说明
操作系统CentOS 位
准备篇
一配置好IPDNS 网关确保使用远程连接工具能够连接服务器
二配置防火墙开启端口端口
vi /etc/sysconfig/iptables
A INPUT m state state NEW m tcp p tcp dport j ACCEPT(允许端口通过防火墙)
A INPUT m state state NEW m tcp p tcp dport j ACCEPT(允许端口通过防火墙)
特别提示很多网友把这两条规则添加到防火墙配置的最后一行导致防火墙启动失败正确的应该是添加到默认的端口这条规则的下面
添加好之后防火墙规则如下所示
#########################################################
# Firewall configuration written by systemconfigfirewall
# Manual customization of this file is not recommended
*filter
:INPUT ACCEPT [:]
:FORWARD ACCEPT [:]
:OUTPUT ACCEPT [:]
A INPUT m state state ESTABLISHEDRELATED j ACCEPT
A INPUT p icmp j ACCEPT
A INPUT i lo j ACCEPT
A INPUT m state state NEW m tcp p tcp dport j ACCEPT
A INPUT m state state NEW m tcp p tcp dport j ACCEPT
A INPUT m state state NEW m tcp p tcp dport j ACCEPT
A INPUT j REJECT rejectwith icmphostprohibited
A FORWARD j REJECT rejectwith icmphostprohibited
COMMIT
#########################################################
/etc/initd/iptables restart #最后重启防火墙使配置生效
三关闭SELINUX
vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
:wq 保存关闭
shutdown r now #重启系统
四 系统约定
软件源代码包存放位置/usr/local/src
源码包编译安装位置/usr/local/软件名字
五下载软件包
下载nginx(目前稳定版)
下载pcre (支持nginx伪静态)
ftp://ftpcsxcamacuk/pub/software/programming/pcre/pcretargz
下载MySQL
下载php
下载cmake(MySQL编译工具)
下载libmcrypt(PHPlibmcrypt模块)
ftp://mcrypthelluggr/pub/crypto/mcrypt/libmcrypt/libmcrypttargz
下载Zend Guard
六安装编译工具及库文件(使用CentOS yum命令安装)
yum install make apr* autoconf automake curl curldevel gcc gccc++ zlibdevel openssl openssldevel pcredevel gd kernel keyutils patch perl kernelheaders compat* mpfr cpp glibc libgomp libstdc++devel ppl cloogppl keyutilslibsdevel libcom_errdevel libsepoldevel libselinuxdevel krbdevel zlibdevel libXpm* freetype libjpeg* libpng* phpcommon phpgd ncurses* libtool* libxml libxmldevel patch
安装篇
以下是用putty工具远程登录到服务器在命令行下面操作的
一安装libmcrypt
cd /usr/local/src
tar zxvf libmcrypttargz #解压
cd libmcrypt #进入目录
/configure #配置
make #编译
make install #安装
二安装cmake
cd /usr/local/src
tar zxvf cmaketargz
cd cmake
/configure
make #编译
make install #安装
三安装pcre
cd /usr/local/src
mkdir /usr/local/pcre #创建安装目录
tar zxvf pcretargz
cd pcre
/configure prefix=/usr/local/pcre #配置
make
make install
四安装mysql
groupadd mysql #添加mysql组
useradd g mysql mysql s /bin/false #创建用户mysql并加入到mysql组不允许mysql用户直接登录系统
mkdir p /data/mysql #创建MySQL数据库存放目录
chown R mysql:mysql /data/mysql #设置MySQL数据库目录权限
mkdir p /usr/local/mysql #创建MySQL安装目录
cd /usr/local/src
tar zxvf mysqltargz #解压
cd mysql
cmake DCMAKE_INSTALL_PREFIX=/usr/local/mysql DMYSQL_DATADIR=/data/mysql DSYSCONFDIR=/etc #配置
make #编译
make install #安装
cd /usr/local/mysql
cp /supportfiles/myhugecnf /etc/mycnf #拷贝配置文件(注意如果/etc目录下面默认有一个mycnf直接覆盖即可)
vi /etc/mycnf #编辑配置文件在 [mysqld] 部分增加
datadir = /data/mysql #添加MySQL数据库路径
/scripts/mysql_install_db user=mysql #生成mysql系统数据库
cp /supportfiles/mysqlserver /etc/rcd/initd/mysqld #把Mysql加入系统启动
chmod /etc/initd/mysqld #增加执行权限
chkconfig mysqld on #加入开机启动
vi /etc/rcd/initd/mysqld #编辑
basedir = /usr/local/mysql #MySQL程序安装路径
datadir = /data/mysql #MySQl数据库存放目录
service mysqld start #启动
vi /etc/profile #把mysql服务加入系统环境变量在最后添加下面这一行
export PATH=$PATH:/usr/local/mysql/bin
下面这两行把myslq的库文件链接到系统默认的位置这样你在编译类似PHP等软件时可以不用指定mysql的库文件地址
ln s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln s /usr/local/mysql/include/mysql /usr/include/mysql
shutdown r now #需要重启系统等待系统重新启动之后继续在终端命令行下面操作
mysql_secure_installation #设置Mysql密码
根据提示按Y 回车输入次密码
或者直接修改密码/usr/local/mysql/bin/mysqladmin u root p password "" #修改密码
service mysqld restart #重启
到此mysql安装完成!
五安装 nginx
groupadd www #添加www组
useradd g www www s /bin/false #创建nginx运行账户www并加入到www组不允许www用户直接登录系统cd /usr/local/src
tar zxvf nginxtargz
cd nginx
/configure prefix=/usr/local/nginx user=www group=www with
注意:withpcre=/usr/local/src/pcre指向的是源码包解压的路径而不是安装的路径否则会报错
make
make install
/usr/local/nginx/sbin/nginx #启动nginx
设置nginx开启启动
vi /etc/rcd/initd/nginx #编辑启动文件添加下面内容
=======================================================
#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# it is v version
# chkconfig:
# description: Nginx is a highperformance web and proxy server
# It has a lot of features but its not for everyone
# processname: nginx
# pidfile: /var/run/nginxpid
# config: /usr/local/nginx/conf/nginxconf
nginxd=/usr/local/nginx/sbin/nginx
nginx_config=/usr/local/nginx/conf/nginxconf
nginx_pid=/usr/local/nginx/logs/nginxpid
RETVAL=
prog="nginx"
# Source function library
/etc/rcd/initd/functions
# Source networking configuration
/etc/sysconfig/network
# Check that networking is up
[ ${NETWORKING} = "no" ] && exit
[ x $nginxd ] || exit
# Start nginx daemons functions
start() {
if [ e $nginx_pid ];then
echo "nginx already running"
exit
fi
echo n $"Starting $prog: "
daemon $nginxd c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = ] && touch /var/lock/subsys/nginx
return $RETVAL
}
# Stop nginx daemons functions
stop() {
echo n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = ] && rm f /var/lock/subsys/nginx /usr/local/nginx/logs/nginxpid
}
reload() {
echo n $"Reloading $prog: "
#kill HUP `cat ${nginx_pid}`
killproc $nginxd HUP
RETVAL=$?
echo
}
# See how we were called
case "$" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit
esac
exit $RETVAL
=======================================================
:wq!保存退出
chmod /etc/rcd/initd/nginx #赋予文件执行权限
chkconfig nginx on #设置开机启动
/etc/rcd/initd/nginx restart
service nginx restart
=======================================================
六安装php
cd /usr/local/src
tar zvxf phptargz
cd php
mkdir p /usr/local/php #建立php安装目录
/configure prefix=/usr/local/php withconfigfilepath=/usr/local/php/etc withmysql=/usr/local/mysql withmysqli=/usr/local/mysql/bin/mysql_config withmysqlsock=/tmp/mysqlsock withgd withiconv withzlib enablexml enablemagicquotes enablesafemode enablebcmath enableshmop enablesysvsem enableinlineoptimization withcurlwrappers enablembregex enablefpm enablembstring enableftp enablegdnativettf withopenssl enablepcntl enablesockets withxmlrpc enablezip enablesoap withoutpear withgettext enablesession withmcrypt withcurl #配置
make #编译
make install #安装
cp phpiniproduction /usr/local/php/etc/phpini #复制php配置文件到安装目录
rm rf /etc/phpini #删除系统自带配置文件
ln s /usr/local/php/etc/phpini /etc/phpini #添加软链接
cp /usr/local/php/etc/phpfpmconfdefault /usr/local/php/etc/phpfpmconf #拷贝模板文件为phpfpm配置文件
vi /usr/local/php/etc/phpfpmconf #编辑
user = www #设置phpfpm运行账号为www
group = www #设置phpfpm运行组为www
pid = run/phpfpmpid #取消前面的分号
设置 phpfpm开机启动
cp /usr/local/src/php/sapi/fpm/initdphpfpm /etc/rcd/initd/phpfpm #拷贝phpfpm到启动目录
chmod +x /etc/rcd/initd/phpfpm #添加执行权限
chkconfig phpfpm on #设置开机启动
vi /usr/local/php/etc/phpini #编辑配置文件
找到;open_basedir =
修改为open_basedir = :/tmp/ #防止php木马跨站重要!!
找到disable_functions =
修改为disable_functions = passthruexecsystemchrootscandirchgrpchownshell_execproc_openproc_get_statusini_alterini_alterini_restoredlopenlogsyslogreadlinksymlinkpopepassthrustream_socket_serverescapeshellcmddllpopendisk_free_spacecheckdnsrrcheckdnsrrgetservbynamegetservbyportdisk_total_spaceposix_ctermidposix_get_last_errorposix_getcwd posix_getegidposix_geteuidposix_getgid posix_getgrgidposix_getgrnamposix_getgroupsposix_getloginposix_getpgidposix_getpgrpposix_getpid posix_getppidposix_getpwnamposix_getpwuid posix_getrlimit posix_getsidposix_getuidposix_isatty posix_killposix_mkfifoposix_setegidposix_seteuidposix_setgid posix_setpgidposix_setsidposix_setuidposix_strerrorposix_timesposix_ttynameposix_uname
#列出PHP可以禁用的函数如果某些程序需要用到这个函数可以删除取消禁用
找到;datetimezone =
修改为datetimezone = PRC #设置时区
找到expose_php = On
修改为expose_php = OFF #禁止显示php版本的信息
找到display_errors = On
修改为display_errors = OFF #关闭错误提示
七配置nginx支持php
vi /usr/local/nginx/conf/nginxconf
修改/usr/local/nginx/conf/nginxconf 配置文件需做如下修改
user www www; #首行user去掉注释修改Nginx运行组为www www;必须与/usr/local/php/etc/phpfpmconf中的usergroup配置相同否则php运行出错
index indexphp indexhtml indexhtm; #添加indexphp
# pass the PHP scripts to FastCGI server listening on :
#
location ~ php$ {
root html;
fastcgi_pass :;
fastcgi_index indexphp;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#取消FastCGI server部分location的注释并要注意fastcgi_param行的参数改为$document_root$fastcgi_script_name或者使用绝对路径
/etc/initd/nginx restart #重启nginx
八配置php支持Zend Guard
安装Zend Guard
cd /usr/local/src
mkdir /usr/local/zend #建立Zend安装目录
tar xvfz ZendGuardLoaderphplinuxglibcitargz #解压安装文件
cp ZendGuardLoaderphplinuxglibci/phpx/ZendGuardLoaderso /usr/local/zend/ #拷贝文件到安装目录
vi /usr/local/php/etc/phpini #编辑文件
在最后位置添加以下内容
[Zend Guard]
zend_extension=/usr/local/zend/ZendGuardLoaderso
zend_loaderenable=
zend_loaderdisable_licensing=
zend_loaderobfuscation_level_support=
zend_loaderlicense_path=
测试篇
cd /usr/local/nginx/html/ #进入nginx默认网站根目录
rm rf /usr/local/nginx/html/* #删除默认测试页
vi indexphp #新建indexphp文件
phpinfo();
?>
:wq! #保存
chown wwwwww /usr/local/nginx/html/ R #设置目录所有者
chmod /usr/local/nginx/html/ R #设置目录权限
shutdown r now #重启
在客户端浏览器输入服务器IP地址可以看到相关的配置信息!
service nginx restart #重启nginx
service mysqld restart #重启mysql
/usr/local/php/sbin/phpfpm #启动phpfpm
/etc/rcd/initd/phpfpm restart #重启phpfpm
/etc/rcd/initd/phpfpm stop #停止phpfpm
/etc/rcd/initd/phpfpm start #启动phpfpm
#############################################################################
备注
nginx默认站点目录是/usr/local/nginx/html/
权限设置chown wwwwww /usr/local/nginx/html/ R
MySQL数据库目录是/data/mysql
权限设置chown mysqlmysql R /data/mysql
到此CentOS 下 Nginx+MySQL+PHP+Zend Guard Loader基本运行环境搭建完成!
伟人所达到并保持着的高处,并不是一飞就到的,
