$ cd nginx-1.15.6/src/core [root@www core]$ vi nginx.h
#ifndef _NGINX_H_INCLUDED_ #define _NGINX_H_INCLUDED_ #define nginx_version 1013008 #define NGINX_VERSION "1.13.8" #define NGINX_VER "nginx/" NGINX_VERSION #ifdef NGX_BUILD #define NGINX_VER_BUILD NGINX_VER " (" NGX_BUILD ")" #else #define NGINX_VER_BUILD NGINX_VER #endif #define NGINX_VAR "NGINX" #define NGX_OLDPID_EXT ".oldbin" #endif
[root@www core]$ cd nginx-1.15.6/src/http [root@www http]$ vi ngx_http_header_filter_module.c
#include <ngx_config.h> #include <ngx_core.h> #include <ngx_http.h> #include <nginx.h> static ngx_int_t ngx_http_header_filter_init (ngx_conf_t *cf) ;static ngx_int_t ngx_http_header_filter (ngx_http_request_t *r) ;static ngx_http_module_t ngx_http_header_filter_module_ctx = { NULL , ngx_http_header_filter_init, NULL , NULL , NULL , NULL , NULL , NULL , }; ngx_module_t ngx_http_header_filter_module = { NGX_MODULE_V1, &ngx_http_header_filter_module_ctx, NULL , NGX_HTTP_MODULE, NULL , NULL , NULL , NULL , NULL , NULL , NULL , NGX_MODULE_V1_PADDING }; static u_char ngx_http_server_string[] = "Server: nginx" CRLF; static u_char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF;static u_char ngx_http_server_build_string[] = "Server: " NGINX_VER_BUILD CRLF;………………………………
ngx_http_special_response.c [root@www http]$ vi ngx_http_special_response.c
#include <ngx_config.h> #include <ngx_core.h> #include <ngx_http.h> #include <nginx.h> static ngx_int_t ngx_http_send_error_page (ngx_http_request_t *r, ngx_http_err_page_t *err_page) ;static ngx_int_t ngx_http_send_special_response (ngx_http_request_t *r, ngx_http_core_loc_conf_t *clcf, ngx_uint_t err) ;static ngx_int_t ngx_http_send_refresh (ngx_http_request_t *r) ;static u_char ngx_http_error_full_tail[] ="<hr><center>" NGINX_VER "</center>" CRLF"</body>" CRLF"</html>" CRLF; static u_char ngx_http_error_build_tail[] ="<hr><center>" NGINX_VER_BUILD "</center>" CRLF"</body>" CRLF"</html>" CRLF; static u_char ngx_http_error_tail[] ="<hr><center>nginx</center>" CRLF "</body>" CRLF"</html>" CRLF;
编译Nginx
/configure: error: the HTTP rewrite module requires the PCRE library. You can either disable the module by using –without-http_rewrite_module option, or install the PCRE library into the system, or build the PCRE library statically from the source with nginx by using –with-pcre= option.
解决办法:安装pcre-develyum -y install pcre-devel
/configure: error: the HTTP gzip module requires the zlib library. You can either disable the module by using –without-http_gzip_module option, or install the zlib library into the system, or build the zlib library statically from the source with nginx by using –with-zlib= option.
解决办法:安装zlib-develyum install -y zlib-devel
[root@www http]$ cd [root@www http]$ yum groupinstall "Development tools" [root@www http]$ yum -y install gcc wget gcc-c++ automake autoconf libtool libxml2-devel libxslt-devel perl-devel perl-ExtUtils-Embed pcre-devel openssl-devel [root@www http]$./configure \ --prefix=/usr/local/nginx \ --sbin-path=/usr/sbin/nginx \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx.pid \ --lock-path=/var/run/nginx.lock \ --http-client-body-temp-path=/var/tmp/nginx/client \ --http-proxy-temp-path=/var/tmp/nginx/proxy \ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi \ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \ --http-scgi-temp-path=/var/tmp/nginx/scgi \ --user=nginx \ --group=nginx \ --with-pcre \ --with-http_v2_module \ --with-http_ssl_module \ --with-http_realip_module \ --with-http_addition_module \ --with-http_sub_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_stub_status_module \ --with-http_auth_request_module \ --with-mail \ --with-mail_ssl_module \ --with-file-aio \ --with-threads \ --with-stream \ --with-stream_ssl_module [root@www nginx-1.15.6]$ make -j2 && make install [root@www nginx-1.15.6]$ mkdir -pv /var/tmp/nginx/client
配置Nginx 进入conf目录
[root@www nginx-1.15.6]$ cd /etc/nginx/
然后编辑nginx.conf为如下内容
user nginx www; worker_processes auto; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} #虚拟主机 include /home/wwwroot/vhost/*.conf; }
看到配置文件的最后一句,大家应该能想到这么做是为了多虚拟主机支持,可以分别管理每个虚拟主机的配置文件。当然如果你确定你的服务器上不会有第二个网站,也可以把server节配置都写到nginx.conf文件里。
配置虚拟主机 虚拟主机目录为:/home/wwwroot/vhost/
Demo:
server { listen 80; #监听端口 listen [::]:80; #IPV6支持 #listen 443 spdy; #https #listen [::]:443 spdy; #IPV6 HTTPS server_name www.example.com; #您的域名 index index.html index.php; set $subdomain ''; root /home/www/www.example.com$subdomain; #include /home/www/rewrite/xxx.conf; #包含rewrite规则文件 ### SSL 配置,如果您需要,请取消本段的注释并做好配置 #ssl on; #ssl_protocols TLSv1.2 TLSv1.1 TLSv1; #ssl_ciphers CHACHA20:GCM:CFB:HIGH:!DH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS; #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; #ssl_prefer_server_ciphers on; #ssl_stapling on; #ssl_stapling_verify on; #ssl_certificate /path/to/public.crt; #ssl_certificate_key /path/to/private.key; ############ location ~ .*.php(/.*)*$ { fastcgi_pass unix:/tmp/php-cgi-www.example.com.sock; fastcgi_index index.php; include fastcgi.conf; #fastcgi_param HTTPS $https if_not_empty; #如果是HTTPS站点请取消此行注释 fastcgi_param DOCUMENT_ROOT /home/wwwroot/domain/www.example.com$subdomain; fastcgi_param SCRIPT_FILENAME /home/wwwroot/domain/www.example.com$subdomain$fastcgi_script_name; } location ~ .*.(gif|jpg|jpeg|png|bmp|swf|flv|mp3|wma)$ { expires 30d; } location ~ .*.(js|css)$ { expires 12h; } access_log off; error_log /dev/null; }
添加SysV 启动脚本 [root@www nginx-1.15.6]$ vim /etc/init.d/nginx # !/bin/sh # # # description: Nginx is an HTTP(S) server, HTTP(S) reverse \ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /etc/nginx/nginx.conf # config: /etc/sysconfig/nginx # pidfile: /var/run/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/sbin/nginx" prog=$(basename $nginx) NGINX_CONF_FILE="/etc/nginx/nginx.conf" [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx lockfile=/var/lock/subsys/nginx start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval killall -9 nginx } restart() { configtest || return $? stop sleep 1 start } reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $ nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac
赋予脚本执行权限
[root@www nginx-1.15.6]$ chmod +x /etc/init.d/nginx
添加至服务管理列表,设置开机启动
[root@www nginx-1.15.6]$ chkconfig --add nginx [root@www nginx-1.15.6]$ chkconfig nginx on
启动服务
[root@www nginx-1.15.6]$ service nginx start
编译安装MySQL 依次执行以下命令检查系统中是否存在使用 rpm 安装的 MySQL 或者 MariaDB。
$ rpm -qa | grep mysql $ rpm -qa | grep mariadb
如果已经安装,则运行以下任一个命令删除。
$ rpm -e 软件名 $ rpm -e --nodeps 软件名
依次运行以下命令安装 MySQL。
$ yum install -y libaio-* $ mkdir -p /usr/local/mysql$ cd /make$ tar -xzvf mysql-5.7.24-el7-x86_64.tar.gz $ mv mysql-5.7.24-el7-x86_64/* /usr/local/mysql/
依次运行以下命令建立 mysql 组和用户,并将 mysql 用户添加到 mysql 组。
$ groupadd mysql $ useradd -g mysql -s /sbin/nologin mysql
运行命令初始化 MySQL 数据库。 $ /usr/local/mysql/bin/mysqld --initialize-insecure --datadir=/usr/local/mysql/data/ --user=mysql
这一步可能会报错:/usr/local/mysql/bin/mysqld: error while loading shared libraries: libnuma.so.1: cannot open shared object file: No such file or directoryyum -y install numactl就可以解决这个问题了.
更改 mysql 安装目录的属性 $ chown -R mysql:mysql /usr/local/mysql
依次运行以下命令设置开机自启动 $ cd /usr/local/mysql/support-files/$ cp mysql.server /etc/init.d/mysqld$ chmod +x /etc/init.d/mysqld$ chkconfig --add mysqld $ chkconfig mysqld on
设置环境变量 $ vim /root/.bash_profile PATH=$PATH:$HOME/bin:/usr/local/mysql/bin:/usr/local/mysql/lib # 再原来的基础上加入mysql $ source /root/.bash_profile
启动服务
编译安装PHP-fpm Nginx本身不能处理PHP,作为web服务器,当它接收到请求后,不支持对外部程序的直接调用或者解析,必须通过FastCGI进行调用。如果是PHP请求,则交给PHP解释器处理,并把结果返回给客户端。PHP-FPM是支持解析php的一个FastCGI进程管理器。提供了更好管理PHP进程的方式,可以有效控制内存和进程、可以平滑重载PHP配置。
安装依赖包 [www@root@/home/www@31]$ yum install -y libmcrypt* mhash* libxml2 libxml2-devel bzip2 bzip2-devel freetype.x86_64 freetype-devel.x86_64 libjpeg-turbo-devel libcurl-devel libpng libpng-devel
可能会提示:No package libmcrypt* available.
[www@root@/home/www@32]$ yum install epel-release [www@root@/home/www@33]$ yum update [www@root@/home/www@34]$ yum install libmcrypt libmcrypt-devel mcrypt mhash
然后进入make目录 解压php并编译安装
[www@root@/make@20]~$ cd php-7.2.12[www@root@/make/php-7.2.12@21]~$ ./configure \ --prefix=/usr/local/php \ --enable-mysqlnd \ --with-mysqli=mysqlnd --with-openssl \ --with-pdo-mysql=mysqlnd \ --enable-mbstring \ --with-freetype-dir \ --with-gd \ --with-jpeg-dir \ --with-png-dir \ --with-zlib --with-libxml-dir=/usr \ --enable-xml --enable-sockets \ --with-mcrypt --with-config-file-path=/etc \ --with-config-file-scan-dir=/etc/php.d \ --enable-maintainer-zts \ --disable-fileinfo --with-bz2\ --enable-fpm\ --with-curl\ --enable-pcntl\ --without-pear
可能会提示configure: WARNING: unrecognized options: --with-mcrypthttps://github.com/kasparsd/php-7-debian/issues/55
In PHP 7.2 the following configuration options are no longer supported
Remove ‘with-mcrypt’ - it’s deprecated since PHP 7.1
PHP7.1开始已经移除了mcrypt --with-mcrypt --with-config-file-path=/etc \再执行遍
[www@root@/make/php-7.2.12@22]~$ ./configure \ --prefix=/usr/local/php \ --enable-mysqlnd \ --with-mysqli=mysqlnd --with-openssl \ --with-pdo-mysql=mysqlnd \ --enable-mbstring \ --with-freetype-dir \ --with-gd \ --with-jpeg-dir \ --with-png-dir \ --with-zlib --with-libxml-dir=/usr \ --enable-xml --enable-sockets \ --with-config-file-scan-dir=/etc/php.d \ --enable-maintainer-zts \ --disable-fileinfo --with-bz2\ --enable-fpm\ --with-curl\ --enable-pcntl\ --without-pear
然后make -j6 && make -j6 install
添加php和php-fpm配置文件 [www@root@/make@30]~$ cp /make/php-7.2.12/php.ini-production /etc/php.ini[www@root@/make@31]~$ cd /usr/local/php/etc/[www@root@/make@32]~$ cp php-fpm.conf.default php-fpm.conf[www@root@/usr/local/php/etc@33]~$ sed -i 's@;pid = run/php-fpm.pid@pid = /usr/local/php/var/run/php-fpm.pid@' php-fpm.conf
设置PHP环境变量 [www@root@/usr/local/php/etc@34]~$ vi /root/.bash_profile PATH=$PATH:$HOME/bin:/usr/local/mysql/bin:/usr/local/mysql/lib:/usr/local/php/bin
在PATH后面加上 /usr/local/php/bin
[www@root@/usr/local/php/etc@35]~$ source /root/.bash_profile
添加php-fpm启动脚本 [www@root@/usr/local/php/etc@36]~$ cp /make/php-7.2.12/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm[www@root@/usr/local/php/etc@37]~$ chmod +x /etc/init.d/php-fpm
添加php-fpm至服务列表并设置开机自启 [www@root@/usr/local/php/etc@38]~$ chkconfig --add php-fpm [www@root@/usr/local/php/etc@39]~$ chkconfig --list php-fpm Note: This output shows SysV services only and does not include native systemd services. SysV configuration data might be overridden by native systemd configuration. If you want to list systemd services use 'systemctl list-unit-files'. To see services enabled on particular target use 'systemctl list-dependencies [target]'. php-fpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off [www@root@/usr/local/php/etc@40]~$ chkconfig php-fpm on [www@root@/usr/local/php/etc@41]~$ cd /usr/local/php/etc/php-fpm.d[www@root@/usr/local/php/etc/php-fpm.d@42]~$ cp www.conf.default www.conf
启动服务 [www@root@/usr/local/php/etc/php-fpm.d@43]~$ service php-fpm start Starting php-fpm done
添加nginx对fastcgi的支持 主文件模式 该步骤选做
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
编辑/etc/nginx/nginx.conf,在所支持的主页面格式中添加php格式的主页,类似如下:
location / { root /usr/local/nginx/html; index index.php index.html index.htm; }
取消一下内容前面的注释
location ~ \.php$ { root /usr/local/nginx/html/; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $doucment_root$fastcgi_script_name; include fastcgi_params; }
重新载入nginx的配置文件。
虚拟主机模式 server { listen 80; #监听端口 listen [::]:80; #IPV6支持 #listen 443 spdy; #https #listen [::]:443 spdy; #IPV6 HTTPS server_name www.example.com; #您的域名 index index.php index.html index.php; set $subdomain ''; root /home/www/www_example_com$subdomain; #include /home/www/rewrite/xxx.conf; #包含rewrite规则文件 ### SSL 配置,如果您需要,请取消本段的注释并做好配置 #ssl on; #ssl_protocols TLSv1.2 TLSv1.1 TLSv1; #ssl_ciphers CHACHA20:GCM:CFB:HIGH:!DH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS; #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; #ssl_prefer_server_ciphers on; #ssl_stapling on; #ssl_stapling_verify on; #ssl_certificate /path/to/public.crt; #ssl_certificate_key /path/to/private.key; ############ location ~ \.php$ { root /home/www/www_example_com/; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /home/www/www_example_com/$fastcgi_script_name; include fastcgi_params; } location ~ .*.(gif|jpg|jpeg|png|bmp|swf|flv|mp3|wma)$ { expires 30d; } location ~ .*.(js|css)$ { expires 12h; } access_log off; error_log /dev/null; }
安装composer curl -sS https://getcomposer.org/installer | php mv composer.phar /usr/local/bin/composer
注意 此时mysql是空密码。
安全起见,需要设置密码
mysql> set password for 'root'@'localhost'=password('123'); mysql> flush privileges;
nginx设置后可能会出现报错File not foundlocation ~ .php$ 配置项,发现了一行fastcgi_param的配置,然后将其改成了nginx的默认web目录,再次重启nginx服务后,发现可以进行访问了。fastcgi_param SCRIPT_FILENAME /home/www/www_example_com/$fastcgi_script_name;
至此 LNMP部署完毕
