搭建前后端web生产环境Linux+Apache+Nginx+MySQL+PHP-php手册-php.cn

最近看到很多人都在LNAMP，变得越来越流行了，干脆将我之前自己做的重新优化了一边，更新了新版程序，并降低了55%的内存消耗，速度和负载都比0.1版提高了不少。 LNAMP 女神工作室0.2版介绍： Centos 5.5 32bit Apache 2.2.17 Nginx 0.8.54 MySQL 5.1.55 P

最近看到很多人都在LNAMP，变得越来越流行了，干脆将我之前自己做的重新优化了一边，更新了新版程序，并降低了55%的内存消耗，速度和负载都比0.1版提高了不少。

LNAMP 女神工作室0.2版介绍：

Centos 5.5 32bit
Apache 2.2.17
Nginx 0.8.54
MySQL 5.1.55
PHP 5.2.17

一、重装Centos系统，删除不比要的程序，并安装相关组件：

yum -y remove httpd mysql php

安装相关组件

yum -y install yum-fastestmirror
yum -y update
yum -y install patch make gcc gcc-c++ gcc-g77 flex bison tar
yum -y install libtool libtool-libs kernel-devel autoconf213
yum -y install libjpeg libjpeg-devel libpng libpng-devel
yum -y install libtiff libtiff-devel gettext gettext-devel
yum -y install freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel
yum -y install file glib2 glib2-devel bzip2 diff* openldap-devel
yum -y install bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs
yum -y install e2fsprogs-devel krb5 krb5-devel libidn libidn-devel
yum -y install openssl openssl-devel vim-minimal unzip
export PHP_AUTOCONF=/usr/bin/autoconf-2.13
export PHP_AUTOHEADER=/usr/bin/autoheader-2.13

安装PHP 5.2.x 所需的支持库

cd /usr/local/src

wget -c http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz
tar zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure --prefix=/usr/local
make
make install
cd ../

wget -c http://monkey.org/~provos/libevent-2.0.10-stable.tar.gz
tar zxvf libevent-2.0.10-stable.tar.gz
cd libevent-2.0.10-stable/
./configure --prefix=/usr
make
make install
cd ../

wget -c http://ncu.dl.sourceforge.net/sourceforge/mcrypt/libmcrypt-2.5.8.tar.gz
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ../../

wget -c http://nchc.dl.sourceforge.net/sourceforge/mhash/mhash-0.9.9.9.tar.gz
tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

wget -c http://nchc.dl.sourceforge.net/sourceforge/mcrypt/mcrypt-2.6.8.tar.gz
tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
./configure
make
make install
cd ../

安装GD图形支持库：

cd /usr/local/src
wget http://www.libgd.org/releases/gd-2.0.35.tar.gz
tar xzvf gd-2.0.35.tar.gz
cd gd-2.0.35
./configure --prefix=/usr/local/gd --mandir=/usr/share/man --with-jpeg --with-png --with-freetype --with-zlib --with-fontconfig
make //如果GD报错:configure.ac:64: warning: macro `AM_ICONV' not found in library 你就make clean一下，然后再make
make install

二、安装 Mysql 5.1.x：

1）先安装Google的开源TCMalloc库，可以提高MySQL在高并发情况下的性能

cd /usr/local/src

wget -c http://google-perftools.googlecode.com/files/google-perftools-1.7.tar.gz
tar zxvf google-perftools-1.7.tar.gz
cd google-perftools-1.7/
./configure
make && make install
echo "/usr/local/lib" > /etc/ld.so.conf.d/usr_local_lib.conf
/sbin/ldconfig
cd ../

2）开始安装Mysql 5.1.x

cd /usr/local/src

wget -c http://mysql.proserve.nl/Downloads/MySQL-5.1/mysql-5.1.55.tar.gz
tar -zxvf mysql-5.1.55.tar.gz
cd mysql-5.1.55
./configure --prefix=/usr/local/mysql --with-extra-charsets=all --enable-thread-safe-client --enable-assembler --with-charset=utf8 --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --without-debug --without-innodb --without-isam --with-mysqld-ldflags=-ltcmalloc_minimal
make && make install
cd ../
groupadd mysql
useradd -g mysql mysql
cp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf
/usr/local/mysql/bin/mysql_install_db --user=mysql
chown -R mysql /usr/local/mysql/var
chgrp -R mysql /usr/local/mysql/.
cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysql
chmod 755 /etc/init.d/mysql
chkconfig --level 345 mysql on
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
echo "/usr/local/lib" >>/etc/ld.so.conf
ldconfig
ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln -s /usr/local/mysql/include/mysql /usr/include/mysql
service mysql start
/usr/local/mysql/bin/mysqladmin -u root password mgrei //修改红色部分为你的密码
service mysql restart

3）设置MySQL：

打开“/etc/my.cnf”文件，修改以下设置，如果没有，可手动添加：

关闭远程连接，即3306端口。这是MySQL的默认监听端口。由于此处MySQL只服务于本地脚本，所以不需要远程连接。尽管MySQL内建的安全机制很严格，但监听一个TCP端口仍然是危险的行为，因为如果MySQL程序本身有问题，那么未授权的访问完全可以绕过MySQL的内建安全机制。（你必须确定，你是否真的不需要远程连接mysql，一般数据库地址为localhost的，即使本地数据库，不需要外链）

skip-networking

保存后退出。

修改完my.cnf后，还需要对mysql的用户名、帐号、及默认数据库进行调整

首先先登录mysql，在终端窗口输入

/usr/local/mysql/bin/mysql -u root -p

然后会提示输入密码，输入正确密码后，会出现mysql>提示符。

输入以下命令：

mysql>use mysql;
mysql>select Host,User,Password,Select_priv,Grant_priv from user;
mysql>delete from user where user='';                  （删除user用户）
mysql>delete from user where password='';               （删除user用户）
mysql>delete from user where host='';                     （删除user用户）
mysql>drop database test;             (删除默认的test数据库)
mysql>flush privileges;               （刷新mysql的缓存，让以上设置立即生效）
mysql>quit;

为了使以上优化和安全设置生效，请重启Mysql服务或Linux。

service mysql restart

三、安装Apache：

1）下载Apache并解压缩：

cd /usr/local/src
groupadd www
useradd -g www -s /sbin/nologin -M www

wget -c http://www.apache.org/dist//httpd/httpd-2.2.17.tar.gz

tar zxvf httpd-2.2.17.tar.gz
cd httpd-2.2.17

Apache默认最大连接数和最大客户端数为40000，如果你的服务器要求更大，可以编译Apache安装文件中的：

server/mpm/worker/worker.c

找到下面几行，并改成如下的数值，其目的是在源码中修改apache可支持的最大线程数和最大客户端数目。

define DEFAULT_SERVER_LIMIT 32
define MAX_SERVER_LIMIT 20000
define DEFAULT_THREAD_LIMIT 64
define MAX_THREAD_LIMIT 20000

以上数值据说改小后，能减低服务器消耗。不过柒月修改后，发现没什么实质变化。

2）安装Apache 2.2

cd /usr/local/src/httpd-2.2.17
./configure --prefix=/usr/local/apache2 --enable-headers --enable-so --enable-rewrite --with-mpm=prefork --disable-userdir --disable-cgid --disable-cgi
make && make install

如果你需要编译apache其他功能，可以自行增加。不过在这里，我们只是用Apache作为后端并处理伪静态，无需添加过多设置来浪费内存

配置源代码树：

--prefix=/usr/local/apache2 //体系无关文件的顶级安装目录PREFIX ，也就Apache的安装目录。
--enable-module=so //打开 so 模块，so 模块是用来提 DSO 支持的 apache 核心模块
--enable-mods-shared=all //编译全部的模板，对于不需要我们可以在httpd.conf去掉。
--enable-cache //支持缓存
--enable-file-cache //支持文件缓存
--enable-mem-cache //支持记忆缓存
--enable-disk-cache //支持磁盘缓存
--enable-static-support //支持静态连接(默认为动态连接)
--enable-static-htpasswd //使用静态连接编译 htpasswd - 管理用于基本认证的用户文件
--enable-static-htdigest //使用静态连接编译 htdigest - 管理用于摘要认证的用户文件
--enable-static-rotatelogs //使用静态连接编译 rotatelogs - 滚动 Apache 日志的管道日志程序
--enable-static-logresolve //使用静态连接编译 logresolve - 解析 Apache 日志中的IP地址为主机名
--enable-static-htdbm //使用静态连接编译 htdbm - 操作 DBM 密码数据库
--enable-static-ab //使用静态连接编译 ab - Apache HTTP 服务器性能测试工具
--enable-static-checkgid //使用静态连接编译 checkgid
--disable-cgid //禁止用一个外部 CGI 守护进程执行CGI脚本
--disable-cgi //禁止编译 CGI 版本的 PHP
--with-mpm=worker // 让apache以worker方式运行
--enable-ssl // 编译 ssl模块。

启动Apache（建议先不要启动，等我们全部设置完毕后，和Nginx启动）

/usr/local/apache2/bin/apachectl start

查看apache是否启动

ps aux|grep httpd

将apache设置成开机自启动：

echo '/usr/local/apache2/bin/apachectl start ' >> /etc/rc.local //将 apachectl 的调用加入到你的系统启动文件中。

四、安装 PHP5.2.x：

1）下载PHP 并解压缩：

cd /usr/local/src
wget -c http://us.php.net/distributions/php-5.2.17.tar.gz
tar zxvf php-5.2.17.tar.gz
cd php-5.2.17
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-config-file-path=/etc --with-zlib --with-libxml-dir --with-gd=/usr/local/gd --with-freetype-dir --with-jpeg-dir --with-png-dir --with-ttf --with-iconv --with-openssl --with-mcrypt --enable-sockets --enable-bcmath --enable-calendar --enable-exif --enable-libxml --enable-magic-quotes --enable-mbstring --with-bz2 --with-curl --with-xmlrpc --with-gettext --disable-cli --disable-cgi --disable-debug
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /etc/php.ini

2）安装PHP扩展：

2.1）安装eaccelerator加速软件

eaccelerator是php的加速软件，使用后php的执行效率会有很大幅度的提升。

cd /usr/local/src
wget http://bart.eaccelerator.net/source/0.9.6.1/eaccelerator-0.9.6.1.tar.bz2
tar -jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1
/usr/local/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
make && make install

编译安装后我们会看到屏幕提示的eaccelerator.so所在的目录，php5.2.x系列是在 /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/，记住这个路径，待会要用到

修改php.ini 文件，将以下内容输入（详细设置）：

[eaccelerator]
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="16"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

注意：这部分内容务必放在[zend]之前，不然可能会出现不可预期的服务器问题。

然后建立文件夹并设置权限：

mkdir /tmp/eaccelerator
chmod 777 /tmp/eaccelerator

2.2）安装Zend（如果程序没要求，尽量不要装Zend，容易和eA产生冲突）：

cd /usr/local/src
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
tar -zxvf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/

修改php.ini 文件：

vi /usr/local/php/php.ini

将以下代码放入php.ini文件最底部

[Zend Optimizer]
zend_optimizer.optimization_level=1
zend_optimizer.encoder_loader=0
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/ZendOptimizer.so"

2.3）安装PDO_MYSQL

cd /usr/local/src
wget -c http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
make
make install

继续修改 php.ini 文件

vi /usr/local/php/php.ini

查找代码：

extension_dir = "./"

替换为：

extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
extension="pdo_mysql.so"

2.4）安装 suhosin：

cd /usr/local/src
wget -c http://download.suhosin.org/suhosin-0.9.32.1.tar.gz
tar -zxvf suhosin-0.9.32.1.tar.gz
cd suhosin-0.9.32.1
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install

继续修改 php.ini 文件

vi /usr/local/php/php.ini

查找代码：

extension_dir = "./"

替换为：

extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
extension="suhosin.so"

五、Apache 整合 PHP 以及相关优化：

1）Apache设置：

编辑 httpd.conf ：

vi /usr/local/apache2/conf/httpd.conf

查找代码：

DocumentRoot "/usr/local/apache2/htdocs"

修改为：

DocumentRoot "/home/www"

查找代码：

修改为：

找到以下代码并根据提示修改

Options FollowSymLinks
AllowOverride All
Order deny,allow
Deny from all //这句改为Allow from all

找到这一段并修改，以使Apache支持rewrite（伪静态）：

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None

更改为

AllowOverride All

将以下代码注释掉，禁止目录列表：

Options Indexes FollowSymLinks

找到以下代码，修改用户为 www

User daemon //改为www
Group daemon //改为www

设置 ServerAdmin you@example.com 改为你自己的mail地址

查找：

Listen 80

改为

Listen 81

分别找到以下四段代码，将之前的注释#去除：

Include conf/extra/httpd-mpm.conf

Include conf/extra/httpd-info.conf

Include conf/extra/httpd-vhosts.conf

Include conf/extra/httpd-default.conf

编辑 Include conf/extra/httpd-mpm.conf 找到如下选项，并改成对应的数值

StartServers          5
MinSpareServers       5
MaxSpareServers      10
MaxClients          150
MaxRequestsPerChild   1000

编辑 conf/extra/httpd-default.conf

Timeout 60 #与nginx的保持一至
KeepAlive On
MaxKeepAliveRequests 1000
KeepAliveTimeout 5

复制以下文件：

cp /usr/local/apache2/bin/apachectl /etc/rc.d/init.d/httpd

这样以后Apache 启动、关闭、重启只需要输入以下命令：

service httpd start/stop/restart

2）整合Apache与php

编辑 /usr/local/apache2/conf/httpd.conf

找到AddType application/x-gzip .gz .tgz在其下加以下内容

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

查找:(设置WEB默认文件)

DirectoryIndex index.html

改成：

DirectoryIndex index.php index.htm index.html index.html.var

保存退出

以上设置完毕后，全部保存退出，然后建立一个虚拟主机做测试：

编辑 Include conf/extra/httpd-vhosts.conf

ServerAdmin webmaster@example.com
DocumentRoot "/home/www"
ServerName 你的IP地址或域名
ErrorLog "logs/IP-error_log"
CustomLog "logs/IP-access_log" common

保存退出，并重启Apache

service httpd restart 或 /usr/local/apache2/bin/apachectl restart

然后建立一个 index.php文件，放入 /home/www 目录，php文件内容为：

phpinfo();
?>

然后在浏览器中输入：IP:81 是否成功显示了？

六、优化MySQL

通过Tcmalloc 优化mysql性能

# vi /etc/init.d/mysql

添加一行

export LD_PRELOAD=/usr/local/lib/libtcmalloc.so

重新启动mysql

service mysql restart

检测是否成功，在SSH中输入：

lsof -n|grep tcmalloc

出现相关进程即可

七、安装Nginx：

1）安装所需组件：

cd /usr/local/src
wget -c ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.12.tar.gz
tar -zxvf pcre-8.12.tar.gz
cd pcre-8.12/
./configure
make && make install

cd ..
rm -rf pcre-8.12
rm -rf /usr/bin/pcre-config
cp -a /usr/local/bin/pcre-config /usr/bin/
rm -rf /usr/lib/libpcre.a
cp -a /usr/local/lib/libpcre.a /usr/lib/

2）安装 Nginx 0.8.x：

cd /usr/local/src
wget -c http://nginx.org/download/nginx-0.8.54.tar.gz
tar zxvf nginx-0.8.54.tar.gz
cd nginx-0.8.54
./configure --user=www --group=www --prefix=/usr/local/nginx --pid-path=/usr/local/nginx/logs/nginx.pid --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --with-http_stub_status_module --with-http_ssl_module --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_gzip_static_module --with-google_perftools_module --with-ld-opt='-ltcmalloc_minimal' --with-ipv6

make && make install
cd ../

编辑 nginx.conf 文件：

vi /usr/local/nginx/conf/nginx.conf

输入以下内容：

user www;
worker_processes 4;
pid logs/nginx.pid;

google_perftools_profiles /var/tmp/tcmalloc;

worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
}

http{

include       mime.types;
default_type application/octet-stream;

access_log off;
error_log /dev/null;

server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;

sendfile on;
tcp_nopush     on;

keepalive_timeout 120;
#fastcgi_connect_timeout 300;
#fastcgi_send_timeout 300;
#fastcgi_read_timeout 300;
#fastcgi_buffer_size 64k;
#fastcgi_buffers 4 64k;
#fastcgi_busy_buffers_size 128k;
#fastcgi_temp_file_write_size 128k;
tcp_nodelay on;

gzip on;
gzip_min_length 1k;
gzip_buffers     4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types       text/plain application/x-javascript text/css application/xml;
gzip_vary on;

include vhost/*.conf;

}

在 /usr/local/nginx/conf 目录新建proxy.conf 文件，并输入以下内容：

proxy_redirect          off;
proxy_set_header        Host $host;
proxy_set_header        X-Real-IP $remote_addr;
proxy_set_header        X-Forwarded-For   $proxy_add_x_forwarded_for;
client_max_body_size    50m;
client_body_buffer_size 256k;
proxy_connect_timeout   30;
proxy_send_timeout      30;
proxy_read_timeout      60;

proxy_buffer_size       4k;
proxy_buffers           4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
proxy_max_temp_file_size 128m;

#Nginx cache
client_body_temp_path client_body 1 2;
proxy_temp_path proxy_temp 1 2;

#client_body_temp_path      /tmpfs/client_body_temp 1 2;
#proxy_temp_path            /tmpfs/proxy_temp 1 2;
#fastcgi_temp_path          /tmpfs/fastcgi_temp 1 2;

建立 Nginx虚拟主机目录，把nginx加入到系统服务：

mkdir -p /usr/local/nginx/conf/vhost

mkdir /home/www
chmod 755 -R /home/www

chown -R www:www /home/www/
chown www /usr/local/nginx/conf/
chmod 777 /etc/init.d/nginx

编辑 /etc/rc.d/init.d/nginx 文件，覆盖为以下代码：

#! /bin/sh
ulimit -n 65535
# Description: Startup script for nginx
# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
$DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"
}
do_reload() {
kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
do_start
echo "."
/etc/init.d/httpd start
;;
stop)
echo -n "Stopping $DESC: $NAME"
do_stop
echo "."
/etc/init.d/httpd stop
;;
reload)
echo -n "Reloading $DESC configuration..."
do_reload
echo "."
/etc/init.d/httpd restart
;;
restart)
echo -n "Restarting $DESC: $NAME"
do_stop
sleep 1
do_start
echo "."
/etc/init.d/httpd restart
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
exit 3
;;
esac
exit 0

#! /bin/shulimit -n 65535# Description: Startup script for nginx# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/binDESC="nginx daemon"NAME=nginxDAEMON=/usr/local/nginx/sbin/$NAMECONFIGFILE=/usr/local/nginx/conf/nginx.confPIDFILE=/usr/local/nginx/logs/$NAME.pidSCRIPTNAME=/etc/init.d/$NAME
set -e[ -x "$DAEMON" ] || exit 0
do_start() { $DAEMON -c $CONFIGFILE || echo -n "nginx already running"}
do_stop() { kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"}
do_reload() { kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"}
case "$1" in start) echo -n "Starting $DESC: $NAME" do_start echo "." /etc/init.d/httpd start ;; stop) echo -n "Stopping $DESC: $NAME" do_stop echo "." /etc/init.d/httpd stop ;; reload) echo -n "Reloading $DESC configuration..." do_reload echo "." /etc/init.d/httpd restart ;; restart) echo -n "Restarting $DESC: $NAME" do_stop sleep 1 do_start echo "." /etc/init.d/httpd restart ;; *) echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2 exit 3 ;;esac
exit 0

在ssh 中輸入：

chmod a+x /etc/rc.d/init.d/nginx
chkconfig --add nginx
chkconfig nginx on

在Nginx虚拟主机目录 /usr/local/nginx/conf/vhost 建立一个虚拟主机：

新建文件：Default.conf 输入以下代码：

server
{
listen 80;
server_name     你的IP或域名;
index index.html index.htm index.php;
root    /home/www/;

location /nginx {
stub_status on;
auth_basic "NginxStatus";
# auth_basic_user_file conf/htpasswd;
#密码由apache的htpasswd工具来产生
access_log off;
}

location / {
location ~ .*/.(php|php5)?$ {
index index.php;
root /home/www/;
proxy_pass    http://127.0.0.1:81;
}

include proxy.conf;

if ( !-e $request_filename) {
proxy_pass  http://127.0.0.1:81;
}

location ~* /.(jpg|jpeg|gif|png|swf)$ {
if (-f $request_filename) {
root /home/www/;
expires    30d;
break;
}
}
location ~* /.(js|css)$ {
if (-f $request_filename) {
root /home/www/;
expires    1d;
break;
}
}
}

error_page   500 502 503 504 /50x.html;
location = /50x.html {
root   html;
}

#如果需要记录把下面的注释去掉
# log_format access '$http_x_forwarded_for - $remote_user [$time_local] "$request"'
#     '$status $body_bytes_sent "$http_referer"'
#     '"$http_user_agent" $remote_addr';
# access_log    logs/IP_access.log    access;

}

以上全部保存完毕后，启动 nginx：

service nginx start

八、为apache安装rpaf模块，该模块用于apache做后端时获取访客真实的IP（建议在LNAMP最后安装。。。之前安装有时会出错）

1）使用apxs安装模块.这里要使用此前apache编译安装后的apxs

cd /usr/local/src

wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz

tar -zxf mod_rpaf-0.6.tar.gz

cd mod_rpaf-0.6

/usr/local/apache2/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

2）编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:

LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings
RPAFenable On
RPAFproxy_ips 127.0.0.1 [your_ips]
RPAFsethostname On
RPAFheader X-Forwarded-For

上面出现的[your_ips]请修改为你本机所监听web服务的ip.多个IP用空格空开.

Apache、Nginx、MySQL 启动/重启/关闭命令：

service mysql start/stop/restart
service httpd start/stop/restart
service nginx start/stop/restart

另一个版本

前言:谈到Linux下的web生产环境,大家就会想到apache这个开源服务器软件.apache可以整合大多数应用,比如jsp,php,cgi,python等等,但是apache过于臃肿以及对静态文件响应过于缓慢让很多使用者感到头疼.而nginx作为新崛起的服务器软件,在很多方面超出apache,定位也很明确:高性能的 HTTP 和反向代理服务器.因而,本篇主要讲的是nginx作为前端,apache作为后端的应用环境搭建过程.

为什么不使用nginx+php(fastcgi)作为生产环境?

php(fastcgi)不够稳定,容易出现50x错误,在生成相对复杂的页面时没有优势,长时间占用也会使php-cgi进程死去.

在安全性,多用户多站点的权限问题比较严重.php(fastcgi)在应对多用户多站点往往捉襟见肘,不易于实施.

整合其他语言,apache表现得游刃有余.资源利用恰到好处.

为什么采用nginx做前端,apache作为后端的方案?nginx在处理静态内容上较apache是几倍或几十倍的差异,因而放在前面过滤静态内容是最为恰当的.同时nginx也是一个负载均衡器,低资源消耗,高性能转发是它的特点.经过nginx在前面的过滤,后端的apache需要处理的内容相对就比较少了.只需负责处理动态内容就可以了.在性能与稳定性的权衡下,使用nginx+apache搭配会让它们在各自擅长的领域展现自身的价值.

本教程以CentOS 5.4 32bit为环境.其他Linux发行版本暂未测试.nginx,php,apache,mysql,pureftpd均为最新稳定版.

获取操作系统源更新.

yum update
yum -y install gcc gcc-c++ bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel openldap openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool libtool-ltdl-devel

如果系统默认安装了apache,请先卸载.执行:

yum remove httpd

下载最新稳定版的程序源码包,以下都是到官方网站或sourceforge下载的源码包.

cd /usr/local/src
wget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.45.tar.gz/from/http://mysql.he.net/
wget http://www.apache.org/dist/httpd/httpd-2.2.15.tar.gz
wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz
wget http://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.bz2/download
wget http://sourceforge.net/projects/mcrypt/files/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz/download
wget http://sourceforge.net/projects/mhash/files/mhash/0.9.9.9/mhash-0.9.9.9.tar.bz2/download
wget http://www.php.net/get/php-5.2.13.tar.gz/from/this/mirror
wget http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/php5-mail-header.patch
wget http://pecl.php.net/get/memcache-2.2.5.tgz
wget http://bart.eaccelerator.net/source/0.9.6/eaccelerator-0.9.6.tar.bz2
wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gz
wget http://pecl.php.net/get/imagick-2.3.0.tgz
wget http://download.suhosin.org/suhosin-0.9.29.tgz
wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
wget http://monkey.org/~provos/libevent-1.4.13-stable.tar.gz
wget http://memcached.googlecode.com/files/memcached-1.4.4.tar.gz
wget http://sourceforge.net/projects/pcre/files/pcre/8.01/pcre-8.01.tar.gz/download
wget http://nginx.org/download/nginx-0.7.65.tar.gz
wget http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.28.tar.gz

一.安装Mysql.安装最新稳定版5.1.45版本,并没有采用最新开发版.

groupadd mysql -g 27
useradd mysql -u 27 -g 27 -c "MySQL Server" -d /var/lib/mysql -m
cd /usr/local/src
tar -zxf mysql-5.1.45.tar.gz
cd mysql-5.1.45
./configure --prefix=/usr/local/mysql --localstatedir=/var/lib/mysql --with-unix-socket-path=/var/lib/mysql/mysql.sock --with-mysqld-user=mysql --enable-assembler --enable-thread-safe-client --with-extra-charsets=all --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innodb_plugin,myisam,myisammrg
make && make install
cd ../

cp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf
/usr/local/mysql/bin/mysql_install_db --user=mysql
chown -R mysql.mysql /var/lib/mysql
chgrp -R mysql /usr/local/mysql/.
cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysql
chmod u+x /etc/init.d/mysql
chkconfig --level 345 mysql on
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
echo "/usr/local/lib" >>/etc/ld.so.conf
ldconfig
ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln -s /usr/local/mysql/include/mysql /usr/include/mysql
ln -s /usr/local/mysql/bin/mysql_config /usr/bin/mysql_config
service mysql start
/usr/local/mysql/bin/mysqladmin -u root password root
service mysql restart
service mysql stop

二.编译安装apache(httpd).apache的执行用户为nobody.

cd /usr/local/src
tar -zxf httpd-2.2.15.tar.gz
cd httpd-2.2.15
./configure --prefix=/usr/local/apache --enable-headers --enable-mime-magic --enable-proxy --enable-rewrite --enable-ssl --enable-suexec --disable-userdir --with-included-apr --with-mpm=prefork --with-ssl=/usr --with-suexec-caller=nobody --with-suexec-docroot=/ --with-suexec-gidmin=100 --with-suexec-logfile=/usr/local/apache/logs/suexec_log --with-suexec-uidmin=100 --with-suexec-userdir=public_html
make
make install
mkdir /usr/local/apache/domlogs
cp /usr/local/apache/bin/apachectl /etc/init.d/httpd

1.编辑/etc/init.d/httpd,在首行#!/bin/sh下添加:

# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve /
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/logs/httpd.pid
# config: /usr/local/apache/conf/httpd.conf

ulimit -n 1024
ulimit -n 4096
ulimit -n 8192
ulimit -n 16384
ulimit -n 32768

保存退出.

2.配置apache配置参数文件httpd.conf,位于/usr/local/apache/conf/目录

cd /usr/local/apache/conf/
mv httpd.conf httpd.conf.bak
mkdir vhosts
vi httpd.conf

输入以下内容:
PidFile logs/httpd.pid
LockFile logs/accept.lock
ServerRoot "/usr/local/apache"
Listen 0.0.0.0:81
User nobody
Group nobody
ServerAdmin admin@evlit.com
ServerName host.evlit.com

Timeout 300
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 5
UseCanonicalName Off
AccessFileName .htaccess
TraceEnable Off
ServerTokens ProductOnly
FileETag None
ServerSignature Off
HostnameLookups Off

# LoadModule perl_module modules/mod_perl.so

DocumentRoot "/usr/local/apache/htdocs"
<directory>
 Options ExecCGI FollowSymLinks Includes IncludesNOEXEC -Indexes -MultiViews SymLinksIfOwnerMatch
 Order allow,deny
 Allow from all
 AllowOverride All
</directory>

<directory>
 Options Includes -Indexes FollowSymLinks
 AllowOverride None
 Order allow,deny
 Allow from all
</directory>

DefaultType text/plain
RewriteEngine on
AddType text/html .shtml
AddHandler cgi-script .cgi .pl .plx .ppl .perl
AddHandler server-parsed .shtml
<ifmodule mime_module>
    TypesConfig conf/mime.types
    AddType application/perl .pl .plx .ppl .perl
    AddType application/x-img .img
    AddType application/x-httpd-php .php .php3 .php4 .php5 .php6
    AddType application/x-httpd-php-source .phps
    AddType application/cgi .cgi
    AddType text/x-sql .sql
    AddType text/x-log .log
    AddType text/x-config .cnf conf
    AddType text/x-registry .reg
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType text/html .shtml
    AddType application/x-tar .tgz
    AddType application/rar .rar
    AddType application/x-compressed .rar
    AddType application/x-rar .rar
    AddType application/x-rar-compressed .rar
    AddType text/vnd.wap.wml .wml
    AddType image/vnd.wap.wbmp .wbmp
    AddType text/vnd.wap.wmlscript .wmls
    AddType application/vnd.wap.wmlc .wmlc
    AddType application/vnd.wap.wmlscriptc .wmlsc
</ifmodule>

<ifmodule dir_module>
 DirectoryIndex index.html index.htm index.shtml index.php index.perl index.pl index.cgi
</ifmodule>

<files>
 Order allow,deny
 Deny from all

 Satisfy All
</files>

<filesmatch>
 Order allow,deny
 Deny from all
 Satisfy All
</filesmatch>

ErrorLog "logs/error_log"
LogLevel warn

<ifmodule log_config_module>
 LogFormat "%h %l %u %t /"%r/" %>s %b /"%{Referer}i/" /"%{User-Agent}i/"" combined
 LogFormat "%h %l %u %t /"%r/" %>s %b" common

 <ifmodule logio_module>
 LogFormat "%h %l %u %t /"%r/" %>s %b /"%{Referer}i/" /"%{User-Agent}i/" %I %O" combinedio
 </ifmodule>
 CustomLog "logs/access_log" common
</ifmodule>

<ifmodule alias_module>
 ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
</ifmodule>

<directory>
 AllowOverride None
 Options None
 Order allow,deny
 Allow from all
</directory>

<ifmodule mpm_prefork_module>
 StartServers          3
 MinSpareServers       3
 MaxSpareServers       5
 MaxClients          150
 MaxRequestsPerChild   1024
</ifmodule>

<ifmodule mod_headers.c>
<filesmatch>
Header set Cache-Control "max-age=3600, must-revalidate"
</filesmatch>
</ifmodule>

ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

Include conf/extra/httpd-languages.conf

<location>
 SetHandler server-status
 Order deny,allow
 Deny from all
 Allow from 127.0.0.1
</location>
ExtendedStatus On

<location>
 SetHandler server-info
 Order deny,allow
 Deny from all
 Allow from 127.0.0.1
</location>

<ifmodule ssl_module>
Listen 0.0.0.0:443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLPassPhraseDialog  builtin
SSLSessionCache         dbm:/usr/local/apache/logs/ssl_scache
SSLSessionCacheTimeout  300
SSLMutex  file:/usr/local/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</ifmodule>

#Vhosts
NameVirtualHost 127.0.0.1:81
NameVirtualHost *

<virtualhost>
 ServerName host.evlit.com
 DocumentRoot /var/www/html
 ServerAdmin admin@evlit.com
</virtualhost>

Include conf/vhosts/*
Copy after login
上述虚拟主机配置中出现的127.0.0.1请改为你本机公网IP.

三.编译安装php(mod_php)

1.编译安装相关支持库

cd /usr/local/src
tar -zxf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure
make
make install

cd /usr/local/src
tar -jxf libmcrypt-2.5.8.tar.bz2
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install

cd /usr/local/src
tar -jxf mhash-0.9.9.9.tar.bz2
cd mhash-0.9.9.9/
./configure
make
make install

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1

cd /usr/local/src
tar -zxf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install

2.编译php,这里为php打入补丁.有助于防止邮件发送被滥用(多用户)以及在邮件中提供有价值的信息.补丁介绍信息请访问:http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/

cd /usr/local/src
tar -zxf php-5.2.13.tar.gz
patch -d php-5.2.13 -p1 cd php-5.2.13
./configure --prefix=/usr/local --with-config-file-path=/etc --with-apxs2=/usr/local/apache/bin/apxs --enable-bcmath --enable-calendar --enable-exif --enable-ftp --enable-gd-native-ttf --enable-libxml --enable-magic-quotes --enable-mbstring --enable-pdo=shared --enable-soap --enable-sockets --enable-zip --with-bz2 --with-curl --with-curlwrappers --with-freetype-dir --with-gd --with-gettext --with-jpeg-dir --with-kerberos --with-libexpat-dir=/usr --with-libxml-dir=/usr --with-mcrypt=/usr --with-mhash=/usr --with-mysql=/usr --with-mysql-sock=/var/lib/mysql/mysql.sock --with-mysqli=/usr/bin/mysql_config --with-openssl=/usr --with-openssl-dir=/usr --with-pdo-mysql=shared --with-pdo-sqlite=shared --with-png-dir=/usr --with-sqlite=shared --with-ttf --with-xmlrpc --with-zlib -with-zlib-dir=/usr
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /etc/php.ini

3.安装php扩展模块

cd /usr/local/src
tar -zxf memcache-2.2.5.tgz
cd memcache-2.2.5/
phpize
./configure --with-php-config=/usr/local/bin/php-config --with-zlib-dir --enable-memcache
make
make install

cd /usr/local/src
tar -jxf eaccelerator-0.9.6.tar.bz2
cd eaccelerator-0.9.6/
phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/bin/php-config
make
make install
mkdir -p /tmp/eaccelerator
chmod 777 /tmp/eaccelerator
echo "mkdir -p /tmp/eaccelerator" >> /etc/rc.local
echo "chmod 777 /tmp/eaccelerator" >> /etc/rc.local

cd /usr/local/src
tar -zxf ImageMagick.tar.gz
cd ImageMagick-*
./configure
make
make install

cd /usr/local/src
tar -zxf imagick-2.3.0.tgz
cd imagick-2.3.0/
phpize
./configure --with-php-config=/usr/local/bin/php-config
make
make install

cd /usr/local/src
tar -zxf suhosin-0.9.29.tgz
cd suhosin-0.9.29
phpize
./configure
make
make install

cd /usr/local/src
tar -zxf ioncube_loaders_lin_x86.tar.gz
cd ioncube
mkdir /usr/local/ioncube
mv ioncube_loader_lin_5.2.so /usr/local/ioncube/

cd /usr/local/src
tar -zxf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
mkdir -p /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x
cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x/ZendOptimizer.so

3.1.修改php.ini.

查找/etc/php.ini中的extension_dir = "./".将其修改为extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20060613/"
查找;include_path = ".:/php/includes",删除前面的分号,并修改为include_path = ".:/usr/lib/php:/usr/local/lib/php"
跳到最后一行,然后添加以下内容:

extension = "memcache.so"
extension = "pdo.so"
extension = "pdo_mysql.so"
extension = "pdo_sqlite.so"
extension = "sqlite.so"
extension = "eaccelerator.so"
eaccelerator.shm_size = 32
eaccelerator.cache_dir = "/tmp/eaccelerator"
eaccelerator.enable = 1
eaccelerator.optimizer = 0
eaccelerator.debug = 0
eaccelerator.name_space = ""
eaccelerator.check_mtime = 1
eaccelerator.filter = ""
eaccelerator.shm_max = 0
eaccelerator.shm_ttl = 3600
eaccelerator.shm_prune_period = 3600
eaccelerator.shm_only = 0
eaccelerator.compress = 0
eaccelerator.compress_level = 9
eaccelerator.keys = shm
eaccelerator.sessions = shm
eaccelerator.content = shm

zend_extension = "/usr/local/ioncube/ioncube_loader_lin_5.2.so"
zend_extension = "/usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x/ZendOptimizer.so"

4,安装Memcached(可选)

cd /usr/local/src
tar -xzf libevent-1.4.13-stable.tar.gz
cd libevent-1.4.13-stable
./configure
make
make install
echo "/usr/local/lib/" > /etc/ld.so.conf.d/libevent.conf
ldconfig -v

cd /usr/local/src
tar -xzf memcached-1.4.4.tar.gz
cd memcached-1.4.4
./configure
make
make install

基本使用方法:

启动:/usr/local/bin/memcached -d -m 64 -p 11211 -u nobody -l localhost
关闭:killall -9 memcached

四.安装nginx

1.安装pcre库

cd /usr/local/src
tar -zxf pcre-8.01.tar.gz
cd pcre-8.01
./configure
make
make install

2.安装nginx

cd /usr/local/src
tar -zxf nginx-0.7.65.tar.gz
cd nginx-0.7.65
./configure --user=nobody --group=nobody --prefix=/usr/local/nginx --pid-path=/usr/local/nginx/logs/nginx.pid --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_stub_status_module
make
make install

2.1.添加init控制脚本
#! /bin/sh
ulimit -n 65535
# Description: Startup script for nginx
# chkconfig: 2345 55 25

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME

set -e
[ -x "$DAEMON" ] || exit 0

do_start() {
 $DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}

do_stop() {
 kill -INT `cat $PIDFILE` || echo -n "nginx not running"
}

waitforexit() {
 count=${2:-30}
 while [ 0$count -gt 0 ]
 do
   PIDS=`ps -C$NAME --no-heading e | grep $DAEMON` || break
   PIDS=`echo "$PIDS" | awk '{print $1}' | tr '/n' ' '`
   echo Remaining processes: $PIDS
   do_stop
   sleep 2
   count=`expr $count - 1`
 done
 if [ 0$count -eq 0 ];
 then
   echo Remaining processes: $PIDS
   return 1
 fi
 return 0
}

do_reload() {
kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
}

case "$1" in
 start)
 echo -n "Starting $DESC: $NAME"
 do_start
 echo "."
 /etc/init.d/httpd start
 ;;
 stop)
 echo -n "Stopping $DESC: $NAME"
 do_stop
 echo "."
 /etc/init.d/httpd stop
 ;;
 reload)
 echo -n "Reloading $DESC configuration..."
 do_reload
 echo "."
 /etc/init.d/httpd restart
 ;;
 restart)
 echo -n "Restarting $DESC: $NAME"
 waitforexit "nginx" 20
 do_start
 echo "."
 /etc/init.d/httpd restart
 ;;
 *)
 echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
 exit 3
 ;;
esac

exit 0
Copy after login
保存退出,给该文件赋予执行权限并设置开机启动

chmod 755 /etc/init.d/nginx
chkconfig --level 345 nginx on

2.2.修改nginx配置文件,位于:/usr/local/nginx/conf/目录

mkdir -p /var/cache/nginx/cached
chmod 600 /var/cache/nginx/cached
cd /usr/local/nginx/conf/
mv nginx.conf nginx.conf.bak
mkdir vhosts
vi nginx.conf

输入以下内容:
worker_processes  2;
worker_rlimit_nofile  20480;
events {
worker_connections  20480;
use epoll;
}
error_log  /usr/local/nginx/logs/error.log info;
http {
server_name_in_redirect off;
server_names_hash_max_size 2048;
server_names_hash_bucket_size 256;
include    mime.types;
default_type  application/octet-stream;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout  60;
gzip on;
gzip_http_version 1.0;
gzip_min_length  1100;
gzip_comp_level  3;
gzip_buffers  4 32k;
# gzip_types    text/plain application/x-javascript text/xml text/css;
gzip_types    text/plain text/xml text/css application/x-javascript application/xml application/xml+rss text/javascript application/atom+xml;
ignore_invalid_headers on;
client_header_timeout  300;
client_body_timeout 300;
send_timeout     30;
reset_timedout_connection on;
connection_pool_size  256;
client_header_buffer_size 256k;
large_client_header_buffers 4 256k;
request_pool_size  32k;
output_buffers   4 32k;
postpone_output  1460;
proxy_cache_path  /var/cache/nginx/cached levels=2:2 keys_zone=global:100m inactive=60m max_size=500m;
proxy_temp_path  /tmp/nginx_proxy;
include "/usr/local/nginx/conf/vhosts/*.conf";
}
Copy after login
保存退出.

五.为apache安装rpaf模块,该模块用于apache做后端时获取访客真实的IP.

1.使用apxs安装模块.这里要使用此前apache编译安装后的apxs

cd /usr/local/src/
tar -zxf mod_rpaf-0.6.tar.gz
cd mod_rpaf-0.6
/usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

2.编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:

LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings
RPAFenable On
RPAFproxy_ips 127.0.0.1 [your_ips]
RPAFsethostname On
RPAFheader X-Forwarded-For

上面出现的[your_ips]请修改为你本机所监听web服务的ip.多个IP用空格空开.

六.安装ftp服务器:pure-ftpd

1.编译安装

cd /usr/local/src/
tar -zxf pure-ftpd-1.0.28.tar.gz
cd pure-ftpd-1.0.28
./configure --prefix=/usr/local/pureftpd --with-language=simplified-chinese --with-everything
make
make install
chmod 755 configuration-file/pure-config.pl
cp configuration-file/pure-config.pl /usr/local/pureftpd/sbin/
mkdir /usr/local/pureftpd/etc/
cp configuration-file/pure-ftpd.conf /usr/local/pureftpd/etc/
ln -s /usr/local/pureftpd/bin/pure-pw /usr/local/bin/

2.配置pure-ftpd,这里采用PureDB的验证方式.

vi /usr/local/pureftpd/etc/pure-ftpd.conf

查找 PureDB /etc/pureftpd.pdb 取消前面的#号并设置成PureDB/usr/local/pureftpd/etc/pureftpd.pdb
查找 PassivePortRange 取消前面的#号
其他参数根据需要进行修改

3.添加自启动.这里不创建init脚本.直接放在/etc/rc.local启动即可

echo "/usr/local/pureftpd/sbin/pure-config.pl /usr/local/pureftpd/etc/pure-ftpd.conf --daemonize" >> /etc/rc.local

至此.所有安装工作结束.

如何使用这套系统

一,做好必要的安全工作

设置用户家目录/home/user,相关配置参数文件,以及访问日志等目录的权限.

chmod 711 /home
chmod 711 /usr/local/pureftpd/etc
chmod 711 /usr/local/apache/conf/vhosts
chmod 711 /usr/local/nginx/conf/vhosts
chmod 711 /usr/local/apache/domlogs
chmod 711 /usr/local/apache/logs
chmod 600 /var/cache/nginx/cached

二,如何创建用户

创建用户分两个步骤.第一步创建系统用户.该命令直接创建用户家目录.第二步创建ftp用户.创建该用户依赖系统用户的创建.步骤如下(以创建用户名为admin为例):

useradd admin -m -s /sbin/nologin
pure-pw useradd admin -u admin -g admin -d /home/admin -m[第一次执行不可用]
pure-pw mkdb[仅限第一次执行]

注意.通过上述方法安装的ftp服务器在第一次创建用户的时候不可以在pure-pw useradd ...后直接添加参数-m更新ftp用户数据库.需要分两步执行.以后可以直接在创建用户时在后面添加参数-m,执行之后会提示让你输入密码.需要重复输入两次.

三.如何绑定域名

由于采用前后端操作.因此需要修改两个服务器软件的虚拟主机参数.实例如下(以admin.com为例,用户目录承接上文的/home/admin):

1.创建nginx虚拟主机参数

首先先把公共cache参数和proxy参数写进文件中

cd /usr/local/nginx/conf
touch cache.inc proxy.inc

然后分别编辑者两个文件。

vi cache.inc

proxy_cache       global;
proxy_cache_key   $host$uri$is_args$args;
#proxy_cache_valid 200 302 10m;
#proxy_cache_valid 301 1h;
#proxy_cache_valid any 1m;
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
proxy_temp_file_write_size 64k;
proxy_max_temp_file_size   56m;

vi proxy.inc

proxy_connect_timeout 30s;
proxy_send_timeout   300;
proxy_read_timeout   300;
proxy_buffer_size    64k;
proxy_buffers     16 32k;
proxy_busy_buffers_size 64k;
#proxy_pass http://127.0.0.1:81;
proxy_redirect off;
proxy_hide_header Vary;
proxy_set_header   Host   $host;
proxy_set_header   X-Real-IP $remote_addr;
proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

然后再编辑虚拟主机文件就会很清晰了

cd /usr/local/nginx/conf/vhosts
touch admin.com.conf
vi admin.com.conf
输入以下内容:
server {
error_log /var/log/nginx/vhost-error_log warn;
listen 127.0.0.1:80;
server_name admin.com www.admin.com;
access_log /usr/local/apache/domlogs/admin.com combined;
location / {
root /home/admin/public_html;
proxy_cache_valid 200 301 302 10m;
proxy_cache_valid any 1m;
expires 1d;
proxy_pass http://127.0.0.1:81;
include proxy.inc;
include cache.inc;
}
location ~ .*/.(jpg|jpeg|png|gif|bmp|ico|js|css|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ {
proxy_cache_valid  200 10s;
expires 7d;
proxy_pass http://127.0.0.1:81;
include proxy.inc;
include cache.inc;
}
location ~ .*/.(php|jsp|cgi)?$ {
proxy_pass http://127.0.0.1:81;
include proxy.inc;
}
location ~ //.ht {
deny all;
}
}
Copy after login
保存退出,注意将上述出现的127.0.0.1替换本机监听web服务的IP

2.创建apache虚拟主机配置文件

cd /usr/local/apache/conf/vhosts
touch admin.com.conf
vi admin.com.conf
输入以下内容:
<virtualhost>
 ServerName admin.com
 ServerAlias www.admin.com
 DocumentRoot /home/admin/public_html
 ServerAdmin admin@evlit.com
 UseCanonicalName Off
 php_admin_value open_basedir "/home/admin:/usr/lib/php:/usr/local/lib/php:/tmp"
 <ifmodule>
 SuexecUserGroup admin admin
 </ifmodule>
 ScriptAlias /cgi-bin/ /home/admin/public_html/cgi-bin/
</virtualhost>
Copy after login
保存退出,注意将上述出现的127.0.0.1替换本机监听web服务的IP,用户名admin改为虚拟主机用户的名称.

四.如何管理MySQL数据库

1.下载最新版PhpMyAdmin源码包

mkdir -p /var/www/html
chmod -R 711 /var/www
cd /var/www/html
wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.3.3/phpMyAdmin-3.3.3-all-languages.zip/download
unzip phpMyAdmin-3.3.3-all-languages.zip
mv phpMyAdmin-3.3.3-all-languages phpmyadmin

2.增加apache配置,编辑httpd.conf,转到最后一行

cd /usr/local/apache/conf
vi httpd.conf /* shift+g转到最后一行 */
#Managed Tools

ServerName localhost
ServerAlias pma.*
DocumentRoot /var/www/html/phpmyadmin
ServerAdmin admin@localhost
UseCanonicalName Off

同样,修改上述出现的127.0.0.1为你提供web服务的IP.重启apache后.我们打开绑定到服务器IP的pma.yourdomain.com即可访问到phpmyadmin.第一次使用.需要进行配置.具体配置请善用Google.

其他没有照顾到的地方自行添加即可.如perl,sendmail等.

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

R.E.P.O. Best Graphic Settings

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Assassin's Creed Shadows: Seashell Riddle Solution

2 weeks ago By DDD

R.E.P.O. How to Fix Audio if You Can't Hear Anyone

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

WWE 2K25: How To Unlock Everything In MyRise

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7467

CakePHP Tutorial

1376

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

Related knowledge

Unable to boot into Windows recovery environment Feb 19, 2024 pm 11:12 PM

Windows Recovery Environment (WinRE) is an environment used to repair Windows operating system errors. After entering WinRE, you can perform system restore, factory reset, uninstall updates, etc. If you are unable to boot into WinRE, this article will guide you through fixes to resolve the issue. Unable to boot into the Windows Recovery Environment If you cannot boot into the Windows Recovery Environment, use the fixes provided below: Check the status of the Windows Recovery Environment Use other methods to enter the Windows Recovery Environment Did you accidentally delete the Windows Recovery Partition? Perform an in-place upgrade or clean installation of Windows below, we have explained all these fixes in detail. 1] Check Wi

How to enable administrative access from the cockpit web UI Mar 20, 2024 pm 06:56 PM

Cockpit is a web-based graphical interface for Linux servers. It is mainly intended to make managing Linux servers easier for new/expert users. In this article, we will discuss Cockpit access modes and how to switch administrative access to Cockpit from CockpitWebUI. Content Topics: Cockpit Entry Modes Finding the Current Cockpit Access Mode Enable Administrative Access for Cockpit from CockpitWebUI Disabling Administrative Access for Cockpit from CockpitWebUI Conclusion Cockpit Entry Modes The cockpit has two access modes: Restricted Access: This is the default for the cockpit access mode. In this access mode you cannot access the web user from the cockpit

What are web standards? Oct 18, 2023 pm 05:24 PM

Web standards are a set of specifications and guidelines developed by W3C and other related organizations. It includes standardization of HTML, CSS, JavaScript, DOM, Web accessibility and performance optimization. By following these standards, the compatibility of pages can be improved. , accessibility, maintainability and performance. The goal of web standards is to enable web content to be displayed and interacted consistently on different platforms, browsers and devices, providing better user experience and development efficiency.

Is PHP front-end or back-end in web development? Mar 24, 2024 pm 02:18 PM

PHP belongs to the backend in web development. PHP is a server-side scripting language, mainly used to process server-side logic and generate dynamic web content. Compared with front-end technology, PHP is more used for back-end operations such as interacting with databases, processing user requests, and generating page content. Next, specific code examples will be used to illustrate the application of PHP in back-end development. First, let's look at a simple PHP code example for connecting to a database and querying data:

Can buildings be built in the wild in Mistlock Kingdom? Mar 07, 2024 pm 08:28 PM

Players can collect different materials to build buildings when playing in the Mistlock Kingdom. Many players want to know whether to build buildings in the wild. Buildings cannot be built in the wild in the Mistlock Kingdom. They must be within the scope of the altar. . Can buildings be built in the wild in Mistlock Kingdom? Answer: No. 1. Buildings cannot be built in the wild areas of the Mist Lock Kingdom. 2. The building must be built within the scope of the altar. 3. Players can place the Spirit Fire Altar by themselves, but once they leave the range, they will not be able to construct buildings. 4. We can also directly dig a hole in the mountain as our home, so we don’t need to consume building materials. 5. There is a comfort mechanism in the buildings built by players themselves, that is to say, the better the interior, the higher the comfort. 6. High comfort will bring attribute bonuses to players, such as

Django: A magical framework that can handle both front-end and back-end development! Jan 19, 2024 am 08:52 AM

Django: A magical framework that can handle both front-end and back-end development! Django is an efficient and scalable web application framework. It is able to support multiple web development models, including MVC and MTV, and can easily develop high-quality web applications. Django not only supports back-end development, but can also quickly build front-end interfaces and achieve flexible view display through template language. Django combines front-end development and back-end development into a seamless integration, so developers don’t have to specialize in learning

what does web mean Jan 09, 2024 pm 04:50 PM

The web is a global wide area network, also known as the World Wide Web, which is an application form of the Internet. The Web is an information system based on hypertext and hypermedia, which allows users to browse and obtain information by jumping between different web pages through hyperlinks. The basis of the Web is the Internet, which uses unified and standardized protocols and languages to enable data exchange and information sharing between different computers.

Build conversational AI into your web applications Nov 02, 2023 am 11:04 AM

In this article, we will explore the possibilities and benefits of integrating ChatGPT into a ReactJS application, along with step-by-step instructions on how to do so.

See all articles