Reference
1.Ubuntu 18.04.1 下快速搭建 LNMP环境(PHP7.2.5+MySql5.7+Nginx1.14.0)
2.Nginx 随笔
Command
# Nginx 安装
sudo apt install nginx
# 启动 nginx
service nginx start
# 安装 PHP
sudo apt install php7.4 php7.4-fpm php7.4-mysql
# 配置 nginx 解析 PHP
sudo vim /etc/nginx/sites-available/default
# 修改41行
41 root /var/www;
# 取消 56-63行注释 后保存文件 重启 nginx
# !!! 注意第60行取消注释
56 location ~ \.php$ {
57 include snippets/fastcgi-php.conf;
58
59 # With php-fpm (or other unix sockets):
60 fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
61 # With php-cgi (or other tcp sockets):
62 # fastcgi_pass 127.0.0.1:9000;
63 }
# 修改 php 相关配置
sudo vim /etc/php/7.4/fpm/pool.d/www.conf
# 36行取消注释代码 后保存文件 重启 fpm
35 ; Note: This value is mandatory.
36 listen = /run/php/php7.4-fpm.sock
# php-fpm 错误日志 /etc/php/7.4/fpm/php-fpm.conf->error_log
/var/log/php7.4-fpm.log
# 开启php错误日志 php.ini
465 error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT ;将会向PHP报告发生的每个错误
482 display_errors = Off ;不显示满足上条 指令所定义规则的所有错误报告
503 log_errors = On ;开启错误日志
508 log_errors_max_len = 1024 ;设置每个日志项的最大长度
509 error_log = /var/log/php_errors.log ;指定产生的 错误报告写入的日志文件位置
# 下载 MySQL
sudo apt install mysql-server
# 查看 mysql 版本
mysql --version
# 关停/启动 mysql 服务
sudo service mysql stop
sudo service mysql start
# mysql 安全配置向导
sudo mysql_secure_installation
# 修改 mysql 配置
sudo vim /etc/mysql/mysql.conf.d/mysqld.cnf
# 卸载mysql
sudo apt purge mysql-*
sudo rm -rf /etc/mysql/ /var/lib/mysql
sudo apt autoremove
sudo apt autoclean
# 安装 Redis
sudo apt install redis-server
# redis 安装目录 /usr/bin
# 启动 redis
redis-server
# redis 命令行
redis-cli
# 安装 php-redis 扩展
sudo apt install php-redis
# 查看安装包
dpkg --list | grep php
Questions
1.MySQL执行安全配置命令报错
命令:sudo mysql_secure_installation
报错:Error: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
原因:WSL下的Ubuntu和Windows 使用的是同一个服务(端口),所以若是Windows已经开启了MySQL服务,在Ubuntu上再次开启MySQL服务就会产生冲突
解决方案:关闭Windows上的MySQL服务
2.-bash: !XFU: event not found
命令:mysql -u root -p root
报错:-bash: !XFU: event not found
原因:命令中含有!
解决方案:转义该符号即可\!
3. SQLyog plugin caching_sha2_password
场景:Windows下得 SQLyog 连接 Ubuntu 下的 MySQL
报错:plugin caching_sha2_password could not be loaded
原因: mysql 密码加密方式改变了
解决方案:更改用户密码为取消加密后的密码 ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
4.Redis:RDB snapshots
场景:set key 1
报错:(error) MISCONF Redis is configured to save RDB snapshots, but it is currently not able to persist on disk. Commands that may modify the data set are disabled, because this instance is configured to report errors during writes if RDB snapshotting fails (stop-writes-on-bgsave-error option). Please check the Redis logs for details about the RDB error.
原因:强制关闭Redis快照导致不能持久化。因为使用了rdb持久化,redis在保存数据到磁盘是为了防止主线程假死,会fock一个子进程来完成这个操作,而这个子进程需要分配和主进程相同的内存,即内存翻倍,导致在申请内存时不被允许。
解决方案:config set stop-writes-on-bgsave-error no
5.404
场景:Nginx 配置虚拟主机后 访问项目地址出现 404
原因:查看 nginx 错误日志 :stat() "/var/www/xxx.html" failed (13: Permission denied),
解决方法:编辑 nginx.conf
将 user www-data
修改为 user root
6.File not found.
场景:进行 5 的操作后 继续访问项目地址 网页出现 File not found.
原因:
nginx 错误日志:
[error] 7839#7839: *1 upstream timed out (110: Connection timed out) while reading upstream,1 upstream timed out (110: Connection timed out) while reading upstream,
[error] 7852#7852: *4 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream,
项目文件为直接从 Windows 下复制到 Ubuntu 子系统中的,考虑可能是因为文件权限问题;
查看项目文件权限:d---------
解决方案:修改文件权限也无法解决,最终使用 git 拉取项目
7.php-fpm 报错
场景:WSL 下 Ubuntu 下 php7.4-fpm 和 Nginx 均监听IP地址下的 9000端口
报错:ERROR: failed to retrieve TCP_INFO for socket: Protocol not available (92)
解决方法:修改 php-fpm 和 nginx 为监听 socket 文件
vim /etc/php/7.4/fpm/pool.d/www.conf
36 listen = /run/php/php7.4-fpm.sock
vim /etc/nginx/sites-available/default
61 fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
8. Git Error
场景:使用 git pull 时报错
报错:cannot open .git/FETCH_HEAD: Permission denied
原因:该代码库是在 root 用户下建立的 其他用户没有操作权限
解决方法:sudo chown -R $(whoami):admin .git
8.view报错
场景:访问项目
报错:[error] 12466#12466: *19 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught InvalidArgumentException: View [errors.500] not found. in /var/www/shake/vendor/laravel/framework/src/Illuminate/View/FileViewFinder.php:137
原因:文件地址下代码:
throw new InvalidArgumentException("View [{$name}] not found.");
解决方法:文件权限问题造成的报错问题,因为缺失 500 视图文件而产生的进一步报错
Other
切换镜像源
# 备份原来的镜像源文件
sudo cp /etc/apt/sources.list /etc/apt/sources.list.old
# 修改 source.list 文件
sudo vim /etc/apt/sources.list
# 清华镜像源
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-updates main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-updates main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-security main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-security main restricted universe multiverse
# 更新镜像源
sudo apt-get update
# 更新软件
sudo apt-get upgrade
Nginx 配置详解
Ubuntu下地址:/etc/nginx/nginx.conf
nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
nginx 文件结构
... #全局块
events { #events块
...
}
http #http块
{
... #http全局块
server #server块
{
... #server全局块
location [PATTERN] #location块
{
...
}
location [PATTERN]
{
...
}
}
server
{
...
}
... #http全局块
}
- 全局块:配置影响nginx全局的指令。一般有运行nginx服务器的用户组,nginx进程pid存放路径,日志存放路径,配置文件引入,允许生成worker process数等。
- events块:配置影响nginx服务器或与用户的网络连接。有每个进程的最大连接数,选取哪种事件驱动模型处理连接请求,是否允许同时接受多个网路连接,开启多个网络连接序列化等。
- http块:可以嵌套多个server,配置代理,缓存,日志定义等绝大多数功能和第三方模块的配置。如文件引入,mime-type定义,日志自定义,是否使用sendfile传输文件,连接超时时间,单连接请求数等。
- server块:配置虚拟主机的相关参数,一个http中可以有多个server。
- location块:配置请求的路由,以及各种页面的处理情况。
nginx 配置示例
########### 每个指令必须有分号结束。#################
#user administrator administrators; #配置用户或者组,默认为nobody nobody。
#worker_processes 2; #允许生成的进程数,默认为1
#pid /nginx/pid/nginx.pid; #指定nginx进程运行文件存放地址
error_log log/error.log debug; #制定日志路径,级别。这个设置可以放入全局块,http块,server块,级别以此为:debug|info|notice|warn|error|crit|alert|emerg
events {
accept_mutex on; # 设置网路连接序列化,防止惊群现象发生,默认为on
multi_accept on; # 设置一个进程是否同时接受多个网络连接,默认为off
#use epoll; # 事件驱动模型,select|poll|kqueue|epoll|resig|/dev/poll|eventport
worker_connections 1024; #最大连接数,默认为512
}
http {
include mime.types; # 文件扩展名与文件类型映射表
default_type application/octet-stream; # 默认文件类型,默认为text/plain
#access_log off; # 取消服务日志
log_format myFormat '$remote_addr–$remote_user [$time_local] $request $status $body_bytes_sent $http_referer $http_user_agent $http_x_forwarded_for'; # 自定义格式
access_log log/access.log myFormat; # combined为日志格式的默认值
sendfile on; # 允许sendfile方式传输文件,默认为off,可以在http块,server块,location块。
sendfile_max_chunk 100k; # 每个进程每次调用传输数量不能大于设定的值,默认为0,即不设上限。
keepalive_timeout 65; # 连接超时时间,默认为75s,可以在http,server,location块。
upstream mysvr {
server 127.0.0.1:7878;
server 192.168.10.121:3333 backup; # 热备
}
error_page 404 https://www.baidu.com; # 错误页
server {
keepalive_requests 120; # 单连接请求上限次数。
listen 4545; # 监听端口
server_name 127.0.0.1; # 监听地址
location ~*^.+$ { # 请求的url过滤,正则匹配,~为区分大小写,~*为不区分大小写。
#root path; # 根目录
#index vv.txt; # 设置默认页
proxy_pass http://mysvr; # 请求转向mysvr 定义的服务器列表
deny 127.0.0.1; # 拒绝的ip
allow 172.18.5.54; # 允许的ip
}
}
}
常见配置项:
$remote_addr
与$http_x_forwarded_for
用以记录客户端的ip地址;$remote_user
:用来记录客户端用户名称;$time_local
: 用来记录访问时间与时区;$request
: 用来记录请求的url与http协议;$status
: 用来记录请求状态;成功是200;$body_bytes_s ent
:记录发送给客户端文件主体内容大小;$http_referer
:用来记录从那个页面链接访问过来的;$http_user_agent
:记录客户端浏览器的相关信息;
server 配置示例
server {
listen 80;
server_name dev.shake.com;
client_max_body_size 125M;
root /var/www/shake/public/;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
charset utf-8;
location = /robots.txt { access_log off; log_not_found off; }
access_log /var/www/logs/dev.shake.com.access.log; # 入口日志
error_log /var/www/logs/dev.shake.com.error.log; # 错误日志
index index.html index.htm index.php;
location ~ .*\.(php|php5)?$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# With php-cgi (or other tcp sockets):
fastcgi_pass 127.0.0.1:9000;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
文件权限
项目部署时一定要注意文件权限问题!!!
切记不要将 Windows 中文件复制黏贴至子系统,因为很有可能会丢失文件权限属性!!!
# 为所有文件设置权限644,为所有目录设置755
sudo find /path/to/laravel -type f -exec chmod 644 {} \;
sudo find /path/to/laravel -type d -exec chmod 755 {} \;
要使Laravel正常工作,您需要为Web服务器提供存储,缓存和任何其他目录的读写权限。
cd /path/to/laravel
sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache