
平台论坛博客文库

› 论坛 › 程序设计 › PHP › php文档中心 › Ubuntu Linux 10.04 安装及配置Nginx+PHP FPM

Ubuntu Linux 10.04 安装及配置Nginx+PHP FPM [复制链接]

so_brave

家境小康

论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2011-12-02 14:25 |只看该作者 |倒序浏览

Ubuntu Linux 10.04 安装及配置Nginx+PHP FPM

Bash代码

1.#!/bin/bash
2.##########################################
3.# Install app server env.
4.# Prepare:Ubuntu 10.04 Linux server configed ssh,LVS Real Server and mysql slave.
5.##########################################
6.[ `whoami` != "root" ] && echo "Not root." && exit 1;
7.export EDITOR=vim;
8.if ! grep "export EDITOR=vim" /etc/profile >/dev/null;
9.then
10. echo "export EDITOR=vim;" >> /etc/profile;
11.fi;
12.
13.#app server domain
14.DOMAIN='app.example.net';
15.#statics files server domain
16.S_DOMAIN='statics.app.example.net';
17.
18.#Linux内核参数优化
19.sysctl -w net.ipv4.tcp_syncookies=1 #表示开启SYN
20.Cookies。当出现SYN等待队列溢出时，启用cookies来处理，可防范少量SYN攻击，默认为0，表示关闭
21.sysctl -w net.ipv4.tcp_tw_reuse=1 #表示开启重用。允许将TIME-WAIT
22.sockets重新用于新的TCP连接，默认为0，表示关闭
23.sysctl -w net.ipv4.tcp_tw_recycle=1 # 表示开启TCP连接中TIME-WAIT sockets的快速回收，默认为0，表示关闭
24.sysctl -w net.ipv4.tcp_fin_timeout=30 #表示如果套接字由本端要求关闭，这个参数决定了它保持在FIN-WAIT-2状态的时间
25.sysctl -w net.ipv4.tcp_max_tw_buckets=6000 #系统同时保持TIME_WAIT套接字的最大数量
26.sysctl -w net.core.somaxconn=262144
27.#表示系统同时保持TIME_WAIT套接字的最大数量，如果超过这个数字，TIME_WAIT套接字将立刻被清除并打印警告信息。默认为180000，改为5000。对于Apache、Nginx等服务器，上几行的参数可以很好地减少TIME_WAIT套接字数量，但是对于Squid，效果却不大。此项参数可以控制TIME_WAIT套接字的最大数量，避免Squid服务器被大量的TIME_WAIT套接字拖死。
28.sysctl -w net.ipv4.tcp_keepalive_time = 1200
29.#表示当keepalive起用的时候，TCP发送keepalive消息的频度。缺省是2小时，改为20分钟。
30.sysctl -w net.ipv4.ip_local_port_range = 1024 65000
31.#表示用于向外连接的端口范围。缺省情况下很小：32768到61000，改为1024到65000。
32.sysctl -w net.ipv4.tcp_max_syn_backlog = 8192
33.#表示SYN队列的长度，默认为1024，加大队列长度为8192，可以容纳更多等待连接的网络连接数。
34.
35.sysctl > /etc/sysctl.conf;
36.
37.( #Start
38.
39.
40.#Install production server
41.(
42.apt-get -y --force-yes install curl;#安装curl
43.apt-get -y --force-yes install python-software-properties;
44.add-apt-repository ppa:brianmercer/php;#Ubuntu 10.04 需要添加PHP FPM的PPA源
45.apt-get update;
46.
47.apt-get -y --force-yes install nginx;
48.apt-get -y --force-yes install memcached;
49.apt-get -y --force-yes install mercurial;
50.apt-get -y --force-yes install php5-cgi php5-fpm php-apc php5-mysql php5-gd php5-mcrypt php5-memcache;
51.) > /dev/null;
52.
53.#fix "#" comment
54.echo 'extension=mcrypt.so' > /etc/php5/fpm/conf.d/mcrypt.ini;
55.
56.
57.#Deploy app
58.
59.cd /var/www;
60.rm -rf app;
61.hg clone https://repo.app@repo.dev.example.net/hg/app/;
62.
63.
64.
65.#Config nginx
66.#我们服务器有16核,所以...
67.echo '
68.user www-data;
69.worker_processes 16;
70.worker_cpu_affinity 1000000000000000 0100000000000000 0010000000000000 0001000000000000 0000100000000000 0000010000000000 0000001000000000 0000000100000000 0000000010000000 0000000001000000 0000000000100000 0000000000010000 0000000000001000 0000000000000100 0000000000000010 0000000000000001;
71.worker_rlimit_nofile 65536;
72.
73.error_log /var/log/nginx/error.log;
74.pid /var/run/nginx.pid;
75.events {
76. use epoll;
77. worker_connections 131072;
78.}
79.
80.http {
81. client_header_buffer_size 4K;
82. open_file_cache max=65536 inactive=20s;
83. open_file_cache_min_uses 3;
84. open_file_cache_valid 30s;
85.
86. access_log off;
87. include /etc/nginx/mime.types;
88.
89. sendfile on;
90.
91. tcp_nopush on;
92. tcp_nodelay on;
93.
94. gzip on;
95. gzip_disable "MSIE [1-6]\.(?!.*SV1)";
96. gzip_buffers 16 64k;
97. gzip_min_length 1k;
98. gzip_comp_level 6;
99. gzip_vary on;
100. gzip_types text/plain text/javascript text/css application/x-javascript text/xml application/xml application/xml+rss;
101.
102. include /etc/nginx/conf.d/*.conf;
103. include /etc/nginx/sites-enabled/*;
104.}
105.' > /etc/nginx/nginx.conf;
106.
107.#enable nginx-status
108.echo "
109.server {
110. listen 80 default;
111. server_name localhost;
112.
113. access_log off;
114.
115. location / {
116. root /var/www/nginx-default;
117. index index.html index.htm;
118. }
119. location = /favicon.ico {
120. log_not_found off;
121. }
122.
123. location /nginx-status {
124. stub_status on;
125. allow 127.0.0.1;
126. deny all;
127. }
128.}" > /etc/nginx/sites-enabled/default;
129.
130.echo '
131.server {
132. listen 80;
133. server_name '$DOMAIN';
134.
135. keepalive_timeout 0;
136.
137. access_log off;
138. log_not_found off;
139. error_log /var/log/nginx/app.error.log;
140.
141. root /var/www/app/;
142. index index.php index.htm index.html;
143.
144. location / {
145. try_files $uri $uri/ /index.php?$args;
146. }
147.
148. location ~ ^/(protected|yii)/ {
149. deny all;
150. }
151.
152. location = /favicon.ico {
153. expires max;
154. return 204;
155. }
156.
157. location ~ \.php$ {
158. fastcgi_pass unix:/dev/shm/app-php-fpm.socket;
159. fastcgi_param PATH_INFO $fastcgi_path_info;
160. fastcgi_index index.php;
161.
162. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
163. fastcgi_param SERVER_ADDR $server_addr;
164. fastcgi_param SERVER_PORT $server_port;
165. fastcgi_param REMOTE_ADDR $remote_addr;
166. fastcgi_param REMOTE_PORT $remote_port;
167. fastcgi_param X-Real-IP $remote_addr;
168.
169. include fastcgi_params;
170. }
171.
172.}
173.' > /etc/nginx/sites-available/app;
174.
175.
176.echo '
177.server {
178. listen 80;
179. server_name '$S_DOMAIN';
180.
181. keepalive_timeout 60;
182. access_log off;
183. log_not_found off;
184.
185. index index.htm index.html;
186.
187. location / {
188. root /var/www/app/;
189. deny all;
190. }
191.
192. location ~ ^/(statics|css|assets|demo|themes|tests)/ {
193. root /var/www/app/;
194. gzip on;
195. gzip_disable "MSIE [1-6]\.(?!.*SV1)";
196. gzip_buffers 16 64k;
197. gzip_min_length 1k;
198. gzip_comp_level 6;
199. gzip_vary on;
200. expires 7d;
201. add_header Pragma public;
202. add_header Cache-Control "public, must-revalidate, proxy-revalidate";
203. }
204.
205. location = /favicon.ico {
206. return 204;
207. }
208.
209. location ~ \.php$ {
210. deny all;
211. }
212.
213.
214.}
215.' > /etc/nginx/sites-available/s.app;
216.
217.
218.ln -sf ../sites-available/app /etc/nginx/sites-enabled/;
219.ln -sf ../sites-available/s.app /etc/nginx/sites-enabled/;
220.
221.
222.
223.
224.echo '
225.[global]
226.pid = /var/run/php5-fpm.pid
227.error_log = /var/log/php5-fpm-error.log
228.process_control_timeout = 30
229.daemonize = yes
230.[www]
231.listen = /dev/shm/app-php-fpm.socket
232.user = www-data
233.group = www-data
234.pm = static
235.pm.max_children = 256
236.pm.max_requests = 65535
237.request_terminate_timeout = 30
238.rlimit_files = 65535
239.' > /etc/php5/fpm/php5-fpm.conf;
240.
241.
242.
243.
244.service php5-fpm restart;
245.service nginx restart;
246.
247.
248.if ! grep "$DOMAIN" /etc/hosts;then
249. echo "127.0.0.1 $DOMAIN $S_DOMAIN" >> /etc/hosts;
250.fi;
251.
252.(
253. crontab -l|sed "/$DOMAIN/d";
254. echo "
255. 30 * * * * curl http://$DOMAIN/CronTask/some-op
256.
257. 5 * * * * curl http://$DOMAIN/CronTask/some-op
258. ";
259.)|crontab;
260.
261.
262.
263.
264.
265.#End
266.);

复制代码

php

文库|博客

冰释一片天

稍有积蓄

论坛徽章:: 0

2楼 [报告]

发表于 2011-12-21 22:11 |只看该作者

谢谢分享希望于楼主多多交流

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

返回列表

Chinaunix › 论坛 › 程序设计 › PHP › php文档中心 › Ubuntu Linux 10.04 安装及配置Nginx+PHP FPM