CentOS7.2编译安装LNMP(Nginx1.16+MySQL5.6+PHP5.6)
最近停掉了两台用了两年多的安畅真机服务器,换腾讯云CentOS,原环境是Win2008+Apache2.4+PHP5.6+MySQL5.5,所以花点时间折腾一下LNMP,顺便学学Linux。
一、准备工作
(一) CentOS系统
腾讯云服务器,选择CentOS 7.2 x64
(二)已安装软件清理
1.清理已安装的软件
腾讯云主机系统可能会默认安装一些常用服务器软件(Apache、Mysql、PHP等),为避免冲突故先清理干净。
#检查apache、mysql、php软件是否已安装,并卸之
rpm -e httpd
rpm -e mysql
rpm -e php
yum -y remove httpd
yum -y remove mysql
yum -y remove php
#检查Mysql是否已安装
rpm -qa|grep mysql
#强制卸载Mysql
rpm -e mysql-libs-5.1.73-3.el6_5.x86_64 --nodeps
#清理Aapche
#搜索apache包
rpm -qa http*
#强制卸载apache包
rpm -e --nodeps 查询出来的文件名
#检查是否卸载干净
rpm -qa|grep http*
2.需安装的软件及版本
可以用wget下载
(1).CMake2.8.12 : http://www.cmake.org/files/v2.8/cmake-2.8.12.2.tar.gz
(2).MySQL5.6.39 x64 : https://dev.mysql.com/downloads/file/?id=474411
(3).Nginx-1.16 : http://nginx.org/download/nginx-1.16.2.tar.gz
(4).PHP5.6.34 : http://php.net/get/php-5.6.34.tar.gz/from/a/mirror
把上述软件安装包文件拷到服务器/usr/local/XXX/software/
3.修改系统缓存
#单次修改系统默认缓存大小
sysctl -w vm.max_map_count=262144
sysctl -a|grep vm.max_map_count
4.安装相关依赖
#命令格式:yum -y install xxx组件1 xxxx组件2 (-y表示不询问yes or no)
yum -y install gcc gcc-c++
yum -y install bison git ncurses-devel gcc gcc-c++
yum install -y ncurses-devel
yum -y install make gcc-c++ bison-devel ncurses-devel libaio libaio-devel perl-Data-Dumper net-tools
yum -y install autoconf
yum install ncurses ncurses-devel ncurses-libs
yum install *ncurses*
yum -y install libmcrypt libmcrypt-devel mcrypt mhash libxml2
yum -y install libxml2 libxml2-devel
yum -y install bzip2-devel.x86_64
yum -y install openssl.x86_64 openssl-devel.x86_64
yum -y install libcurl.x86_64 libcurl-devel.x86_64
yum -y install libjpeg.x86_64 libpng.x86_64 freetype.x86_64 libjpeg-devel.x86_64 libpng-devel.x86_64 freetype-devel.x86_64
yum -y install libjpeg-devel
yum -y install zlib zlib-devel openssl* pcre pcre-devel gd-devel
5.规划各软件安装位置(便于以后查找和维护)
序号 | 软件名称及版本 | 安装位置 | 配置文件位置 |
1 | CMake2.8.12.2 | /usr/local/tools/cmake2.8.12.2 | 无 |
2 | MySQL5.6.39 | /usr/local/prd/mysql | /usr/local/prd/mysql/my.cnf |
3 | PHP5.6.34 | /usr/local/prd/php | /usr/local/prd/php/etc/php-fpm.conf /usr/local/prd/php/etc/php.ini |
4 | Nginx1.16.2 | /usr/local/prd/nginx | /usr/local/prd/nginx/conf/nginx.conf |
二、安装各软件
(一).CMake
#创建工具目录
mkdir /usr/local/tools
#把CMake2.8.12.2拷贝到 /usr/local/tools
cp /usr/local/XXX/software/CMake/cmake-2.8.12.2.tar.gz /usr/local/tools/
cd /usr/local/tools/
#解压
tar zxvf cmake-2.8.12.2.tar.gz
#编译并安装
cd cmake-2.8.12.2
./configure
make && make install
#如果安装过程提示如下信息:
Cannot find appropriate C compiler on this system.
则表示可能没有安装配置好gcc及 gcc-c++,安之
yum install gcc
yum install gcc-c++
#安装完成后查看版本信息
cmake –version
# cmake version 2.8.12.2
(二)MySQL
1.创建MySQL运行所需的系统用户和权限
#创建群组
groupadd mysql
#创建一个用户mysql,不允许登陆和不创主目录
useradd -s /sbin/nologin -g mysql -M mysql
#检查刚创建的用户
tail -1 /etc/passwd
##此时会显示:mysql:x:1000:1000::/home/mysql:/sbin/nologin
2.建立MySQL所需的一些目录和文件
#创建MySQL数据的运行日志目录和文件
mkdir /usr/local/prd
mkdir /usr/local/prd/mysql
mkdir /usr/local/prd/mysql/logs
touch /usr/local/prd/mysql/logs/mariadb.log
chown -R mysql:mysql /usr/local/prd/mysql/logs/
3.解压安装包
#把mysql-5.6.39的源码拷贝到 /usr/local/prd
#注意一定要用源码包才能用此方式编译。http://dev.mysql.com/downloads/mysql/ 下载时,要选择的是 MySQLCommunity Server 下的 Source Code
cp /usr/local/XXX/software/MySQL/mysql-5.6.39.tar.gz /usr/local/prd/
cd /usr/local/prd/
#解压
tar zxvf mysql-5.6.39.tar.gz
cd /usr/local/prd/mysql-5.6.39/
4.按预定参编译并安装
cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/prd/mysql \
-DMYSQL_DATADIR=/usr/local/prd/mysql/data \
-DSYSCONFDIR=/usr/local/prd/mysql/ \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DWITH_MEMORY_STORAGE_ENGINE=1 \
-DMYSQL_UNIX_ADDR=/usr/local/prd/mysql/tmp/mysql.sock \
-DMYSQL_TCP_PORT=3306 -DENABLED_LOCAL_INFILE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DEXTRA_CHARSETS=all -DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DMYSQL_USER=mysql \
-DWITH_DEBUG=0 \
-DENABLE_DOWNLOADS=1
make && make install
编译过程可能会报一些错误,通常都是因为依赖组件没有装,例如下如信息:
-- Could NOT find Git (missing: GIT_EXECUTABLE)
NOTFOUND" was not found. Please set CMAKE_C_COMPILER to a valid compiler path or name.
(1).按上文一.(4).方便根据错误提示安装对应的依赖。
(2).取消一些编译参数,例如SSL报错,应取消两个选项:
DWITH_READLINE=1和-DWITH_SSL=YES
直到编译过程不再报:“-- Configuring incomplete, errors occurred!”,即可进行安装,约持续10分钟。
5.删除MySQL安装源码目录
rm -Rf /usr/local/prd/mysql-5.6.39
6.修改MySQL目录权限
chmod +w /usr/local/prd/mysql
chown -R mysql:mysql /usr/local/prd/mysql
7.初始化MySQL配置
(1).my.cnf配置文件
上述安装操作完成后,会在/etc/目录下生成my.cnf配置,按上文“二.软件安装—安装位置”约定,需要把它移到/usr/local/prd/mysql/下。
mv /etc/my.cnf /etc/my.cnf.bak
cp /usr/local/prd/mysql/support-files/my-default.cnf /usr/local/prd/mysql/my.cnf
MySQL在启动服务时,会按照一定次序搜索my.cnf:先在/etc目录下找,找不到则会搜索”$basedir/my.cnf”就是安装目录下/usr/local/prd/mysql/my.cnf,这是新版MySQL的配置文件的默认位置!注意:在最小安装完成后,在/etc目录下会存在一个my.cnf,需要将此文件更名为其他的名字。如:/etc/my.cnf.bak,否则,该文件会干扰源码安装的MySQL的正确配置,造成无法启动。
(2).MySQL初始化数据
/usr/local/prd/mysql/scripts/mysql_install_db --defaults-file=/usr/local/prd/mysql/my.cnf --basedir=/usr/local/prd/mysql --datadir=/usr/local/prd/mysql/data --user=mysql &
执行完毕后会显示:
20YY-MM-DD HH:Mi:SS 29803 [Note] InnoDB: Shutdown completed; log sequence number 1625987 OK
8.设置MySQL自动运行参数
(1).设置环境变量
#先设置PATH,否则不能直接调用mysql
#修改/etc/profile文件
vim /etc/profile
#在文件末尾添加
PATH=/usr/local/prd/mysql/bin:$PATH
export PATH
#让配置立即生效
source /etc/profile
(2).建立临时目录,并通过MySQL配置文件my.cnf设置运行参数
#建立mysql所需的临时目录,并授权给mysql用户访问
mkdir /usr/local/prd/mysql/tmp
chown -R mysql:mysql /usr/local/prd/mysql/tmp
#如果后面报错,再执行这句:
chmod -R 777 /usr/local/prd/mysql/tmp
#为mysql用户授权访问data目录
chown -R mysql:mysql /usr/local/prd/mysql/data
修改MYSQL的配置文件,指定相关运行以参数
#修改MYSQL的配置文件,指定相关运行以参数
vim /usr/local/prd/mysql/my.cnf
#启用编辑模式(Shift + I),把如下内容加到文件末尾,然后按(Shift + : wq)保存退出
basedir=/usr/local/prd/mysql
datadir=/usr/local/prd/mysql/data
socket=/usr/local/prd/mysql/tmp/mysql.sock
port=3306
server-id=1
[mysqld_safe]
log-error=/usr/local/prd/mysql/logs/mariadb.log
pid-file=/usr/local/prd/mysql/tmp/mariadb.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
(3).设置自动启动
#把支持目录里support-files/mysql.server拷到系统启动目录
cp /usr/local/prd/mysql/support-files/mysql.server /etc/init.d/mysqld
#赋予权限、设置开机自启并启动
chmod +x /etc/init.d/mysqld
chkconfig mysqld on
#启动MySQL服务
service mysqld start
#或者
/etc/init.d/mysqld start
启动成功后会显示“Starting MySQL. SUCCESS!”
(4).初始化数据库超管密码
MySQL5.6源码版刚装好是没有密码的,可以直接登录
#mysql -uroot –p
#退出
exit;
bye
#设置root帐号的密码
#设置root帐号的密码
/usr/local/prd_run/mysql/bin/mysqladmin -uroot -p password '你的密码'
##如果出现“error: 'Access denied for user 'root'@'localhost' (using password: YES)'”则需要使用下面的方法
#重置root密码,直接用root登录,不输密码
/usr/local/prd_run/mysql/bin/mysql –uroot –p
#出现 Enter password时直接回车
##用SQL语句更新root密码
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('你的密码');
SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('你的密码');
(三)PHP
1.创建PHP所需的系统用户www
#按照标准,给php-fpm创建一个指定的用户和组
#创建群组www
groupadd www
#创建一个用户www,不允许登陆和不创主目录
useradd -s /sbin/nologin -g www -M www
2.安装依赖
yum -y install libmcrypt libmcrypt-devel mcrypt mhash libxml2
3.解压安装包
#把php-5.6.34.tar.gz拷贝到 /usr/local/prd/
cp /usr/local/xxx/software/PHP/php-5.6.34.tar.gz /usr/local/prd/
#解压
tar zxvf php-5.6.34.tar.gz
4.编译并安装
cd php-5.6.34
./configure --prefix=/usr/local/prd/php --with-config-file-path=/usr/local/prd/php/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-iconv-dir --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-magic-quotes --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --enable-mbregex --enable-mbstring --with-mcrypt --enable-ftp --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --disable-fileinfo --enable-maintainer-zts
make && make install
5.可能出现的错误
(1).缺少依赖包
- 出现“configure: error: xml2-config not found. Please check your libxml2 installation.”则重新安装 libxml2
yum -y install libxml2 libxml2-devel
##查看已安装的libxml2版本
rpm -qa |grep libxml2
#此处应显示三个相关程序和版本
#查找“xml2-config”文件是否存在
find / -name "xml2-config"
#此处应显示:/usr/bin/xml2-config
- 出现“configure: error: Cannot find OpenSSL's <evp.h>”则安装SSL
yum -y install bzip2-devel.x86_64
yum -y install openssl.x86_64 openssl-devel.x86_64
- 出现“configure: error: Please reinstall the libcurl distribution - easy.h should be in <curl-dir>/inc”则安装CURL
yum -y install libcurl.x86_64 libcurl-devel.x86_64
- 出现“configure: error: jpeglib.h not found.”则安装GD库
yum -y install libjpeg.x86_64 libpng.x86_64 freetype.x86_64 libjpeg-devel.x86_64 libpng-devel.x86_64 freetype-devel.x86_64
yum -y install libjpeg-devel
yum install libjpeg.x86_64 libpng.x86_64 freetype.x86_64 libjpeg-devel.x86_64 libpng-devel.x86_64 freetype-devel.x86_64 -y
(2).编译错误:无。
6.安装完成,拷贝所需配置文件后,删除PHP安装源码目录
#此时应出现新目录 /usr/local/prd/php
cd /usr/local/prd/php-5.6.34
#拷贝PHP配置文件到PHP目录
cp /usr/local/prd/php-5.6.34/php.ini-production /usr/local/prd/php/etc/php.ini
#拷贝启动脚本php-fpm启动脚本到init.d
cp /usr/local/prd/php-5.6.34/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
#删除PHP安装源码目录
rm -Rf /usr/local/prd_run/php-5.6.34
7.配置php参数
#进入PHP运行目录
cd /usr/local/prd/php
#赋予执行权限
chmod +x /etc/init.d/php-fpm
8.设置php自启动
#添加为启动项
chkconfig --add php-fpm
#设置开机启动
chkconfig php-fpm on
#立即启动php-fpm
/etc/init.d/php-fpm start
#此处应显示“Starting php-fpm done”
(四)Nginx
1.创建Nginx所需的系统用户nginx
#按照标准,给Nginx创建一个指定的用户和组
#创建群组nginx
groupadd -r nginx
#创建一个用户www,不允许登陆和不创主目录
useradd -s /sbin/nologin -g nginx -M nginx
2.安装依赖
yum -y install zlib zlib-devel openssl* pcre pcre-devel gd-devel
3.解压安装包
#把nginx-1.12.2.tar.gz拷贝到 /usr/local/prd_run/
cp /usr/local/someone/software/Nginx/nginx-1.12.2.tar.gz /usr/local/prd_run/
#解压
tar zxvf nginx-1.12.2.tar.gz
4.编译并安装
cd nginx-1.12.2
./configure --prefix=/usr/local/prd/nginx --sbin-path=/usr/local/prd/nginx/bin/nginx --conf-path=/usr/local/prdn/nginx/conf/nginx.conf --error-log-path=/usr/local/prd/nginx/log/error.log --http-log-path=/usr/local/prd/nginx/log/access.log --pid-path=/usr/local/prd/nginx/tmp/pid/nginx.pid --lock-path=/usr/local/prd/nginx/tmp/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/prd/nginx/tmp/client/ --http-proxy-temp-path=/usr/local/prd/nginx/tmp/proxy/ --http-fastcgi-temp-path=/usr/local/prd/nginx/tmp/fcgi/ --http-uwsgi-temp-path=/usr/local/prd/nginx/tmp/uwsgi --http-scgi-temp-path=/usr/local/prd/nginx/tmp/scgi --with-pcre
make && make install
5.配置Nginx启动参数
#新建Nginx启动文件
touch /etc/init.d/nginx
#编辑该文件
vi /etc/init.d/nginx
输入粘贴如下内容(注意相关参数必须与上面编译时的配置及路径保持一致)
#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# it is v.0.0.2 version.
# chkconfig: - 85 15
# description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# processname: nginx
# pidfile: /var/run/nginx.pid
# config: /usr/local/nginx/conf/nginx.conf
## denghan added follow this on 2018-03-28
nginxd=/usr/local/prd_run/nginx/bin/nginx
nginx_config=/usr/local/prd_run/nginx/conf/nginx.conf
nginx_pid=/usr/local/prd_run/nginx/tmp/pid/nginx.pid
RETVAL=0
prog="nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -x $nginxd ] || exit 0
# Start nginx daemons functions.
start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"Starting $prog: "
daemon $nginxd -c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /usr/local/prdsomewhere/nginx/tmp/lock/nginx.lock
return $RETVAL
}
# Stop nginx daemons functions.
stop() {
echo -n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /usr/local/prdsomewhere/nginx/tmp/lock/nginx.lock /usr/local/prd_run/nginx/tmp/pid/nginx.pid
}
# reload nginx service functions.
reload() {
echo -n $"Reloading $prog: "
#kill -HUP `cat ${nginx_pid}`
killproc $nginxd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $RETVAL
6.设置自动启动
#给启动文件赋权
chmod +x /etc/init.d/nginx
#加入自启动序列
chkconfig --add nginx
chkconfig nginx on
#然后就可以启动服务了
systemctl restart nginx.service
#或
/etc/init.d/nginx start
打开浏览器输入服务器IP,可看到如下画面
7.启动失败的处理
如果输入 “systemctl restart nginx.service”或“service nginx restart”出现这句错误提示“Job for nginx.service failed because the control process exited with error code.nginx php 多域名配置”,则表示可能编译时未正确生成nginx.service文件,不用慌,手工写一下即可:
touch /usr/lib/systemd/system/nginx.service
vi /usr/lib/systemd/system/nginx.service
输入如下内容(注意各参数须与上文匹配)
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/prd/nginx/tmp/pid/nginx.pid
ExecStartPre=/usr/bin/rm -f /usr/local/prd/nginx/tmp/pid/nginx.pid
ExecStartPre=/usr/local/prd/nginx/bin/nginx -t
ExecStart=/usr/local/prd/nginx/bin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillMode=process
KillSignal=SIGQUIT
TimeoutStopSec=5
PrivateTmp=true
[Install]
WantedBy=multi-user.target
这个文件不管是新建还是修改,需要在完成后执行一下下面的命令,让systemd加载:
systemctl daemon-reload
这时你会发现,可以成功执行“systemctl restart nginx.service”了。
8.安装完成,删除Ngnix安装源码目录
#删除Ngnix安装源码目录
rm -Rf /usr/local/prd/nginx-1.12.2
三、配置Nginx和PHP
(一).整合Nginx和PHP
1.编辑Nginx.conf,启用如下选项
#vim /usr/local/prd/nginx/conf/nginx.conf
#启动“location ~ \.php$”段,内容如下
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
2.编辑/usr/local/prd_run/nginx/conf/fastcgi_params
#先备份原文件
cd /usr/local/prd_run/nginx/conf
cp fastcgi_params fastcgi_params.bak
vim fastcgi_params
##内容如下
fastcgi_params文件内容
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
3.重启Nginx,在html目录放测试php页,浏览器打开可看到已经整合成功
至此CenOS72下LNMP编译安装完毕!
(二).配置Nginx实现多域名多站点、支持SSL、支持PATHINFO模式等
1、增加一个配置文件,用于多站点配置
(1).在Nginx的配置文件目录增加子目录servers
mkdir /usr/local/prd/nginx/conf/servers
(2).在servers新建vhosts.conf文件
cd /usr/local/prd/nginx/conf/servers
touch vhosts.conf
(3).在/usr/local/prd/nginx/conf/nginx.conf文件中如下位置增加一行:
#修改ngnix.conf , 在http{ } 之间增加一句:“include servers/vhost.conf;”
#在nginx.conf文件的http段最后位置增加一句引用上文的 ./servers/vhosts.conf
http {
。。。。
。。。。
#引用 /usr/local/prd/nginx/conf/servers/vhosts.conf
include servers/vhost.conf;
}
2、支持多个域名多个站点
#在/usr/local/prd/nginx/conf/servers/vhosts.conf文件中编写如下配置内容
vim vhosts.conf
server{
listen 80;
server_name www.yourdomain.com;
root /data/web/www.yourdomain.com/root;
index index.php index.html;
access_log log/www_yourdomain_com.log;
#Include public php_fastcgi setting
include bind_php.conf;
}
server{
listen 80;
server_name test.yourdomain.com;
root /data/web/test.yourdomain.com/root;
index index.php index.html;
access_log log/test_yourdomain_com.log;
#Include public php_fastcgi setting
include bind_php.conf;
}
#重启Nginx使配置生效
/etc/init.d/nginx restart
3、支持SSL模式
(1).在Nginx的根目录增加子目录cert,用于存放证书文件
mkdir /usr/local/prd/nginx/cert
(2).把在域名服务商申请的SSL证书下载回来,并上传到该cert目录,通常是两个文件:证书文件和私钥文件
(3).调整vhosts.conf文件,配置https参数如下
server{
listen 80;
server_name www.yourdomain.com;
rewrite ^(.*)$ https://$host$1 permanent; #transport http's request to https
}
server {
listen 443;
server_name www.yourdomain.com;
root /data/web/www.yourdomain.com/root;
index index.php index.html;
access_log log/test_yourdomain_com.log;
#SSL Setting
ssl on;
ssl_certificate /usr/local/prd/nginx/cert/1_someweb.com_bundle.crt; #证书文件
ssl_certificate_key /usr/local/prd/nginx/cert/2_someweb.com.key; #证书私钥
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #证书协议
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#T证书密码
ssl_prefer_server_ciphers on;
#Include public php_fastcgi setting
#include bind_php.conf;
}
(4).检查配置文件
/usr/local/prd/nginx/bin/nginx –t
##此时应出现
nginx: the configuration file /usr/local/prd/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/prd/nginx/conf/nginx.conf test is successful
(5).重启Nginx
systemctl restart nginx.service
此时可使用https://www.域名.com 访问网站
3、支持PATHINFO模式
PATHINFO模式常见于ThinkPHP3.x\5.x等MVC框架,多用于API的URL式传参。
Nigix支持PATHINFO模式的要点在于配置FastCGI的URL以正则表达式转换
(1).打开PHP的 cgi.fix_pathinfo参数
# /usr/local/prd/php/etc/php.ini 大约771行,去掉行前的分号
cgi.fix_pathinfo=1
(2).修改Nginx的配置文件,增加如下内容
因上文已经配置为外链多个虚拟主机配置文件, 所以是编辑打开这个文件:
vim /usr/local/prd/nginx/conf/servers/vhost.conf
# /usr/local/prd/nginx/conf/servers/vhost.conf
# server { } 的花括号前增加如下内容:
#URL中 "server_name"之后的内容
location / {
# re-wirte url for hidden "*.php"
if ( !-e $request_filename) {
# 使“domain/xxx/*” 转换为“domain/xxx.php/*”
rewrite ^/store/(.*)$ /store.php/$1 last;
rewrite ^/api/(.*)$ /api.php/$1 last;
break;
}
}
#增加如下对PHP文件的转换
location ~ \.php(.*)$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#下面两句是给fastcgi权限,可以支持 ?s=/module/controller/action的url访问模式
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#下面两句支持 index.php/index/index/index的pathinfo模式
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
(3).重启php和Ngnix
# 重启
/etc/init.d/php-fpm restart
systemctl restart nginx.service
(4).验证:http://域名/index/user/login 相当于 http://域名/index.php/user/login