5. Create a Web server (LNMP):

Last Update:2017-08-07 Source: Internet

Author: User

Tags fpm mcrypt rsync aliyun

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Create a Web server (LNMP):

# Optimization by Onekey

Sed-i ' s#selinux=enforcing#selinux=disabled# '/etc/selinux/config

grep selinux=disabled/etc/selinux/config

Setenforce 0

Getenforce

/etc/init.d/iptables stop

Chkconfig iptables off

Chkconfig|egrep-v "Crond|sshd|network|rsyslog|sysstat" |awk ' {print "Chkconfig", $, "Off"} ' |bash

Useradd Oldboy

\cp/etc/sudoers/etc/sudoers.bak

echo "Oldboy all= (All) nopasswd:all" >>/etc/sudoers

Tail-l/etc/sudoers

Visudo-c

echo ' Export tmout=1800 ' >>/etc/profile

echo ' Export histsize=5 ' >>/etc/profile

echo ' Export histfilesize=5 ' >>/etc/profile

. /etc/profile

Echo ' *-nofile 65535 ' >>/etc/security/limits.conf

echo ">/etc/udev/rules.d/70-persistent-net.rules" >>/etc/rc.local

#about SELinux

Cat >>/etc/sysctl.conf <<eof

Net.ipv4.tcp_fin_timeout = 2

Net.ipv4.tcp_tw_reuse = 1

Net.ipv4.tcp_tw_recycle = 1

Net.ipv4.tcp_syncookies = 1

Net.ipv4.tcp_keepalive_time = 600

Net.ipv4.ip_local_port_range = 4000 65000

Net.ipv4.tcp_max_syn_backlog = 16384

Net.ipv4.tcp_max_tw_buckets = 36000

Net.ipv4.route.gc_timeout = 100

Net.ipv4.tcp_syn_retries = 1

Net.ipv4.tcp_synack_retries = 1

Net.core.somaxconn = 16384

Net.core.netdv_max_backlog = 16384

Net.ipv4.tcp_max_orphans = 16384

Net.nf_conntrack_max = 25000000

Net.netfilter.nf_conntrack_max = 25000000

net.netfilter.nf_conntrack_tcp_timeout_established = 180

net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120

Net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60

net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120

Eof

#set IP and hosts for WEB01

Cat >/etc/sysconfig/network-scripts/ifcfg-eth0<<eof

Device=eth0

Type=ethernet

Onboot=yes

Nm_controlled=yes

Bootproto=static

ipaddr=10.0.0.8

netsk=255.255.255.0

gateway=10.0.0.2

nameserver=202.96.128.86

Eof

Cat >/etc/sysconfig/network-scripts/ifcfg-eth1 <<eof

Device=eth1

Type=ethernet

Onboot=yes

Nm_controlled=yes

ipaddr=172.16.1.8

netsk=255.255.255.0

Eof

Cat >/etc/sysconfig/network<<eof

Networking=yes

Hostname=web01

Eof

Hostname WEB01

Cat >/etc/hosts <<eof

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6

172.16.1.5 LB01

172.16.1.6 LB02

172.16.1.7 WEB02

172.16.1.8 WEB01

172.16.1.31 nfs01

172.16.1.41 Backup

172.16.1.51 DB01

172.16.1.61 M01

Eof

#/etc/init.d/network Reload

#make some dir

Mkdir-p/server/scripts/server/tools/application

Reboot

====================================================================================================

#yum Repo and Epel

Yum-y Install wget

\cp/etc/yum.repos.d/centos-base.repo{,.backup}

Wget-o/etc/yum.repos.d/centos-base.repo Http://mirrors.aliyun.com/repo/Centos-6.repo

Wget-o/etc/yum.repos.d/epel.repo Http://mirrors.aliyun.com/repo/epel-6.repo

Yum Clean All

Yum Makecache

#setup some tools and develpment

Yum-y Install Lrzsz nmap Tree Dos2unix NC wget

Yum groupinstall-y "Base" "Compatibility Libraries" "Debugging Tools" "Development tools"

#set NTP cron

echo ' #time sync by NTP Server at 20170608 ' >>/var/spool/cron/root

Echo ' */5 * * * * */usr/sbin/ntpdate 172.16.1.61 >/dev/null 2>&1 ' >>/var/spool/cron/root

Crontab-l

#tar configs for every server rsync to backup

#install rsync

Yum-y Install Rsync

#create Passwordfile

echo "Oldboy" >/etc/rsync.password

chmod 600/etc/rsync.password

Cat >/server/scripts/bak.sh <<eof

#!/bin/sh

# #create by 20has at 2017-5-18

ip=\$ (Ifconfig eth1|awk-f "[:]+" ' Nr==2{print \$4} ')

time=\$ (Date +%f)

Mkdir-p/backup/\ $IP

CD/&& \

Tar-zcf/backup/\ $IP/\ $TIME. tar.gz var/spool/cron/root etc/rc.local server/scripts etc/sysconfig/iptables

Md5sum/backup/\ $IP/\ $TIME. tar.gz >/backup/\ $IP/flag.log

rsync-az/backup/[Email Protected]::backup--password-file=/etc/rsync.password

#del

Find/backup-type f-name "*.tar.gz"-mtime +7 |xargs rm-f

Eof

#add Cron to Rsync backup

Echo ' #add cron to rsync backup at 20170608 ' >>/var/spool/cron/root

Echo ' XX * * * */bin/sh/server/scripts/bak.sh &>/dev/null ' >>/var/spool/cron/root

Crontab-l

#setup Nginx

Yum-y install gcc gcc-c++ ncurses-devel perl OpenSSL openssl-devel pcre pcre-devel

cd/server/tools/

TAR-ZXVF nginx-1.6.3.tar.gz

CD nginx-1.6.3

Useradd www-u888-s/sbin/nologin-m

./configure--user=www--group=www--with-http_stub_status_module--with-http_ssl_module--prefix=/application/ nginx-1.6.3/

Make

Make install

Ln-s/application/nginx-1.6.3//application/nginx

Mkdir-p/application/nginx/conf/extra

Cd/application/nginx/conf/extra

Cat, ... /nginx.conf<<eof

Worker_processes 1;

Events {

Worker_connections 1024;

}

Error_log Logs/error.log error;

HTTP {

Include Mime.types;

Default_type Application/octet-stream;

Sendfile on;

Keepalive_timeout 65;

Include extra/*.conf;

Log_format main ' \ $remote _addr-\ $remote _user [\ $time _local] "\ $request" '

' \ $status \ $body _bytes_sent "\ $http _referer" '

"\ $http _user_agent" "\ $http _x_forwarded_for";

Access_log Logs/access.log Main;

}

Eof

Cat >www.conf<<eof

server {

Listen 80;

server_name www.etiantian.org etiantian.org;

Location/{

Root html/www;

Index index.html index.htm;

}

Eof

Cat >blog.conf<<eof

server {

Listen 80;

server_name blog.etiantian.org;

Location/{

Root Html/blog;

Index index.html index.htm;

}

Eof

Mkdir-p. /.. /html/www. /.. /html/blog

Echo www. /.. /html/www/index.html

Echo Blog, ... /.. /html/blog/index.html

/application/nginx/sbin/nginx

/application/nginx/sbin/nginx-s Reload

Lsof-i: 80

#setup PHP

Yum-y Install zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel

Yum-y Install freetype-devel libpng-devel gd-devel libcurl-devel libxslt-devel

Yum-y Install Libmcrypt-devel Mhash mcrypt

cd/server/tools/

Tar zxf libiconv-1.14.tar.gz

CD libiconv-1.14

./configure--prefix=/usr/local/libiconv

Make

Make install

Cd.. /

Tar zxf php-5.5.32.tar.gz

CD php-5.5.32

./configure \

--prefix=/application/php5.5.32 \

--WITH-MYSQL=MYSQLND \

--WITH-PDO-MYSQL=MYSQLND \

--with-iconv-dir=/usr/local/libiconv \

--with-freetype-dir \

--with-jpeg-dir \

--with-png-dir \

--with-zlib \

--WITH-LIBXML-DIR=/USR \

--enable-xml \

--disable-rpath \

--enable-bcmath \

--ENABLE-SHMOP \

--enable-sysvsem \

--enable-inline-optimization \

--with-curl \

--enable-mbregex \

--ENABLE-FPM \

--enable-mbstring \

--with-mcrypt \

--WITH-GD \

--ENABLE-GD-NATIVE-TTF \

--WITH-OPENSSL \

--with-mhash \

--ENABLE-PCNTL \

--enable-sockets \

--WITH-XMLRPC \

--ENABLE-SOAP \

--enable-short-tags \

--enable-static \

--with-xsl \

--WITH-FPM-USER=WWW \

--WITH-FPM-GROUP=WWW \

--ENABLE-FTP \

--enable-opcache=no

Ln-s/application/mysql/lib/libmysqlclient.so.18/usr/lib64/

Touch Ext/phar/phar.phar

Make

Make install

Ln-s/application/php5.5.32//application/php

CP Php.ini-production/application/php/lib/php.ini

cd/application/php/etc/

CP Php-fpm.conf.default php-fpm.conf

/application/php/sbin/php-fpm

Lsof-i: 9000

Ps-ef |grep PHP-FPM

cd/application/nginx/conf/extra/

Cat >blog.conf<<eof

server {

Listen 80;

server_name blog.etiantian.org;

Location/{

Root Html/blog;

Index index.php index.html index.htm;

Try_files \ $uri \ $uri//index.php?q=\ $uri &\ $args;

}

Location ~. *\. (PHP|PHP5)? \$ {

Root Html/blog;

Fastcgi_pass 127.0.0.1:9000;

Fastcgi_index index.php;

Include fastcgi.conf;

}

Eof

/application/nginx/sbin/nginx-t

/application/nginx/sbin/nginx-s Reload

#setup WordPress

cd/server/tools/

Tar XF wordpress-4.7.4-zh_cn.tar.gz

\cp-a wordpress/*/application/nginx/html/blog/

Chown-r www.www/application/nginx/html/blog/

Mkdir-p/application/nginx/html/blog/wp-content/uploads

#mount NFS to store uploads-files

Yum-y Install Nfs-utils Rpcbind

/etc/init.d/rpcbind start

Chkconfig Rpcbind on

Chkconfig--list Rpcbind

Netstat-lntup |grep RPC

SHOWMOUNT-E 172.16.1.31

Mount-t NFS 172.16.1.31:/data/application/nginx/html/blog/wp-content/uploads/

echo "Mount-t NFS 172.16.1.31:/data/application/nginx/html/blog/wp-content/uploads/" >>/etc/rc.local

Df-h

WordPress pseudo-Static build complete!

Two ways to add IP aliases:

[Email protected] conf]# ifconfig eth0:0 10.0.0.101/24 up

[[Email protected] conf]# IP addr Add 10.0.0.102/24 dev eth0 label eth0:1

5. Create a Web server (LNMP):

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

5. Create a Web server (LNMP):

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support

5. Create a Web server (LNMP):

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

Trending Topic

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support