Nginx+Mysql+PHP構建LNMP平臺

編譯安裝nginx:
[root@localhost ~]# yum groupinstall "X Software Development" "Development Tools" "Development Libraries"
[root@localhost ~]# yum install pcre-devel
[root@localhost nginx]# groupadd -r nginx
[root@localhost nginx]# useradd -g nginx -r nginx
[root@localhost nginx-1.2.3]#./configure   --prefix=/usr   --sbin-path=/usr/sbin/nginx   --conf-path=/etc/nginx/nginx.conf   --error-log-path=/var/log/nginx/error.log   --http-log-path=/var/log/nginx/access.log   --pid-path=/var/run/nginx/nginx.pid    --lock-path=/var/lock/nginx.lock   --user=nginx   --group=nginx   --with-http_ssl_module   --with-http_flv_module   --with-http_stub_status_module   --with-http_gzip_static_module   --http-client-body-temp-path=/var/tmp/nginx/client/   --http-proxy-temp-path=/var/tmp/nginx/proxy/   --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/   --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi   --http-scgi-temp-path=/var/tmp/nginx/scgi   --with-pcre
[root@localhost nginx-1.2.3]# make
[root@localhost nginx-1.2.3]# make install
[root@localhost ~]# mkdir -pv /var/tmp/nginx/client
爲服務提供啓動腳本:
vim /etc/rc.d/init.d/nginx
寫入以下內容;
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig:   - 85 15
# description:  Nginx is an HTTP(S) server, HTTP(S) reverse \
#               proxy and IMAP/POP3 proxy server
# processname: nginx
# config:      /etc/nginx/nginx.conf
# config:      /etc/sysconfig/nginx
# pidfile:     /var/run/nginx.pid
 
# Source function library.
. /etc/rc.d/init.d/functions
 
# Source networking configuration.
. /etc/sysconfig/network
 
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
 
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
 
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
 
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
 
lockfile=/var/lock/subsys/nginx
 
make_dirs() {
   # make required directories
   user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
   options=`$nginx -V 2>&1 | grep 'configure arguments:'`
   for opt in $options; do
       if [ `echo $opt | grep '.*-temp-path'` ]; then
           value=`echo $opt | cut -d "=" -f 2`
           if [ ! -d "$value" ]; then
               # echo "creating" $value
               mkdir -p $value && chown -R $user $value
           fi
       fi
   done
}
 
start() {
    [ -x $nginx ] || exit 5
    [ -f $NGINX_CONF_FILE ] || exit 6
    make_dirs
    echo -n $"Starting $prog: "
    daemon $nginx -c $NGINX_CONF_FILE
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}
 
stop() {
    echo -n $"Stopping $prog: "
    killproc $prog -QUIT
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}
 
restart() {
    configtest || return $?
    stop
    sleep 1
    start
}
 
reload() {
    configtest || return $?
    echo -n $"Reloading $prog: "
    killproc $nginx -HUP
    RETVAL=$?
    echo
}
 
force_reload() {
    restart
}
 
configtest() {
  $nginx -t -c $NGINX_CONF_FILE
}
 
rh_status() {
    status $prog
}
 
rh_status_q() {
    rh_status >/dev/null 2>&1
}
 
case "$1" in
    start)
        rh_status_q && exit 0
        $1
        ;;
    stop)
        rh_status_q || exit 0
        $1
        ;;
    restart|configtest)
        $1
        ;;
    reload)
        rh_status_q || exit 7
        $1
        ;;
    force-reload)
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
            ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
        exit 2
esac
 
然後爲此腳本賦予執行權限:
[root@localhost ~]# chmod +x /etc/rc.d/init.d/nginx
添加至服務管理列表,並讓其開機自動啓動:
[root@localhost ~]# chkconfig --add nginx
[root@localhost ~]# chkconfig nginx on
然後就能夠啓動服務並測試了:
[root@localhost ~]# service nginx restart
 
安裝mysql(解壓縮軟件包安裝,非編譯安裝):
[root@station24 ~]# tar xf mysql-5.5.24-linux2.6-i686.tar.gz -C /usr/local/
[root@station24 ~]# cd /usr/local
[root@station24 local]# ln -s mysql-5.5.24-linux2.6-i686 mysql
[root@station24 local]# groupadd -r mysql
[root@station24 local]# useradd -r -g mysql mysql
[root@station24 local]# cd mysql
建立邏輯卷,掛載mysql數據文件
[root@station24 ~]# pvcreate /dev/sda5
[root@station24 ~]# vgcreate myvg /dev/sda5
[root@station24 ~]# lvcreate -L 5G -n mydata /dev/myvg
[root@station24 ~]# mke2fs -j /dev/myvg/mydata
[root@station24 ~]# mkdir /data
[root@station24 data]# mkdir mydata
[root@station24 data]# chown -R mysql:mysql /data
[root@station24 mysql]# chown -R :mysql .
[root@station24 mysql]# scripts/mysql_install_db --datadir=/data/mydata --user=mysql
爲mysql提供配置文件
[root@station24 support-files]# cp my-large.cnf /etc/my.cnf
vim /etc/my.cnf
 修改thread_concurrency = 4
 添加datadir=/data/mydata
爲mysql提供服務啓動腳本,並加入服務列表,設置爲開機啓動
[root@station24 support-files]# cp mysql.server /etc/rc.d/init.d/mysqld
[root@station24 support-files]# chkconfig --add mysqld
修改環境變量
 vim /etc/profile.d/mysql.sh
 增長 export PATH=$PATH:/usr/local/mysql/bin
[root@station24 mysql]# vim /etc/man.config 
  增長MANPATH /usr/local/mysql/man
[root@station24 mysql]# vim /etc/ld.so.conf.d/mysql.conf
  增長/usr/local/mysql/lib
[root@station24 mysql]# ldconfig -v
[root@station24 mysql]# ln -sv /usr/local/mysql/include /usr/include/mysql
到此mysql安裝完成,能夠啓動了
 
編譯安裝php:
若是想讓編譯的php支持mcrypt、mhash擴展和libevent,此處還須要下載以下幾個rpm包並安裝之:
libmcrypt-2.5.8-4.el5.centos.i386.rpm
libmcrypt-devel-2.5.8-4.el5.centos.i386.rpm
mhash-0.9.9-1.el5.centos.i386.rpm
mhash-devel-0.9.9-1.el5.centos.i386.rpm
mcrypt-2.6.8-1.el5.i386.rpm
最好使用升級的方式安裝上面的rpm包,命令格式以下:
[root@localhost ~]# rpm -Uvh libmcrypt-2.5.7-5.el5.i386.rpm libmcrypt-devel-2.5.7-5.el5.i386.rpm mhash-devel-0.9.2-6.el5.i386.rpm mhash-0.9.2-6.el5.i386.rpm mcrypt-2.6.8-1.el5.i386.rpm
安裝php:
[root@localhost ~]# tar xf php-5.4.8.tar.bz2
[root@localhost ~]# cd php-5.4.8
[root@localhost php-5.4.8]# ./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql --with-openssl --enable-fpm --enable-sockets --enable-sysvshm  --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib-dir --with-libxml-dir=/usr --enable-xml  --with-mhash --with-mcrypt  --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --with-curl
[root@localhost php-5.4.8]# make
[root@localhost php-5.4.8]# make test
[root@localhost php-5.4.8]# make install
爲php提供配置文件
[root@localhost php-5.4.8]# cp php.ini-production /etc/php.ini 
爲php-fpm提供Sysv init腳本,並將其添加至服務列表
[root@localhost php-5.4.8]# cp sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm
[root@localhost php-5.4.8]# chmod +x /etc/rc.d/init.d/php-fpm
[root@localhost php-5.4.8]# chkconfig --add php-fpm
[root@localhost php-5.4.8]# chkconfig php-fpm on
爲php-fpm提供配置文件
[root@localhost php-5.4.8]# cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
編輯php-fpm的配置文件:
vim /usr/local/php/etc/php-fpm.conf
配置fpm的相關選項爲你所須要的值,並啓用pid文件(以下最後一行):
pm.max_children = 100 
pm.start_servers = 8 
pm.min_spare_servers = 5 
pm.max_spare_servers = 12 
pid = /usr/local/php/var/run/php-fpm.pid
接下來就能夠啓動php-fpm了:
service php-fpm start
使用以下命令來驗證(若是此命令輸出有中幾個php-fpm進程就說明啓動成功了):
ps aux | grep php-fpm

整合nginx和php
編輯/etc/nginx/nginx.conf,啓用以下選項:
location ~ \.php$ {
            root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
            include        fastcgi_params;
        }
編輯/etc/nginx/fastcgi_params,將其內容更改成以下內容:
fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;
fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;
並在所支持的主頁面格式中添加php格式的主頁,相似以下:
location / {
            root   html;
            index  index.php index.html index.htm;
        }
       
然後從新載入nginx的配置文件:
service nginx reload
三、在/usr/html新建index.php的測試頁面,測試php是否能正常工做:
<?php
phpinfo();
?>
接着就能夠經過瀏覽器訪問此測試頁面了
 
安裝phpMyAdmin
[root@localhost ~]# tar xf phpMyAdmin-3.5.1-all-languages.tar.bz2
[root@localhost ~]# cd phpMyAdmin-3.5.1-all-languages
[root@localhost ~]# mkdir /web/htdocs -pv
[root@localhost phpMyAdmin-3.5.1-all-languages]# mv * /web/htdocs
[root@localhost phpMyAdmin-3.5.1-all-languages]# cd /web/htdocs
[root@localhost htdocs]# cp config.sample.inc.php config.inc.php
[root@localhost htdocs]# vim /etc/nginx/nginx.conf
修改location相關內容並啓用php的location部分,以下所示:
        location / {
            root   /web/htdocs;
            index  index.php index.html index.htm;
        }
        location ~ \.php$ {
            root           /web/htdocs;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
            include        fastcgi_params;
從新載入配置文件
[root@localhost htdocs]# service nginx reload
鏈接數據庫,爲phpMyAdmin本地用戶設定密碼:
mysql> SET PASSWORD FOR root@localhost=PASSWORD('redhat');
mysql> SET PASSWORD FOR root@127.0.0.1=PASSWORD('redhat');
mysql> FLUSH PRIVILEGES;
至此,能夠打開瀏覽器測試使用phpMyAdmin

安裝xcache,爲php加速:
[root@localhost ~]# tar xf xcache-2.0.0.tar.bz2
[root@localhost ~]# cd xcache-2.0.0
[root@localhost xcache-2.0.0]# /usr/local/php/bin/phpize
[root@localhost xcache-2.0.0]# ./configure --enable-xcache --with-php-config=/usr/local/php/bin/php-config
[root@localhost xcache-2.0.0]# make && make install
安裝結束時,會出現相似以下行:
Installing shared extensions:     /usr/local/php/lib/php/extensions/no-debug-zts-20100525/
編輯php.ini,整合php和xcache:
首先將xcache提供的樣例配置導入php.ini
[root@localhost xcache-2.0.0]# mkdir /etc/php.d
[root@localhost xcache-2.0.0]# cp xcache.ini /etc/php.d
接下來編輯/etc/php.d/xcache.ini,找到zend_extension開頭的行,修改成以下行:
zend_extension = /usr/local/php/lib/php/extensions/no-debug-zts-20100525/xcache.so
注意:若是php.ini文件中有多條zend_extension指令行,要確保此新增的行排在第一位。
從新啓動php-fpm
service php-fpm restart
 
 
nginx配置文件中某些指令的用法及經常使用功能的實現方式:

location:定義基於不一樣的URI,定製不一樣的訪問屬性(頁面,權限··)
syntax: location [=|~|~*|^~|@] /uri/ { ... }
=精確匹配(通常匹配單個文件) 
~區分字母大小寫的模式匹配
~*不區分大小寫的模式匹配
^~禁用模式匹配(作字符逐個匹配)
優先級:=(最高),^~,~ ~*
 
nginx中定義路徑別名:
location  /bbs/ { 
  alias  /spool/bbs/;
}

定義一個server
server {
        listen          80;
        server_name     mail.gao.com;
        root            /mail/htdocs;
}
 
定義訪問權限(基於IP地址):
location / {
  deny    192.168.0.7;
  allow   192.168.0.0/24;
  deny    all;
}

基於用戶名的訪問控制:
使用htpasswd工具建立用戶(需提早安裝httpd)
[root@localhost ~]# htpasswd -c -m /etc/nginx/.htpasswd hadoop
[root@localhost nginx]# chmod o=--- .htpasswd
[root@localhost nginx]# chown :nginx .htpasswd
在須要添加訪問控制的頁面中加入以下內容便可:
        location / {
        auth_basic "Restricted";
        auth_basic_user_file /etc/nginx/.htpasswd;
        }
配置https:
CA服務器:
編輯 /etc/pki/tls/openssl.cnf
修改CA路徑以下:
dir=/etc/pki/CA
建立相關目錄及文件:
[root@localhost CA]# mkdir certs newcerts crl
[root@localhost CA]# touch index.txt
[root@localhost CA]# echo 01 > serial
自簽證書
[root@localhost CA]# (umask 077;openssl genrsa 1024 >  private/cakey.pem)
[root@localhost CA]# openssl req -x509 -new -key private/cakey.pem -out cacert.pem -days 3650
 
證書申請方:
爲某服務生成密鑰:
[root@localhost ~]# cd /etc/nginx/
[root@localhost nginx]# mkdir ssl
[root@localhost nginx]# cd ssl
[root@localhost ssl]# (umask 077;openssl genrsa 1024 > nginx.key)
[root@localhost ssl]# openssl req -new -key nginx.key -out nginx.csr
將此請求經過某方式傳遞給CA服務器
CA簽署證書(在CA服務器上操做)
[root@localhost ssl]# openssl ca -in nginx.csr -out nginx.crt -days 3650
編輯/etc/nginx/nginx.conf,啓用https功能便可
 
若是要在SSL中使用php,須要複製/etc/nginx/nginx.conf中的php的location到https區域中,並在php的location中添加此選項:
fastcgi_param HTTPS on;以下所示:
    server {
        listen       443;
        server_name  localhost;
        ssl                  on;
        ssl_certificate      ssl/nginx.crt;
        ssl_certificate_key  ssl/nginx.key;
        ssl_session_timeout  5m;
        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
        location / {
            root   /web/htdocs;
            index  index.php index.html index.htm;
        }
        location ~ \.php$ {
            root           /web/htdocs;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
            include        fastcgi_params;
            fastcgi_param   HTTPS on;
            deny 192.168.0.7;
            allow 192.168.0.0/24;
            deny all;
                auth_basic "Restricted";
                auth_basic_user_file /etc/nginx/.htpasswd;
        }
    }
 

開啓Nginx狀態監控的功能:
location /nginx_status {
  stub_status on;
  access_log off;
}
瀏覽器中打開 http://IP/nginx_status便可
 
定義默認虛擬主機
server {         listen 80 default;         server_name     _;         root    /web/default;         }
相關文章
相關標籤/搜索