NGINX网站服务-LNMP平台及应用

实验需求:

在孙吴等地区,都构建了全面的区域性战略布局,加强发展的系统性、市场前瞻性、产品创新能力,以专注、极致的服务理念,为客户提供网站建设、做网站 网站设计制作按需设计网站,公司网站建设,企业网站建设,成都品牌网站建设,成都全网营销推广,成都外贸网站制作,孙吴网站建设费用合理。

LNMP实现多个虚拟主机,部署wordpress和phpmyadmin,并为phpmyadmin提供https

实验环境:

LNMP                 CentOS 7.2x86_64            IP:172.16.251.138

测试端              CentOS 6.7x86_64            IP:172.16.251.164

软件包:

 initial-setup-ks.cfg
 mariadb-5.5.46-linux-x86_64.tar.gz
 nginx-1.10.0.tar.gz
 php-5.4.26.tar.bz2
 phpMyAdmin-4.4.14.1-all-languages.zip
 wordpress-4.3.1-zh_CN.zip

实验准备:

安装开发包组,支持软件,解决依赖关系

[root@station138 ~]# iptables -F

[root@station138 ~]# setenforce 0

[root@station138 ~]# yum groupinstall"Development Tools" "Server Platform Development"

[root@station138 ~]# yum -y installpcre-devel openssl-devel zlib-devel

编译安装nginx:

[root@station138 ~]# tar xfnginx-1.10.0.tar.gz

1.创建程序用户:

[root@station138 nginx-1.10.0]# useradd -rnginx

2.进入目录开始编译:

[root@station138 nginx-1.10.0]# ./configure--prefix=/usr/local/nginx --sbin-path=/usr/sbin/nginx--conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log--http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid--lock-path=/var/run/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module--with-http_dav_module --with-http_stub_status_module --with-threads--with-file-aio

[root@station138 nginx-1.10.0]# make&& make install

3.检查配置文件:

[root@station138 nginx-1.10.0]# nginx -t

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok

nginx: configuration file /etc/nginx/nginx.conf test is successful

4.启动服务:

[root@station138 nginx-1.10.0]# nginx

[root@station138 nginx-1.10.0]# netstat-anpt |grep nginx

tcp   0    0 0.0.0.0:80           0.0.0.0:*           LISTEN    38873/nginx: master

5.创建虚拟主机:

[root@station138 ~]# mkdir -pv /var/www/v{1,2}

[root@station138 ~]# echo "web1" >> /var/www/v1/index.html

[root@station138 ~]# echo "web2" >> /var/www/v2/index.html

[root@station138 ~]# vim/etc/nginx/nginx.conf

server {

       listen       80;

       server_name  www.a.com;

       location / {

           root   /var/www/v1;

           index  index.php index.htmlindex.htm;

       }

}

server {

       listen       80;

       server_name  www.b.com;

       location / {

           root   /var/www/v2;

            index  index.php index.html index.htm;

       }

}

[root@station138 ~]# nginx -s reload

6.客户端测试:

NGINX网站服务-LNMP平台及应用NGINX网站服务-LNMP平台及应用

二进制安装mariadb:

1.建立MySQL系统用户

[root@station138~]# useradd -r -M mysql

2.建立数据存放的目录

[root@station138~]# mkdir -p /testdir/mydata

[root@station138~]# chown -R mysql.mysql /testdir/mydata

3.解压mariadb安装包

[root@station138 ~]#tar xf mariadb-5.5.46-linux-x86_64.tar.gz -C /usr/local

[root@station138~]# ln -sv /usr/local/mariadb-5.5.46-linux-x86_64/ mysql 

[root@station138~]# chown -R root.mysql /usr/local/mysql/*

4.使用scripts脚本文件mysql_install_db文件来安装数据库

[root@station138mysql]# scripts/mysql_install_db --user=mysql --datadir=/testdir/mydata

5.提供配置文件

[root@station138mysql]# cp support-files/my-large.cnf /etc/my.cnf

[root@station138mysql]# vim /etc/my.cnf

datadir=/testdir/mydata        //指明mysql的数据存放路径

innodb_file_per_table = ON   //成为独立表空间

skip_name_resolve = ON       //跳过名称解析

6.提供mysql服务启动脚本

[root@station138 support-files]# cp mysql.server /etc/rc.d/init.d/mysqld  

[root@station138 support-files]# chkconfig --add mysqld

7.添加环境变量

[root@station138 ~]# vim /etc/profile.d/mysql.sh 

export PATH=/usr/local/mysql/bin:$PATH

[root@station138 ~]# source /etc/profile.d/mysql.sh

8.导出头文件,导出库文件:

[root@station138 ~]#ln -s /usr/local/include/ /usr/include/mysql

 [root@station138 ~]#vim /etc/ld.so.conf.d/mysql.conf

9.启动服务

[root@station138 ~]# systemctl start mysqld 

[root@station138 ~]# ss -tnl 

LISTEN     0      50           *:3306     *:*  

源代码安装PHP:

1.安装支持软件,解决依赖关系:

[root@station138 ~]# yum -y install bzip2-devel libmcrypt-devel libxml2-devel openssl-devel

2.编译php

[root@station138 ~]# tar xf php-5.4.26.tar.bz2 
[root@station138 ~]# cd php-5.4.26/

[root@station138 php-5.4.26]# ./configure\

 --prefix=/usr/local/php --with-openssl --with-mysql=mysqlnd

 --with-pdo-mysql=mysqlnd --with-mysql=mysqlnd --enable-mbstring 
--with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib
--with-libxml-dir=/usr --enable-xml --enable-sockets --enable-fpm --with-mcrypt

--with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2

[root@station138 php-5.4.26]# make && make install

3.php提供配置文件

[root@station138 php-5.4.26]# cp php.ini-production /etc/php.ini

4.提供php-fpm脚本

[root@station138 php-5.4.26]# cp sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm
[root@station138 php-5.4.26]# chmod +x /etc/rc.d/init.d/php-fpm 

[root@station138 php-5.4.26]# chkconfig --add php-fpm

5.提供php-fpm配置文件

[root@station138 php-5.4.26]# cd /usr/local/php

[root@station138 php-5.4.26]# cp etc/php-fpm.conf.default etc/php-fpm.conf

6.启动服务

[root@station138 php-5.4.26]# systemctl start php-fpm
[root@station138 php-5.4.26]# ss -tnl 
State       Recv-Q Send-Q Local Address:Port               Peer Address:Port              

LISTEN      0      128       127.0.0.1:9000                          *:*

7.配置nginx支持php解析:

[root@station138 ~]# vim/etc/nginx/nginx.conf

 server {
        listen       80;
        server_name www.a.com;

  location / {
            root   /var/www/v1;
            index  index.php index.html index.htm;
        }
error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

location ~ \.php$ {
            root           /var/www/v1;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  /var/www/v1/$fastcgi_script_name;
            include        fastcgi_params;
        }

}

 server {
              listen       80;
             server_name  www.b.com;
             location / {
                        root   /var/www/v2;
                        index  index.php index.html index.htm;
             }
        location ~ \.php$ {
            root           /var/www/v2;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  /var/www/v2/$fastcgi_script_name;
            include        fastcgi_params;
        }

[root@station138 ~]# nginx -s reload

8.客户端测试php:

NGINX网站服务-LNMP平台及应用

9.创建数据库,授权用户

[root@station138 nginx]# mysql -uroot –p

MariaDB [(none)]> create database wpdb;

Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on wpdb.* to 'wpuser'@'172.16.%.%' identified by 'wp123';

Query OK, 0 rows affected (0.14 sec)

MariaDB [(none)]> create database pma;

Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on pma.* to 'pmauser'@'172.16.%.%' identified by 'pma123';

Query OK, 0 rows affected (0.00 sec)

10.测试mysql-php:

[root@station138 ssl]# cat /var/www/v1/index.php
web1
 $link = mysql_connect('localhost','root','123456');
 if($link)
  echo "OK";
 else
  echo "no";
?>

NGINX网站服务-LNMP平台及应用

部署应用:

1.部署wordpress:

[root@station138 ~]# unzip wordpress-4.3.1-zh_CN.zip

[root@station138 ~]# mv wordpress /var/www/v1/

[root@station138 wordpress]# mv wp-config-sample.php wp-config.php

[root@station138 wordpress]# vim wp-config.php 
/** WordPress数据库的名称 */
define('DB_NAME', 'wpdb');
/** MySQL数据库用户名 */
define('DB_USER', 'wpuser');
/** MySQL数据库密码 */
define('DB_PASSWORD', 'wp123');
/** MySQL主机 */

define('DB_HOST', '172.16.251.138');

2.部署phpMyAdmin:

[root@station138 ~]# unzip phpMyAdmin-4.4.14.1-all-languages.zip
[root@station138 ~]# mv phpMyAdmin-4.4.14.1-all-languages /var/www/v2
[root@station138 v2]# ln -sv phpMyAdmin-4.4.14.1-all-languages/ pma
[root@station138 v2]# vim phpmyadmin/libraries/config.default.php
$cfg['blowfish_secret'] = 'tSQRO02T+grA6rvJHCXr';
$cfg['Servers'][$i]['host'] = '172.16.251.138'; 
$cfg['Servers'][$i]['user'] = 'pmauser';

$cfg['Servers'][$i]['password'] = 'pma123';

3.客户端测试应用:

NGINX网站服务-LNMP平台及应用NGINX网站服务-LNMP平台及应用NGINX网站服务-LNMP平台及应用

为phpmyadmin提供https:

1.生成私钥:

[root@station138 CA]# (umask 077; opensslgenrsa -out private/cakey.pem 2048)

2.生成自签证书:

[root@station138 CA]# openssl req -new-x509 -key private/cakey.pem -out cacert.pem 

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:bj

Locality Name (eg, city) [Default City]:bj

Organization Name (eg, company) [DefaultCompany Ltd]:yw

Organizational Unit Name (eg, section)[]:Ops

Common Name (eg, your name or your server'shostname) []:www.b.com

Email Address []:admin@b.com

3.提供辅助文件

[root@station138 CA]#touch index.txt

[root@station138 CA]#echo 01 > serial

4.生成私钥:

[root@station138 ssl]#  (umask 077; openssl genrsa -out nginx.key1024)

5.生成证书请求:

[root@station138 ssl]#  openssl req -new -key nginx.key -outnginx.csr

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:bj

Locality Name (eg, city) [Default City]:bj

Organization Name (eg, company) [DefaultCompany Ltd]:yw

Organizational Unit Name (eg, section)[]:Ops

Common Name (eg, your name or your server'shostname) []:www.b.com

Email Address []:admin@b.com

Please enter the following 'extra'attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

6.签发证书:

[root@station138 ssl]#  openssl ca -in /testdir/nginx.csr -out/etc/pki/CA/certs/nginx.crt

[root@station138 ssl]# cp/etc/pki/CA/certs/nginx.crt /etc/nginx/ssl/

7.修改nginx配置文件,添加支持ssl:

[root@station138 ~]# vim /etc/nginx/nginx.conf

server {
        listen       443 ssl;
        server_name  localhost;

        ssl_certificate      /etc/nginx/ssl/nginx.crt;
        ssl_certificate_key  /etc/nginx/ssl/nginx.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            root   html;
            index index.php index.html index.htm;
        }
    }

8.测试https:

NGINX网站服务-LNMP平台及应用NGINX网站服务-LNMP平台及应用NGINX网站服务-LNMP平台及应用


当前题目:NGINX网站服务-LNMP平台及应用
网站URL:http://pcwzsj.com/article/pdpogp.html