阿里云重装系统记录2:Centos安装LAMNP环境

阿里云重装系统记录2:Centos安装LAMNP环境

上次说了阿里云重装系统记录1:ECS两块云盘合并,今天记录一下安装centos安装LAMNP(Linux+Apache+Mysql+Nginx+PHP)环境,由于好玩吧新购了阿里云的RDS,所以数据库mysql就不需要安装,但是一下还是记录着。

阿里云重装系统记录2:Centos安装LAMNP环境

1.如果已安装Apache和PHP,则卸载

yum -y remove httpd* php* mysql

2.更新软件库

yum -y update 

说明:

yum -y update:【升级所有包,改变软件设置和系统设置,系统版本内核都升级】

yum -y upgrade:升级所有包,不改变软件设置和系统设置,系统版本升级,内核不改变

3.安装Nginx源

rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm

4.安装epel源

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

5.安装RPMforge源,用于安装phpMyAdmin

rpm -Uvh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag

6.安装nginx,加入启动项,启动nginx

yum -y install nginx
chkconfig --levels 235 nginx on
/etc/init.d/nginx start

7.安装Apache,加入启动项,启动Apache

yum -y install httpd
chkconfig --levels 345 httpd on
/etc/init.d/httpd start

出现错误提示:

[[email protected] ~]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down

正常,下面有解决办法。

8.安装PHP

yum -y install php

9.为PHP5取得MySQL支持和安装PHP常用库

yum -y install php-mysql php-gd libjpeg* php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-bcmath php-mhash libmcrypt

10.安装phpmyadmin

yum -y install phpmyadmin

11.数据库

rpm --import http://yum.mariadb.org/RPM-GPG-KEY-MariaDB
vi /etc/yum.repos.d/MariaDB.repo

新增一条记录:

# MariaDB 10.0 CentOS repository list - created 2014-03-15 08:00 UTC

# http://mariadb.org/mariadb/repositories/

[mariadb]
name = MariaDB

baseurl = http://yum.mariadb.org/10.0/centos6-amd64

gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB

gpgcheck=1

12.安装mysql,设置开机启动,启动mysql

yum clean all
yum -y install MariaDB-server MariaDB-client
chkconfig --levels 235 mysql on
/etc/init.d/mysql start

安装mysql时间比较长。

出现错误:

Error Downloading Packages:
  MariaDB-server-10.0.22-1.el6.x86_64: failure: rpms/MariaDB-10.0.22-centos6-x86_64-server.rpm from mariadb: [Errno 256] No more mirrors to try.

继续yum -y install MariaDB-server MariaDB-client重新安装,直到提示成功。

13.设置mysql密码及相关设置

mysql_secure_installation

设置mysql密码及相关设置

14.创建网站相关目录

mkdir /home/data
ln -s /home/data /data	
mkdir /www
mkdir /data/wwwroot
ln -s /data/wwwroot /www/
mkdir -p /data/wwwroot/{web,log,git}
mkdir -p /data/wwwroot/log/{web,other}
mkdir /data/conf
mkdir /data/conf/{sites-available,sites-enabled,shell}	
mkdir /backup
ln -s /backup /data/

15.移动nginx配置文件

cp -p /etc/nginx/conf.d/default.conf  /etc/nginx/conf.d/default.conf.bak
mv /etc/nginx/conf.d/default.conf /data/conf/sites-available/nginx_main.conf
ln -s /data/conf/sites-available/nginx_main.conf /data/conf/sites-enabled/nginx_main.conf

管理nginx配置文件只需要
vi /data/conf/sites-available/nginx_main.conf

移动nginx配置文件

cp -p /etc/nginx/nginx.conf  /etc/nginx/nginx.conf.bak
	mv /etc/nginx/nginx.conf /data/conf/
	ln -s /data/conf/nginx.conf /etc/nginx/

16.移动apache配置文件

cp -p /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak
mv /etc/httpd/conf/httpd.conf /data/conf/
ln -s /data/conf/httpd.conf /etc/httpd/conf/

管理apache配置文件只需要
vi /data/conf/httpd.conf

17.移动mysql配置文件

cp -p /etc/my.cnf /etc/my.cnf.bak
mv /etc/my.cnf /data/conf/
ln -s /data/conf/my.cnf /etc/

18.移动mysql数据库

cp -rp /var/lib/mysql /var/lib/mysql-bak
mv /var/lib/mysql /data/
ln -s /data/mysql /var/lib/

19.移动php配置文件

cp -p /etc/php.ini /etc/php.ini.bak
mv /etc/php.ini /data/conf/
ln -s /data/conf/php.ini /etc/

20.添加www组和www用户,并且将web目录权限给到

groupadd www
useradd -g www www
chown -R www:www /data/wwwroot/web

21.配置nginx

vi /data/conf/nginx.conf

修改成一下文件

user  www  www;
worker_processes  1; #如果网站没有出现io性能问题,最好不要修改,采用默认的1即可,如果非要设置,必须要和CPU的内核数匹配,否则要么就假死(主要是Windows),要么就出现502的错误(主要是Linux)
worker_cpu_affinity 0001;

error_log  /var/log/nginx/error.log warn;
# 用来指定进程id的存储文件位置
pid        /var/run/nginx.pid;
 
# 用于绑定worker进程和CPU,该值必须和Linux内核打开文件数关联起来,如将该值设置为65535就必须在Linux命令行中执行 ulimit -HSn 65535
worker_rlimit_nofile 65535;

events {
	use epoll;
    worker_connections  65535;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
	#charset uft-8; # 强制声明会导致我爱美图在ie下首页加载内容失败

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

	# 是否开启高效文件传输模式,将tcp_nopush和tcp_nodelay两个指令设置为on用于防止网络阻塞
     sendfile        on;
     tcp_nopush     on;
     tcp_nodelay  on;
 
     # 隐藏nginx的版本显示,增强安全性
     server_tokens off;
 
     # 用于设置客户端连接保持活动的超时时间,单位为秒,默认为75s
     #keepalive_timeout  0;
     keepalive_timeout  65;
     # 用于指定响应客户端的超时时间,这个超时仅限于两个连接活动之间的时间,默认为60s
     #send_timeout 60;
 
     # 下面是FastCGI的优化指令
     # 连接到后端FastCGI的超时时间
     fastcgi_connect_timeout 300;
     # 向FastCGI传送请求的超时时间
     fastcgi_send_timeout 300;
     # 接收FastCGI应答的超时时间
     fastcgi_read_timeout 300;
     # 指定读取FastCGI应答第一部分需要多大的缓冲区
     fastcgi_buffer_size 64k;
     fastcgi_buffers 4 64k;
     # 默认值是fastcgi_buffers的两倍
     fastcgi_busy_buffers_size 128k;
     # 表示在写入缓存文件时使用多大的数据块,默认为fastcgi_buffers的两倍
     fastcgi_temp_file_write_size 128k;
     # 为FastCGI缓存指定一个文件路径、目录结构等级、关键字区域存储时间和非活动删除时间
     #fastcgi_cache_path /usr/local/nginx/fastcgi_cache levels=1:2 keys_zone=TEST:10m inactive=5m;
     # 开启FastCGI缓存并为其设定一个名称。开启缓存可以有效降低CPU的负载,并且防止502错误的发生。
     # 但是同时也会引起很多问题,要视具体情况而定
     #fastcgi_cache TEST;
     # 用来指定应答代码的缓存时间,下面三条指令表示将200和303应答缓存1小时,301应答缓存1天,其他应答缓存1分钟。
     #fastcgi_cache_valid 200 302 1h;
     #fastcgi_cache_valid 301 1d;
     #fastcgi_cache_valid any 1m;
 
     # 配置Nginx的HttpGzip模块,开通的前提是安装的时候启用了该模块,使用 /usr/local/nginx/sbin/nginx -V 来查看安装的信息(大写的V)
     # 是否开通gzip
     gzip  on;
     # 允许压缩的页面最小字节数
     gzip_min_length 1k;
     gzip_buffers 4 16k;
     gzip_http_version 1.1;
     # 压缩比,从1到9,越大压缩率越高但越占资源,默认为1
     gzip_comp_level 2;
     # 指定压缩的类型,text/html总是被压缩
     gzip_types text/plain application/x-javascript text/css application/xml;
     # 是否让浏览器缓存压缩过的数据,默认为off
     gzip_vary on;
 
	client_max_body_size 20m;
	
     # server 用于对虚拟主机的设置,建议每个站点的设置放到外部配置文件中,然后使用include进行引用
     # 这里设置一个默认的主机,当默认访问的时候返回403错误
     server {
         listen       80 default;
         server_name _;
         # 也可以修改成404或者500,根据自身情况进行设置
         return 403;
     }
	 
    #include /etc/nginx/conf.d/*.conf;
	include /data/conf/sites-enabled/nginx_*;	
}

22.配置apache,引入apache配置,并且将“Listen 80”改为“Listen 8080”

echo 'Include /data/conf/sites-enabled/apache_*' >> /data/conf/httpd.conf
sed -i 's/Listen 80/Listen 8080/g' /data/conf/httpd.conf

23.修改apache配置
#在出现错误页的时候不显示服务器操作系统的名称
#在错误页中不显示Apache的版本
#禁止列出目录
#不在浏览器上显示树状目录结构
#设置默认首页文件,增加index.php
#允许程序性联机
#增加同时连接数

sed -i 's/ServerTokens OS/ServerTokens Prod/
s/ServerSignature On/ServerSignature Off/
s/Options Indexes FollowSymLinks/Options FollowSymLinks/
s/Options Indexes MultiViews FollowSymLinks/Options MultiViews FollowSymLinks/
s/DirectoryIndex index.html/DirectoryIndex index.html index.php/
s/KeepAlive Off/KeepAlive On/
s/MaxKeepAliveRequests 100/MaxKeepAliveRequests 1000/
s/User apache/User www/
s/Group apache/Group www/
s#/var/www/html#/data/wwwroot/web#' /data/conf/httpd.conf
 

分解:

ServerTokens OS改为 ServerTokens Prod

KeepAlive Off改为KeepAlive On

MaxKeepAliveRequests 100 改为MaxKeepAliveRequests 1000

User apache  和Group apache 改为

User www 和Group www

DocumentRoot "/var/www/html"改为DocumentRoot "/data/wwwroot/web"

<Directory "/var/www/html">改为:<Directory "/data/wwwroot/web">

Options Indexes FollowSymLinks 改为 Options FollowSymLinks

DirectoryIndex index.html index.html.var改为 DirectoryIndex index.html index.php index.html.var

ServerSignature On 改为ServerSignature Off

Options Indexes MultiViews FollowSymLinks改为 Options MultiViews FollowSymLinks

AddIcon /icons/bomb.gif /core改为AddIcon /icons/bomb.gif core

解决出现的错误:

遇到问题1:
httpd: Syntax error on line 1010 of /etc/httpd/conf/httpd.conf: Could not open config directory /data/conf/sites-enabled: Permission denied
原因:SElinux开启了。
#/usr/sbin/sestatus -v  【查看SELinux状态】
#vi /etc/selinux/config
把 SELINUX=enforcing 注释掉:#SELINUX=enforcing ,然后新加一行为:
SELINUX=disabled
重启init 6
#setenforce 0    【临时关闭(不用重启机器)】

遇到问题2:

[[email protected]]# service httpd restart
Stopping httpd: [  OK  ]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
[  OK  ]

参考:http://www.2cto.com/os/201201/117797.html

vi /data/conf/httpd.conf
#ServerName www.example.com:80
改为:
ServerName localhost:8080

再次重启Apache服务。

删除默认测试页

rm -f /etc/httpd/conf.d/welcome.conf /var/www/error/noindex.html

24.php配置
#修改时区
#禁用的函数
#禁止显示php版本的信息
#禁止php脚本访问指定目录以外的目录
#禁止nginx与php5.4以下版本的安全漏洞
#不指定session路径

/data/conf/php.ini |awk -F: '{print $1}'|grep 'date.timezone = PRC
sed -i 's/;date.timezone =/date.timezone = PRC/
s/disable_functions =/disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname/
s/expose_php = On/expose_php = Off/
s/;open_basedir =/open_basedir = /tmp/:/var/tmp/:/data/wwwroot/web/:/usr/share/phpmyadmin//
s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo = 0/
s/upload_max_filesize = 2M/upload_max_filesize = 5M/
s/max_input_time = 60/max_input_time = 30/
s/memory_limit = 128M/memory_limit = 64M/
s/error_reporting = E_ALL & ~E_DEPRECATED/error_reporting = E_ERROR/
s/session.save_path/;session.save_path/
s/display_errors = On/display_errors = Off/
s/register_globals = On/register_globals = Off/
s/short_open_tag = Off/short_open_tag = On/
s/log_errors = Off/log_errors = On/' /data/conf/php.ini

vi /data/conf/php.ini

short_open_tag = Off改为 short_open_tag = On

;open_basedir =改为 open_basedir = /tmp/:/var/tmp/:/data/wwwroot/web/:/usr/share/phpmyadmin/

disable_functions =改为disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname

expose_php = On改为expose_php = Off

max_input_time = 60改为max_input_time = 30

memory_limit = 128M改为memory_limit = 64M

error_reporting = E_ALL & ~E_DEPRECATED改为error_reporting = E_ERROR

;cgi.fix_pathinfo=1改为cgi.fix_pathinfo = 0

upload_max_filesize = 2M改为upload_max_filesize = 5M

;date.timezone =改为date.timezone = PRC

session.save_path = "/var/lib/php/session"改为;session.save_path = "/var/lib/php/session"

25.phpMyAdmin虚拟主机设置

"ServerName localhost:8080
NameVirtualHost *:8080

# 空主机头防范 & 禁用IP访问Apache服务器

ServerName *Order deny,allow
	Deny from all############################
#        phpmyadmin        #
############################

	
		Order allow,deny		
		Allow from allDocumentRoot /usr/share/phpmyadmin/
    ServerName $PMA_URL
    ErrorLog /data/wwwroot/log/$PMA_URL-error_log
    CustomLog /data/wwwroot/log/$PMA_URL-access_log common" > /data/conf/sites-available/apache_main.conf

26.建立软链接

ln -s /data/conf/sites-available/* /data/conf/sites-enabled/

设置/usr/share/phpmyadmin目录权限

chown www.www /usr/share/phpmyadmin -R  

设置防火墙,开启80端口,开启数据库端口

/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 61920 -j ACCEPT
/etc/rc.d/init.d/iptables save
/etc/init.d/iptables restart

27.修改mysql端口

vi /data/conf/my.cnf
新增一段

[mysqld]       
#修改为你想要改的端口       
port=61920 

28.重启所有服务

/etc/init.d/nginx restart
/etc/init.d/httpd restart
/etc/init.d/mysql restart

未经允许不得转载:好玩吧 » 阿里云重装系统记录2:Centos安装LAMNP环境