文章目录
一、环境
| 软件 | 版本 | 安装目录 |
|---|---|---|
| Ubuntu | 20.04.3 | |
| Nginx | 1.20.2 | /data/nginx |
| MySQL | 5.7.35 | /data/mysql |
| Redis | 5.0.5 | /data/redis |
| PHP | 5.6.40 | /data/php |
| 项目目录 | /data/www |
二、服务器初始化
1、设置主机名
hostnamectl set-hostname test.server
2、配置 apt 源
cat > /etc/apt/sources.list << EOF
deb http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
EOF
更新软件源列表
apt-get update
3、关闭防火墙
ufw disable
4、安装基本工具
apt-get install -y wget vim net-tools bash* build-essential cmake bison libncurses5-dev libssl-dev pkg-config libxml2-dev zlib1g-dev libbz2-dev libcurl4-gnutls-dev libjpeg-dev libpng-dev libgmp-dev libgmp3-dev libmcrypt-dev mcrypt libedit-dev libreadline-dev libxslt1-dev libpcre3 libpcre3-dev libfreetype6-dev
source /usr/share/bash-completion/bash_completion
5、允许 root 远程登录
vim /etc/ssh/sshd_config
添加以下配置
PermitRootLogin yes
设置 root 用户密码
sudo passwd
三、安装 MySQL
1、下载源码包
wget https://cdn.mysql.com/archives/mysql-5.7/mysql-boost-5.7.35.tar.gz
解压
tar -zxvf mysql-boost-5.7.35.tar.gz;cd mysql-5.7.35/
2、编译安装
编译配置
cmake . \
-DCMAKE_INSTALL_PREFIX=/data/mysql \
-DSYSCONFDIR=/data/mysql/ \
-DMYSQL_DATADIR=/data/mysql/data \
-DMYSQL_TCP_PORT=3306 \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DWITH_FEDERATED_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DENABLED_LOCAL_INFILE=1 \
-DEXTRA_CHARSETS=all \
-DDEFAULT_CHARSET=utf8mb4 \
-DDEFAULT_COLLATION=utf8mb4_general_ci \
-DWITH_SSL=system \
-DWITH_BOOST=boost
查看CPU线程数
cat /proc/cpuinfo | grep processor | wc -l
根据线程数 设置 -j 的数值,例如:我的 CPU 为 16 线程,就设置为 16,这样可以加快编译速度
make -j 16 && make install
3、后续配置
cd /data/mysql/;mkdir mysql-files;chmod 750 mysql-files/
创建配置文件
vim my.cnf
添加以下内容
[mysqld]
port=3306
basedir=/data/mysql
datadir=/data/mysql/data
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysqld.log
创建 mysql 普通用户
useradd -r -s /sbin/nologin mysql
chown -R mysql:mysql /data/mysql/
初始化设置
bin/mysqld --defaults-file=/data/mysql/my.cnf --initialize --user=mysql --basedir=/data/mysql
bin/mysql_ssl_rsa_setup --datadir=/data/mysql/data
创建启动脚本
cp support-files/mysql.server /etc/init.d/mysql
设置开机自启
update-rc.d mysql defaults
启动 MySQL
service mysql start && service mysql status
获取初始密码
grep -r root@localhost: mysqld.log
2021-11-17T14:02:38.114708Z 1 [Note] A temporary password is generated for root@localhost: -dlsNg?aW6mn
4、权限设置
登录 MySQL
bin/mysql -u root -p
运行以下 SQL
set password for root@localhost = password('123456Aa.');
grant all privileges on *.* to 'root'@'%' identified by '123456Aa.';
flush privileges;
四、安装 PHP
1、安装依赖软件
curl
ln -s /usr/include/x86_64-linux-gnu/curl/ /usr/local/include/curl
gmp
ln -s /usr/include/x86_64-linux-gnu/gmp.h /usr/include/gmp.h
freetype
cd /usr/local/src
wget https://nchc.dl.sourceforge.net/project/freetype/freetype2/2.8.1/freetype-2.8.1.tar.bz2
tar -xvf freetype-2.8.1.tar.bz2;cd freetype-2.8.1/
./configure --prefix=/usr/local/freetype
make && make install
openssl
cd /usr/local/src/
wget https://www.openssl.org/source/openssl-1.0.2k.tar.gz
tar -zxvf openssl-1.0.2k.tar.gz;cd openssl-1.0.2k/
./config shared --openssldir=/usr/local/openssl --prefix=/usr/local/openssl
make && make install
echo "/usr/local/openssl/lib/" >> /etc/ld.so.conf && ldconfig
2、创建 www 用户
useradd -r -s /sbin/nologin www
mkdir /data/www;chown -R www:www /data/www
3、下载源码包
wget https://www.php.net/distributions/php-5.6.40.tar.gz
tar -zxvf php-5.6.40.tar.gz;cd php-5.6.40/
4、编译安装
编译配置
./configure \
--prefix=/data/php \
--with-config-file-path=/data/php/etc \
--enable-fpm \
--enable-inline-optimization \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-libxml-dir \
--with-xmlrpc \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-pcre-regex \
--with-sqlite3 \
--with-zlib \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--with-cdb \
--enable-dom \
--enable-exif \
--enable-fileinfo \
--enable-filter \
--with-pcre-dir \
--enable-ftp \
--with-gd \
--with-openssl=/usr/local/openssl \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir \
--with-freetype-dir=/usr/local/freetype \
--enable-gd-native-ttf \
--enable-gd-jis-conv \
--with-gettext \
--with-gmp \
--with-mhash \
--enable-json \
-enable-mbstring \
--enable-mbregex \
--enable-mbregex-backtrack \
--with-libmbfl \
--with-onig \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-zlib-dir \
--with-pdo-sqlite \
--with-readline \
--enable-session \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx \
--with-libxml-dir \
--with-xsl \
--enable-zip \
--enable-mysqlnd-compression-support \
--with-fpm-group=www \
--with-fpm-user=www \
--enable-pcntl \
--with-mysql
多线程编译安装
make -j 16 && make install
5、后续配置
创建 php.ini 配置文件
cp php.ini-production /data/php/etc/php.ini
创建启动脚本
cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm
设置开机自启
update-rc.d php-fpm defaults
创建 php-fpm.conf 配置文件
cd /data/php/etc/
cp php-fpm.conf.default php-fpm.conf
编辑 php.ini 文件
vim php.ini
更改配置
post_max_size = 64M
upload_max_filesize = 64M
date.timezone = PRC
cgi.fix_pathinfo=1
max_execution_time = 300
编辑 php-fpm 文件
vim php-fpm.conf
追加以下配置
pm.max_children = 100
pm.start_servers = 30
pm.min_spare_servers = 20
pm.max_spare_servers = 100
pm.max_requests = 500
启动 php-fpm 服务
service php-fpm start && service php-fpm status
五、安装 Redis
1、下载源码包
wget http://download.redis.io/releases/redis-5.0.5.tar.gz
tar -zxvf redis-5.0.5.tar.gz;cd redis-5.0.5/
2、编译安装
make && make install PREFIX=/data/redis
3、创建配置文件
mv redis.conf /data/redis/redis.conf
4、创建启动脚本
vim /usr/lib/systemd/system/redis.service
内容
[Unit]
Description=Redis persistent key-value database
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
PIDFile=/data/redis/redis.pid
ExecStart=/data/redis/bin/redis-server /data/redis/redis.conf --supervised systemd
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
LimitNOFILE=655360
PrivateTmp=true
Type=notify
User=root
Group=root
[Install]
WantedBy=multi-user.target
启动服务
systemctl start redis.service && systemctl enable redis.service
六、安装 Nginx
1、下载源码包
wget http://nginx.org/download/nginx-1.20.2.tar.gz
tar -zxvf nginx-1.20.2.tar.gz;cd nginx-1.20.2/
2、编译配置
./configure \
--prefix=/data/nginx \
--with-compat \
--with-file-aio \
--with-threads \
--with-http_addition_module \
--with-http_auth_request_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_realip_module \
--with-http_secure_link_module \
--with-http_slice_module \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_sub_module \
--with-http_v2_module \
--with-mail \
--with-mail_ssl_module \
--with-stream \
--with-stream_realip_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' \
--with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'
3、编译安装
make -j 16 && make install
4、后续配置
配置vim语法高亮
cp -r contrib/vim/* /usr/share/vim/vim81/
nginx.conf 配置文件示例
vim /data/nginx/conf/nginx.conf
user root;
worker_processes auto;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
client_max_body_size 200m;
client_header_timeout 600s;
client_body_timeout 600s;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 6;
gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_vary on;
include /data/nginx/conf/mime.types;
default_type application/octet-stream;
include /data/nginx/conf/vhosts/*.conf;
}
5、启动脚本
vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx
Documentation=http://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/data/nginx/logs/nginx.pid
ExecStart=/data/nginx/sbin/nginx -c /data/nginx/conf/nginx.conf
ExecReload=/bin/sh -c "/bin/kill -s HUP $(/bin/cat /data/nginx/logs/nginx.pid)"
ExecStop=/bin/sh -c "/bin/kill -s TERM $(/bin/cat /data/nginx/logs/nginx.pid)"
[Install]
WantedBy=multi-user.target
启动服务
systemctl start nginx.service && systemctl enable nginx.service
代理 php 服务配置(参考)
server {
listen 80;
server_name api.server.cn;
rewrite ^(.*) https://$server_name$1 permanent;
}
server {
listen 443 ssl;
server_name api.server.cn;
ssl_certificate /data/nginx/ssl/api.server.cn.pem;
ssl_certificate_key /data/nginx/ssl/api.server.cn.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
index index.html index.php;
root /data/www/html/api/web;
rewrite (\/\.svn|.git\/) /404/;
if ($http_user_agent ~* yahoo|bingbot) {
return 403;
}
if ($query_string ~* ".*(insert|select|delete|update|count|master|truncate|declare|'|%27|%22|%3C|%3E|;|%20and%20|%20or%20).*"){
return 404;
}
location / {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
if ($request_method = 'OPTIONS') {
return 204;
}
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ .*\.(php|php5)?$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_param ENV 'prod';
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS;
if ($request_method = 'OPTIONS') {
return 204;
}
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
#日志
access_log off;
}
七、配置环境变量
vim ~/.bashrc
追加以下内容
# MySQL
export PATH=$PATH:/data/mysql/bin
# PHP
export PATH=$PATH:/data/nginx/sbin
# Nginx
export PATH=$PATH:/data/php/sbin
# Redis
export PATH=$PATH:/data/redis/bin
source ~/.bashrc