急速安裝lnmp 編譯版本

時間 2019-11-08

標籤急速安裝 lnmp 編譯版本欄目 PHP 简体版

原文原文鏈接

急速安裝lnmp 編譯版本

安裝msyql+PHP

系統centos6.5
安裝開發軟件包
已經改爲了163的源須要執行下面的代碼
官網不自帶 libmcrypt libmcrypt-devel

wget http://www.atomicorp.com/installers/atomic

下載這個yum源,執行javascript

sh ./atomic 
yum -y install libmcrypt libmcrypt-devel
yum -y groupinstall "Development Tools"

報錯：提示 kernel-devel須要升級 (這個問題能夠忽略)
解決：php

wget ftp://rpmfind.net/linux/centos/6.9/os/x86_64/Packages/kernel-devel-2.6.32-696.el6.x86_64.rpm

而後再試下yum -y groupinstall "Development Tools"已經不報錯了。css

yum -y install libxml2* curl curl-devel libjpeg* libpng* freetype-devel

安裝mysql： (注意，若是出現後面mysql不管如何都沒法啓動的情形，請最早安裝mysql，並啓動試試)

yum -y install mysql mysql-server mysql-devel

下載PHP-5.6.2

wget http://cn2.php.net/distributions/php-5.6.2.tar.gz

解壓

tar -xvf php-5.6.2.tar.gz

cd php-5.6.2html
編譯安裝php

二種狀況 第一種 用了mysql的rpm包用這種方式編譯
``` shell
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --enable-fpm --with-fpm-user=php-fpm --with-fpm-group=php-fpm --with-mysql=mysqlnd --with-mysql-sock=/tmp/mysql.sock --with-pdo-mysql=/usr/local/services/mysql --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-ftp --enable-mbstring --enable-exif --disable-ipv6 --with-pear --with-curl --with-openssl --enable-bcmath --enable-sockets

第二種狀況你使用yum來安裝mysqljava

./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --enable-fpm --with-fpm-user=php-fpm --with-fpm-group=php-fpm --with-mysql --with-mysql-sock=/tmp/mysql.sock --with-pdo-mysql --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-ftp --enable-mbstring --enable-exif --disable-ipv6 --with-pear --with-curl --with-openssl --enable-bcmath --enable-sockets

make && make install ，等很久編譯完執行一下make test測試下。node
若是出現未安裝的錯誤通常使用yum安裝便可記得別忘記libcurl*
出現找不到文件路徑的狀況下用 find / -name 'name'去查找一下
出現warning的情形下大可能是由於版本以及默認安裝了，能夠去掉該行
修改php配置文件

cp php.ini-production /usr/local/php/etc/php.ini
cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
cp /root/php-5.6.2/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm

13. 啓動php 等安裝完nginx後才啓動

安裝nginx

yum -y install nginx

修改mysql

先備份

cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak

vim /etc/nginx/nginx.conf

user  nginx nginx;

worker_processes 16;

#error_log  /data/logs/nginx_error.log  crit;
error_log /var/log/nginx_error.log crit;
#pid        /usr/local/services/nginx/nginx.pid;
pid /var/run/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;

events
{
  use epoll;
  worker_connections 65535;
}

http
{
  include       mime.types;
  default_type  application/octet-stream;

  #charset  gb2312;

  server_names_hash_bucket_size 128;
  client_header_buffer_size 32k;
  large_client_header_buffers 4 32k;
  client_max_body_size 8m;


  sendfile on;
  tcp_nopush     on;

  keepalive_timeout 60;
  tcp_nodelay on;

  fastcgi_connect_timeout 300;
  fastcgi_send_timeout 300;
  fastcgi_read_timeout 300;
  fastcgi_buffer_size 64k;
  fastcgi_buffers 4 64k;
  fastcgi_busy_buffers_size 128k;
  fastcgi_temp_file_write_size 128k;

  gzip on;
  gzip_min_length  1k;
  gzip_buffers     4 16k;
  gzip_http_version 1.0;
  gzip_comp_level 2;
  gzip_types       text/plain application/x-javascript text/css application/xml;
  gzip_vary on;

  #limit_zone  crawler  $binary_remote_addr  10m;
    log_format  www  '$remote_addr - $remote_user [$time_local] "$request" '
              '$status $body_bytes_sent "$http_referer" '
              '"$http_user_agent" $http_x_forwarded_for';
  server
  {
    listen       80;
    server_name  vagrant-centos65.vagrantup.com;
    index start.php index.htm index.html index.php pengyou.php weibo.php qzone.php;
    root  /usr/share/nginx/html;

    #limit_conn   crawler  20;

    location ~ .*\.(php|php5)?$
    {
      #fastcgi_pass  unix:/tmp/php-cgi.sock;
      fastcgi_pass  127.0.0.1:9000;
      fastcgi_index start.php;
#      include fcgi.conf;
      include fastcgi.conf;
    }
    location ~ .*.(svn|git|cvs)
    {
      deny all;
    }
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
      expires      30d;
    }

    location ~ .*\.(js|css)?$
    {
      expires      1h;
    }

      }



}

啓動php-fpm

vim /usr/local/php/etc/php-fpm.conf 
user=nginx group=nginx  
/etc/init.d/php-fpm start

啓動nginx

/etc/init.d/nginx start  
vim /usr/share/nginx/html/cc.php

<?php
phpinfo();
?>

127.0.0.1/cc.php

LNMP安裝完成linux

wiki安裝部署

首先登陸進入mysql數據庫

mysql -uroot

建立一個wiki庫

create database wiki charset utf8;  
grant all on wiki.* to wiki@'localhost' identified by 'wiki';  
flush privileges;

下載wiki軟件

http://kaiyuan.hudong.com/nginx

wget http://kaiyuan.hudong.com/download.php?n=HDWiki-v6.0UTF8-20170209.zip
unzip HDWiki-v6.0UTF8-20170209.zip  
mv hdwiki/* /usr/share/nginx/html/

若是使用老師的nginx包安裝git

mv hdwiki/* /data/htdocs/www/  
chown -R www:wwww /data/htdocs/www

-R 處理指定目錄以及其子目錄下的全部文件

瀏覽器http://192.168.1.109/index.php 直接進行配置就能夠了

贊成
權限

[root@vagrant-centos65 html]# chmod 0777 ./uploads
[root@vagrant-centos65 html]# chmod 0777 ./uploads/userface
[root@vagrant-centos65 html]# chmod 0777 ./data/
[root@vagrant-centos65 html]# chmod 0777 ./plugins
[root@vagrant-centos65 html]# chmod 0777 ./style/default/logo.gif
[root@vagrant-centos65 html]# chmod 0777 ./config.php

可簡寫爲一條語句：

[root@vagrant-centos65 html]# chmod 0777 ./uploads ./uploads/userface ./data/ ./plugins ./style/default/logo.gif ./config.php

mysql

[root@vagrant-centos65 html]# mysqladmin -uroot password '123456'

數據庫服務器：把localhost改成127.0.0.1
啓動
重啓事後須要重啓這些服務：
能夠添加到開機啓動腳本里面

[root@vagrant-centos65 ~]# service nginx start
Starting nginx:                                            [  OK  ]
[root@vagrant-centos65 ~]# service mysqld start
Starting mysqld:                                           [  OK  ]
[root@vagrant-centos65 ~]# /etc/init.d/php-fpm start
Starting php-fpm  done

Linux 開啓容許外網訪問端口：

LINUX經過下面的命令能夠開啓容許對外訪問的網絡端口：

/sbin/iptables -I INPUT -p tcp --dport 8000 -j ACCEPT #開啓8000端口
/etc/rc.d/init.d/iptables save #保存配置
/etc/rc.d/init.d/iptables restart #重啓服務
查看端口是否已經開放
/etc/init.d/iptables status

[root@vagrant-centos65 ~]# /sbin/iptables -I INPUT -p tcp --dport 8000 -j ACCEPT
[root@vagrant-centos65 ~]# /etc/rc.d/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@vagrant-centos65 ~]# /etc/rc.d/init.d/iptables restart 
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
[root@vagrant-centos65 ~]# /etc/init.d/iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8000 

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

[root@vagrant-centos65 ~]#

添加防火牆，預防cc攻擊和暴力破解！

## 腳本文件：drop_ip.sh
#!/bin/bash
## drop_ip1獲取nginx日誌裏面的黑名單ip
drop_ip1=`tail -5000 /var/log/nginx/access.log |awk '{a[$1]++}END{for(i in a)if(a[i]>300)print i}'`
## drop_ip2獲取登陸日誌的黑名單ip
drop_ip2=`tail -5000 /var/log/secure |grep Failed |awk '{a[$11]++}END{for(i in a)if(a[i]>15)print i}'`
white_ip=('192.168.1.102' '192.168.1.109')
## 經過判斷黑名單ip是否是非空、循環遍歷判斷iptables規則中是否已經有的規則，而後經過插入-s ip DROP操做來防護黑名單ip的進攻
if [ -n $drop_ip1 -o -n $drop_ip2 ];then
  for i in drop_ip1 drop_ip2
  do
    x=`iptables -nv -L |grep $'i'`
    if [ -z "$x" ];then
    for j in $white_ip
    do
      if [ $i != $j ];then
        /sbin/iptables -I INPUT -s $i -j DROP
      fi
    done
    fi
  done
fi

防護結果：

[root@vagrant-centos65 ~]# iptables -nv -L
Chain INPUT (policy ACCEPT 34 packets, 2244 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       192.168.1.105        0.0.0.0/0           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 24 packets, 2912 bytes)
 pkts bytes target     prot opt in     out     source               destination

配置外網訪問，內網穿透。內網訪問：http://192.168.1.109/ 外網訪問：http://1549v4h967.imwork.net/

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。