CentOS 6.2编译安装Nginx1.0.12+MySQL5.5.21+PHP5.3.10

ninjasex · 发表于 2012-5-8 14:15:01

本帖最后由 ninjasex 于 2012-5-8 14:16 编辑

说明：
操作系统：CentOS 6.2 32位
系统安装教程：CentOS 6.2安装(超级详细图解教程) http://www.osyunwei.com/archives/1537.html
准备篇：
一、配置好IP、DNS 、网关，确保使用远程连接工具能够连接服务器
   CentOS 设置IP地址、网关、DNS教程：http://www.osyunwei.com/archives/423.html
二、配置防火墙，开启80端口、3306端口
vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT（允许80端口通过防火墙）
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT（允许3306端口通过防火墙）
特别提示：很多网友把这两条规则添加到防火墙配置的最后一行，导致防火墙启动失败，正确的应该是添加到默认的22端口这条规则的下面
添加好之后防火墙规则如下所示：
#########################################################
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
#########################################################
/etc/init.d/iptables restart  #最后重启防火墙使配置生效
三、关闭SELINUX
vi /etc/selinux/config
#SELINUX=enforcing    #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled       #增加
:wq  保存，关闭
shutdown -r now #重启系统
四、系统约定
软件源代码包存放位置：/usr/local/src
源码包编译安装位置：/usr/local/软件名字
五、下载软件包
1、下载nginx（目前稳定版）
  /etc/rc.d/init.d/nginx restart
service nginx restart
=======================================================
六、安装php
cd /usr/local/src
tar -zvxf php-5.3.10.tar.gz
cd  php-5.3.10
mkdir -p /usr/local/php5  #建立php安装目录
./configure --prefix=/usr/local/php5 --with-config-file-path=/usr/local/php5/etc --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-mysql-sock=/tmp/mysql.sock --with-gd --with-iconv  --with-zlib  --enable-xml --enable-magic-quotes --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curlwrappers --enable-mbregex  --enable-fpm --enable-mbstring --enable-ftp --enable-gd-native-ttf --with-openssl --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --enable-session --with-mcrypt --with-curl  #配置
make #编译
make install #安装
cp  php.ini-production /usr/local/php5/etc/php.ini  #复制php配置文件到安装目录
rm -rf /etc/php.ini #删除系统自带配置文件
ln -s /usr/local/php5/etc/php.ini  /etc/php.ini #添加软链接
cp  /usr/local/php5/etc/php-fpm.conf.default /usr/local/php5/etc/php-fpm.conf #拷贝模板文件为php-fpm配置文件
vi  /usr/local/php5/etc/php-fpm.conf  #编辑
user = www #设置php-fpm运行账号为www
group = www #设置php-fpm运行组为www
pid = run/php-fpm.pid #取消前面的分号
设置 php-fpm开机启动
cp /usr/local/src/php-5.3.10/sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm  #拷贝php-fpm到启动目录
chmod +x /etc/rc.d/init.d/php-fpm  #添加执行权限
chkconfig php-fpm on #设置开机启动
vi /usr/local/php5/etc/php.ini #编辑配置文件
找到：;open_basedir =
修改为：open_basedir = .:/tmp/ #防止php木马跨站，重要！！
找到：disable_functions =
修改为：disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
#列出PHP可以禁用的函数，如果某些程序需要用到这个函数，可以删除，取消禁用。
找到：;date.timezone =
修改为：date.timezone = PRC #设置时区
找到：expose_php = On
修改为：expose_php = OFF  #禁止显示php版本的信息
找到：display_errors = On
修改为：display_errors = OFF  #关闭错误提示
七、配置nginx支持php
vi /usr/local/nginx/conf/nginx.conf
修改/usr/local/nginx/conf/nginx.conf 配置文件,需做如下修改
user www  www;       #首行user去掉注释,修改Nginx运行组为www www；必须与/usr/local/php5/etc/php-fpm.conf中的user,group配置相同，否则php运行出错
index  index.php  index.html index.htm; #添加index.php
  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ \.php$ {
root          html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index  index.php;
fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
include       fastcgi_params;
  }
#取消FastCGI server部分location的注释,并要注意fastcgi_param行的参数,改为$document_root$fastcgi_script_name,或者使用绝对路径
/etc/init.d/nginx restart  #重启nginx
八、配置php支持Zend Guard
安装Zend Guard
cd /usr/local/src
mkdir /usr/local/zend    #建立Zend安装目录
tar xvfz ZendGuardLoader-php-5.3-linux-glibc23-i386.tar.gz  #解压安装文件
cp ZendGuardLoader-php-5.3-linux-glibc23-i386/php-5.3.x/ZendGuardLoader.so  /usr/local/zend/  #拷贝文件到安装目录
vi /usr/local/php5/etc/php.ini #编辑文件
在最后位置添加以下内容
[Zend Guard]
zend_extension=/usr/local/zend/ZendGuardLoader.so
zend_loader.enable=1
zend_loader.disable_licensing=0
zend_loader.obfuscation_level_support=3
zend_loader.license_path=
测试篇
cd  /usr/local/nginx/html/ #进入nginx默认网站根目录
rm -rf /usr/local/nginx/html/* #删除默认测试页
vi  index.php  #新建index.php文件
<?php
phpinfo();
?>
:wq! #保存
chown www.www /usr/local/nginx/html/  -R #设置目录所有者
chmod 700 /usr/local/nginx/html/  -R #设置目录权限
shutdown -r now #重启
在客户端浏览器输入服务器IP地址，可以看到相关的配置信息！
service nginx restart #重启nginx
service mysqld restart #重启mysql
/usr/local/php5/sbin/php-fpm #启动php-fpm
/etc/rc.d/init.d/php-fpm  restart #重启php-fpm
/etc/rc.d/init.d/php-fpm  stop  #停止php-fpm
/etc/rc.d/init.d/php-fpm  start  #启动php-fpm
#############################################################################
备注：
nginx默认站点目录是：/usr/local/nginx/html/
权限设置：chown www.www  /usr/local/nginx/html/  -R
MySQL数据库目录是：/data/mysql
权限设置：chown mysql.mysql -R  /data/mysql
到此，CentOS 6.2下 Nginx1.0.12+MySQL5.5.21+PHP5.3.10+Zend Guard Loader基本运行环境搭建完成！

ninjasex · 发表于 2012-5-11 16:46:44

本帖最后由 ninjasex 于 2012-5-15 12:49 编辑

centos6.2 64bit安装mysql+php 原文张宴http://blog.s135.com/nginx_php_v6/
测试系统：CentOS6.2 64BIT
mysql 更新为5.5.21
php等部分软件升级

一、同步系统时间
ntp.api.bz 是一组NTP服务器集群，目前有6台服务器，位于上海电信。这项服务是 api.bz 继 http://sms.api.bz 移动飞信免费短信发送接口之后的第二项免费 API 服务。
ntpdate ntp.api.bz
设置每小时同步一次时间
crontab -e
添加：
* */1 * * * ntpdate ntp.api.bz >> /var/log/ntpdate.log

二、配置网易YUM源（可选）
首先备份/etc/yum.repos.d/CentOS-Base.repo mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
下载对应版本repo文件, 放入/etc/yum.repos.d/(操作前请做好相应备份)

CentOS4
CentOS5
CentOS6

运行yum makecache生成缓存
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
mkdir -p /data0/software
wget http://mirrors.163.com/.help/CentOS6-Base-163.repo
cp CentOS6-Base-163.repo /etc/yum.repos.d/
yum makecache

三、获取开源程序
sudo -s
LANG=C
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers
软件存放目录
mkdir -p /data0/software

MYSQL

mysql5.5+需要使用cmake编译
wget http://www.cmake.org/files/v2.8/cmake-2.8.7.tar.gz
wget http://mysql.ntu.edu.tw/Downloads/MySQL-5.5/mysql-5.5.24.tar.gz
安装cmake编译

tar zxvf cmake-2.8.7.tar.gz
cd cmake-2.8.7
./bootstrap
gmake
make
make install
cd..
安装mysql
mysql需要在官方下载Source Code下的mysql-5.5.24.tar.gz

tar zxvf mysql-5.5.24.tar.gz
cd mysql-5.5.24
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/webserver/mysql -DINSTALL_DATADIR=/data0/mysql/data -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DEXTRA_CHARSETS=all -DWITH_SSL=system -DWITH_EMBEDDED_SERVER=1 -DENABLED_LOCAL_INFILE=1 -DWITH_MYISAM_STORAGE_ENGINE=1 -DMYSQL_USER=mysql
make
make install

编译选项说明：
-DCMAKE_INSTALL_PREFIX=/usr/local/webserver/mysql //安装目录
-DINSTALL_DATADIR=/data0/mysql/data //数据库存放目录
-DDEFAULT_CHARSET=utf8 //使用utf8字符
-DDEFAULT_COLLATION=utf8_general_ci //校验字符
-DEXTRA_CHARSETS=all //安装所有扩展字符集
-DWITH_SSL=system //使用SSL加密
-DWITH_EMBEDDED_SERVER=1 //编译成embedded mysql library
-DENABLED_LOCAL_INFILE=1 //允许从本地导入数据
-DWITH_MYISAM_STORAGE_ENGINE=1 //安装myisam引擎
配置mysql
mkdir -p /data0/mysql/data
groupadd mysql
useradd -g mysql mysql
chown -R mysql:mysql /data0/mysql/data
cp support-files/my-medium.cnf /etc/my.cnf
vi /etc/my.cnf
在my.cnf中增加用户名及数据目录
在[mysqld]下面增加:
user=mysql
datadir=/data0/mysql/data

开启事件调度（可选）
在 [mysqld] 的下面加入如下行
event_scheduler=1

安装mysql初使化系统表其数据
cd /usr/local/webserver/mysql
./scripts/mysql_install_db --user=mysql

配置mysqld服务，并使其开机自运行
cp support-files/mysql.server /etc/init.d/mysqld
chmod +x /etc/init.d/mysqld
chkconfig --add mysqld
chkconfig mysqld --level 3 on

修改/etc/init.d/mysqld相关配置
vi /etc/init.d/mysqld
将datadir指定为/data0/mysql/data
将basedir指定为/usr/local/webserver/mysql
basedir=/usr/local/webserver/mysql
datadir=/data0/mysql/data
mysqld_pid_file_path=/data/mysql/data/mysql.pid(可选)

启动mysql及指定mysql root密码
service mysqld start
/bin/mysqladmin -u root password 'admin'

将mysql相关命令加到用户PATH中去
vi ~/.bash_profile
将PATH改为：
PATH=$PATH

HOME/bin:/usr/local/webserver/mysql/bin
使其生效：
. ~/.bash_profile
启动，停止和重启mysql命令
service mysqld start
service mysqld stop
service mysqld restart
登录到mysql
mysql -u root -

ninjasex · 发表于 2012-5-12 15:09:58

本帖最后由 ninjasex 于 2012-5-15 15:49 编辑

* php系列

wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz

wget http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0
wget http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0

wget http://blog.s135.com/soft/linux/nginx_php/mhash/mhash-0.9.9.9.tar.gz

安装PHP支持库

tar zxvf libiconv-1.14.tar.gz
cd libiconv-1.14/
./configure --prefix=/usr/local
make
make install
cd ../

tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd http://www.cnblogs.com/

tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install
cd ../

wget http://us.php.net/get/php-5.2.17.tar.gz/from/cn.php.net/mirror

wget http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz

wget http://pecl.php.net/get/memcache-3.0.6.tgz

wget http://blog.s135.com/soft/linux/nginx_php/eaccelerator/eaccelerator-0.9.6.1.tar.bz2

wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz

wget http://blog.s135.com/soft/linux/nginx_php/imagick/ImageMagick.tar.gz

wget http://pecl.php.net/get/imagick-2.3.0.tgz

编译安装PHP（FastCGI模式）

ln -s /usr/lib64/libjpeg.so /usr/lib/libjpeg.so

ln -s /usr/lib64/libpng.so /usr/lib/libpng.so

ln -s /usr/lib64/libldap.so /usr/lib/libldap.so

ln -s /usr/local/webserver/mysql/lib/libmysqlclient.so.18  /usr/lib64/

tar zxvf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | patch -d php-5.2.17 -p1
cd php-5.2.17/

./configure --prefix=/usr/local/webserver/php --with-config-file-path=/usr/local/webserver/php/etc --with-mysql=/usr/local/webserver/mysql --with-mysqli=/usr/local/webserver/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr/ --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-ldap --with-ldap-sasl --with-xmlrpc --enable-zip --enable-soap
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/webserver/php/etc/php.ini (5.3.13默认的php.ini文件后缀需要更改成php.ini-dist)
cd ../

编译安装PHP5扩展模块

tar zxvf memcache-3.0.6.tgz

cd memcache-3.0.6

/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

tar jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/usr/local/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config --with-pdo-mysql=/usr/local/webserver/mysql
make
make install
cd ../

tar zxvf ImageMagick.tar.gz

cd ImageMagick-6.7.5-6/ (我下的怎么是 ImageMagick-6.5.1-2)

./configure
make
make install
cd ../

tar zxvf imagick-2.3.0.tgcd imagick-2.3.0

/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

5、修改php.ini文件　　

手工修改：查找/usr/local/webserver/php/etc/php.ini中的extension_dir = "./"　　

修改为extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"　　

并在此行后增加以下几行，然后保存：
extension = "memcache.so"
extension = "pdo_mysql.so"
extension = "imagick.so"

再查找output_buffering = Off
修改为output_buffering = On

再查找; cgi.fix_pathinfo=0
修改为cgi.fix_pathinfo=0，防止Nginx文件类型错误解析漏洞。

自动修改：若嫌手工修改麻烦，可执行以下shell命令，自动完成对php.ini文件的修改：

sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "imagick.so"\n#' /usr/local/webserver/php/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/webserver/php/etc/php.ini
sed -i "s#; always_populate_raw_post_data = On#always_populate_raw_post_data = On#g" /usr/local/webserver/php/etc/php.ini
sed -i "s#; cgi.fix_pathinfo=0#cgi.fix_pathinfo=0#g" /usr/local/webserver/php/etc/php.ini

配置eAccelerator加速PHP：

mkdir -p /usr/local/webserver/eaccelerator_cache
vi /usr/local/webserver/php/etc/php.ini

复制代码

[eaccelerator]
zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

复制代码

创建www用户和组，以及供虚拟主机使用的目录：

/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /data0/htdocs/www
chmod +w /data0/htdocs/www
chown -R www:www /data0/htdocs/www

创建php-fpm配置文件（php-fpm是为PHP打的一个FastCGI管理补丁，可以平滑变更php.ini配置而无需重启php-cgi）：
　　在/usr/local/webserver/php/etc/目录中创建php-fpm.conf文件：

rm -f /usr/local/webserver/php/etc/php-fpm.conf
vi /usr/local/webserver/php/etc/php-fpm.conf

输入以下内容（如果您安装 Nginx + PHP 用于程序调试，请将以下的<value name="display_errors">0</value>改为<value name="display_errors">1</value>，以便显示PHP错误信息，否则，Nginx 会报状态为500的空白错误页）：
复制代码

<?xml version="1.0" ?>
<configuration>

  All relative paths in this config are relative to php's install prefix

  <section name="global_options">

Pid file
<value name="pid_file">/usr/local/webserver/php/logs/php-fpm.pid</value>

Error log file
<value name="error_log">/usr/local/webserver/php/logs/php-fpm.log</value>

Log level
<value name="log_level">notice</value>

When this amount of php processes exited with SIGSEGV or SIGBUS ...
<value name="emergency_restart_threshold">10</value>

... in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.
<value name="emergency_restart_interval">1m</value>

Time limit on waiting child's reaction on signals from master
<value name="process_control_timeout">5s</value>

Set to 'no' to debug fpm
<value name="daemonize">yes</value>

  </section>

  <workers>

<section name="pool">

   Name of pool. Used in logs and stats.
   <value name="name">default</value>

   Address to accept fastcgi requests on.
   Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
   <value name="listen_address">127.0.0.1:9000</value>

   <value name="listen_options">

      Set listen(2) backlog
      <value name="backlog">-1</value>

      Set permissions for unix socket, if one used.
      In Linux read/write permissions must be set in order to allow connections from web server.
      Many BSD-derrived systems allow connections regardless of permissions.
      <value name="owner"></value>
      <value name="group"></value>
      <value name="mode">0666</value>
   </value>

   Additional php.ini defines, specific to this pool of workers.
   <value name="php_defines">
      <value name="sendmail_path">/usr/sbin/sendmail -t -i</value>
      <value name="display_errors">0</value>
   </value>

   Unix user of processes
   <value name="user">www</value>

   Unix group of processes
   <value name="group">www</value>

   Process manager settings
   <value name="pm">

      Sets style of controling worker process count.
      Valid values are 'static' and 'apache-like'
      <value name="style">static</value>

      Sets the limit on the number of simultaneous requests that will be served.
      Equivalent to Apache MaxClients directive.
      Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi       Used with any pm_style.
      <value name="max_children">128</value>

      Settings group for 'apache-like' pm style
      <value name="apache_like">

      Sets the number of server processes created on startup.
      Used only when 'apache-like' pm_style is selected
      <value name="StartServers">20</value>

      Sets the desired minimum number of idle server processes.
      Used only when 'apache-like' pm_style is selected
      <value name="MinSpareServers">5</value>

      Sets the desired maximum number of idle server processes.
      Used only when 'apache-like' pm_style is selected
      <value name="MaxSpareServers">35</value>

      </value>

   </value>

   The timeout (in seconds) for serving a single request after which the worker process will be terminated
   Should be used when 'max_execution_time' ini option does not stop script execution for some reason
   '0s' means 'off'
   <value name="request_terminate_timeout">0s</value>

   The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
   '0s' means 'off'
   <value name="request_slowlog_timeout">0s</value>

   The log file for slow requests
   <value name="slowlog">logs/slow.log</value>

   Set open file desc rlimit
   <value name="rlimit_files">65535</value>

   Set max core size rlimit
   <value name="rlimit_core">0</value>

   Chroot to this directory at the start, absolute path
   <value name="chroot"></value>

   Chdir to this directory at the start, absolute path
   <value name="chdir"></value>

   Redirect workers' stdout and stderr into main error log.
   If not set, they will be redirected to /dev/null, according to FastCGI specs
   <value name="catch_workers_output">yes</value>

   How much requests each process should execute before respawn.
   Useful to work around memory leaks in 3rd party libraries.
   For endless request processing please specify 0
   Equivalent to PHP_FCGI_MAX_REQUESTS
   <value name="max_requests">1024</value>

   Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
   Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
   Makes sense only with AF_INET listening socket.
   <value name="allowed_clients">127.0.0.1</value>

   Pass environment variables like LD_LIBRARY_PATH
   All $VARIABLEs are taken from current environment
   <value name="environment">
      <value name="HOSTNAME">$HOSTNAME</value>
      <value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
      <value name="TMP">/tmp</value>
      <value name="TMPDIR">/tmp</value>
      <value name="TEMP">/tmp</value>
      <value name="OSTYPE">$OSTYPE</value>
      <value name="MACHTYPE">$MACHTYPE</value>
      <value name="MALLOC_CHECK_">2</value>
   </value>

</section>

  </workers>

</configuration>

复制代码

启动php-cgi进程，监听127.0.0.1的9000端口，进程数为128（如果服务器内存小于3GB，可以只开启64个进程），用户为www：

ulimit -SHn 65535
/usr/local/webserver/php/sbin/php-fpm start

注：/usr/local/webserver/php/sbin/php-fpm还有其他参数，包括：start|stop|quit|restart|reload|logrotate，修改php.ini后不重启php-cgi，重新加载配置文件使用reload。

ninjasex · 发表于 2012-5-12 15:10:46

nginx包

wget http://nginx.org/download/nginx-1.0.12.tar.gz

wget http://blog.s135.com/soft/linux/nginx_php/pcre/pcre-8.10.tar.gz

安装Nginx所需的pcre库：

tar zxvf pcre-8.10.tar.gz
cd pcre-8.10/
./configure
make && make install
cd ../

安装Nginx

tar zxvf nginx-1.0.12.tar.gz
cd nginx-1.0.12/
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
cd ../

创建Nginx日志目录

mkdir -p /data1/logs
chmod +w /data1/logs
chown -R www:www /data1/logs

在/usr/local/webserver/nginx/conf/目录中创建nginx.conf文件：

rm -f /usr/local/webserver/nginx/conf/nginx.conf
vi /usr/local/webserver/nginx/conf/nginx.conf

复制代码

user  www www;
worker_processes 8;
error_log  /data1/logs/nginx_error.log  crit;

pid       /usr/local/webserver/nginx/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;

events
{
  use epoll;
  worker_connections 65535;
}

http
{
  include    mime.types;
  default_type  application/octet-stream;

  #charset  gb2312;

  server_names_hash_bucket_size 128;
  client_header_buffer_size 32k;
  large_client_header_buffers 4 32k;
  client_max_body_size 8m;

  sendfile on;
  tcp_nopush    on;

  keepalive_timeout 60;

  tcp_nodelay on;

  fastcgi_connect_timeout 300;
  fastcgi_send_timeout 300;
  fastcgi_read_timeout 300;
  fastcgi_buffer_size 64k;
  fastcgi_buffers 4 64k;
  fastcgi_busy_buffers_size 128k;
  fastcgi_temp_file_write_size 128k;

  gzip on;
  gzip_min_length  1k;
  gzip_buffers    4 16k;
  gzip_http_version 1.0;
  gzip_comp_level 2;
  gzip_types    text/plain application/x-javascript text/css application/xml;
  gzip_vary on;

log_format  default '$remote_addr - $remote_user [$time_local] "$request" '
            '$status $body_bytes_sent "$http_referer" '
            '"$http_user_agent" $http_x_forwarded_for';

  #limit_zone  crawler  $binary_remote_addr  10m;

  server
  {
listen    80;
server_name  127.0.0.1;
index index.html index.htm index.php;
root  /data0/htdocs/blog;

#limit_conn crawler  20;

location ~ .*\.(php|php5)?$
{
   #fastcgi_pass  unix:/tmp/php-cgi.sock;
   fastcgi_pass  127.0.0.1:9000;
   fastcgi_index index.php;
   include fcgi.conf;
}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|ico)$
{
   expires    365d;
}

location ~ .*\.(js|css)?$
{
   expires    365d;
}

      access_log  /data1/logs/access.log  default;
   }
}

复制代码

在/usr/local/webserver/nginx/conf/目录中创建fcgi.conf文件：

vi /usr/local/webserver/nginx/conf/fcgi.conf

复制代码

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE nginx;

fastcgi_param  QUERY_STRING    $query_string;
fastcgi_param  REQUEST_METHOD    $request_method;
fastcgi_param  CONTENT_TYPE    $content_type;
fastcgi_param  CONTENT_LENGTH    $content_length;

fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME       $fastcgi_script_name;
fastcgi_param  REQUEST_URI       $request_uri;
fastcgi_param  DOCUMENT_URI    $document_uri;
fastcgi_param  DOCUMENT_ROOT    $document_root;
fastcgi_param  SERVER_PROTOCOL $server_protocol;

fastcgi_param  REMOTE_ADDR       $remote_addr;
fastcgi_param  REMOTE_PORT       $remote_port;
fastcgi_param  SERVER_ADDR       $server_addr;
fastcgi_param  SERVER_PORT       $server_port;
fastcgi_param  SERVER_NAME       $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS 200;

复制代码

启动Nginx

ulimit -SHn 65535
/usr/local/webserver/nginx/sbin/nginx

vi /etc/rc.local

ulimit -SHn 65535
/usr/local/webserver/php/sbin/php-fpm start
/usr/local/webserver/nginx/sbin/nginx

ninjasex · 发表于 2012-5-12 15:11:12

优化Linux内核参数

vi /etc/sysctl.conf
复制代码

# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog =  32768
net.core.somaxconn = 32768

net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800

#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024  65535

复制代码

使配置立即生效

/sbin/sysctl -p

在不停止Nginx服务的情况下平滑变更Nginx配置

/usr/local/webserver/nginx/sbin/nginx -t

/usr/local/webserver/nginx/sbin/nginx -s reload

编写每天定时切割Nginx日志的脚本

创建脚本/usr/local/webserver/nginx/sbin/cut_nginx_log.sh

vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
复制代码

#!/bin/bash
# This script run at 00:00

# The Nginx logs path
logs_path="/usr/local/webserver/nginx/logs/"

mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`

复制代码

设置crontab，每天凌晨00:00切割nginx访问日志

crontab -e

00 00 * * * /bin/bash  /usr/local/webserver/nginx/sbin/cut_nginx_log.sh

开启防火墙80端口

vi /etc/sysconfig/iptables

添加

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

重启防火墙

service iptables restart

PS: 如有问题请指正

ninjasex · 发表于 2012-5-13 09:32:42

三、编译安装环境

1. 安装MySQL

1. cd /usr/local/src
2.

3. tar zxvf cmake-2.8.5.tar.gz
4.

5. cd cmake-2.8.5/
6.

7. ./configure
8.

9. gmake &&gmake install
  10.

  11. groupadd mysql
  12. useradd -g mysql mysql
  13.

  14. mkdir -p /data/mysql
  15. chown -R mysql:mysql /data/mysql
  16.

  17. cd /usr/local/src
  18.

  19. tar zxvf mysql-5.5.20.tar.gz
  20.

  21. cd mysql-5.5.20
  22.

  23. cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/Comsenz/mysql -DMYSQL_DATADIR=/data/mysql -DSYSCONFDIR=/usr/local/Comsenz/etc/ -DWITH_BLACKHOLE_STORAGE_ENGINE=1
  24.

  25. make && make install
  26.

  27. cd /usr/local/Comsenz/mysql
  28.

  29. ./scripts/mysql_install_db --user=mysql
  30.

  31. cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld
  32.

  33. chmod 755 /etc/rc.d/init.d/mysqld
  34.

  35. chkconfig --add mysqld
  36.

  37. chkconfig --level 3 mysqld on

复制代码
编辑/etc/rc.d/init.d/mysqld
找到

ninjasex · 发表于 2012-5-25 15:02:40

在虚拟机里新装了CentOS 6.2

之后,root帐户经常收到邮件,说fprintd崩溃
google了一下,是auth使用了fprintd(指纹识别设备)的问题.

用下面的命令确认了下authconfig的配置.
# grep -i fprintd /etc/sysconfig/authconfig
USEFPRINTD=yes

用下面的命令禁用fprintd
# authconfig --disablefingerprint --update

确认效果
# grep -i fprintd /etc/sysconfig/authconfig
USEFPRINTD=no

zouhc · 发表于 2012-6-9 10:09:50

楼主这个教程太复杂了，大部分站长都没有自己的服务器，如果网站服务器支持这个函数的话，可以按照这个教程所说的去配置ImageMagick插件：http://www.p293.com/shouji-3776-1-1.html。

		自动登录	找回密码
密码			立即注册

[教程] CentOS 6.2编译安装Nginx1.0.12+MySQL5.5.21+PHP5.3.10