- 论坛徽章:
- 0
|
Debian+Nginx+PHP(FastCGI)+MySQL搭建LNMP服务器(三版)
http://www.zzt123.com/html/2012/0808/1344418139.html
FreeBSD服务器软件安装脚本
http://hi.baidu.com/jjxiaoyan/bl ... d1f812d21b700c.html
FreeBSD上搭建nginx 0.7.x + PHP 5.3.x(FastCGI)(第二版) - 现实的梦想 - Web应用开发与服务器架构
http://blog.jiqila.com/post/157/
#########################################################################
$ uname -a
Linux debian 2.6.32-5-686 #1 SMP Wed May 18 07:08:50 UTC 2011 i686 GNU/Linux
一、常用命令
dpkg -l |grep mysql #检查软件是否安装
df -k ## 查看分区情况【单位:byte】
df -h ## 查看分区情况【单位:GB】
find . -name "*.log" ## 查找文件
tail -f /usr/local/mysql/data/192.168.245.11.err ## 查看mysql错误日志
killall -HUP nginx ## 结束指定进程
chmod -R 0777 /var/data ## 把 /var/data 里面的所有文件和文件夹都设置为可读写
apt-get remove xxx ## 删除软件
dpkg –force-all –P xxx ## 删除配置文件
apt-cache search “freetype” ##查找安装包
tzselect #更改系统时区
du -sh dirname #查看目录大小
tar -zcvf /home/ftp/wwwroot.tar.gz /home/ftp/wwwroot #压缩目录
二、添加/删除用户及root密码修改
在实际应用中,IDC一般会提供一个普通用户及root密码,所以有必要自己添加一个用户,接着删除IDC提供的用户,然后修改root密码
1. 添加用户
useradd -d /home/abc -m abc
2. 设置用户密码
passwd abc
3. 删除用户
userdel abc
4. 修改root密码
passwd root
三、修改更新源
vi /etc/apt/sources.list
清空文件内容,然后加入如下内容:
deb http://mirrors.163.com/debian squeeze main non-free contrib
deb http://mirrors.163.com/debian squeeze-proposed-updates main contrib non-free
deb http://mirrors.163.com/debian-security squeeze/updates main contrib non-free
deb-src http://mirrors.163.com/debian squeeze main non-free contrib
deb-src http://mirrors.163.com/debian squeeze-proposed-updates main contrib non-free
deb-src http://mirrors.163.com/debian-security squeeze/updates main contrib non-free
deb http://http.us.debian.org/debian squeeze main contrib non-free
deb http://non-us.debian.org/debian-non-US squeeze/non-US main contrib non-free
deb http://security.debian.org squeeze/updates main contrib non-free
也可以到http://mirrors.163.com/.help/debian.html 去直接下载sources.list文件
四、更新软件源及系统
1. 更新软件源
apt-get update
2. 更新系统
apt-get upgrade
五、安装ssh
1. 安装命令
apt-get install openssh-server
2. 关闭SSH的dns反解析
即在/etc/ssh/sshd_config中添加:UseDNS no
3. 启动/停止服务
/etc/init.d/ssh start|stop|restart
启动ssh后,可用netstat -an查看22端口是否启用
六、安装配置vsftpd
1. 安装vsftpd
apt-get install vsftpd
2. 启动vsftpd
/etc/init.d/vsftpd start
2. 配置vsftpd
vi /etc/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
3. 设置FTP用户
(1)添加FTP用户
useradd -g ftp -d /home/ftp -s /sbin/nologin -m abc
注释:
ftp : ftp用户组,在vsftpd安装时自动创建的
/home/ftp : ftp目录
abc : ftp用户名
(2)设置FTP用户密码
passwd abc
(3)设置FTP目录权限
chmod 755 /home/ftp
4. 重启vsftpd
/etc/init.d/vsftpd restart
七、设置SSH为密钥登录方式
vi /etc/ssh/sshd_config
1. 禁止用root登录SSH
PermitRootLogin no
2. 配置SSH,设置为密匙登录
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PermitEmptyPasswords no
3. 登陆服务器,在PuTTY中用之前添加的帐户登录到SSH,然后执行如下命令:
#ssh-keygen -t rsa -b 1024
执行上面命令后将问你密匙保存位置和密码。最后将在用户的家庭目录下的.ssh/下生成一个公匙(id_rsa.pub)和一个私匙(id_rsa)
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ezool/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ezool/.ssh/id_rsa.
Your public key has been saved in /home/ezool/.ssh/id_rsa.pub.
4. 上面的过程你可以不输入密码,那样只要载入密匙就登陆服务器,不过不建议那样做。生成后你需要切换到ssh密匙目录下修改公匙文件名
#cd /home/test/.ssh #test改成你生成密匙的用户名
#cat id_rsa.pub > authorized_keys #也可以用 mv id_rsa.pub authorized_keys直接修改文件名
#chmod 600 authorized_keys #仅供本人读写
#rm id_rsa.pub #移除刚生成的公匙文件
5. 接着需要把私匙文件id_rsa下载下来:
先转到root帐户
#cat id_rsa > /www/myweb/mykey.ppk #注意路劲哦,这里由于是承接上面,因此用户还在.ssh目录下
#rm id_rsa
6. 通过ftp把密匙下载下来,然后需要注意,这里下载下来的密匙还没办法直接用于PuTTY,需要通过puttygen转换
启用putty key generator,点击load载入刚下载下来的私匙,这时他会提示转换,只要在save private key就可以,这样这个文件就能用。
登陆的时候注意左边的ssh下面有个 Auth,通过这个载入私匙,然后就可以登录。
小 提示:如果在load私钥时提示“Couldn't load private key (ciphers other than DES-EDE3-CBC not supported)”错误,那是因为PuttyGen的版本太低,可下载最新版本的PuttyGen,具体可参考如下文章:
Debian下使用PuttyGen.exe无法转入SSH私钥文件的问题
http://hi.baidu.com/jjxiaoyan/bl ... 5f5d55500ffe6e.html
7. 测试密匙是否有效
在Putty的Configuration界面左侧Auth选项的“Private key file for authentication”文本框中添加PuttyGen生成的密匙文件,然后连接服务器。在输入了用户名后,会有如下提示:
login as: jjxiaoyan
Authenticating with public key "imported-openssh-key"
Passphrase for key "imported-openssh-key":
这说明Putty已经使用了密匙文件,最后输入生成密匙时设置的密码即可验证密匙登录方式是否成功。
8. 关闭SSH口令验证方式
vi /etc/ssh/sshd_config
ChallengeResponseAuthentication no
UsePam no
PasswordAuthentication no # 设置是否使用口令验证。
/etc/init.d/ssh restart #重启sshd使配置生效
这时可以在Putty中不加载密匙文件来尝试登录一下,肯定是不能登录了。
9. 设置特定用户才能登录SSH【此步要慎重!!!】
vi /etc/ssh/sshd_config
添加一句:
#切记检查一下用户名是否正确,要不连自己也登录不上SSH了
AllowUsers admin #指定能进行SSH的用户,可设置多个
#AllowUsers user1 user2 user3
/etc/init.d/ssh restart #重启sshd使配置生效
八、安装源码编译环境
apt-get install build-essential
九、安装nginx
apt-get install libcurl4-openssl-dev
apt-get install libpcre3-dev
wget http://blog.s135.com/soft/linux/nginx_php/pcre/pcre-8.10.tar.gz
tar zxvf pcre-8.10.tar.gz
cd pcre-8.10/
./configure
make && make install
cd ..
wget http://blog.s135.com/soft/linux/ ... nginx-0.8.46.tar.gz
tar zxvf nginx-0.8.46.tar.gz
cd nginx-0.8.46/
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
cd ..
groupadd www
useradd -g www www
chmod +w /usr/local/nginx/html
chown -R www:www /usr/local/nginx/html
这样就可以通过http://localhost 来访问nginx默认的网站了。
/usr/local/nginx/sbin/nginx -s reload ##重启nginx
十、安装MySQL
1. 安装libncurses5-dev
apt-get install libncurses5-dev
2. 编译安装MySQL
wget http://downloads.mysql.com/archives/mysql-5.1/mysql-5.1.44.tar.gz
tar zxvf mysql-5.1.44.tar.gz
cd mysql-5.1.44
./configure --prefix=/usr/local/mysql/ --enable-assembler --with-extra-charsets=complex --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=innobase --with-mysqld-user=mysql --without-ndb-debug --without-debug --with-charset=utf8 --localstatedir=/usr/local/mysql/data --with-collation=utf8_general_ci
## [Success] Thank you for choosing MySQL!
make ## [Success] Making all in win
make install
cd ..
3. MySQL配置
groupadd mysql
useradd mysql -g mysql -d /usr/local/mysql -s /usr/sbin/nologin
mkdir -p /usr/local/mysql/data/
chown -R mysql:mysql /usr/local/mysql/
/usr/local/mysql/bin/mysql_install_db --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --user=mysql
cd /usr/local/mysql/share/mysql
cp my-large.cnf /etc/my.cnf
cp mysql.server /usr/local/mysql/mysqld
chmod 755 /usr/local/mysql/mysqld
/usr/local/mysql/mysqld start
## 若mysql无法启动,需要在my.cnf中加入下面这两句:
basedir="/usr/local/mysql/"
datadir="/usr/local/mysql/data/"
/usr/local/mysql/bin/mysql -u root -p -S /tmp/mysql.sock
# GRANT ALL PRIVILEGES ON *.* TO 'abc'@'localhost' IDENTIFIED BY '123456';
# quit
最后用如下命令测试一下添加的用户能否登录
/usr/local/mysql/bin/mysql -u abc -p
十一、安装PHP
1. 安装依赖库
小提示:可用apt-cache search "freetype"命令查找依赖库版本
apt-get install libxml2-dev libssl-dev libcurl4-openssl-dev libjpeg62-dev libpng12-dev libfreetype6-dev libsasl2-dev autoconf2.13 libpcre3-dev libperl-dev
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz
tar zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1
./configure -prefix=/usr/local
make && make install
cd ..
ln -s /usr/local/lib/libiconv.so /usr/lib/libiconv.so
ln -s /usr/local/lib/libiconv.so.2 /usr/lib/libiconv.so.2
wget "http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0"
mv "libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0" libmcrypt-2.5.8.tar.gz
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8
./configure --prefix=/usr
make && make install
cd ..
wget "http://downloads.sourceforge.net/mhash/mhash-0.9.9.9.tar.gz?modtime=1175740843&big_mirror=0"
mv "mhash-0.9.9.9.tar.gz?modtime=1175740843&big_mirror=0" mhash-0.9.9.9.tar.gz
tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9
./configure --prefix=/usr
make && make install
cd ..
wget "http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0"
mv "mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0" mcrypt-2.6.8.tar.gz
tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8
cd src
vi rfc2440.c
将
#include <malloc.h>
修改为
#include <stdlib.h>
cd ..
./configure --prefix=/usr
make && make install
cd ..
2. 编译安装PHP
wget http://cn.php.net/get/php-5.2.17.tar.gz/from/this/mirror
wget http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz
mv mirror php-5.2.17.tar.gz
tar zxvf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | patch -d php-5.2.17 -p1
cd php-5.2.17/ext/gd/libgd/
编辑gd库的 gd_png.c文件,将
if (!png_check_sig (sig,  ) { /* bad signature */
return NULL;
}
修改为
if (png_sig_cmp (sig, 0, ) { /* bad signature */
return NULL;
}
cd ../../../
./buildconf --force
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-iconv-dir=/usr --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr/local --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --disable-ipv6 --without-pear --enable-ftp
## [↑Success] Thank you for using PHP.
make ZEND_EXTRA_LIBS='-liconv' ## [Success] Build complete.
make install
提示:如果configure配置失败,可能是由于autoconf版本不匹配。经测试,autoconf2.62和autoconf2.13无此问题。若出现该问题,可重新安装autoconf,并删除php安装目录,重新解压安装php。
cp ./php.ini-recommended /usr/local/php/etc/php.ini
## cp /usr/local/php/etc/php-fpm.conf /usr/local/php/etc/
http://pecl.php.net/get/memcache-2.2.5.tgz
tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install
cd ..
http://bart.eaccelerator.net/sou ... tor-0.9.5.3.tar.bz2
tar jxvf eaccelerator-0.9.5.3.tar.bz2
cd eaccelerator-0.9.5.3
/usr/local/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
make
make install
cd ..
http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
make
make install
cd ..
http://acelnmp.googlecode.com/files/ImageMagick-6.6.5-10.tar.gz
tar zxvf ImageMagick-6.6.5-10.tar.gz
cd ImageMagick-6.6.5-10
ln -s /usr/local/lib/libfreetype.la /usr/lib/libfreetype.la
ln -s /usr/local/lib/libfreetype.so /usr/lib/libfreetype.so
ln -s /usr/local/lib/libfreetype.so.9 /usr/lib/libfreetype.so.9
ln -s /usr/local/lib/libjpeg.so /usr/lib/libjpeg.so
ln -s /usr/local/lib/libjpeg.la /usr/lib/libjpeg.la
ln -s /usr/local/lib/libjpeg.so.11 /usr/lib/libjpeg.so.11
ln -s /usr/local/lib/libpng.a /usr/lib/libpng.a
ln -s /usr/local/lib/libpng.so /usr/lib/libpng.so
ln -s /usr/local/lib/libpng.so.6 /usr/lib/libpng.so.6
./configure
make
make install
cd ..
http://pecl.php.net/get/imagick-2.2.2.tgz
tar zxvf imagick-2.2.2.tgz
cd imagick-2.2.2
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install
cd ..
################ 修改php.ini ##################
vi /usr/local/php/etc/php.ini
查找output_buffering = 4096
修改为output_buffering = On
再查找extension_dir = "./"
修改为extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
并在此行后增加以下几行,然后保存:
extension = "memcache.so"
extension = "pdo_mysql.so"
extension = "imagick.so"
extension = "eaccelerator.so"
################ 配置eAccelerator,加速PHP ##################
cd /usr/local/php/etc/
mkdir -p eaccelerator_cache
vi /usr/local/php/etc/php.ini
在文件末尾增加下面的内容:
[eaccelerator]
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/usr/local/php/etc/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
################ 修改php-fpm.conf ##################
vi /usr/local/php/etc/php-fpm.conf
将
Unix user of processes
<!-- <value name="user">nobody</value> -->
Unix group of processes
<!-- <value name="group">nobody</value> -->
换成
Unix user of processes
<value name="user">www</value>
Unix group of processes
<value name="group">www</value>
################ 修改nginx.conf ##################
重点:
location ~ .*\.(php|php5)?$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
include fastcgi_params;
}
十二、结尾
其中nginx.conf、php.ini以及my.cnf的配置要参考http://blog.jiqila.com/post/157/
################ 服务自启动(/etc/rc.local) ##################
vi /etc/rc.local
/usr/local/nginx/sbin/nginx
/usr/local/mysql/mysqld start
/usr/local/php/sbin/php-fpm start
################ 创建站点目录 ##################
## mkdir -p /data/www
chmod +w /usr/local/nginx/html
chown -R www:www /usr/local/nginx/html
chmod -R o+wx /usr/local/nginx/html ##为所有用户增加写权限 |
|
免费注册
发表于 2012-08-15 20:27
发表于 2012-08-15 22:44
