介绍 (Introduction)
A LEMP software stack is a group of open source software that is typically installed together to enable a server to host dynamic websites and web apps. This term is actually an acronym which represents the Linux operating system, with the ENginx web server (which replaces the Apache component of a LAMP stack). The site data is stored in a MySQL-based database, and dynamic content is processed by PHP.
LEMP软件堆栈是一组开源软件,通常会一起安装以使服务器能够托管动态网站和Web应用程序。 该术语实际上是代表L inux操作系统和E Nginx Web服务器(代替LAMP堆栈的Apache组件)的首字母缩写。 站点数据存储在基于M ySQL的数据库中,动态内容由P HP处理。
In this guide, we’ll get a LEMP stack with PHP 7.4 installed on a CentOS 7 server, using MariaDB as the database management system. MariaDB works as a drop-in replacement for the original MySQL server, which in practice means you can switch to MariaDB without having to make any configuration or code changes in your application.
在本指南中,我们将使用MariaDB作为数据库管理系统,在CentOS 7服务器上获得安装了PHP 7.4的LEMP堆栈。 MariaDB可以替代原始MySQL服务器,实际上,这意味着您可以切换到MariaDB,而无需在应用程序中进行任何配置或代码更改。
先决条件 (Prerequisites)
Before you begin with this guide, you should have a separate, non-root user account set up on your server. You can learn how to do this by completing steps 1-4 in the initial server setup for CentOS 7.
在开始本指南之前,您应该在服务器上设置一个单独的非root用户帐户。 您可以通过完成CentOS 7初始服务器设置中的步骤1-4来学习如何做。
第1步-安装Nginx (Step 1 — Installing Nginx)
In order to display web pages to our site visitors, we are going to employ Nginx, a high-performance web server. To get the latest Nginx version, we’ll first install the EPEL repository, which contains additional software for the CentOS 7 operating system.
为了向网站访问者显示网页,我们将使用高性能的Web服务器Nginx。 要获取最新的Nginx版本,我们将首先安装EPEL存储库,其中包含用于CentOS 7操作系统的其他软件。
To add the CentOS 7 EPEL repository, run the following command:
要添加CentOS 7 EPEL存储库,请运行以下命令:
- sudo yum install epel-release sudo yum安装epel-release
Since we are using a sudo command, these operations get executed with root privileges. It will ask you for your regular user’s password to verify that you have permission to run commands with root privileges. You’ll also be prompted to confirm installation, so press Y to proceed.
由于我们使用的是sudo命令,因此这些操作将以root特权执行。 它将要求您提供普通用户的密码,以验证您是否具有运行具有root特权的命令的权限。 系统还会提示您确认安装,因此请按Y继续。
Now that the EPEL repository is installed on your server, install Nginx using the following yum command:
现在您的服务器上已经安装了EPEL存储库,请使用以下yum命令安装Nginx:
- sudo yum install nginx 须藤yum安装nginx
Once the installation is finished, start the Nginx service with:
安装完成后,使用以下命令启动Nginx服务:
- sudo systemctl start nginx sudo systemctl启动nginx
You can do a spot check right away to verify that everything went as planned by visiting your server’s public IP address in your web browser (see the note under the next heading to find out what your public IP address is if you do not have this information already):
您可以通过在Web浏览器中访问服务器的公共IP地址来立即进行抽查,以验证一切是否按计划进行(如果您没有此信息,请查看下一个标题下的注释,以了解您的公共IP地址是什么)。已经):
Open in a web browser:
http://server_domain_name_or_IP/
You will see the default CentOS 7 Nginx web page, which is there for informational and testing purposes. It should look something like this:
您将看到默认的CentOS 7 Nginx网页,该网页用于提供信息和进行测试。 它看起来应该像这样:
If you see this page, then your web server is now correctly installed.
如果看到此页面,则表明您的Web服务器现在已正确安装。
To enable Nginx to start on boot, run the following command:
要使Nginx在启动时启动,请运行以下命令:
- sudo systemctl enable nginx sudo systemctl启用nginx
如何查找服务器的公用IP地址 (How To Find Your Server’s Public IP Address)
If you do not know what your server’s public IP address is, there are a number of ways you can find it. Usually, this is the address you use to connect to your server through SSH.
如果您不知道服务器的公用IP地址是什么,可以通过多种方法找到它。 通常,这是您用于通过SSH连接到服务器的地址。
From the command line, you can find this a few ways. First, you can use the iproute2 tools to get your address by typing this:
在命令行中,您可以通过几种方法找到此方法。 首先,您可以使用iproute2工具输入以下内容来获取地址:
- ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//' ip addr显示eth0 | grep inet | awk'{print $ 2; }'| sed's /\/.*$//'
This will give you one or two lines back. They are both correct addresses, but your computer may only be able to use one of them, so feel free to try each one.
这将给您返回一两行。 它们都是正确的地址,但是您的计算机可能只能使用它们之一,因此请随意尝试每个。
An alternative method is to use an outside party to tell you how it sees your server. You can do this by asking a specific server what your IP address is:
一种替代方法是使用外部方来告诉您它如何看待服务器。 您可以通过询问特定的服务器您的IP地址是什么来做到这一点:
- curl http://icanhazip.com 卷曲http://icanhazip.com
Regardless of the method you use to get your IP address, you can type it into your web browser’s address bar to get to your server.
无论使用哪种方法获取IP地址,都可以在Web浏览器的地址栏中键入它以获取服务器。
第2步-安装MariaDB (Step 2 — Installing MariaDB)
Now that we have our web server up and running, it is time to install MariaDB, a MySQL drop-in replacement. MariaDB is a community-developed fork of the MySQL relational database management system.
现在我们的Web服务器已启动并正在运行,是时候安装MySQL替代品MariaDB了。 MariaDB是社区开发MySQL关系数据库管理系统的分支。
Again, we can use yum to acquire and install our software. This time, we’ll also install some other helper packages that will assist us in getting our components to communicate with each other:
同样,我们可以使用yum来获取和安装我们的软件。 这次,我们还将安装其他一些帮助程序包,这些程序包将帮助我们使组件相互通信:
- sudo yum install mariadb-server mariadb sudo yum安装mariadb-server mariadb
When the installation is complete, we need to start MariaDB with the following command:
安装完成后,我们需要使用以下命令启动MariaDB:
- sudo systemctl start mariadb sudo systemctl启动mariadb
Now that our MariaDB database is running, we want to run a security script that will remove some dangerous defaults and lock down access to our database. Start the interactive script by running:
现在我们的MariaDB数据库正在运行,我们想运行一个安全脚本,该脚本将删除一些危险的默认值并锁定对数据库的访问。 通过运行以下命令来启动交互式脚本:
- sudo mysql_secure_installation 须藤mysql_secure_installation
The prompt will ask you for your current root MariaDB password. Since you just installed MariaDB, you most likely won’t have one, so leave it blank by pressing enter. Then the prompt will ask you if you want to set a root password. Go ahead and enter Y, and follow the instructions:
提示将询问您当前的root MariaDB密码。 由于您刚刚安装了MariaDB,因此很可能没有,因此请按Enter使其空白。 然后,提示将询问您是否要设置root密码。 继续并输入Y ,然后按照说明进行操作:
mysql_secure_installation prompts:
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
For the rest of the questions, you should hit the “ENTER” key through each prompt to accept the default values. This will remove some sample users and databases, disable remote root logins, and load these new rules so that MySQL immediately respects the changes we have made.
对于其余的问题,您应在每个提示中均按“ ENTER”键以接受默认值。 这将删除一些示例用户和数据库,禁用远程root登录,并加载这些新规则,以便MySQL立即尊重我们所做的更改。
The last thing you will want to do is enable MariaDB to start on boot. Use the following command to do so:
您要做的最后一件事是使MariaDB在引导时启动。 使用以下命令来这样做:
- sudo systemctl enable mariadb sudo systemctl启用mariadb
At this point, your database system is now set up and we can move on.
至此,您的数据库系统已经建立,我们可以继续。
第3步-安装PHP (Step 3 — Installing PHP)
PHP is the component of our setup that will process code to display dynamic content. It can run scripts, connect to our MySQL databases to get information, and hand the processed content over to our web server to display.
PHP是我们安装程序的组件,它将处理代码以显示动态内容。 它可以运行脚本,连接到我们MySQL数据库以获取信息,并将处理后的内容移交给我们的Web服务器进行显示。
The PHP version available by default within CentOS 7 servers is outdated, and for that reason, we’ll need to install a third-party package repository in order to obtain PHP 7+ and get it installed on your CentOS 7 server. Remi is a popular package repository providing the most up-to-date PHP releases for CentOS servers.
CentOS 7服务器上默认可用PHP版本已过时,因此,我们需要安装第三方软件包存储库才能获取PHP 7+并将其安装在CentOS 7服务器上。 Remi是一个受欢迎的软件包存储库,为CentOS服务器提供了最新PHP版本。
To install the Remi repository for CentOS 7, run:
要为CentOS 7安装Remi存储库,请运行:
- sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm 须藤百胜安装http://rpms.remirepo.net/enterprise/remi-release-7.rpm
After the installation is done, you’ll need to run a command to enable the repository containing your preferred version of PHP. To check which PHP 7+ releases are available in the Remi repository, run:
安装完成后,您将需要运行命令以启用包含您的首选PHP版本的存储库。 要检查Remi存储库中可用PHP 7+版本,请运行:
- yum --disablerepo="*" --enablerepo="remi-safe" list php[7-9][0-9].x86_64 yum --disablerepo =“ *” --enablerepo =“ remi-safe”列表php [7-9] [0-9] .x86_64
You’ll see output like this:
您将看到如下输出:
Output
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* remi-safe: mirrors.ukfast.co.uk
Available Packages
php70.x86_64 2.0-1.el7.remi remi-safe
php71.x86_64 2.0-1.el7.remi remi-safe
php72.x86_64 2.0-1.el7.remi remi-safe
php73.x86_64 2.0-1.el7.remi remi-safe
php74.x86_64 1.0-3.el7.remi remi-safe
php80.x86_64 1.0-3.el7.remi remi-safe
In this guide, we’ll install PHP 7.4, which is currently the most updated stable version of PHP. To enable the correct Remi package to get PHP 7.4 installed, run:
在本指南中,我们将安装PHP 7.4,它是当前PHP的最新稳定版本。 要启用正确的Remi软件包以安装PHP 7.4,请运行:
sudo yum-config-manager --enable remi-php74
sudo yum-config-manager-启用remi-php 74
Now we can proceed to use yum for installing PHP as usual. The following command will install all the required packages to get PHP 7.4 set up within Nginx and allow it to connect to MySQL-based databases:
现在我们可以照常使用yum安装PHP。 以下命令将安装所有必需的软件包,以在Nginx中设置PHP 7.4,并允许其连接到基于MySQL的数据库:
- sudo yum install php php-mysqlnd php-fpm 须藤百胜安装php php-mysqlnd php-fpm
To confirm that PHP is available as your chosen version, run:
要确认PHP是您选择的版本,请运行:
- php --version php --version
You’ll see output like this:
您将看到如下输出:
Output
PHP 7.4.5 (cli) (built: Apr 14 2020 12:54:33) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
PHP is now successfully installed on your system. Next, we need to make a few adjustments to the default configuration. To facilitate editing files on CentOS, we’ll first install nano, a more user-friendly text editor than vi:
PHP现在已成功安装在您的系统上。 接下来,我们需要对默认配置进行一些调整。 为方便在CentOS上编辑文件,我们将首先安装nano ,它比vi更友好:
- sudo yum install nano 须藤百胜安装纳米
Open the /etc/php-fpm.d/www.conf configuration file using nano or your editor of choice:
使用nano或您选择的编辑器打开/etc/php-fpm.d/www.conf配置文件:
- sudo nano /etc/php-fpm.d/www.conf 须藤纳米/etc/php-fpm.d/www.conf
Now look for the user and group directives. If you are using nano, you can hit CTRL+W to search for these terms inside the open file.
现在查找user和group指令。 如果您使用的是nano ,则可以按CTRL + W在打开的文件中搜索这些术语。
…
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache user chosen to provide access to the same directories as httpd
user = apache
; RPM: Keep a group allowed to write in log dir.
group = apache
…You’ll notice that both the user and group variables are set to apache. We need to change these to nginx:
您会注意到, user和group变量都设置为apache 。 我们需要将它们更改为nginx :
…
; RPM: apache user chosen to provide access to the same directories as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
…Next, locate the listen directive. By default, php-fpm will listen on a specific host and port over TCP. We want to change this setting so it listens on a local socket file, since this improves the overall performance of the server. Change the line containing the listen directive to the following:
接下来,找到listen指令。 默认情况下, php-fpm将通过TCP侦听特定的主机和端口。 我们想要更改此设置,以便它侦听本地套接字文件,因为这样可以提高服务器的整体性能。 将包含listen指令的行更改为以下内容:
listen = /var/run/php-fpm/php-fpm.sock;Finally, we’ll need to change the owner and group settings for the socket file we just defined within the listen directive. Locate the listen.owner, listen.group and listen.mode directives. These lines are commented out by default. Uncomment them by removing the preceding ; sign at the beginning of the line. Then, change the owner and group to nginx:
最后,我们需要更改我们在listen指令中定义的套接字文件的所有者和组设置。 找到listen.owner , listen.group和listen.mode指令。 这些行默认情况下被注释掉。 通过删除前面的注释取消注释; 在行首签名。 然后,将所有者和组更改为nginx :
listen.owner = nginx
listen.group = nginx
listen.mode = 0660Save and close the file when you’re done editing. If you are using nano, do so by pressing CTRL + X, then Y and ENTER.
完成编辑后,保存并关闭文件。 如果使用nano ,请按CTRL + X ,然后按Y和ENTER 。
To enable and start the php-fpm service, run:
要启用并启动php-fpm服务,请运行:
- sudo systemctl start php-fpm sudo systemctl启动php-fpm
Your PHP environment is now ready. Next, we’ll configure Nginx so that it sends all requests for PHP scripts to be processed by php-fpm.
您PHP环境现已准备就绪。 接下来,我们将配置Nginx,以便它发送所有对PHP脚本的请求,这些请求将由php-fpm 。
第4步-配置Nginx处理PHP页面 (Step 4 — Configuring Nginx to Process PHP Pages)
Now, we have all of the required components installed. The only configuration change we still need to do is tell Nginx to use our PHP processor for dynamic content.
现在,我们已经安装了所有必需的组件。 我们仍然需要做的唯一配置更改就是告诉Nginx使用我们PHP处理器处理动态内容。
Nginx has a dedicated directory where we can define each hosted website as a separate configuration file, using a server block. This is similar to Apache’s virtual hosts.
Nginx有一个专用目录,我们可以在其中使用服务器块将每个托管网站定义为单独的配置文件。 这类似于Apache的虚拟主机。
With the default installation, however, this directory is empty. We’ll create a new file to serve as the default PHP website on this server, which will override the default server block defined in the /etc/nginx/nginx.conf file.
但是,使用默认安装时,此目录为空。 我们将在该服务器上创建一个新文件作为默认PHP网站,它将覆盖/etc/nginx/nginx.conf文件中定义的默认服务器块。
First, open a new file in the /etc/nginx/conf.d directory:
首先,在/etc/nginx/conf.d目录中打开一个新文件:
- sudo nano /etc/nginx/conf.d/default.conf 须藤nano /etc/nginx/conf.d/default.conf
Copy the following PHP server definition block to your configuration file, and don’t forget to replace the server_name directive so that it points to your server’s domain name or IP address:
将以下PHP服务器定义块复制到您的配置文件中,并且不要忘记替换server_name指令,使其指向您服务器的域名或IP地址:
server {
listen 80;
server_name server_domain_or_IP;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}Save and close the file when you’re done.
完成后,保存并关闭文件。
Next, restart Nginx to apply the changes:
接下来,重新启动Nginx以应用更改:
- sudo systemctl restart nginx sudo systemctl重启nginx
Your web server is now fully set up. In the next step, we’ll test the PHP integration to Nginx.
您的Web服务器现已完全设置。 在下一步中,我们将测试与NginxPHP集成。
第5步-在Web服务器上测试PHP处理 (Step 5 — Testing PHP Processing on your Web Server)
Now that your web server is set up, we can create a test PHP script to make sure Nginx is correctly handling .php scripts with the help of php-fpm.
现在您的Web服务器已设置完毕,我们可以创建一个测试PHP脚本,以确保Nginx在php-fpm的帮助下正确处理了.php脚本。
Before creating our script, we’ll make a change to the default ownership settings on Nginx’s document root, so that our regular sudo user is able to create files in that location.
在创建脚本之前,我们将对Nginx文档根目录的默认所有权设置进行更改,以便我们的常规sudo用户能够在该位置创建文件。
The following command will change the ownership of the default Nginx document root to a user and group called sammy, so be sure to replace the highlighted username and group in this command to reflect your system’s username and group.
以下命令会将默认Nginx文档根目录的所有权更改为名为sammy的用户和组,因此请确保在此命令中替换突出显示的用户名和组,以反映系统的用户名和组。
sudo chown -R sammy.sammy /usr/share/nginx/html/
sudo chown -R sammy 。 萨米 / usr / share / nginx / html /
We’ll now create a test PHP page to make sure the web server works as expected.
现在,我们将创建一个测试PHP页面,以确保Web服务器能够按预期工作。
Create a new PHP file called info.php at the /usr/share/nginx/html directory:
在/usr/share/nginx/html目录中创建一个名为info.php的新PHP文件:
nano /usr/share/nginx/html/info.php
纳米/ usr / share / nginx / html / info.php
The following PHP code will display information about the current PHP environment running on the server:
以下PHP代码将显示有关服务器上当前运行PHP环境的信息:
<?php
phpinfo();When you are finished, save and close the file.
完成后,保存并关闭文件。
Now we can test whether our web server can correctly display content generated by a PHP script. Go to your browser and access your server hostname or IP address, followed by /info.php:
现在,我们可以测试我们的Web服务器是否可以正确显示PHP脚本生成的内容。 转到浏览器并访问服务器主机名或IP地址,然后/info.php :
http://server_host_or_IP/info.phpYou’ll see a page similar to this:
您会看到类似以下页面:
After checking the relevant information about your PHP server through that page, it’s best to remove the file you created as it contains sensitive information about your PHP environment and your CentOS server. You can use rm to remove that file:
在通过该页面检查有关PHP服务器的相关信息之后,最好删除您创建的文件,因为该文件包含有关PHP环境和CentOS服务器的敏感信息。 您可以使用rm删除该文件:
rm /usr/share/nginx/html/info.php
rm / usr / share / nginx / html / info.php
You can always regenerate this file if you need it later.
如果以后需要,可以随时重新生成该文件。
结论 (Conclusion)
In this guide, you’ve built a flexible foundation for serving PHP websites and applications to your visitors, using Nginx as web server and the latest PHP release version. You’ve set up Nginx to handle PHP requests through php-fpm, and you also set up a MariaDB database to store your website’s data.
在本指南中,您使用Nginx作为Web服务器和最新PHP版本,为为访问者提供PHP网站和应用程序奠定了灵活的基础。 您已经设置了Nginx来通过php-fpm处理PHP请求,并且还设置了一个MariaDB数据库来存储您的网站数据。
508
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
