Discuz!官方免费开源建站系统

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索

[教程] CentOS 6.2编译安装Nginx1.0.12+MySQL5.5.21+PHP5.3.10

[复制链接]
ninjasex 发表于 2012-5-8 14:15:01 | 显示全部楼层 |阅读模式
本帖最后由 ninjasex 于 2012-5-8 14:16 编辑

说明:
   操作系统:CentOS 6.2 32位
   系统安装教程:CentOS 6.2安装(超级详细图解教程)   http://www.osyunwei.com/archives/1537.html
准备篇:
一、配置好IP、DNS 、网关,确保使用远程连接工具能够连接服务器
       CentOS 设置IP地址、网关、DNS教程:http://www.osyunwei.com/archives/423.html
二、配置防火墙,开启80端口、3306端口
   vi /etc/sysconfig/iptables
   -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT(允许80端口通过防火墙)
   -A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT(允许3306端口通过防火墙)
特别提示:很多网友把这两条规则添加到防火墙配置的最后一行,导致防火墙启动失败,正确的应该是添加到默认的22端口这条规则的下面
添加好之后防火墙规则如下所示:
#########################################################
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
#########################################################
/etc/init.d/iptables restart  #最后重启防火墙使配置生效
三、关闭SELINUX
   vi /etc/selinux/config
   #SELINUX=enforcing       #注释掉
   #SELINUXTYPE=targeted    #注释掉
   SELINUX=disabled         #增加
   :wq  保存,关闭
   shutdown -r now   #重启系统
四 、系统约定
    软件源代码包存放位置:/usr/local/src
    源码包编译安装位置:/usr/local/软件名字
五、下载软件包
1、下载nginx(目前稳定版)
  /etc/rc.d/init.d/nginx restart
service nginx restart
=======================================================
六、安装php
cd /usr/local/src
tar -zvxf php-5.3.10.tar.gz
cd  php-5.3.10
mkdir -p /usr/local/php5  #建立php安装目录
./configure --prefix=/usr/local/php5 --with-config-file-path=/usr/local/php5/etc --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-mysql-sock=/tmp/mysql.sock --with-gd --with-iconv  --with-zlib  --enable-xml --enable-magic-quotes --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curlwrappers --enable-mbregex  --enable-fpm --enable-mbstring --enable-ftp --enable-gd-native-ttf --with-openssl --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --enable-session --with-mcrypt --with-curl  #配置
make   #编译
make install    #安装
cp  php.ini-production   /usr/local/php5/etc/php.ini  #复制php配置文件到安装目录
rm -rf /etc/php.ini   #删除系统自带配置文件
ln -s /usr/local/php5/etc/php.ini  /etc/php.ini    #添加软链接
cp  /usr/local/php5/etc/php-fpm.conf.default   /usr/local/php5/etc/php-fpm.conf    #拷贝模板文件为php-fpm配置文件
vi  /usr/local/php5/etc/php-fpm.conf  #编辑
user = www    #设置php-fpm运行账号为www
group = www   #设置php-fpm运行组为www
pid = run/php-fpm.pid    #取消前面的分号
设置 php-fpm开机启动
cp /usr/local/src/php-5.3.10/sapi/fpm/init.d.php-fpm   /etc/rc.d/init.d/php-fpm  #拷贝php-fpm到启动目录
chmod +x /etc/rc.d/init.d/php-fpm  #添加执行权限
chkconfig php-fpm on    #设置开机启动
vi /usr/local/php5/etc/php.ini    #编辑配置文件
找到:;open_basedir =
修改为:open_basedir = .:/tmp/   #防止php木马跨站,重要!!
找到:disable_functions =
修改为:disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
#列出PHP可以禁用的函数,如果某些程序需要用到这个函数,可以删除,取消禁用。
找到:;date.timezone =
修改为:date.timezone = PRC   #设置时区
找到:expose_php = On
修改为:expose_php = OFF  #禁止显示php版本的信息
找到:display_errors = On
修改为:display_errors = OFF  #关闭错误提示
七、配置nginx支持php
vi /usr/local/nginx/conf/nginx.conf
修改/usr/local/nginx/conf/nginx.conf 配置文件,需做如下修改
user   www  www;          #首行user去掉注释,修改Nginx运行组为www www;必须与/usr/local/php5/etc/php-fpm.conf中的user,group配置相同,否则php运行出错
index  index.php  index.html index.htm;    #添加index.php
  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ \.php$ {
    root           html;
    fastcgi_pass   127.0.0.1:9000;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME   $document_root$fastcgi_script_name;
    include        fastcgi_params;
  }
#取消FastCGI server部分location的注释,并要注意fastcgi_param行的参数,改为$document_root$fastcgi_script_name,或者使用绝对路径
/etc/init.d/nginx restart  #重启nginx
八、配置php支持Zend Guard
安装Zend Guard
cd /usr/local/src
mkdir /usr/local/zend       #建立Zend安装目录
tar xvfz ZendGuardLoader-php-5.3-linux-glibc23-i386.tar.gz  #解压安装文件
cp ZendGuardLoader-php-5.3-linux-glibc23-i386/php-5.3.x/ZendGuardLoader.so  /usr/local/zend/  #拷贝文件到安装目录
vi /usr/local/php5/etc/php.ini   #编辑文件
在最后位置添加以下内容
[Zend Guard]
zend_extension=/usr/local/zend/ZendGuardLoader.so
zend_loader.enable=1
zend_loader.disable_licensing=0
zend_loader.obfuscation_level_support=3
zend_loader.license_path=
测试篇
cd  /usr/local/nginx/html/   #进入nginx默认网站根目录
rm -rf   /usr/local/nginx/html/*   #删除默认测试页
vi  index.php  #新建index.php文件
<?php
phpinfo();
?>
:wq!   #保存
chown www.www /usr/local/nginx/html/  -R   #设置目录所有者
chmod 700 /usr/local/nginx/html/  -R #设置目录权限
shutdown -r now    #重启
在客户端浏览器输入服务器IP地址,可以看到相关的配置信息!
service nginx restart    #重启nginx
service mysqld restart   #重启mysql
/usr/local/php5/sbin/php-fpm   #启动php-fpm
/etc/rc.d/init.d/php-fpm  restart   #重启php-fpm
/etc/rc.d/init.d/php-fpm  stop  #停止php-fpm
/etc/rc.d/init.d/php-fpm  start  #启动php-fpm
#############################################################################
备注:
nginx默认站点目录是:/usr/local/nginx/html/   
权限设置:chown www.www  /usr/local/nginx/html/  -R
MySQL数据库目录是:/data/mysql
权限设置:chown mysql.mysql -R  /data/mysql
到此,CentOS 6.2下 Nginx1.0.12+MySQL5.5.21+PHP5.3.10+Zend Guard Loader基本运行环境搭建完成!

 楼主| ninjasex 发表于 2012-5-11 16:46:44 | 显示全部楼层
本帖最后由 ninjasex 于 2012-5-15 12:49 编辑

                        centos6.2 64bit安装mysql+php                                                原文张宴http://blog.s135.com/nginx_php_v6/
测试系统:CentOS6.2 64BIT
mysql 更新为5.5.21
php等部分软件升级

一、同步系统时间
ntp.api.bz 是一组NTP服务器集群,目前有6台服务器,位于上海电信。这项服务是 api.bz 继 http://sms.api.bz 移动飞信免费短信发送接口之后的第二项免费 API 服务。
ntpdate ntp.api.bz
设置每小时同步一次时间
crontab -e
添加:
* */1 * * * ntpdate ntp.api.bz >> /var/log/ntpdate.log



二、配置网易YUM源(可选)
首先备份/etc/yum.repos.d/CentOS-Base.repo    mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
下载对应版本repo文件, 放入/etc/yum.repos.d/(操作前请做好相应备份)


  • CentOS4
  • CentOS5
  • CentOS6
运行yum makecache生成缓存
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
mkdir -p /data0/software
wget http://mirrors.163.com/.help/CentOS6-Base-163.repo
cp CentOS6-Base-163.repo /etc/yum.repos.d/
yum makecache



三、获取开源程序
sudo -s
LANG=C
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers

软件存放目录
mkdir -p /data0/software



  • MYSQL

mysql5.5+需要使用cmake编译
wget http://www.cmake.org/files/v2.8/cmake-2.8.7.tar.gz
wget http://mysql.ntu.edu.tw/Downloads/MySQL-5.5/mysql-5.5.24.tar.gz
安装cmake编译

tar zxvf cmake-2.8.7.tar.gz
cd cmake-2.8.7
./bootstrap
gmake
make
make install
cd..
安装mysql
mysql需要在官方下载Source Code下的mysql-5.5.24.tar.gz

tar zxvf mysql-5.5.24.tar.gz
cd mysql-5.5.24
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/webserver/mysql -DINSTALL_DATADIR=/data0/mysql/data -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DEXTRA_CHARSETS=all -DWITH_SSL=system -DWITH_EMBEDDED_SERVER=1 -DENABLED_LOCAL_INFILE=1 -DWITH_MYISAM_STORAGE_ENGINE=1 -DMYSQL_USER=mysql
make
make install

编译选项说明:
-DCMAKE_INSTALL_PREFIX=/usr/local/webserver/mysql //安装目录
-DINSTALL_DATADIR=/data0/mysql/data //数据库存放目录
-DDEFAULT_CHARSET=utf8 //使用utf8字符
-DDEFAULT_COLLATION=utf8_general_ci  //校验字符
-DEXTRA_CHARSETS=all  //安装所有扩展字符集
-DWITH_SSL=system //使用SSL加密
-DWITH_EMBEDDED_SERVER=1 //编译成embedded mysql library
-DENABLED_LOCAL_INFILE=1 //允许从本地导入数据
-DWITH_MYISAM_STORAGE_ENGINE=1 //安装myisam引擎
配置mysql
mkdir -p /data0/mysql/data
groupadd mysql
useradd -g mysql mysql
chown -R mysql:mysql /data0/mysql/data
cp support-files/my-medium.cnf /etc/my.cnf

vi /etc/my.cnf
在my.cnf中增加用户名及数据目录
在[mysqld]下面增加:
user=mysql
datadir=/data0/mysql/data

开启事件调度(可选)
在 [mysqld] 的下面加入如下行
event_scheduler=1

安装mysql初使化系统表其数据
cd /usr/local/webserver/mysql
./scripts/mysql_install_db --user=mysql


配置mysqld服务,并使其开机自运行
cp support-files/mysql.server /etc/init.d/mysqld
chmod +x /etc/init.d/mysqld
chkconfig --add mysqld
chkconfig mysqld --level 3 on

修改/etc/init.d/mysqld相关配置
vi /etc/init.d/mysqld
将datadir指定为/data0/mysql/data
将basedir指定为/usr/local/webserver/mysql
basedir=/usr/local/webserver/mysql
datadir=/data0/mysql/data
mysqld_pid_file_path=/data/mysql/data/mysql.pid(可选)

启动mysql及指定mysql root密码
service mysqld start
/bin/mysqladmin -u root password 'admin'


将mysql相关命令加到用户PATH中去
vi ~/.bash_profile
将PATH改为:
PATH=$PATHHOME/bin:/usr/local/webserver/mysql/bin
使其生效:
. ~/.bash_profile
启动,停止和重启mysql命令
service mysqld start
service mysqld stop
service mysqld restart
登录到mysql
mysql -u root -
回复

使用道具 举报

 楼主| ninjasex 发表于 2012-5-12 15:09:58 | 显示全部楼层
本帖最后由 ninjasex 于 2012-5-15 15:49 编辑

    * php系列



wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz

wget http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0
wget http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0

wget http://blog.s135.com/soft/linux/nginx_php/mhash/mhash-0.9.9.9.tar.gz



安装PHP支持库

tar zxvf libiconv-1.14.tar.gz
cd libiconv-1.14/
./configure --prefix=/usr/local
make
make install
cd ../

tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd http://www.cnblogs.com/

tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install
cd ../



wget http://us.php.net/get/php-5.2.17.tar.gz/from/cn.php.net/mirror

wget http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz

wget http://pecl.php.net/get/memcache-3.0.6.tgz

wget http://blog.s135.com/soft/linux/nginx_php/eaccelerator/eaccelerator-0.9.6.1.tar.bz2

wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz

wget http://blog.s135.com/soft/linux/nginx_php/imagick/ImageMagick.tar.gz

wget http://pecl.php.net/get/imagick-2.3.0.tgz

编译安装PHP(FastCGI模式)

ln -s /usr/lib64/libjpeg.so /usr/lib/libjpeg.so

ln -s /usr/lib64/libpng.so /usr/lib/libpng.so

ln -s /usr/lib64/libldap.so /usr/lib/libldap.so

ln -s /usr/local/webserver/mysql/lib/libmysqlclient.so.18  /usr/lib64/

tar zxvf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | patch -d php-5.2.17 -p1
cd php-5.2.17/

./configure --prefix=/usr/local/webserver/php --with-config-file-path=/usr/local/webserver/php/etc --with-mysql=/usr/local/webserver/mysql --with-mysqli=/usr/local/webserver/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr/ --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-ldap --with-ldap-sasl --with-xmlrpc --enable-zip --enable-soap
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/webserver/php/etc/php.ini   (5.3.13默认的php.ini文件后缀需要更改成php.ini-dist)
cd ../

编译安装PHP5扩展模块

tar zxvf memcache-3.0.6.tgz

cd memcache-3.0.6

/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

tar jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/usr/local/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config --with-pdo-mysql=/usr/local/webserver/mysql
make
make install
cd ../



tar zxvf ImageMagick.tar.gz

cd ImageMagick-6.7.5-6/ (我下的怎么是 ImageMagick-6.5.1-2)

./configure
make
make install
cd ../



tar zxvf imagick-2.3.0.tgcd imagick-2.3.0

/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../



5、修改php.ini文件  

手工修改:查找/usr/local/webserver/php/etc/php.ini中的extension_dir = "./"  

修改为extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"  

并在此行后增加以下几行,然后保存:
extension = "memcache.so"
extension = "pdo_mysql.so"
extension = "imagick.so"

再查找output_buffering = Off
修改为output_buffering = On

再查找; cgi.fix_pathinfo=0
修改为cgi.fix_pathinfo=0,防止Nginx文件类型错误解析漏洞。

自动修改:若嫌手工修改麻烦,可执行以下shell命令,自动完成对php.ini文件的修改:

sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "imagick.so"\n#' /usr/local/webserver/php/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/webserver/php/etc/php.ini
sed -i "s#; always_populate_raw_post_data = On#always_populate_raw_post_data = On#g" /usr/local/webserver/php/etc/php.ini
sed -i "s#; cgi.fix_pathinfo=0#cgi.fix_pathinfo=0#g" /usr/local/webserver/php/etc/php.ini



配置eAccelerator加速PHP:

mkdir -p /usr/local/webserver/eaccelerator_cache
vi /usr/local/webserver/php/etc/php.ini


复制代码

[eaccelerator]
zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

复制代码



创建www用户和组,以及供虚拟主机使用的目录:

/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /data0/htdocs/www
chmod +w /data0/htdocs/www
chown -R www:www /data0/htdocs/www



创建php-fpm配置文件(php-fpm是为PHP打的一个FastCGI管理补丁,可以平滑变更php.ini配置而无需重启php-cgi):
  在/usr/local/webserver/php/etc/目录中创建php-fpm.conf文件:

rm -f /usr/local/webserver/php/etc/php-fpm.conf
vi /usr/local/webserver/php/etc/php-fpm.conf

输入以下内容(如果您安装 Nginx + PHP 用于程序调试,请将以下的<value name="display_errors">0</value>改为<value name="display_errors">1</value>,以便显示PHP错误信息,否则,Nginx 会报状态为500的空白错误页):
复制代码

<?xml version="1.0" ?>
<configuration>

  All relative paths in this config are relative to php's install prefix

  <section name="global_options">

    Pid file
    <value name="pid_file">/usr/local/webserver/php/logs/php-fpm.pid</value>

    Error log file
    <value name="error_log">/usr/local/webserver/php/logs/php-fpm.log</value>

    Log level
    <value name="log_level">notice</value>

    When this amount of php processes exited with SIGSEGV or SIGBUS ...
    <value name="emergency_restart_threshold">10</value>

    ... in a less than this interval of time, a graceful restart will be initiated.
    Useful to work around accidental curruptions in accelerator's shared memory.
    <value name="emergency_restart_interval">1m</value>

    Time limit on waiting child's reaction on signals from master
    <value name="process_control_timeout">5s</value>

    Set to 'no' to debug fpm
    <value name="daemonize">yes</value>

  </section>

  <workers>

    <section name="pool">

      Name of pool. Used in logs and stats.
      <value name="name">default</value>

      Address to accept fastcgi requests on.
      Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
      <value name="listen_address">127.0.0.1:9000</value>

      <value name="listen_options">

        Set listen(2) backlog
        <value name="backlog">-1</value>

        Set permissions for unix socket, if one used.
        In Linux read/write permissions must be set in order to allow connections from web server.
        Many BSD-derrived systems allow connections regardless of permissions.
        <value name="owner"></value>
        <value name="group"></value>
        <value name="mode">0666</value>
      </value>

      Additional php.ini defines, specific to this pool of workers.
      <value name="php_defines">
        <value name="sendmail_path">/usr/sbin/sendmail -t -i</value>
        <value name="display_errors">0</value>
      </value>

      Unix user of processes
      <value name="user">www</value>

      Unix group of processes
      <value name="group">www</value>

      Process manager settings
      <value name="pm">

        Sets style of controling worker process count.
        Valid values are 'static' and 'apache-like'
        <value name="style">static</value>

        Sets the limit on the number of simultaneous requests that will be served.
        Equivalent to Apache MaxClients directive.
        Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi        Used with any pm_style.
        <value name="max_children">128</value>

        Settings group for 'apache-like' pm style
        <value name="apache_like">

          Sets the number of server processes created on startup.
          Used only when 'apache-like' pm_style is selected
          <value name="StartServers">20</value>

          Sets the desired minimum number of idle server processes.
          Used only when 'apache-like' pm_style is selected
          <value name="MinSpareServers">5</value>

          Sets the desired maximum number of idle server processes.
          Used only when 'apache-like' pm_style is selected
          <value name="MaxSpareServers">35</value>

        </value>

      </value>

      The timeout (in seconds) for serving a single request after which the worker process will be terminated
      Should be used when 'max_execution_time' ini option does not stop script execution for some reason
      '0s' means 'off'
      <value name="request_terminate_timeout">0s</value>

      The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
      '0s' means 'off'
      <value name="request_slowlog_timeout">0s</value>

      The log file for slow requests
      <value name="slowlog">logs/slow.log</value>

      Set open file desc rlimit
      <value name="rlimit_files">65535</value>

      Set max core size rlimit
      <value name="rlimit_core">0</value>

      Chroot to this directory at the start, absolute path
      <value name="chroot"></value>

      Chdir to this directory at the start, absolute path
      <value name="chdir"></value>

      Redirect workers' stdout and stderr into main error log.
      If not set, they will be redirected to /dev/null, according to FastCGI specs
      <value name="catch_workers_output">yes</value>

      How much requests each process should execute before respawn.
      Useful to work around memory leaks in 3rd party libraries.
      For endless request processing please specify 0
      Equivalent to PHP_FCGI_MAX_REQUESTS
      <value name="max_requests">1024</value>

      Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
      Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
      Makes sense only with AF_INET listening socket.
      <value name="allowed_clients">127.0.0.1</value>

      Pass environment variables like LD_LIBRARY_PATH
      All $VARIABLEs are taken from current environment
      <value name="environment">
        <value name="HOSTNAME">$HOSTNAME</value>
        <value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
        <value name="TMP">/tmp</value>
        <value name="TMPDIR">/tmp</value>
        <value name="TEMP">/tmp</value>
        <value name="OSTYPE">$OSTYPE</value>
        <value name="MACHTYPE">$MACHTYPE</value>
        <value name="MALLOC_CHECK_">2</value>
      </value>

    </section>

  </workers>

</configuration>

复制代码



启动php-cgi进程,监听127.0.0.1的9000端口,进程数为128(如果服务器内存小于3GB,可以只开启64个进程),用户为www:

ulimit -SHn 65535
/usr/local/webserver/php/sbin/php-fpm start

注:/usr/local/webserver/php/sbin/php-fpm还有其他参数,包括:start|stop|quit|restart|reload|logrotate,修改php.ini后不重启php-cgi,重新加载配置文件使用reload。
回复

使用道具 举报

 楼主| ninjasex 发表于 2012-5-12 15:10:46 | 显示全部楼层
nginx包

wget http://nginx.org/download/nginx-1.0.12.tar.gz

wget http://blog.s135.com/soft/linux/nginx_php/pcre/pcre-8.10.tar.gz

安装Nginx所需的pcre库:

tar zxvf pcre-8.10.tar.gz
cd pcre-8.10/
./configure
make && make install
cd ../

安装Nginx

tar zxvf nginx-1.0.12.tar.gz
cd nginx-1.0.12/
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
cd ../



创建Nginx日志目录

mkdir -p /data1/logs
chmod +w /data1/logs
chown -R www:www /data1/logs

在/usr/local/webserver/nginx/conf/目录中创建nginx.conf文件:

rm -f /usr/local/webserver/nginx/conf/nginx.conf
vi /usr/local/webserver/nginx/conf/nginx.conf


复制代码

user  www www;
worker_processes 8;
error_log  /data1/logs/nginx_error.log  crit;

pid        /usr/local/webserver/nginx/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;

events
{
  use epoll;
  worker_connections 65535;
}

http
{
  include       mime.types;
  default_type  application/octet-stream;

  #charset  gb2312;
      
  server_names_hash_bucket_size 128;
  client_header_buffer_size 32k;
  large_client_header_buffers 4 32k;
  client_max_body_size 8m;
      
  sendfile on;
  tcp_nopush     on;

  keepalive_timeout 60;

  tcp_nodelay on;

  fastcgi_connect_timeout 300;
  fastcgi_send_timeout 300;
  fastcgi_read_timeout 300;
  fastcgi_buffer_size 64k;
  fastcgi_buffers 4 64k;
  fastcgi_busy_buffers_size 128k;
  fastcgi_temp_file_write_size 128k;

  gzip on;
  gzip_min_length  1k;
  gzip_buffers     4 16k;
  gzip_http_version 1.0;
  gzip_comp_level 2;
  gzip_types       text/plain application/x-javascript text/css application/xml;
  gzip_vary on;

   

log_format  default '$remote_addr - $remote_user [$time_local] "$request" '
              '$status $body_bytes_sent "$http_referer" '
              '"$http_user_agent" $http_x_forwarded_for';


  #limit_zone  crawler  $binary_remote_addr  10m;

  server
  {
    listen       80;
    server_name  127.0.0.1;
    index index.html index.htm index.php;
    root  /data0/htdocs/blog;

    #limit_conn   crawler  20;   
                             
    location ~ .*\.(php|php5)?$
    {      
      #fastcgi_pass  unix:/tmp/php-cgi.sock;
      fastcgi_pass  127.0.0.1:9000;
      fastcgi_index index.php;
      include fcgi.conf;
    }
   
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|ico)$
    {
      expires      365d;
    }

    location ~ .*\.(js|css)?$
    {
      expires      365d;
    }   

        access_log  /data1/logs/access.log  default;
      }  
}

复制代码





在/usr/local/webserver/nginx/conf/目录中创建fcgi.conf文件:

vi /usr/local/webserver/nginx/conf/fcgi.conf


复制代码

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

复制代码



启动Nginx

ulimit -SHn 65535
/usr/local/webserver/nginx/sbin/nginx

vi /etc/rc.local

ulimit -SHn 65535
/usr/local/webserver/php/sbin/php-fpm start
/usr/local/webserver/nginx/sbin/nginx
回复

使用道具 举报

 楼主| ninjasex 发表于 2012-5-12 15:11:12 | 显示全部楼层
优化Linux内核参数

vi /etc/sysctl.conf
复制代码

# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog =  32768
net.core.somaxconn = 32768

net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800

#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024  65535

复制代码



使配置立即生效

/sbin/sysctl -p



在不停止Nginx服务的情况下平滑变更Nginx配置

/usr/local/webserver/nginx/sbin/nginx -t

/usr/local/webserver/nginx/sbin/nginx -s reload



编写每天定时切割Nginx日志的脚本

创建脚本/usr/local/webserver/nginx/sbin/cut_nginx_log.sh

vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
复制代码

#!/bin/bash
# This script run at 00:00

# The Nginx logs path
logs_path="/usr/local/webserver/nginx/logs/"

mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`

复制代码



设置crontab,每天凌晨00:00切割nginx访问日志

crontab -e

00 00 * * * /bin/bash  /usr/local/webserver/nginx/sbin/cut_nginx_log.sh



开启防火墙80端口

vi /etc/sysconfig/iptables

添加

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

重启防火墙

service iptables restart



PS: 如有问题请指正
回复

使用道具 举报

 楼主| ninjasex 发表于 2012-5-13 09:32:42 | 显示全部楼层
三、编译安装环境

1. 安装MySQL

   1. cd /usr/local/src
   2.

   3. tar zxvf cmake-2.8.5.tar.gz
   4.

   5. cd cmake-2.8.5/
   6.

   7. ./configure
   8.

   9. gmake &&gmake install
  10.

  11. groupadd mysql
  12. useradd -g mysql mysql
  13.

  14. mkdir -p /data/mysql
  15. chown -R mysql:mysql /data/mysql
  16.

  17. cd /usr/local/src
  18.

  19. tar zxvf mysql-5.5.20.tar.gz
  20.

  21. cd mysql-5.5.20
  22.

  23. cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/Comsenz/mysql -DMYSQL_DATADIR=/data/mysql -DSYSCONFDIR=/usr/local/Comsenz/etc/ -DWITH_BLACKHOLE_STORAGE_ENGINE=1
  24.

  25. make && make install
  26.

  27. cd /usr/local/Comsenz/mysql
  28.

  29. ./scripts/mysql_install_db --user=mysql
  30.

  31. cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld
  32.

  33. chmod 755 /etc/rc.d/init.d/mysqld
  34.

  35. chkconfig --add mysqld
  36.

  37. chkconfig --level 3 mysqld on

复制代码
编辑/etc/rc.d/init.d/mysqld
找到
回复

使用道具 举报

 楼主| ninjasex 发表于 2012-5-25 15:02:40 | 显示全部楼层
在虚拟机里新装了CentOS 6.2

之后,root帐户经常收到邮件,说fprintd崩溃
google了一下,是auth使用了fprintd(指纹识别设备)的问题.


用下面的命令确认了下authconfig的配置.
# grep -i fprintd /etc/sysconfig/authconfig
USEFPRINTD=yes


用下面的命令禁用fprintd
# authconfig --disablefingerprint --update


确认效果
# grep -i fprintd /etc/sysconfig/authconfig
USEFPRINTD=no
回复

使用道具 举报

zouhc 发表于 2012-6-9 10:09:50 | 显示全部楼层
楼主这个教程太复杂了,大部分站长都没有自己的服务器,如果网站服务器支持这个函数的话,可以按照这个教程所说的去配置ImageMagick插件:http://www.p293.com/shouji-3776-1-1.html。
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

手机版|小黑屋|Discuz! 官方站 ( 皖ICP备16010102号 )star

GMT+8, 2024-12-26 11:16 , Processed in 0.030007 second(s), 4 queries , Gzip On, Redis On.

Powered by Discuz! X3.4

Copyright © 2001-2023, Tencent Cloud.

快速回复 返回顶部 返回列表