软件版本
centos6.5
nginx-1.2.0.tar.gz
mysql-5.5.25.tar.gz
php-5.2.13.tar.bz2
php-5.2.13-fpm-0.5.13.diff.gz(php fpm补丁)
libmcrypt-2.5.7.tar.gz(PHPlibmcrypt模块)
php-5.2.13-fpm-0.5.13.diff.gz
pcre-8.30.tar.gz(支持nginx伪静态)
cmake-2.8.8.tar.gz(MySQL编译工具)
系统约定
软件源代码包存放位置:/usr/local/src
源码包编译安装位置:/usr/local/软件名字
配置防火墙,开启80、3306端口
vi /etc/sysconfig/iptables #编辑防火墙配置文件
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT #允许80端口通过防火墙
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT #允许3306端口通过防火墙
特别提示:很多网友把这两条规则添加到防火墙配置的最后一行,导致防火墙启动失败
正确的应该是添加到默认的22端口这条规则的下面
/etc/init.d/iptables restart #最后重启防火墙使配置生效
关闭SELINUX(非常重要,否则php不能成功安装)
vi /etc/selinux/config #编辑
SELINUX=disabled #修改
#SELINUXTYPE=targeted #注释掉
:wq #保存退出
shutdown -r now #重启系统
安装编译工具及库文件(使用yum命令安装)
yum -y install make apr* autoconf automake curl-devel gcc gcc-c++ zlib-devel openssl openssl-devel pcre-devel gd kernel keyutils patch perl kernel-headers compat* mpfr cpp glibc libgomp libstdc++-devel ppl cloog-ppl keyutils-libs-devel libcom_err-devel libsepol-devel libselinux-devel krb5-devel zlib-devel libXpm* freetype libjpeg* libpng* php-common php-gd ncurses* libtool* libxml2 libxml2-devel patch freetype-devel lrzsz
安装cmake(MySQL编译工具)
cd /usr/local/src
tar zxvf cmake-2.8.8.tar.gz
cd cmake-2.8.8
./configure
make&&make install #安装
安装MySQL
1.用户组
groupadd mysql #添加mysql组
useradd -g mysql mysql -s /bin/false #创建用户mysql并加入到mysql组,不允许mysql用户直接登录系统
2.建立目录
mkdir -p /data/mysql #创建MySQL数据库存放目录
chown -R mysql:mysql /data/mysql #设置MySQL数据库目录权限
mkdir -p /usr/local/mysql #创建MySQL安装目录
3.安装MySQL
cd /usr/local/src
tar zxvf mysql-5.5.25.tar.gz #解压
cd mysql-5.5.25
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DSYSCONFDIR=/etc #配置
make&&make install #安装
4.配置MySQL
cd /usr/local/mysql
cp ./support-files/my-huge.cnf /etc/my.cnf #拷贝配置文件(注意:如果/etc目录下面默认有一个my.cnf,直接覆盖即可)
vi /etc/my.cnf #编辑配置文件,在 [mysqld] 部分增加下面一行
datadir = /data/mysql #添加MySQL数据库路径
:wq! #保存退出
./scripts/mysql_install_db --user=mysql #生成mysql系统数据库
cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld #把Mysql加入系统启动
chmod 755 /etc/init.d/mysqld #增加执行权限
chkconfig mysqld on #设置开机启动
vi /etc/rc.d/init.d/mysqld #编辑
basedir = /usr/local/mysql #MySQL程序安装路径
datadir = /data/mysql #MySQl数据库存放目录
:wq! #保存退出
service mysqld start #启动
vi /etc/profile #把mysql服务加入系统环境变量:在最后添加下面这一行
export PATH=$PATH:/usr/local/mysql/bin
:wq! #保存退出
5.添加软链接
下面这两行把myslq的库文件链接到系统默认的位置,在编译类似PHP等软件时可以不用指定mysql的库文件地址。
ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln -s /usr/local/mysql/include/mysql /usr/include/mysql
shutdown -r now #需要重启系统,等待系统重新启动之后继续在终端命令行下面操作
6.设置用户名密码
mysql_secure_installation #设置Mysql密码
根据提示按Y 回车(默认密码为空)
然后输入2次密码
继续按Y 回车,直到设置完成
或者直接修改密码/usr/local/mysql/bin/mysqladmin -u root -p password "111111" #修改密码
service mysqld restart #重启
到此,mysql安装完成!
安装pcre(支持nginx伪静态)
cd /usr/local/src
mkdir /usr/local/pcre #创建安装目录
tar zxvf pcre-8.30.tar.gz
cd pcre-8.30
./configure --prefix=/usr/local/pcre #配置
make&&make install
安装 nginx
1.安装nginx
cd /usr/local/src
groupadd www #添加www组
useradd -g www www -s /bin/false #创建nginx运行账户www并加入到www组,不允许www用户直接登录系统
tar zxvf nginx-1.2.0.tar.gz
cd nginx-1.2.0
./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-openssl=/usr/ --with-pcre=/usr/local/src/pcre-8.30
注意:–with-pcre=/usr/local/src/pcre-8.30指向的是源码包解压的路径,而不是安装的路径,否则会报错
make&&make install
/usr/local/nginx/sbin/nginx #启动nginx
报错:80端口被占用,由于系统预装了apache,卸载掉即可
2.配置
vi /etc/rc.d/init.d/nginx #设置nginx开启启动,编辑启动文件添加下面内容
#################################################################
#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# it is v.0.0.2 version.
# chkconfig: - 85 15
# description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# processname: nginx
# pidfile: /var/run/nginx.pid
# config: /usr/local/nginx/conf/nginx.conf
nginxd=/usr/local/nginx/sbin/nginx
nginx_config=/usr/local/nginx/conf/nginx.conf
nginx_pid=/usr/local/nginx/logs/nginx.pid
RETVAL=0
prog="nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ]&&exit 0
[ -x $nginxd ] || exit 0
# Start nginx daemons functions.
start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"Starting $prog: "
daemon $nginxd -c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = 0 ]&&touch /var/lock/subsys/nginx
return $RETVAL
}
# Stop nginx daemons functions.
stop() {
echo -n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = 0 ]&&rm -f /var/lock/subsys/nginx /usr/local/nginx/logs/nginx.pid
}
reload() {
echo -n $"Reloading $prog: "
#kill -HUP `cat ${nginx_pid}`
killproc $nginxd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $RETVAL
#################################################################
:wq! #保存退出
chmod 775 /etc/rc.d/init.d/nginx #赋予文件执行权限
chkconfig nginx on #设置开机启动
/etc/rc.d/init.d/nginx restart #重启
安装libiconv
cd /usr/local/src/
tar zxvf libiconv-1.13.tar.gz
cd libiconv-1.13
./configure --prefix=/usr/local
make&&make install
安装libmcrypt(PHPlibmcrypt模块)
cd /usr/local/src
tar zxvf libmcrypt-2.5.8.tar.gz #解压
cd libmcrypt-2.5.8 #进入目录
./configure #配置
make&&make install #安装
安装mhash
cd /usr/local/src
tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make&&make install
安装php
1.解压缩php及php-fpm补丁
cd /usr/local/src
tar -xvpf php-5.2.13.tar.bz2
php-fpm模块补丁(高版本的不需要安装)
gzip -cd php-5.2.13-fpm-0.5.13.diff.gz | patch -d php-5.2.13 -p1
2.安装
cd php-5.2.13
mkdir -p /usr/local/php5 #建立php安装目录
./configure --prefix=/usr/local/php5 --with-config-file-path=/usr/local/php5/etc --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-mysql-sock=/tmp/mysql.sock --with-gd --with-iconv=/usr/local --with-zlib --enable-xml --enable-magic-quotes --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curlwrappers --enable-mbregex --enable-fpm --enable-mbstring --enable-ftp --enable-gd-native-ttf --with-openssl --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --enable-session --with-mcrypt --with-curl --with-jpeg-dir --with-freetype-dir --with-png-dir --enable-fastcgi --enable-force-cgi-redirect #配置
make #编译
make install #安装
3.配置
mkdir /usr/local/php5/etc/ #新建php 5etc目录
cp php.ini-dist /usr/local/php5/etc/php.ini #复制php配置文件到安装目录
rm -rf /etc/php.ini #删除系统自带配置文件
ln -s /usr/local/php5/etc/php.ini /etc/php.ini #添加软链接
vi /usr/local/php5/etc/php-fpm.conf #编辑
内容如下:
<?xml version="1.0" ?>
<configuration>
All relative paths in this config are relative to php's install prefix
<section name="global_options">
Pid file
<value name="pid_file">/usr/local/php5/logs/php-fpm.pid</value>
Error log file
<value name="error_log">/data0/logs/php/php-fpm.log</value>
Log level notice alert, error, warn, notice, debug
<value name="log_level">warn</value>
When this amount of php processes exited with SIGSEGV or SIGBUS ...
<value name="emergency_restart_threshold">10</value>
... in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.
<value name="emergency_restart_interval">1m</value>
Time limit on waiting child's reaction on signals from master
<value name="process_control_timeout">5s</value>
Set to 'no' to debug fpm
<value name="daemonize">yes</value>
</section>
<workers>
<section name="pool">
Name of pool. Used in logs and stats.
<value name="name">default</value>
Address to accept fastcgi requests on.
Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
<value name="listen_address">127.0.0.1:9000</value>
<value name="listen_options">
Set listen(2) backlog
<value name="backlog">1024</value>
Set permissions for unix socket, if one used.
In Linux read/write permissions must be set in order to allow connections from web server.
Many BSD-derrived systems allow connections regardless of permissions.
<value name="owner"></value>
<value name="group"></value>
<value name="mode">0666</value>
</value>
Additional php.ini defines, specific to this pool of workers.
<value name="php_defines">
<!-- <value name="sendmail_path">/usr/sbin/sendmail -t -i</value> -->
<value name="display_errors">1</value>
</value>
Unix user of processes
<value name="user">www</value>
Unix group of processes
<value name="group">www</value>
Process manager settings
<value name="pm">
Sets style of controling worker process count.
Valid values are 'static' and 'apache-like'
<value name="style">static</value>
Sets the limit on the number of simultaneous requests that will be served.
Equivalent to Apache MaxClients directive.
Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
Used with any pm_style.
<value name="max_children">384</value>
Settings group for 'apache-like' pm style
<value name="apache_like">
Sets the number of server processes created on startup.
Used only when 'apache-like' pm_style is selected
<value name="StartServers">20</value>
Sets the desired minimum number of idle server processes.
Used only when 'apache-like' pm_style is selected
<value name="MinSpareServers">5</value>
Sets the desired maximum number of idle server processes.
Used only when 'apache-like' pm_style is selected
<value name="MaxSpareServers">35</value>
</value>
</value>
The timeout (in seconds) for serving a single request after which the worker process will be terminated
Should be used when 'max_execution_time' ini option does not stop script execution for some reason
'0s' means 'off'
<value name="request_terminate_timeout">30s</value>
The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
'0s' means 'off'
<value name="request_slowlog_timeout">0s</value>
The log file for slow requests
<value name="slowlog">/data0/logs/php/slow.log</value>
Set open file desc rlimit
<value name="rlimit_files">51200</value>
Set max core size rlimit
<value name="rlimit_core">0</value>
Chroot to this directory at the start, absolute path
<value name="chroot"></value>
Chdir to this directory at the start, absolute path
<value name="chdir"></value>
Redirect workers' stdout and stderr into main error log.
If not set, they will be redirected to /dev/null, according to FastCGI specs
<value name="catch_workers_output">yes</value>
How much requests each process should execute before respawn.
Useful to work around memory leaks in 3rd party libraries.
For endless request processing please specify 0
Equivalent to PHP_FCGI_MAX_REQUESTS
<value name="max_requests">1024</value>
Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
Makes sense only with AF_INET listening socket.
<value name="allowed_clients">127.0.0.1</value>
Pass environment variables like LD_LIBRARY_PATH
All $VARIABLEs are taken from current environment
<value name="environment">
<value name="HOSTNAME">$HOSTNAME</value>
<value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
<value name="TMP">/tmp</value>
<value name="TMPDIR">/tmp</value>
<value name="TEMP">/tmp</value>
<value name="OSTYPE">$OSTYPE</value>
<value name="MACHTYPE">$MACHTYPE</value>
<value name="MALLOC_CHECK_">2</value>
</value>
</section>
</workers>
</configuration>
注意以下位置的变量值:
user = www #设置php-fpm运行账号为www
group = www #设置php-fpm运行组为www
php-fpm安装为服务,并开机启动:
cp /usr/local/php5/sbin/php-fpm /etc/rc.d/init.d/php-fpm #设置 php-fpm开机启动,拷贝php-fpm到启动目录
vi /etc/rc.d/init.d/php-fpm
在#!/bin/sh后面增加
#chkconfig: 2345 80 90
#description:php-fpm
chmod +x /etc/rc.d/init.d/php-fpm #添加执行权限
chkconfig php-fpm on #设置开机启动
chkconfig --list php-fpm #查看状态
4.php.ini配置
vi /usr/local/php5/etc/php.ini #编辑配置文件
找到:disable_functions =
修改为:
disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
#列出PHP可以禁用的函数,如果某些程序需要用到这个函数,可以删除,取消禁用。
找到:;date.timezone =
修改为:
date.timezone = PRC #设置时区
找到:expose_php = On
修改为:
expose_php = OFF #禁止显示php版本的信息
PS:在编译PHP的过程中可能会报UNDEFINED REFERENCE TO `LIBICONV_OPEN 无法编译PHP LIBICONV错误,此时检查LIBICONV的编译参数是否正确
配置nginx支持php
vi /usr/local/nginx/conf/nginx.conf #编辑配置文件
user www www; #首行user去掉注释,修改Nginx运行组为www www;必须与/usr/local/php5/etc/php-fpm.conf中的user,group配置相同,否则php运行出错
index index.php index.html index.htm; #添加index.php
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html;#此处和server下面root保持一致,默认为html
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html/$fastcgi_script_name;
include fastcgi_params;
注意:取消FastCGIserver部分location的注释,并要注意fastcgi_param行的参数,改为/data/webroot/(此为网站根目录绝对路径)$fastcgi_script_name
/usr/local/php5/sbin/php-fpm start #启动php-fpm
/etc/init.d/nginx restart #重启nginx
测试
访问http://ip地址 出现欢迎使用nginx,说明配置成功。默认web目录 /usr/local/nginx/html/可以自己写程序测试PHP是否可用。
补充
1.出现:php nginx 502错误
查看php-fpm是否启动
php-fpm监听php-cgi端口为9,启动php-fpm
netstat -aon #查看端口启动,发现9000未启动
php-netstat -napo |grep "php-fpm" | wc -l
/usr/local/php5/sbin/php-fpm start #启动php-fpm
配置开机自动启动Nginx + PHP
vi /etc/rc.local
/usr/local/php5/sbin/php-fpm start
2.配置mysql账户
/usr/local/mysql/bin/mysql -u root -p
输入密码
为yc用户添加密码,且添加外网访问权力
mysql> insert into mysql.user(Host,User,Password) values('%','yc',password('yc'));
授权yc用户拥有所有数据库的所有权限
mysql> grant all privileges on *.* to 'yc'@'%' identified by 'yc';
mysql>flush privileges;//刷新系统权限表
3.权限问题:
配置好的环境,如果项目无法访问,大多为项目的权限问题
chmod -R 777 /usr/local/nginx/html/
/etc/init.d/nginx restart #重启nginx