Fedora17/16,CentOS/Red Hat(RHEL)6.3/5.8 配置 LEMP（譯）

##什麼是LEMP？ LEMP(Linux,Nginx,MySQL,PHP) 相對於LAMP來講也不遑多讓。

而對於新手來講，nginx配置更簡單，基於這種緣由，有人說Nginx比Apache強大。

固然，Nginx和Apache到底誰更優不是我能說得清楚的，不少大企業面臨這個選擇也是犯難，幸虧，這不在本文的討論範圍。

##教你安裝LEMP 關於Linux,Nginx,MySQL,PHP-FPM，官方文檔都有詳細的安裝說明文檔。

這個指南試圖詳盡地指導你在Fedora17/16/15/14,Centos 6.3/6.2/6.1/6/5.8,RedHat 6.3/6.3/6.1/6/5.8上面經過YUM的方式部署你的LEMP服務。

總得來講，可分爲三步：

1.安裝Linux(這個過程網上已有大量的教程，而且如今的Linux版本安裝過程至關友好)
2.安裝MySQL
3.安裝Nginx和PHP(PHP-FPM)

以上每一步，都是分開的。MySQ和Nginx還有PHP其實沒有多大的依賴關係。

##安裝MySQL5.5 MySQL 是一種關係型數據庫，至關多的CMS是使用這種數據庫的，幾乎能夠說，全部的開源PHP應用都是用MySQL，至少是支持的。好比國外的：drupal,joomla,wordpress.國內的：dedecms,帝國等等。

若是你是升級版本，請必定記得備份你的數據庫和Mysql配置文件，而且記得先運行下

mysql_upgrade

###1.更改權限

su -
## 或者 ##
sudo -i

###2.安裝 Remi repository

Fedora

## Remi Dependency on Fedora 18, 17, 16
rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm 
rpm -Uvh http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm
 
## Fedora 18 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-18.rpm
 
## Fedora 17 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-17.rpm
 
## Fedora 16 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-16.rpm
 
## Fedora 15 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-15.rpm
 
## Fedora 14 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-14.rpm
 
## Fedora 13 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-13.rpm
 
## Fedora 12 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-12.rpm

CentOS 和 Red Had(RHEL)

## Remi Dependency on CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
 
## CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
 
 
## Remi Dependency on CentOS 5 and Red Hat (RHEL) 5 ##
rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
 
## CentOS 5 and Red Hat (RHEL) 5 ## 
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm

###3.檢查可用的MySQL版本

Fedora 18,17,16,15,14,13,12

yum --enablerepo=remi list mysql mysql-server

CentOS 6.3/6.2/6.1/6/5.8 和 Red Hat(RHEL) 6.3/6.2/6.1/6/5.8

yum --enablerepo=remi,remi-test list mysql mysql-server

若是正常的話，輸出會像這個樣子

Loaded plugins: changelog, fastestmirror, presto, refresh-packagekit
...
remi                                                            | 3.0 kB     00:00     
remi/primary_db                                                 | 106 kB     00:00     
Available Packages
mysql.i686                               5.5.29-1.fc14.remi                        @remi
mysql-server.i686                        5.5.29-1.fc14.remi                        @remi

###4.升級或者安裝MySLQ 5.5.29

Fedora 18,17,16,15,14,13,12

yum --enablerepo=remi install mysql mysql-server

CentOS 6.3/6.2/6.1/6/5.8 和 Red Hat(RHEL) 6.3/6.2/6.1/6/5.8

yum --enablerepo=remi,remi-test install mysql mysql-server

###5.開啓MySQL服務而且配置其隨系統啓動

Fedora 18/17/16

systemctl start mysqld.service ## use restart after update
 
systemctl enable mysqld.service

Fedora 15/14/13/12/11, CentOS 6.3/6.2/6.1/6/5.8 和 Red Hat(RHEL) 6.3/6.2/6.1/5.8

/etc/init.d/mysqld start ## use restart after update
## 或者 ##
service mysqld start ## use restart after update
 
chkconfig --levels 235 mysqld on

###6.MySQL 安全安裝 這一步很容易忽略，可是它尤其重要。你能夠選擇手動完成如下任務，也可使用MySQL自帶的安全檢查步驟。

• 設置（更改）ROOT密碼
• 刪除匿名賬戶
• 不容許ROOT的遠程登陸
• 移出test數據庫
• 重建權限表

使用MySQL自帶的安全檢查：

/usr/bin/mysql_secure_installation

輸出會是這個樣子：

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
 
 
In order to log into MySQL to secure it, we\'ll need the current
password for the root user.  If you\'ve just installed MySQL, and
you haven\'t set the root password yet, the password will be blank,
so you should just press enter here.
 
Enter current password for root (enter for none): 
OK, successfully used password, moving on...
 
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
 
Set root password? [Y/n] Y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!
 
 
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.
 
Remove anonymous users? [Y/n] Y
 ... Success!
 
Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
 
Disallow root login remotely? [Y/n] Y
 ... Success!
 
By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
 
Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
 
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
 
Reload privilege tables now? [Y/n] Y
 ... Success!
 
Cleaning up...
 
 
 
All done!  If you\'ve completed all of the above steps, your MySQL
installation should now be secure.
 
Thanks for using MySQL!

注意：若是你有特別的緣由，不肯意使用MySQL自帶的安全檢查，你至少應該更改ROOT密碼。

mysqladmin -u root password [your_password_here]
 
## Example ##
mysqladmin -u root password myownsecrectpass

###7.本地鏈接MySQL數據庫

mysql -u root -p
 
## 或者 ##
mysql -h localhost -u root -p

###8.建立數據庫，建立用戶，容許遠程鏈接 這個示例將使用如下參數

• 數據庫（名字） = webdb
• 用戶 = webdb_user
• 遠程IP = 10.0.15.25
• 密碼 = password123
• 權限 = ALL

示例以下：

## CREATE DATABASE ##
mysql> CREATE DATABASE webdb;
 
## CREATE USER ##
mysql> CREATE USER 'webdb_user'@'10.0.15.25' IDENTIFIED BY 'password123';
 
## GRANT PERMISSIONS ##
mysql> GRANT ALL ON webdb.* TO 'webdb_user'@'10.0.15.25';
 
##  FLUSH PRIVILEGES, Tell the server TO reload the GRANT TABLES  ##
mysql> FLUSH PRIVILEGES;

遠程鏈接

1.編輯文件/etc/sysconfig/iptables:

vim /etc/sysconfig/iptables

2.在最後加入這一行

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

3.重啓防火牆

service iptables restart
## OR ##
/etc/init.d/iptables restart

4.測試遠程鏈接：

mysql -h dbserver_name_or_ip_address -u webdb_user -p webdb

##安裝Nginx和PHP-FPM ###1.更改用戶權限

sudo -i
##或者##
su -

###2.安裝依賴的repositiory

Fedora 17/16/15/14 Remi repository

## Remi Dependency on Fedora 17, 16
rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm 
rpm -Uvh http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm
 
## Fedora 17 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-17.rpm
 
## Fedora 16 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-16.rpm
 
## Fedora 15 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-15.rpm
 
## Fedora 14 ##
rpm -Uvh http://rpms.famillecollet.com/remi-release-14.rpm

CentOS 6.3/6.2/6.1/6/5.8 and Red Hat (RHEL) 6.3/6.2/6.1/6/5.8 Remi repository

## Remi Dependency on CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
 
## CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
 
 
## Remi Dependency on CentOS 5 and Red Hat (RHEL) 5 ##
rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
 
## CentOS 5 and Red Hat (RHEL) 5 ## 
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm

CentOS 6.3/6.2/6.1/6/5.8 and Red Hat (RHEL) 6.3/6.2/6.1/6/5.8的話，還須要在yum源裏添加nginx。 建立文件/etc/yum.repos.d/nginx.repo，而後加入如下內容 CentOS

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

Red Hat (RHEL)

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/
gpgcheck=0
enabled=1

###3.安裝nginx,PHP5.4.10和PHP-FPM Fedora 17/16/15/14, CentOS 6.3/5.8 and Red Hat (RHEL) 6.3/5.8

yum --enablerepo=remi install nginx php php-fpm php-common

CentOS 6.3/5.8 and Red Hat (RHEL) 6.3/5.8

yum --enablerepo=remi,remi-test install nginx php php-fpm php-common

###4.安裝PHP5.4.10的模塊

• APC (php-pecl-apc) – APC緩存和加速
• CLI (php-cli) – 命令行接口
• PEAR (php-pear) – PHP的一個擴展庫
• PDO (php-pdo) – 數據庫鏈接的抽象層的一個庫
• MySQL (php-mysql) – 使得PHP能使用mysql的一個模塊
• PostgreSQL (php-pgsql) – 使PHP能使用PostgreSQL的模塊
• MongoDB (php-pecl-mongo) – PHP的MongoDB驅動
• SQLite (php-sqlite) – 使用SQLite V2 擴展
• Memcache (php-pecl-memcache) – 可以使用Memcached緩存系統的擴展
• Memcached (php-pecl-memcached) –可以使用Memcached緩存服務的擴展
• GD (php-gd) – GD庫
• XML (php-xml) – XML庫
• MBString (php-mbstring) – mbstring庫，可處理多國語言字符
• MCrypt (php-mcrypt) – 標準mcrypt庫，用於字符串加密

Fedora 17/16/15/14

yum --enablerepo=remi install php-pecl-apc php-cli php-pear php-pdo php-mysql php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

CentOS 6.3/5.8 and Red Hat (RHEL) 6.3/5.8

yum --enablerepo=remi,remi-test install php-pecl-apc php-cli php-pear php-pdo php-mysql php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

###5.中止httpd(Apache)服務，開啓Nginx和PHP-FPM服務。 中止 httpd(Apache)

/etc/init.d/httpd stop
## OR ##
service httpd stop

開啓Nginx

/etc/init.d/nginx start ## use restart after update
## OR ##
service nginx start ## use restart after update

開啓PHP-FPM

/etc/init.d/php-fpm start ## use restart after update
## OR ##
service php-fpm start ## use restart after update

###6.使Nginx和PHP-FPM隨系統啓動而啓動 取消httpd的啓動

chkconfig httpd off

自動啓動Nginx

chkconfig --add nginx
chkconfig --levels 235 nginx on

自動啓動PHP-FPM

chkconfig --add php-fpm
chkconfig --levels 235 php-fpm on

###7.配置Nginx和PHP-FPM 例子中使用testsite.local做爲站點，可是這不是正式的站點。 正式的站點是像blog.mlskill.com這個樣子

## public_html directory and logs directory ##
mkdir -p /srv/www/testsite.local/public_html
mkdir /srv/www/testsite.local/logs
chown -R apache:apache /srv/www/testsite.local

非必須的步驟，添加日誌到/var/log目錄

## public_html directory and logs directory ##
mkdir -p /srv/www/testsite.local/public_html
mkdir -p /var/log/nginx/testsite.local
chown -R apache:apache /srv/www/testsite.local
chown -R nginx:nginx /var/log/nginx

【注意】我在這裏用戶和用戶組都使用Apache是由於PHP-FPM默認是以apache爲用戶的，你也能夠自定義。

建立站點的nginx的配置文件

mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled

在/etc/nginx/nginx.conf文件中加入下面這行，在include /etc/nginx/conf.d/*.conf這行後面（在http的大括號裏面）

## Load virtual host conf files. ##
include /etc/nginx/sites-enabled/*;

建立testsites.local虛擬站點文件

把下面的內容加入/etc/nginx/sites-available/testsite.local。這是最基礎的站點配置。

server {
    server_name testsite.local;
    access_log /srv/www/testsite.local/logs/access.log;
    error_log /srv/www/testsite.local/logs/error.log;
    root /srv/www/testsite.local/public_html;
 
    location / {
        index index.html index.htm index.php;
    }
 
    location ~ \.php$ {
        include /etc/nginx/fastcgi_params;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /srv/www/testsite.local/public_html$fastcgi_script_name;
    }
}

將你的虛擬站點連接到/etc/nginx/sites-enabled已開啓站點

cd /etc/nginx/sites-enabled/
ln -s /etc/nginx/sites-available/testsite.local
service nginx restart

將testsite.local做爲域名加入/etc/hosts文件

127.0.0.1               localhost.localdomain localhost testsite.local

若是你使用另一臺機器做爲你的Nginx服務器，把它的公有IP加入/etc/hosts

10.0.2.19				wordpress

###8.測試 建立一個測試文件 /srv/www/testsite.local/publick_html/index.php

<?php 
    echo phpinfo();
?>

在你的瀏覽器地址欄輸入 http://testsite.local/ 你就能看到你的PHP信息了。

遠程鏈接

1.編輯文件/etc/sysconfig/iptables:

vim /etc/sysconfig/iptables

2.在最後加入這一行

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

3.重啓防火牆

service iptables restart
## OR ##
/etc/init.d/iptables restart

4.測試遠程鏈接： 在瀏覽器打開你的域名，http://your.domain

預告： 1.Nginx和PHP-FPM的詳細設置和加速方面的設置。 2.APC的設置和注意事項。