1、编译安装LNMP,配置自定义404页面,配置访问日志为json格式。
实验环境:centos 7.9
主机IP:10.0.0.79
1)编译安装LNMP
-
编译安装nginx
1.准备编译安装的基础环境
[root@centos7 ~]#yum install -y vim lrzsz tree screen psmisc lsof tcpdump wget gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools iotop bc zip unzip zlib-devel bash-completion nfs-utils automake libxml2 libxml2-devel libxslt libxslt-devel perl perl-ExtUtils-Embed
2.编译安装
[root@centos7 ~]#cd /usr/local/src/
[root@centos7 ~]#wget https://nginx.org/download/nginx-1.20.0.tar.gz
[root@centos7 ~]#tar xf nginx-1.20.0.tar.gz
[root@centos7 ~]#cd nginx-1.20.0
[root@centos7 nginx-1.20.0]#./configure --prefix=/apps/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --with-stream_realip_module
[root@centos7 nginx-1.20.0]#make -j 4 && make install
3.创建用户和修改nginx目录权限
[root@centos7 nginx-1.20.0]#useradd -m -r -s /sbin/nologin -u 666 nginx
[root@centos7 nginx-1.20.0]#setfacl -R -m u:nginx:rwx /apps/nginx/
4.配置环境变量
方法1:
[root@centos8 nginx-1.20.0]#vim /etc/profile.d/nginx.sh
PATH=$PATH:/apps/nginx/sbin/
方法2:
[root@centos8 nginx-1.20.0]#ln -s /apps/nginx/sbin/* /usr/bin/
5.创建nginx自启动脚本
[root@centos7 ~]#vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid #该路径必须和配置文件中到pid相同
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/apps/nginx/sbin/nginx -t
ExecStart=/apps/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
#修改配置文件pid文件路径
[root@centos7 ~]#vim /apps/nginx/conf/nginx.conf
pid /run/nginx.pid;
[root@centos7 ~]#systemctl daemon-reload
6.启动nginx,开机启动
[root@centos7 ~]#echo "10.0.0.87" >/apps/nginx/html/index.html
[root@centos7 ~]#systemctl enable --now nginx
[root@centos7 ~]#systemctl status nginx
[root@centos7 ~]#ps -ef|grep nginx
[root@centos7 ~]#ss -ntl
7.优化nginx配置文件
vim /apps/nginx/conf/nginx.conf
user nginx nginx; #工作进程到用户和组
worker_processes auto; #进程数量自动
worker_cpu_affinity auto; #cpu绑定
include /apps/nginx/conf.d/*.conf #导⼊其他路径的配置⽂件 ,在最后一个大括号上添加以下行
}
[root@centos7 ~]#cd /apps/nginx/
[root@centos7 ~]#mkdir conf.d
[root@centos7 ~]#vim conf/nginx.conf #导⼊其他路径的配置⽂件 ,在最后一个大括号上添加以下行
include /apps/nginx/conf.d/*.conf;
}
8、客户端测试
root@ubuntu-1804-01:~# curl 10.0.0.79
10.0.0.87
-
编译安装 fastcgi 方式的 php 7.4
1.安装相关包
[root@centos7 ~]#yum -y install gcc libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel
[root@centos7 certs]#ls /usr/local/src/php-7.4.16.tar.gz
/usr/local/src/php-7.4.16.tar.gz
2.php7.4编译
[root@centos7 ~]#tar xvf php-7.4.16.tar.gz
[root@centos7 ~]#cd php-7.4.16
[root@centos7 php-7.4.16]#./configure \
--prefix=/apps/php74 \
--enable-mysqlnd \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-openssl \
--with-zlib \
--with-config-file-path=/etc \
--with-config-file-scan-dir=/etc/php.d \
--enable-mbstring \
--enable-xml \
--enable-sockets \
--enable-fpm \
--enable-maintainer-zts \
--disable-fileinfo
3.准备PATH变量
[root@centos7 php-7.4.16]#vim /etc/profile.d/lamp.sh
PATH=/apps/php74/bin:$PATH
[root@centos7 php-7.4.16]#. /etc/profile.d/lamp.sh
[root@centos7 php-7.4.16]#php --version
PHP 7.4.16 (cli) (built: Jun 13 2021 15:51:16) ( ZTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
4.准备php配置文件和启动文件
[root@centos7 php-7.4.16]#cp php.ini-production /etc/php.ini
[root@centos7 php-7.4.16]#cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/
[root@centos7 php-7.4.16]#cd /apps/php74/etc/
[root@centos7 etc]#cp php-fpm.conf.default php-fpm.conf
[root@centos7 etc]#cd php-fpm.d/
[root@centos7 php-fpm.d]#cp www.conf.default www.conf
5.修改进程所有者,并启动php-fpm
[root@centos7 php-fpm.d]#vim /apps/php74/etc/php-fpm.d/www.conf
#修改进程所有者
user nginx
group nginx
#支持status和ping页面
pm.status_path = /fpm_status
ping.path = /ping
[root@centos7 php-fpm.d]#systemctl daemon-reload
[root@centos7 php-fpm.d]#systemctl enable --now php-fpm
[root@centos7 php-fpm.d]#systemctl status php-fpm
-
二进制安装安装MySQL 5.7
1.安装相关包和准备mysql安装包
[root@centos7 src]#yum -y install libaio numactl-libs libncurses*
[root@centos7 src]#ls /usr/local/src/mysql-5.7.29-linux-glibc2.12-x86_64.tar.gz
/usr/local/src/mysql-5.7.29-linux-glibc2.12-x86_64.tar.gz
2.用户和组
[root@centos7 src]#useradd -r -u 306 -d /data/mysql -s /bin/false mysql
3.准备程序文件
[root@centos7 src]#tar xf mysql-5.7.29-linux-glibc2.12-x86_64.tar.gz -C /apps/
[root@centos7 src]#cd /apps/
[root@centos7 apps]#ls
mysql-5.7.29-linux-glibc2.12-x86_64 nginx php74
[root@centos7 apps]#ln -sv mysql-5.7.29-linux-glibc2.12-x86_64/ mysql
‘mysql’ -> ‘mysql-5.7.29-linux-glibc2.12-x86_64/’
[root@centos7 apps]#chown -R root.root /apps/mysql/
4.准备环境变量
[root@centos7 apps]#echo 'PATH=/apps/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@centos7 apps]#. /etc/profile.d/mysql.sh
5.准备配置文件
[root@centos7 apps]#cp /etc/my.cnf{,bak}
[root@centos7 apps]#vim /etc/my.cnf
[mysqld]
datadir=/data/mysql
skip_name_resolve=1
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
6.生成数据文件,并提取root初始密码
[root@centos7 apps]#/apps/mysql/bin/mysqld --initialize --user=mysql --datadir=/data/mysql
[root@centos7 apps]#awk '/temporary password/{print $NF}' /data/mysql/mysql.log
Hcir!+dlZ4yi
7.准备服务脚本并启动
[root@centos7 apps]#cp /apps/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@centos7 apps]#vim /etc/init.d/mysqld #指定程序和数据路径
basedir=/apps/mysql
datadir=/data/mysql
[root@centos7 apps]#chkconfig --add mysqld
[root@centos7 apps]#service mysqld start
8.修改口令
[root@centos7 apps]#mysqladmin -uroot -p'Hcir!+dlZ4yi' password 123456
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
Warning: Since password will be sent to server in plain text, use ssl connection to ensure password safety.
9.使用新口令登录测试
[root@centos7 apps]#mysql -uroot -p
-
测试
1.查看服务是否启动
[root@centos7 apps]#ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 511 127.0.0.1:9000 *:*
LISTEN 0 511 *:80 *:*
LISTEN 0 80 [::]:3306 [::]:*
[root@centos7 apps]#ls
mysql mysql-5.7.29-linux-glibc2.12-x86_64 nginx php74
2.准备php测试页
[root@centos7 apps]#mkdir /data/nginx/php -pv
mkdir: created directory ‘/data/nginx’
mkdir: created directory ‘/data/nginx/php’
[root@centos7 apps]#vim /data/nginx/php/index.php
<?php
phpinfo();
?>
3.配置nginx转发
[root@centos7 apps]#cat /apps/nginx/conf.d/test.conf
server {
listen 80;
server_name www.test.com;
location ~\.php$ {
root /data/nginx/php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
4.客户端测试
vim /etc/hosts
10.0.0.79 www.test.com
#使用浏览器分别访问www.test.com和www.test.com/index.php
-
配置自定义404页面
1.在虚拟主机中使用error_page指定状态码和错误页面位置
[root@centos7 apps]#vim /apps/nginx/conf.d/test.conf
server {
listen 80;
server_name www.test.com;
error_page 500 502 503 504 404 /error.html;
location ~\.php$ {
root /data/nginx/php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
2.创建错误页面
[root@centos7 apps]#vim /apps/nginx/html/error.html
<h1> test <h1>
[root@centos7 apps]#nginx -t
nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /apps/nginx/conf/nginx.conf test is successful
[root@centos7 apps]#nginx -s reload
3.测试,在客户端访问一个不存在到页面,看是否能返回结果为特定的错误页面
-
配置访问日志为json格式
[root@centos7 apps]#vim /apps/nginx/conf/nginx.conf #在系统自定义到日志下定义新日志格式
1.在配置文件中定义json格式日志
log_format access_json '{"@timestamp":"$time_iso8601",'
'"host":"$server_addr",'
'"clientip":"$remote_addr",'
'"size":$body_bytes_sent,'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"upstreamhost":"$upstream_addr",'
'"http_host":"$host",'
'"uri":"$uri",'
'"domain":"$host",'
'"xff":"$http_x_forwarded_for",'
'"referer":"$http_referer",'
'"tcp_xff":"$proxy_protocol_addr",'
'"http_user_agent":"$http_user_agent",'
'"status":"$status"}';
2. 调用自定义json格式日志
access_log /apps/nginx/logs/www-test-com_access_json.log access_json;
3.测试
[root@centos7 apps]#nginx -t
nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /apps/nginx/conf/nginx.conf test is successful
[root@centos7 apps]#nginx -s reload #成功生成新日志文件
[root@centos7 apps]#ls /apps/nginx/logs/
access.log error.log nginx.pid www-test-com_access_json.log
2、配置虚拟主机,实现https访问www.x.com(x.com为自定义到域名)
nginx 的https 功能基于模块ngx_http_ssl_module实现,编译安装的nginx要使⽤参数ngx_http_ssl_module开启ssl功能,编译安装的nginx需要指定编译参数--with-http_ssl_module开启,yum安装的nginx默认就是开启的。
1.创建自签名证书
#创建自签名CA 证书和CA私钥
[root@centos7 apps]#mkdir /apps/nginx/certs
[root@centos7 apps]#cd nginx/certs/
[root@centos7 certs]#openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 3650 -out ca.crt
[root@centos7 certs]#ls
ca.crt ca.key
#创建自用key(私钥)和csr(证书申请文件)
[root@centos7 certs]#openssl req -newkey rsa:4096 -nodes -sha256 -keyout www.test.com.key -out www.test.com.csr
[root@centos7 certs]#ls
ca.crt ca.key www.test.com.csr www.test.com.key
#通过ca签发自用证书
[root@centos7 certs]#openssl x509 -req -days 3650 -in www.test.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out www.test.com.crt
Signature ok
subject=/C=CN/ST=sichuan/L=chengdu/O=proson/OU=proson
Getting CA Private Key
[root@centos7 certs]#ls
ca.crt ca.key ca.srl www.test.com.crt www.test.com.csr www.test.com.key
2.nginx虚拟主机中调用证书
[root@centos7 certs]#vim /apps/nginx/conf.d/test.conf
server {
listen 80;
listen 443 ssl;
server_name www.test.com;
ssl_certificate /apps/nginx/certs/www.test.com.crt; #证书路径
ssl_certificate_key /apps/nginx/certs/www.test.com.key; #私钥路径
ssl_session_cache shared:sslcache:20m; #共享缓存:缓存名称:缓存大小
ssl_session_timeout 10m; #缓存有效时间
error_page 500 502 503 504 404 /error.html;
location / {
root /data/nginx/html/pc;
index index.html;
if ( $scheme = http ){ #使用http协议时自动跳转到https
rewrite / https://www.test.com permanent; #永久跳转
}
}
location ~\.php$ {
root /data/nginx/php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
root@centos7 certs]#nginx -t
nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /apps/nginx/conf/nginx.conf test is successful
[root@centos7 certs]#nginx -s reload
#准备测试页面
[root@centos7 certs]#mkdir /data/nginx/html/pc -pv
mkdir: created directory ‘/data/nginx/html’
mkdir: created directory ‘/data/nginx/html/pc’
[root@centos7 certs]#vim /data/nginx/html/pc/index.html
10.0.0.79 www.test.com
3.测试,在客户端中访问http://www.test.com自动跳转到https://www.test.com