部署LAMP之WordPress, PMA(https), Discuz
1、環境介紹
系統:CentOS 6.7
php
軟件:httpd-2.2, mysql-5.3, wordpress-4.3, pma4.0
html
網絡:
mysql
pma.anyisalin.com部署MySQL, Bind, PMA, IP地址爲192.168.2.6linux
wp.anyisalin.com部署WordPress而且爲私有CA, IP地址爲192.168.2.7sql
dz.anyisalin.com部署Discuz, IP地址爲192.168.2.8
數據庫
SELinux和iptables均爲關閉
vim
wp和dz主機的DNS地址指向pma主機
centos
涉及知識點:httpd配置, httpd中https配置, openssl, bind, mysql基礎知識, php安裝...
安全
聲明:本文只介紹配置, 理論知識不進行說明
bash
2、部署Bind和MySQL
咱們在pma主機上配置bind, 若是不會bind的查看個人文章DNS and BIND配置指南
[root@pma ~]# yum install bind bind-utils httpd mysql-server php-mysql php-mbstring mod_ssl #使用yum安裝相關軟件 Loaded plugins: fastestmirror Setting up Install Process Loading mirror speeds from cached hostfile Resolving Dependencies # 中間內容過長省略 Installed: bind.x86_64 32:9.8.2-0.37.rc1.el6 bind-utils.x86_64 32:9.8.2-0.37.rc1.el6 httpd.x86_64 0:2.2.15-45.el6.centos mysql-server.x86_64 0:5.1.73-5.el6_6 Dependency Installed: apr.x86_64 0:1.3.9-5.el6_2 apr-util.x86_64 0:1.3.9-3.el6_0.1 apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 bind-libs.x86_64 32:9.8.2-0.37.rc1.el6 httpd-tools.x86_64 0:2.2.15-45.el6.centos mailcap.noarch 0:2.1.31-2.el6 mysql.x86_64 0:5.1.73-5.el6_6 perl-DBD-MySQL.x86_64 0:4.013-3.el6 perl-DBI.x86_64 0:1.609-4.el6 portreserve.x86_64 0:0.0.4-9.el6 Complete!
使用Bind配置DNS服務器達到效果以下
[root@pma named]# host -t A pma.anyisalin.com 192.168.2.6 Using domain server: Name: 192.168.2.6 Address: 192.168.2.6#53 Aliases: pma.anyisalin.com has address 192.168.192.6 [root@pma named]# host -t A wp.anyisalin.com 192.168.2.6 Using domain server: Name: 192.168.2.6 Address: 192.168.2.6#53 Aliases: wp.anyisalin.com has address 192.168.192.7 [root@pma named]# host -t A dz.anyisalin.com 192.168.2.6 Using domain server: Name: 192.168.2.6 Address: 192.168.2.6#53 Aliases: dz.anyisalin.com has address 192.168.192.8
建立數據庫和相應用戶並賦予權限
[root@pma named]# mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 3 Server version: 5.1.73 Source distribution Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> GRANT ALL ON wpdb.* TO 'wpuser'@'%' IDENTIFIED BY 'passwd'; #賦予wpuser用戶對wpdb數據庫的全部權限, 並設置密碼爲passwd Query OK, 0 rows affected (0.00 sec) mysql> GRANT ALL ON dzdb.* TO 'dzuser'@'%' IDENTIFIED BY 'passwd'; #賦予dzuser用戶對dzdb數據庫的全部權限, 並設置密碼爲passwd Query OK, 0 rows affected (0.00 sec) mysql> CREATE DATABASE wpdb; #建立wpdb數據庫 Query OK, 1 row affected (0.00 sec) mysql> CREATE DATABASE dzdb; #建立dzdb數據庫 Query OK, 1 row affected (0.00 sec)
3、部署WordPress
[root@wp ~]# yum install httpd php php-mysql -y #安裝相應軟件 Loaded plugins: fastestmirror Setting up Install Process Determining fastest mirrors anyisalin | 4.0 kB 00:00 ... anyisalin/primary_db | 4.6 MB 00:00 ... Resolving Dependencies --> Running transaction check #過程太長, 中間省略 12/12 Installed: httpd.x86_64 0:2.2.15-45.el6.centos php.x86_64 0:5.3.3-40.el6_6 php-mysql.x86_64 0:5.3.3-40.el6_6 Dependency Installed: apr.x86_64 0:1.3.9-5.el6_2 apr-util.x86_64 0:1.3.9-3.el6_0.1 apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 httpd-tools.x86_64 0:2.2.15-45.el6.centos libedit.x86_64 0:2.11-4.20080712cvs.1.el6 mailcap.noarch 0:2.1.31-2.el6 php-cli.x86_64 0:5.3.3-40.el6_6 php-common.x86_64 0:5.3.3-40.el6_6 php-pdo.x86_64 0:5.3.3-40.el6_6 Complete!
配置虛擬主機
[root@wp ~]# vim /etc/httpd/conf.d/wp.conf #配置以下 NameVirtualHost 192.168.2.7:80 <VirtualHost *:80> ServerName wp.anyisalin.com DocumentRoot /var/www/wp/ </VirtualHost>
下載WordPress
[root@wp ~]# wget -O /var/www/wp/wordpress.zip https://cn.wordpress.org/wordpress-4.4.2-zh_CN.zip # 下載wordpress到指定目錄 --2016-03-23 17:26:22-- https://cn.wordpress.org/wordpress-4.4.2-zh_CN.zip Resolving cn.wordpress.org... 66.155.40.249, 66.155.40.250 Connecting to cn.wordpress.org|66.155.40.249|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 8168125 (7.8M) [application/zip] Saving to: 「/var/www/wp/wordpress.zip」 100%[===================================================================================================================================================>] 8,168,125 277K/s in 43s 2016-03-23 17:27:06 (187 KB/s) - 「/var/www/wp/wordpress.zip」 saved [8168125/8168125] [root@wp ~]#
配置WordPress
[root@wp wp]# unzip wordpress.zip #解壓縮wordpress安裝包
inflating: wordpress/wp-content/themes/twentysixteen/search.php
inflating: wordpress/wp-content/themes/twentysixteen/searchform.php
inflating: wordpress/wp-content/themes/twentysixteen/page.php
creating: wordpress/wp-content/themes/twentysixteen/template-parts/
#過程省略
inflating: wordpress/wp-signup.php
inflating: wordpress/readme.html
inflating: wordpress/wp-config-sample.php
inflating: wordpress/wp-blog-header.php
inflating: wordpress/wp-links-opml.php
[root@wp wp]# cd wordpress #進入安裝目錄
[root@wp wordpress]# cp wp-config-sample.php wp-config.php #複製其配置模板而後配置
[root@wp wordpress]# vim wp-config.php #按本身的參數進行配置
/** WordPress數據庫的名稱 */
define('DB_NAME', 'wpdb');
/** MySQL數據庫用戶名 */
define('DB_USER', 'wpuser');
/** MySQL數據庫密碼 */
define('DB_PASSWORD', 'passwd');
/** MySQL主機 */
define('DB_HOST', '192.168.2.6');
[root@wp wordpress]# service httpd restart #重啓httpd 服務
Stopping httpd: [FAILED]
Starting httpd:
httpd: Could not reliably determine the server's fully qualified domain name, using wp.anyisalin.com for ServerName
[Wed Mar 23 17:32:51 2016] [warn] NameVirtualHost 192.168.2.7:80 has no VirtualHosts
[ OK ]
[root@wp wordpress]# ln -sv wp wordpress.zip
測試WordPress
若是想查看詳細安裝過程, 請看我之前寫的博客 CentOS/RHEL6.5中使用WordPress快速建站
4、部署Discuz
[root@dz ~]# yum install httpd php php-mysql -y #安裝相應軟件 Loaded plugins: fastestmirror Setting up Install Process Determining fastest mirrors anyisalin | 4.0 kB 00:00 ... anyisalin/primary_db | 4.6 MB 00:00 ... Resolving Dependencies --> Running transaction check #過程太長, 中間省略 12/12 Installed: httpd.x86_64 0:2.2.15-45.el6.centos php.x86_64 0:5.3.3-40.el6_6 php-mysql.x86_64 0:5.3.3-40.el6_6 Dependency Installed: apr.x86_64 0:1.3.9-5.el6_2 apr-util.x86_64 0:1.3.9-3.el6_0.1 apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 httpd-tools.x86_64 0:2.2.15-45.el6.centos libedit.x86_64 0:2.11-4.20080712cvs.1.el6 mailcap.noarch 0:2.1.31-2.el6 php-cli.x86_64 0:5.3.3-40.el6_6 php-common.x86_64 0:5.3.3-40.el6_6 php-pdo.x86_64 0:5.3.3-40.el6_6 Complete!
配置虛擬主機
[root@dz ~]# vim /etc/httpd/conf.d/wp.conf #配置以下 NameVirtualHost 192.168.2.7:80 <VirtualHost *:80> ServerName dz.anyisalin.com DocumentRoot /var/www/dz </VirtualHost>
下載Discuz
[root@dz ~]# wget -O /var/www/dz/dz.zip http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip #下載discuz到相應目錄 --2016-03-24 04:54:19-- http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip Resolving download.comsenz.com... 101.227.130.115 Connecting to download.comsenz.com|101.227.130.115|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 12486177 (12M) [application/zip] Saving to: 「/var/www/dz/dz.zip」 100%[===================================================================================================================================================>] 12,486,177 7.65M/s in 1.6s 2016-03-24 04:54:21 (7.65 MB/s) - 「/var/www/dz/dz.zip」 saved [12486177/12486177] [root@dz ~]# cd /var/www/dz/ [root@dz ~]# unzip dz.zip inflating: utility/convert/source/uch2.0_x2.0/table/home_blogfield.php inflating: utility/convert/source/uch2.0_x2.0/table/home_class.php inflating: utility/convert/source/uch2.0_x2.0/table/home_click.php inflating: utility/convert/source/uch2.0_x2.0/table/home_clickuser.php inflating: utility/convert/source/uch2.0_x2.0/table/home_comment.php #過程過長省略 inflating: utility/oldprg/uchome/space.php inflating: utility/restore.php inflating: utility/update.php [root@dz upload]# service httpd restart #重啓httpd服務 Stopping httpd: [ OK ] Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using dz.anyisalin.com for ServerName [Thu Mar 24 04:59:26 2016] [warn] NameVirtualHost 192.168.2.8:80 has no VirtualHosts [ OK ] [root@dz ]# cd upload [root@dz upload]# chmod 777 * -R #待會要用
配置Discuz(經過網頁配置)
輸入此URL進入安裝界面
5、部署PMA
如今咱們的Application 都已經搭建好了,因爲咱們的數據都在pma主機的數據庫上,是很是便於管理的,咱們能夠經過安裝phpMyAdmin去管理
配置虛擬主機(軟件咱們一開始已經安裝過了)
[root@pma ~]# vim /etc/httpd/conf.d/virt.conf NameVirtualHost 192.168.2.6:80 <VirtualHost *:80> ServerName pma.anyisalin.com DocumentRoot /var/www/pma </VirtualHost>
下載PhpMyAdmin(因爲個人MySQL版本過低, 因此用phpMyAdmin-4.0的
[root@pma www]# wget https://files.phpmyadmin.net/phpMyAdmin/4.0.10.15/phpMyAdmin-4.0.10.15-english.zip --2016-03-23 18:23:48-- https://files.phpmyadmin.net/phpMyAdmin/4.0.10.15/phpMyAdmin-4.0.10.15-english.zip Resolving files.phpmyadmin.net... 61.191.206.4 Connecting to files.phpmyadmin.net|61.191.206.4|:443... failed: Connection refused. [root@pma www]# [root@pma www]# wget https://files.phpmyadmin.net/phpMyAdmin/4.0.10.15/phpMyAdmin-4.0.10.15-english.zip --2016-03-23 18:24:12-- https://files.phpmyadmin.net/phpMyAdmin/4.0.10.15/phpMyAdmin-4.0.10.15-english.zip Resolving files.phpmyadmin.net... 37.235.108.9 Connecting to files.phpmyadmin.net|37.235.108.9|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 4923535 (4.7M) [application/zip] Saving to: 「phpMyAdmin-4.0.10.15-english.zip」 100%[===================================================================================================================================================>] 4,923,535 45.4K/s in 3m 59s 2016-03-23 18:28:13 (20.1 KB/s) - 「phpMyAdmin-4.0.10.15-english.zip」 saved [4923535/4923535] [root@pma www]# unzip phpMyAdmin-4.0.10.15-english #解壓 inflating: phpMyAdmin-4.0.10.15-english/js/sql.js inflating: phpMyAdmin-4.0.10.15-english/js/tbl_change.js inflating: phpMyAdmin-4.0.10.15-english/js/tbl_chart.js inflating: phpMyAdmin-4.0.10.15-english/js/tbl_gis_visualization.js inflating: phpMyAdmin-4.0.10.15-english/js/tbl_relation.js #過程太長,省略 inflating: phpMyAdmin-4.0.10.15-english/js/tbl_select.js inflating: phpMyAdmin-4.0.10.15-english/js/tbl_structure.js inflating: phpMyAdmin-4.0.10.15-english/js/tbl_zoom_plot_jqplot.js inflating: phpMyAdmin-4.0.10.15-english/js/whitelist.php creating: phpMyAdmin-4.0.10.15-english/libraries/ inflating: phpMyAdmin-4.0.10.15-english/libraries/Advisor.class.php inflating: phpMyAdmin-4.0.10.15-english/libraries/Config.class.php inflating: phpMyAdmin-4.0.10.15-english/libraries/DBQbe.class.php inflating: phpMyAdmin-4.0.10.15-english/libraries/DbSearch.class.php inflating: phpMyAdmin-4.0.10.15-english/libraries/DisplayResults.class.php inflating: phpMyAdmin-4.0.10.15-english/libraries/Error.class.php inflating: phpMyAdmin-4.0.10.15-english/libraries/Error_Handler.class.php [root@pma www]# ln -sv phpMyAdmin-4.0.10.15-english pma #創建軟連接 `pma' -> `phpMyAdmin-4.0.10.15-english' [root@pma www]# service httpd restart #重啓httpd服務 Stopping httpd: [FAILED] Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using pma.anyisalin.com for ServerName [Wed Mar 23 18:32:02 2016] [warn] NameVirtualHost 192.168.2.6:80 has no VirtualHosts [ OK ] [root@pma www]#
測試(必定要安裝php-mbstring)
6、部署PMA爲https
因爲咱們的數據庫安全相當重要,因此要對pma.anyisalin.com進行加密
將wp主機創建成私有CA
[root@wp CA]# (umask 077; openssl genrsa -out private/cakey.pem 2048) Generating RSA private key, 2048 bit long modulus ...............................................................................................+++ ......+++ e is 65537 (0x10001) [root@wp CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 7300 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HeFei Locality Name (eg, city) [Default City]:HeFei Organization Name (eg, company) [Default Company Ltd]:AnyISalIn Organizational Unit Name (eg, section) []:OPS Common Name (eg, your name or your server's hostname) []:wp.anyisalin.com Email Address []:mail.anyisalin.com [root@wp CA]# touch index.txt [root@wp CA]# echo 01 > serial
PMA主機生成私鑰和證書
[root@pma certs]# cd /etc/httpd/ [root@pma httpd]# mkdir certs/ [root@pma httpd]# cd certs/ [root@pma certs]# (umask 077; openssl genrsa -out httpd.key 1024) Generating RSA private key, 1024 bit long modulus .......................................++++++ .......................................................................................++++++ e is 65537 (0x10001) [root@pma certs]# openssl req -new -key httpd.key -out http.csr -days 365 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HeFei Locality Name (eg, city) [Default City]:HeFei Organization Name (eg, company) [Default Company Ltd]:AnyISalIn Organizational Unit Name (eg, section) []:OPS Common Name (eg, your name or your server's hostname) []:pma.anyisalin.com Email Address []:mail.anyisalin.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: [root@pma certs]# scp http.csr 192.168.2.7:/etc/pki/CA The authenticity of host '192.168.2.7 (192.168.2.7)' can't be established. RSA key fingerprint is af:4e:d8:d7:41:04:f4:3a:66:ba:ca:b4:b0:c0:86:e8. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.2.7' (RSA) to the list of known hosts. root@192.168.2.7's password: http.csr 100% 704 0.7KB/s 00:00 [root@pma certs]#
wp主機簽署證書
[root@wp CA]# openssl ca -in http.csr -out certs/httpd.crt Using configuration from /etc/pki/tls/openssl.cnf Check that the request matches the signature Signature ok Certificate Details: Serial Number: 1 (0x1) Validity Not Before: Mar 23 22:54:29 2016 GMT Not After : Mar 23 22:54:29 2017 GMT Subject: countryName = CN stateOrProvinceName = HeFei organizationName = AnyISalIn organizationalUnitName = OPS commonName = pma.anyisalin.com emailAddress = mail.anyisalin.com X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: F0:B1:A8:2E:36:72:E5:D9:F7:20:22:61:67:49:29:63:7E:3E:37:24 X509v3 Authority Key Identifier: keyid:BE:1B:E0:D0:B5:54:12:22:99:68:03:9D:BA:7A:01:E9:A4:AD:ED:5B Certificate is to be certified until Mar 23 22:54:29 2017 GMT (365 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated [root@wp CA]# scp certs/httpd.crt 192.168.2.6:/etc/httpd/certs The authenticity of host '192.168.2.6 (192.168.2.6)' can't be established. RSA key fingerprint is af:4e:d8:d7:41:04:f4:3a:66:ba:ca:b4:b0:c0:86:e8. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.2.6' (RSA) to the list of known hosts. root@192.168.2.6's password: httpd.crt 100% 3879 3.8KB/s 00:00 [root@wp CA]#
配置PMA主機支持SSL
mod_ssl軟件開始已經安裝過,咱們直接修改虛擬主機配置文件
[root@pma certs]# vim /etc/httpd/conf.d/virt.conf #必須註釋/etc/httpd/conf/httpd.conf中DocumentRoot Listen 443 <VirtualHost 192.168.2.6:443> ServerName pma.anyisalin.com DocumentRoot /var/www/pma SSLengine ON SSLprotocol ALL -sslv2 -sslv3 SSLcertificatefile /etc/httpd/certs/httpd.crt SSLcertificatekeyfile /etc/httpd/certs/httpd.key </VirtualHost> [root@pma conf.d]# service httpd start #啓動httpd Starting httpd: [Wed Mar 23 19:21:39 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence [Wed Mar 23 19:21:39 2016] [warn] NameVirtualHost 192.168.2.6:443 has no VirtualHosts [ OK ]
測試
導入CA證書
刷新頁面
7、總結
總結了近兩天所學的知識,可以熟悉的在LAMP環境下部署Web Application,而且簡單的使用MySQL,仍是頗有收穫的,可是在https配置上還有點不熟,還有待提升。
做者:AnyISalIn
QQ:1449472454; 歡迎你們加QQ交流
相關文章
- 1. 部署LAMP+Discuz!7.0
- 2. lamp+wordpress部署
- 3. Docker 之 基於LAMP容器部署WordPress
- 4. 一鍵部署LAMP架構之wordpress
- 5. LAMP 編譯安裝 +wordpress+discuz
- 6. lamp搭建phpMyAdmin+wordpress+Discuz
- 7. lamp+nginx代理+discuz+wordpress+phpmyadmin
- 8. LAMP 搭建wordpress部署教程貼.
- 9. 6.5版 LAMP平臺部署Discuz論壇
- 10. Linux | 利用LAMP部署Discuz論壇
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • ionic 頭部與底部 - ionic 教程
- • 使用阿里雲OSS+CDN部署前端頁面與加速靜態資源
- • 互聯網組織的未來:剖析GitHub員工的任性之源
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. CVPR 2020 論文大盤點-光流篇
- 2. Photoshop教程_ps中怎麼載入圖案?PS圖案如何導入?
- 3. org.pentaho.di.core.exception.KettleDatabaseException:Error occurred while trying to connect to the
- 4. SonarQube Scanner execution execution Error --- Failed to upload report - 500: An error has occurred
- 5. idea 導入源碼包
- 6. python學習 day2——基礎學習
- 7. 3D將是頁遊市場新賽道?
- 8. osg--交互
- 9. OSG-交互
- 10. Idea、spring boot 圖片(pgn顯示、jpg不顯示)解決方案
歡迎關注本站公眾號,獲取更多信息
相關文章