lnmp搭建+openssl(僅測試)
搭建LNMP環境php
一,安裝nginxhtml
卸載rpm安裝的httpdmysql
安裝支持軟件pcre-devel zlib-devel gcc gcc-c++ makelinux
建立nginx用戶和組nginx
[root@www ~]# useradd -M -s /sbin/nologin nginxc++
編譯安裝Nginxsql
[root@www ~]# tar xf nginx-1.6.0.tar.gz -C /usr/src/shell
[root@www ~]# cd /usr/src/nginx-1.6.0/數據庫
[root@www nginx-1.6.0]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module && make && make installvim
其中--with-http_stub_status_module模塊,爲日誌統計模塊
爲主程序nginx建立連接文件
[root@www nginx-1.6.0]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
檢查語法,啓動服務
[root@www nginx-1.6.0]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@www nginx-1.6.0]# nginx
[root@www nginx-1.6.0]# netstat -anpt | grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4513/nginx
編寫nginx服務腳本
[root@www ~]# vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: 2345 99 20
# description: Nginx Server Control Scripts shell
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" in
start)
if [ -f $PIDF ];then
echo "Nginx is running...Start it is error"
else
$PROG
fi
;;
stop)
if [ -f $PIDF ];then
kill -3 $(cat $PIDF)
rm -f $PIDF
else
echo "Nginx is stopping...Stop it is error"
fi
;;
restart)
$0 stop
$0 start
;;
reload)
if [ -f $PIDF ];then
kill -1 $(cat $PIDF)
else
echo "Nginx is stopping...reload it is error"
fi
;;
status)
if [ -f $PIDF ];then
echo "Nginx is running"
else
echo "Nginx is stopped"
fi
;;
*)
echo "Usage:$0 (start|stop|restart|reload|status)"
exit 1
esac
exit 0
[root@www ~]# chmod +x /etc/init.d/nginx
[root@www ~]# chkconfig --add nginx
[root@www ~]# chkconfig --list nginx
nginx 0:關閉 1:關閉 2:啓用 3:啓用 4:啓用 5:啓用 6:關閉
修改nginx.conf主配置文件,添加兩個虛擬主機
[root@www ~]# cd /usr/local/nginx/conf/
[root@www conf]# cp -p nginx.conf nginx.conf.bak
[root@www conf]# vim nginx.conf
[root@www conf]# cat nginx.conf
user nginx nginx;
worker_processes 2;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name www.wx001.com;
charset utf-8;
access_log logs/host.access.log main;
location / {
root html/wx001;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
# proxy_pass http://127.0.0.1;
}
server {
listen 80;
server_name www.wx002.com;
charset utf-8;
access_log logs/host.access.log main;
location / {
root html/wx002;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
# proxy_pass http://127.0.0.1;
}
}
添加網頁文件後,測試
搭建Mysql數據 庫
安裝支持軟件
[root@www ~]# rpm -q ncurses-devel
ncurses-devel-5.7-4.20090207.el6.x86_64
安裝cmake
[root@www ~]# tar xf cmake-2.8.6.tar.gz -C /usr/src/
[root@www ~]# cd /usr/src/cmake-2.8.6/
[root@www cmake-2.8.6]# ./configure && gmake && gmake install
編譯安裝Mysql數據庫
[root@www ~]# tar xf mysql-5.5.22.tar.gz -C /usr/src/
[root@www ~]# cd /usr/src/mysql-5.5.22/
[root@www mysql-5.5.22]# cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_EXTRA_CHARSETS=all -DSYSCONFDIR=/etc && make && make install
安裝後調整優化
[root@www ~]# echo "PATH=$PATH:/usr/local/mysql/bin" >>/etc/profile
[root@www ~]# . /etc/profile
[root@www ~]# cp -p /usr/src/mysql-5.5.22/support-files/my-medium.cnf /etc/my.cnf
cp:是否覆蓋"/etc/my.cnf"? y
[root@www ~]# cp -p /usr/src/mysql-5.5.22/support-files/mysql.server /etc/init.d/mysqld[root@www ~]# chmod +x /etc/init.d/mysqld
[root@www ~]# chkconfig --add mysqld
[root@www ~]# chkconfig --list mysqld
mysqld 0:關閉 1:關閉 2:啓用 3:啓用 4:啓用 5:啓用 6:關閉
[root@www ~]#
初始化數據庫
[root@www ~]# useradd -M -s /sbin/nologin mysql
[root@www ~]# chown -R mysql:mysql /usr/local/mysql/
[root@www ~]# /usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql/ --datadir=/usr/local/mysql/data/ --user=mysql
啓動Mysql服務
[root@www ~]# /etc/init.d/mysqld start
Starting MySQL... [肯定]
[root@www ~]# netstat -anpt| grep mysql
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 28555/mysqld
[root@www ~]#
建立root用戶密碼
[root@www ~]# mysqladmin -uroot password "123";history -c
安裝PHP服務
安裝支持軟件
[root@www wx001]# rpm -q gd libxml2-devel libjpeg-devel libpng-devel
package gd is not installed
libxml2-devel-2.7.6-21.el6_8.1.x86_64
package libjpeg-devel is not installed
libpng-devel-1.2.49-2.el6_7.x86_64
[root@www wx001]# yum -y install gd
編譯安裝PHP
[root@www ~]# tar xf php-5.3.28.tar.gz -C /usr/src/
[root@www ~]# cd /usr/src/php-5.3.28/
[root@www php-5.3.28]# ./configure --prefix=/usr/local/php5 --with-gd --with-zlib --with-mysql=/usr/local/mysql/ --with-config-file-path=/usr/local/php5 --enable-mbstring --enable-fpm --with-jpeg-dir=/usr/lib && make && make install
安裝後優化調整
[root@www php-5.3.28]# cp -p /usr/src/php-5.3.28/php.ini-development /usr/local/php5/php.ini
[root@www php-5.3.28]# ln -s /usr/local/php5/bin/* /usr/local/bin/
[root@www php-5.3.28]# ln -s /usr/local/php5/sbin/* /usr/local/sbin/
安裝ZendGuardLoader(PHP的優化模塊)
[root@www ~]# tar xf ZendGuardLoader-php-5.3-linux-glibc23-x86_64.tar.gz -C /usr/src/
[root@www ~]# cd /usr/src/ZendGuardLoader-php-5.3-linux-glibc23-x86_64/
[root@www ZendGuardLoader-php-5.3-linux-glibc23-x86_64]# cd
[root@www ~]# cp /usr/src/ZendGuardLoader-php-5.3-linux-glibc23-x86_64/php-5.3.x/ZendGuardLoader.so /usr/local/php5/lib/php/
[root@www ~]# echo -e "zend_extension=/usr/local/php5/lib/php/ZendGuardLoader.so\nzend_loader.enable=1" >> /usr/local/php5/php.ini
啓用php-fpm進程
[root@www ~]# cd /usr/local/php5/etc/
[root@www etc]# cp -p php-fpm.conf.default php-fpm.conf
[root@www etc]# vim php-fpm.conf
25 pid = run/php-fpm.pid //確認pid文件位置
140 user = nginx //程序用戶
141 group = nginx //程序組
217 pm.max_children = 50 //子進程的最大數
222 pm.start_servers = 20 //啓動時開啓的進程數
227 pm.min_spare_servers = 5 //最少空閒進程數
232 pm.max_spare_servers = 35 //最大空閒進程數
[root@www etc]# php-fpm
[root@www etc]# netstat -anpt | grep php-fpm
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 123477/php-fpm
修改/etc/init.d/nginx服務腳本
[root@www etc]# vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: 2345 99 20
# description: Nginx Server Control Script
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
PROG_FPM="/usr/local/sbin/php-fpm"
PIDF_FPM="/usr/local/php5/var/run/php-fpm.pid"
case "$1" in
start)
$PROG
$PROG_FPM
;;
stop)
kill -s QUIT $(cat $PIDF)
kill -s QUIT $(cat $PIDF_FPM)
;;
restart)
$0 stop
$0 start
;;
reload)
kill -s HUP $(cat $PIDF)
;;
*)
echo "Usage: $0 (start|stop|restart|reload)"
exit 1
esac
exit 0
[root@www etc]# chkconfig --del nginx
[root@www etc]# chkconfig --add nginx
[root@www etc]# /etc/init.d/nginx stop
[root@www etc]# /etc/init.d/nginx start
[root@www etc]# netstat -anpt |egrep "nginx|php-fpm"
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 123527/php-fpm
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 123522/nginx
配置Nginx支持PHP解析(黃色添加項)
location / {
root html/wx002;
index index.php index.html index.htm;
}
location ~ \.php$ {
root html/wx002;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
[root@www ~]# nginx –t
[root@www ~]# vim /usr/local/nginx/html/wx002/test.php
<?php
$link=mysql_connect('localhost','root','123');
if($link) echo "<h1>這是一個PHP解析的頁面</h1>";
mysql_close();
?>
重啓服務,PHP頁面訪問測試
部署Nginx+Apache動靜分離
開兩臺主機,一臺搭建LNMP,一臺搭建LAMP
192.168.108.111 LAMP環境
192.168.108.112 LNMP環境
靜態網頁由LNMP服務器提供解析,動態PHP語言由LAMP服務器提供解析。
環境搭建OK
修改nginx.conf主配置文件(添加lication)
location ~ \.php$ { //區分大小寫匹配,以php結尾的的網頁去下面的服務器訪問
proxy_pass http://192.168.108.111:80;
}
location ~ \.(gif|jpg|jpeg|bmp|png|swf) { //區分大小寫匹配,以gif、jpg…swf結尾的文件,到下面路徑去找
root html/wx002;
}
[root@www ~]# ulimit -n 65000
[root@www ~]# echo "ulimit -n 65000" >>/etc/profile
在LAMP服務器Apache網頁目錄下
[root@www htdocs]# vim test.php
<?php
$link=mysql_connect('localhost','root','123');
if($link) echo "<h1>這是一個PHP解析的頁面,由LAMP提供解析服務</h1>";
mysql_close();
?>
<img src="http://www.wx002.com/jdqs.jpg"/>
[root@www htdocs]# echo "192.168.108.112 www.wx001.com www.wx002.com" >>/etc/hosts
重啓nginx服務,網頁瀏覽測試
nginx使用openssl安裝數字證書
編譯安裝nginx時,添加openssl模塊,把openssl路徑指定到解壓出來的路徑
[root@www ~]# tar xf nginx-1.6.0.tar.gz -C /usr/src/
[root@www ~]# tar xf openssl-1.0.2l.tar.gz -C /usr/src/
[root@www ~]# cd /usr/src/nginx-1.6.0/
[root@www nginx-1.6.0]# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-openssl=/usr/src/openssl-1.0.2l/ --with-http_gzip_static_module && make && make install
生成RSA密鑰【這個命令會生成一個2048位的密鑰,同時有一個des3方法加密的密碼,若是你不想要每次都輸入密碼,能夠改爲:
openssl genrsa -out privkey.pem 2048
建議用2048位密鑰,少於此可能會不安全或很快將不安全。】
[root@www nginx-1.6.0]# openssl genrsa -des3 -out privkey.pem 2048
Generating RSA private key, 2048 bit long modulus
................................................+++
....+++
e is 65537 (0x10001)
Enter pass phrase for privkey.pem:
Verifying - Enter pass phrase for privkey.pem:
生成一個證書請求
【openssl req -new -key privkey.pem -out cert.csr
這個命令將會生成一個證書請求,固然,用到了前面生成的密鑰privkey.pem文件
這裏將生成一個新的文件cert.csr,即一個證書請求文件,你能夠拿着這個文件去數字證書頒發機構(即CA)申請一個數字證書。CA會給你一個新的文件cacert.pem,那纔是你的數字證書。
若是是本身作測試,那麼證書的申請機構和頒發機構都是本身。就能夠用下面這個命令來生成證書:
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
這個命令將用上面生成的密鑰privkey.pem生成一個數字證書cacert.pem
】
[root@www nginx-1.6.0]# openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
Enter pass phrase for privkey.pem:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:cn
Locality Name (eg, city) [Default City]:cn
Organization Name (eg, company) [Default Company Ltd]:cn
Organizational Unit Name (eg, section) []:cn
Common Name (eg, your name or your server's hostname) []:cn
Email Address []:cn
移動生成的證書和祕鑰到nginx的配置目錄下
[root@www nginx-1.6.0]# mv cacert.pem privkey.pem /usr/local/nginx/conf/
修改nginx.conf配置【添加】
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /usr/local/nginx/conf/cacert.pem;
ssl_certificate_key /usr/local/nginx/conf/privkey.pem;
server_name 192.168.108.112
ssl_session_timeout 5m;
}
爲主程序建立連接文件
[root@www nginx-1.6.0]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
語法檢測
[root@www conf]# nginx -t
Enter PEM pass phrase:
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
啓動服務,瀏覽器測試
[root@www conf]# killall -3 nginx
[root@www conf]# nginx
Enter PEM pass phrase:
- 1. LNMP的搭建及URL重寫測試
- 2. yum 搭建 LNMP
- 3. LNMP的搭建
- 4. CentOS6.5搭建LNMP
- 5. LNMP搭建wordprees
- 6. Ubuntu18.04搭建LNMP
- 7. LNMP搭建
- 8. LNMP 搭建wordpress
- 9. zabbix+LNMP搭建
- 10. nginx lnmp搭建
- 更多相關文章...
- • Maven 構建 & 項目測試 - Maven教程
- • Swift 環境搭建 - Swift 教程
- • 適用於PHP初學者的學習線路和建議
- • 爲了進字節跳動,我精選了29道Java經典算法題,帶詳細講解
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. LNMP的搭建及URL重寫測試
- 2. yum 搭建 LNMP
- 3. LNMP的搭建
- 4. CentOS6.5搭建LNMP
- 5. LNMP搭建wordprees
- 6. Ubuntu18.04搭建LNMP
- 7. LNMP搭建
- 8. LNMP 搭建wordpress
- 9. zabbix+LNMP搭建
- 10. nginx lnmp搭建