部署http2.0
本文档用来部署http2.0套件,由于需要支持http2.0,所以全部用编译安装的方式来安装。为了统一,下载好的安装包要统一解压到/root/work中,否则需要修改编译参数的目录位置。
一、安装openssl
1.下载openssl,官方地址https://www.openssl.org/source/
2.安装
wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz
./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl shared
make
make install
3.由于是编译安装需要替换原有的openssl
mkdir -p /root/work/openssl/bin
mv /usr/bin/openssl /root/work/openssl/bin
mv /usr/include/openssl /root/work/openssl/
ln -s /usr/local/openssl/bin/openssl /usr/bin
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
#添加配置库文件搜索路径
echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
ldconfig
二、安装curl
1、下载 curl 并安装, 这个是用于 php 的 libcurl 库。
wget https://curl.haxx.se/download/curl-7.55.1.tar.gz
2、安装curl
yum install libnghttp2-devel libnghttp2 gcc
tar -xvzf curl-7.55.1.tar.gz
./configure --with-nghttp2 --with-ssl=/usr/local/openssl
make
make install
三、安装nginx
1.下载nginx,官方地址http://nginx.org/en/download.html
2.安装
#安装依赖包
yum -y install pcre-devel zlib-devel
#如果涉及到ajax跨域需要安装header模块
wget https://codeload.github.com/openresty/headers-more-nginx-module/zip/master -O ./headers-more-nginx-module-master.zip
#解压header模块
unzip headers-more-nginx-module-master.zip
#编译参数 || --with-openssl 参数虽然可以指定 OpenSSL 路径,但只支持 OpenSSL 的源代码,不支持已编译好的 OpenSSL
wget http://nginx.org/download/nginx-1.12.1.tar.gz
tar -xvzf nginx-1.12.1.tar.gz
./configure \
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=nginx \
--group=nginx \
--with-openssl=/root/work/openssl-1.0.2l \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-http_slice_module \
--with-mail \
--with-mail_ssl_module \
--with-file-aio \
--with-http_v2_module \
--with-ipv6 \
--add-module=/root/work/headers-more-nginx-module-master
make
make install
3.修改配置文件
nginx.conf
user nginx;
worker_processes 2;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$request_time" "$gzip_ratio"';
access_log /var/log/nginx/access.log main;
#sendfile on;
#tcp_nopush on;
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
fastcgi_read_timeout 600;
fastcgi_send_timeout 600;
gzip on;
gzip_disable "msie6";
gzip_min_length 1024;
gzip_types text/plain text/css application/javascript;
client_max_body_size 32m;
set_real_ip_from 0.0.0.0/0;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
include /etc/nginx/conf.d/*.conf;
}
4.创建nginx配置文件路径
mkdir /etc/nginx/conf.d/
5.创建nginx启动脚本
vim /etc/init.d/nginx
#!/bin/sh
#
# nginx Startup script for nginx
#
# chkconfig: - 85 15
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# description: nginx is an HTTP and reverse proxy server
#
### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $local_fs $remote_fs $network
# Required-Stop: $local_fs $remote_fs $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop nginx
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
if [ -L $0 ]; then
initscript=`/bin/readlink -f $0`
else
initscript=$0
fi
sysconfig=`/bin/basename $initscript`
if [ -f /etc/sysconfig/$sysconfig ]; then
. /etc/sysconfig/$sysconfig
fi
nginx=${NGINX-/usr/sbin/nginx}
prog=`/bin/basename $nginx`
conffile=${CONFFILE-/etc/nginx/nginx.conf}
lockfile=${LOCKFILE-/var/lock/subsys/nginx}
pidfile=${PIDFILE-/var/run/nginx.pid}
SLEEPMSEC=${SLEEPMSEC-200000}
UPGRADEWAITLOOPS=${UPGRADEWAITLOOPS-5}
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon --pidfile=${pidfile} ${nginx} -c ${conffile}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} ${prog}
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
echo -n $"Reloading $prog: "
killproc -p ${pidfile} ${prog} -HUP
RETVAL=$?
echo
}
upgrade() {
oldbinpidfile=${pidfile}.oldbin
configtest -q || return
echo -n $"Starting new master $prog: "
killproc -p ${pidfile} ${prog} -USR2
echo
for i in `/usr/bin/seq $UPGRADEWAITLOOPS`; do
/bin/usleep $SLEEPMSEC
if [ -f ${oldbinpidfile} -a -f ${pidfile} ]; then
echo -n $"Graceful shutdown of old $prog: "
killproc -p ${oldbinpidfile} ${prog} -QUIT
RETVAL=$?
echo
return
fi
done
echo $"Upgrade failed!"
RETVAL=1
}
configtest() {
if [ "$#" -ne 0 ] ; then
case "$1" in
-q)
FLAG=$1
;;
*)
;;
esac
shift
fi
${nginx} -t -c ${conffile} $FLAG
RETVAL=$?
return $RETVAL
}
rh_status() {
status -p ${pidfile} -b ${nginx} ${nginx}
}
# See how we were called.
case "$1" in
start)
rh_status >/dev/null 2>&1 && exit 0
start
;;
stop)
stop
;;
status)
rh_status
RETVAL=$?
;;
restart)
configtest -q || exit $RETVAL
stop
start
;;
upgrade)
rh_status >/dev/null 2>&1 || exit 0
upgrade
;;
condrestart|try-restart)
if rh_status >/dev/null 2>&1; then
stop
start
fi
;;
force-reload|reload)
reload
;;
configtest)
configtest
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|upgrade|reload|status|help|configtest}"
RETVAL=2
esac
exit $RETVAL
#修改权限
chmod +x /etc/init.d/nginx
#创建用户
useradd -s /sbin/nologin -M nginx
6.启动nginx
nginx -t
mkdir -p /var/cache/nginx/client_temp
service nginx start
chkconfig nginx on
三、安装php
1.下载php,官方地址http://cn2.php.net/get/php-7.1.9.tar.gz/from/this/mirror
wget http://cn2.php.net/get/php-7.1.9.tar.gz/from/this/mirror
mv mirror php-7.1.9.tar.gz
tar -xvzf php-7.1.9.tar.gz
2.安装php
#安装依赖
yum install libxml2-devel libcurl-devel gmp-devel libpng-devel freetype-devel libjpeg-turbo-devel libxslt-devel libmcrypt-devel
./configure \
--enable-fpm \
--with-fpm-user=nginx \
--with-fpm-group=nginx \
--enable-opcache \
--with-openssl=/usr/local/openssl \
--with-curl=/usr/local/ \
--with-zlib \
--disable-debug \
--enable-gd-native-ttf \
--without-gdbm \
--with-gettext \
--with-gd \
--with-gmp \
--with-iconv \
--with-pcre-regex \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-sysvsem \
--enable-sysvshm \
--enable-sysvmsg \
--with-kerberos \
--enable-shmop \
--enable-xml \
--with-pdo-mysql \
--disable-ipv6 \
--with-png-dir=/usr \
--with-freetype-dir=/usr \
--with-jpeg-dir=/usr \
--enable-mbstring \
--enable-zip \
--with-xsl \
--with-mcrypt \
--enable-bcmath \
--enable-soap \
--enable-calendar
make
make install
3.添加配置文件
#增加启动文件
cp /root/work/php-7.1.9/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm
cp /usr/local/etc/php-fpm.conf.default /usr/local/etc/php-fpm.conf
cp /root/work/php-7.1.9/php.ini-production /usr/local/lib/php.ini
#修改配置文件的最后一行
vim /usr/local/etc/php-fpm.conf
include=etc/php-fpm.d/*.conf
cp /usr/local/etc/php-fpm.d/www.conf.default /usr/local/etc/php-fpm.d/www.conf
#启动php
service php-fpm restart
4.在/etc/nginx中添加配置文件
php-fpm.conf
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_keep_conn on;
expires.conf
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|svg|woff)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 10d;
}
fastcgi_params
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
thinkphp_pathinfo.conf
#ThinkPHP Pathinfo
#下面4行 为Thinkphp 的 Pathinfo=2 设置
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php/$1 last;
break;
}
5.安装php-redis拓展
wget https://github.com/phpredis/phpredis/archive/php7.zip
unzip php7.zip
cd phpredis-php7
phpize
./configure --with-php-config=/usr/local/bin/php-config
make
make install
#编辑php.ini文件
vim /usr/local/php/lib/php.ini
[redis]
extension=redis.so
6.添加测试代码
cat index.php
<?php
phpinfo();
?>
7.全部完成后启动php
service php-fpm restart