第一周(LNMP-Nginx_php-fpm-80转443)

nginx

#!/bin/bash
echo "update yum"
yum update

echo "安装依赖包"
yum install -y vim lrzsz tree screen psmisc lsof tcpdump wget ntpdate gcc gcc-c++ glibc
glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net- tools iotop bc zip
unzip zlib-devel bash-completion nfs-utils automake libxml2 libxml2-devel libxslt
libxslt-devel perl perl-ExtUtils-Embed

echo "开始安装nginx"
cd /home/lichao/
wget https://nginx.org/download/nginx-1.16.1.tar.gz
tar zxf nginx-1.16.tar.gz
cd nginx-1.16.1
./configure --prefix=/home/opt/nginx
--user=nginx
--group=nginx
--with-http_ssl_module
--with-http_v2_module
--with-http_realip_module
--with-http_stub_status_module
--with-http_gzip_static_module
--with-pcre
--with-stream
--with-stream_ssl_module
--with-stream_realip_module
make -j2 && make install
useradd nginx -s /sbin/nologin -u 2000
chown nginx.nginx -R /home/opt/nginx

echo "创建nginx启动脚本"
cat << EOF > /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running nginx -t from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/apps/nginx/sbin/nginx -t
ExecStart=/apps/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF

CPU_info=grep 'model name' /proc/cpuinfo | wc -l
sed -i "s#user nobody;#user nginx;#;s#worker_processes 1;#worker_processes
${CPU_info};#;s#worker_connections 1024;#worker_connections 65535;#" /home/opt/nginx/conf/nginx.conf

mysql

yum install gcc gcc-c++ ncurses ncurses-devel cmake bison -y
#安装boost依赖
curl -o boost_1_59_0.tar.gz https://jaist.dl.sourceforge.net/project/boost/boost/1.59.0/boost_1_59_0.tar.gz
#源码包
curl -o mysql-5.7.29.tar.gz http://mirrors.163.com/mysql/Downloads/MySQL-5.7/mysql-5.7.31.tar.gz

#解压
tar -zxf boost_1_59_0.tar.gz -C /usr/local/
tar -zxf mysql-5.7.29.tar.gz

#创建用户、目录
groupadd -r mysql && useradd -r -g mysql -s /sbin/nologin -M mysql
#数据目录
mkdir -p /data/mysql && chown mysql.mysql /data/mysql
#log
mkdir -p /var/log/mysql && chown mysql.mysql /var/log/mysql
#socket
mkdir -p /var/lib/mysql && chown mysql.mysql /var/lib/mysql
#PID
mkdir -p /var/run/mysqld && chown mysql.mysql /var/run/mysqld

#预编译
cmake .
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql
-DMYSQL_DATADIR=/data/mysql
-DSYSCONFDIR=/etc
-DMYSQL_UNIX_ADDR=/var/lib/mysql/mysqld.sock
-DEXTRA_CHARSETS=all
-DDEFAULT_CHARSET=utf8
-DDEFAULT_COLLATION=utf8_general_ci
-DWITH_MYISAM_STORAGE_ENGINE=1
-DWITH_INNOBASE_STORAGE_ENGINE=1
-DWITH_PARTITION_STORAGE_ENGINE=1
-DENABLED_LOCAL_INFILE=1
-DENABLED_PROFILING=1
-DMYSQL_TCP_PORT=3306
-DWITH_DEBUG=0
-DDOWNLOAD_BOOST=1
-DWITH_BOOST=/usr/local/boost_1_59_0

#编译安装
make -j grep processor /proc/cpuinfo | wc -l && make install

#开机启动
chown -R mysql:mysql /usr/local/mysql
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chmod +x /etc/init.d/mysqld

# 开机自启 chkconfig --add mysqld
chkconfig mysqld on

#环境变量
# 添加到环境变量
echo "" >> /etc/bashrc
echo "export PATH=/usr/local/mysql/bin:$PATH" >> /etc/bashrc
echo "" >> /etc/bashrc
source ~/.bashrc
或添加到/etc/profile

PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
source /etc/profile

# 使用软链接
ln -s /usr/local/mysql/bin/* /usr/local/bin/

#初始化
/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data
--user :指定用户
--basedir :MySQL所在目录
--datadir :MySQL数据库和表所在的目录，以及pid文件

#启动
# 使用service
service mysqld start
# 使用systemd
systemctl daemon-reload
systemctl start mysqld

#修改配置
vim /etc/my.cnf
[mysqld]
datadir=/data/mysql
socket=//var/lib/mysql/mysql.sock

[mysqld_safe]
log-error=/var/log/mysql/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd

[client]
default-character-set=utf8
socket=/var/lib/mysql/mysql.sock

[mysql]
default-character-set=utf8
socket=/var/lib/mysql/mysql.sock

#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

#修改root密码
进入mysql库
use mysql;
update user set authentication_string=PASSWORD('newpassword') where user='root';
flush privileges;
#快速设置密码
mysqladmin -u root password 'newpassword'

#编译报错
with preprocessed source if appropriate.
See http://bugzilla.redhat.com/bugzilla for instructions.
make[2]: *** [sql/CMakeFiles/sql.dir/geometry_rtree.cc.o] 错误 4
make[1]: *** [sql/CMakeFiles/sql.dir/all] 错误 2
make: *** [all] 错误 2
#添加交换空间
dd if=/dev/zero of=/swapfile bs=1k count=2048000
mkswap /swapfile
swapon /swapfile
chmod 600 /swapfile
#继续编译
make -j grep processor /proc/cpuinfo | wc -l && make install
#完成后可以删除交换空间
swapoff /swapfile
rm /swapfile
#客户端连接报错
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
#查看 /etc/my.cnf配置找到my.sock配置

#ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysqld.sock' (2)
/etc/my.cnf 查看sock 配置里的mysqld.sock是否存在和文件权限 777 mysql.mysql

php-fpm

php-fpm安装配置
安装指定版本
Centos7
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
Centos6
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm

yum -y install php-mbstring php-mcrypt php-mysql
yum install php56w-fpm php56w-opcache
#服务配置文件
/etc/php-fpm.conf
#主配置文件
/etc/php-fpm.d/www.conf
#内置的网页状态测试页
/usr/share/fpm/status.html

nginx配置80转443和php-fpm

#在server 80段的配置中加上下面配置后所有请求都会转发到https上
location / {
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
###PHP-FPM
安装指定版本
Centos7
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
Centos6
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm

yum -y install php-mbstring php-mcrypt php-mysql
yum install php56w-fpm php56w-opcache

服务配置文件

/etc/php-fpm.conf

主配置文件

/etc/php-fpm.d/www.conf

内置的网页状态测试页

/usr/share/fpm/status.html

###nginx php-fpm段配置，在server下。如果配了80强制转443只需要在443配置里面加
location ~ .php$ {
root /home/opt/nginx/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}

###80和443配置 我这里用的阿里云的机器所以用ip访问本地/etc/hosts解析，域名如果备案了就用域名。
如果没有备案并且外网访问会超时或者跳到域名购买的连接,本地解析也没用
server {
listen 80;
server_name www.magege.com;
location / {
rewrite ^(.*)$ https://$host$1 permanent;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}

server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name 49.232.195.203;
root /usr/share/nginx/html;

    ssl_certificate /home/certs/www.magedu.net.crt;
    ssl_certificate_key /home/certs/www.magedu.net.key;
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout  10m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers off;

    include /etc/nginx/default.d/*.conf;

    location / {
        index  index.html index.htm;
    }

    error_page 404 /404.html;
    location = /404.html {
    }

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    }
}