Compile and install LNMP in CentOS 6.5 Production Environment
I. Environment preparation
1. Operating System installation: CentOS 6.5 64-bit minimal installation.
2. Configure IP, DNS, gateway, and host name
3. configure the firewall and enable ports 80 and 3306
Vim/etc/sysconfig/iptables
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 80-j ACCEPT # Allow port 80 through the firewall
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 3306-j ACCEPT # Allow port 3306 through the firewall
Note: if these two rules are added to the last line of the firewall configuration, the firewall fails to start, and the correct rule should be added to the default port 22.
/Etc/init. d/iptables restart # restart the firewall to make the configuration take effect.
4. Disable SELinux.
Vi/etc/selinux/configurations
# SELINUX = enforcing # comment out
# SELINUXTYPE = targeted # comment out
SELINUX = disabled # Add
: Wq! # Save and exit
Setenforce 0 # Make the configuration take effect immediately
Ii. system conventions
Hard Disk Partition: 50 GB (/boot 200 M/swap 8192 M/) + 100 GB (/opt)
Software source code package storage location:/opt/local/src
Source code package compilation and installation location:/opt/local/software name
Database data file storage path/opt/local/mysql/var
3. download the software package
1. Download nginx (current stable version): http://nginx.org/download/nginx-1.4.4.tar.gz
2. Download pcre (supporting nginx pseudo static): ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.34.tar.gz
3. Download MySQL: http://cdn.mysql.com/Downloads/MySQL-5.5/mysql-5.5.35.tar.gz
4, download php: http://cn2.php.net/distributions/php-5.5.7.tar.gz
5. Download cmake (MySQL compilation tool): http://www.cmake.org/files/v2.8/cmake-2.8.12.1.tar.gz
6. Download libmcrypt (PHPlibmcrypt module): http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
7. Download the GD library installation package (php page image Verification Code support): https://phpsqq.googlecode.com/files/gd-2.0.36RC1.tar.gz
Upload the software package to the/opt/local/src directory.
4. Install compilation tools and library files
One-click installation using the CentOS yum command
Yum install-y make apr * autoconf automake curl-devel gcc-c ++ gtk +-devel zlib-devel openssl-devel pcre-devel gd kernel keyutils patch perl kernel- headers compat * cpp glibc libgomp libstdc ++-devel keyutils-libs-devel libsepol-devel kernel-devel krb5-devel libXpm * freetype-devel freetype * fontconfig-devel liblibjpeg * libpng * -common php-gd gettext-devel ncurses * libtool * libxml2 libxml2-devel patch policycoreutils bison
V. Software Installation
1. Install cmake
Cd/opt/local/src
Tar zxvf cmake-2.8.8.tar.gz
Cd cmake-2.8.8
./Configure -- prefix =/opt/local/cmake
Make # compile
Make install # install
Vim/etc/profile Add the cmake execution file path in the path
Export PATH = $ PATH:/opt/local/cmake/bin
Source/etc/profile make the configuration take effect immediately
2. Install pcre
Cd/opt/local/src
Mkdir/usr/local/pcre # create the installation directory
Tar zxvf pcre-8.34.tar.gz
Cd pcre-8.34
./Configure -- prefix =/opt/local/pcre # Configuration
Make & make install
3. Install libmcrypt
Cd/opt/local/src
Tar zxvf libmcrypt-2.5.8.tar.gz # Extract
Cd libmcrypt-2.5.8 # Go To The Directory
./Configure # Configuration
Make # compile
Make install # install
4. Install the gd library
Cd/opt/local/src
Tar zxvf gd-2.0.36RC1.tar.gz
Cd gd-2.0.36RC1
. /Configure -- enable-m4_pattern_allow-prefix =/opt/local/gd -- with-jpeg =/usr/lib -- with-png =/usr/lib -- with-xpm =/usr/lib -- with-freetype =/usr/lib -- with-fontconfig =/usr/lib # Configuration
Make # compile
Make install # install
5. Install Mysql
Groupadd mysql # Add a mysql Group
Useradd-g mysql-s/bin/false # create a user mysql and add it to the mysql group. mysql users are not allowed to log on directly to the system.
Mkdir-p/opt/data/mysql/var # create a directory for storing MySQL Databases
Chown-R mysql: mysql/opt/data/mysql/var # Set MySQL database Directory Permissions
Cd/opt/local/src
Tar zxvf mysql-5.5.35.tar.gz # Extract
Cd mysql-5.5.35
Cmake.-DCMAKE_INSTALL_PREFIX =/opt/local/mysql-DMYSQL_DATADIR =/opt/data/mysql/var-DSYSCONFDIR =/etc # Configuration
Make # compile
Make install # install
Cd/opt/local/mysql
Cp./support-files/my-huge.cnf/etc/my. cnf # copy the configuration file (Note: if there is a my. cnf under the/etc directory by default, directly overwrite it)
Vi/etc/my. cnf # edit the configuration file and add it in [mysqld ].
Datadir =/opt/data/mysql/var # Add the MySQL database path
./Scripts/mysql_install_db -- user = mysql # generate a mysql System Database
Cp./support-files/mysql. server/etc/rc. d/init. d/mysqld # Add Mysql to the system to start
Chmod 755/etc/init. d/mysqld # Add execution permission
Chkconfig mysqld on # Add to startup
Vi/etc/rc. d/init. d/mysqld # Edit
Basedir =/opt/local/mysql # MySQL installation path
Datadir =/opt/local/mysql/var # MySQl database storage directory
Service mysqld start # start
Vi/etc/profile # Add the mysql service to the system environment variable: Add the following line at the end
Export PATH = $ PATH:/opt/local/cmake/bin:/opt/local/mysql/bin
Source/etc/profile # Make the configuration take effect immediately
Mkdir/var/lib/mysql # create a directory
Ln-s/tmp/mysql. sock/var/lib/mysql. sock # Add soft link
Mysql_secure_installation # Set the Mysql password. Press Y to enter the password twice.
/Opt/local/mysql/bin/mysqladmin-u root-p password "123456" # or directly change the password
At this point, mysql installation is complete!
6. Install nginx
Cd/opt/local/src
Groupadd www # Add a www Group
Useradd-g www-s/bin/false # create an nginx Running Account www and add it to the www group. www users are not allowed to log on to the system directly.
Tar zxvf nginx-1.4.4.tar.gz
Cd nginx-1.4.4
. /Configure -- prefix =/opt/local/nginx -- without-http_memcached_module -- user = www -- group = www -- with-http_stub_status_module -- with-openssl =/usr/-- with-pcre =/opt/local /src/pcre-8.31
Note: -- with-pcre =/opt/local/src/pcre-8.34 points to the source package decompression path, rather than the installation path, otherwise it will report an error
Make
Make install
/Opt/local/nginx/sbin/nginx # Start nginx
Enable nginx startup
Vi/etc/rc. d/init. d/nginx # edit the Startup File and add the following content
========================================================== ====================
#! /Bin/bash
# Nginx Startup script for the Nginx HTTP Server
# It is v.0.0.2 version.
# Chkconfig:-85 15
# Description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# Processname: nginx
# Pidfile:/var/run/nginx. pid
# Config:/usr/local/nginx/conf/nginx. conf
Nginxd =/opt/local/nginx/sbin/nginx
Nginx_config =/opt/local/nginx/conf/nginx. conf
Nginx_pid =/opt/local/nginx/logs/nginx. pid
RETVAL = 0
Prog = "nginx"
# Source function library.
./Etc/rc. d/init. d/functions
# Source networking configuration.
./Etc/sysconfig/network
# Check that networking is up.
[$ {NETWORKING} = "no"] & exit 0
[-X $ nginxd] | exit 0
# Start nginx daemons functions.
Start (){
If [-e $ nginx_pid]; then
Echo "nginx already running ...."
Exit 1
Fi
Echo-n $ "Starting $ prog :"
Daemon $ nginxd-c $ {nginx_config}
RETVAL =$?
Echo
[$ RETVAL = 0] & touch/var/lock/subsys/nginx
Return $ RETVAL
}
# Stop nginx daemons functions.
Stop (){
Echo-n $ "Stopping $ prog :"
Killproc $ nginxd
RETVAL =$?
Echo
[$ RETVAL = 0] & rm-f/var/lock/subsys/nginx/usr/local/nginx/logs/nginx. pid
}
Reload (){
Echo-n $ "Reloading $ prog :"
# Kill-HUP 'cat $ {nginx_pid }'
Killproc $ nginxd-HUP
RETVAL =$?
Echo
}
# See how we were called.
Case "$1" in
Start)
Start
;;
Stop)
Stop
;;
Reload)
Reload
;;
Restart)
Stop
Start
;;
Status)
Status $ prog
RETVAL =$?
;;
*)
Echo $ "Usage: $ prog {start | stop | restart | reload | status | help }"
Exit 1
Esac
Exit $ RETVAL
========================================================== ====================
: Wq! # Save and exit
Chmod 775/etc/rc. d/init. d/nginx # grant the File Execution permission
Chkconfig nginx on # Set startup
/Etc/rc. d/init. d/nginx restart # restart Nginx
Service nginx restart
========================================================== ====================
7. install php
Cd/opt/local/src
Tar-zvxf php-5.5.7.tar.gz
Cd php-5.5.7.
. /Configure -- prefix =/opt/local/php5 -- with-config-file-path =/opt/local/php5/etc -- with-mysql =/opt/local/mysql -- with-mysql-sock =/tmp/mysql. sock -- with-gd -- with-iconv -- with-zlib -- enable-xml -- enable-bcmath -- enable-shmop -- enable-sysvsem -- enable-inline-optimization -- enable-mbregex -- enable-fpm -- enable-mbstring -- enable-ftp -- enable-gd-native-ttf -- with-openssl -- enable-pcntl -- enable-sockets -- with-xmlrpc -- enable-zip -- enable-soap -- without-pear -- with-gettext -- enable-session -- with-mcrypt -- with-curl -- with-jpeg-dir -- with-freetype-dir
Make # compile
Make install # install
Cp php. ini-production/opt/local/php5/etc/php. ini # copy the php configuration file to the installation directory.
Rm-rf/etc/php. ini # Delete the built-in configuration file of the system
Ln-s/opt/local/php5/etc/php. ini/etc/php. ini # Add soft link
Cp/opt/local/php5/etc/php-fpm.conf.default/opt/local/php5/etc/php-fpm.conf # copy the template file for php-fpm configuration file
Vi/opt/local/php5/etc/php-fpm.conf # Edit
User = www # Set the php-fpm runtime account to www
Group = www # Set the php-fpm running group to www
Pid = run/php-fpm.pid # Remove the semicolon above
Set the startup of php-fpm
Cp/opt/local/src/php-5.5.7/sapi/fpm/init. d. php-fpm/etc/rc. d/init. d/php-fpm # copy php-fpm to the startup directory
Chmod + x/etc/rc. d/init. d/php-fpm # Add execution permission
Chkconfig php-fpm on # Set startup
Vi/opt/local/php5/etc/php. ini # edit the configuration file
Find: disable_functions =
Changed to disable_functions = passthru, exec, system, chroot, scandir, chgrp, chown, shell_exec, proc_open, proc_get_status, ini_alter, ini_alter, rewrite, dl, openlog, syslog, readlink, symlink, delimiter, dll, popen, disk_free_space, checkdnsrr, checkdnsrr, getservbyname, getservbyport, delimiter, posix_ctermid, delimiter, delimiter, posix_getegid, delimiter, posix_getgrnam, posix_getgroups, upper, lower, lower, posix_getpid, lower, posix_getpwnam, lower, lower, posix_getsid, posix_getuid, lower, posix_kill, posix_mkfifo, lower, posix_setsid, posix_setuid, posix_strerror, posix_times, posix_ttyname, posix_uname
# List functions that can be disabled by PHP. If some programs need this function, they can be deleted and disabled.
Locate:; date. timezone =
Change to: date. timezone = PRC # set the time zone
Find: expose_php = On
Change to: expose_php = OFF # disable display of php version information
Find: short_open_tag = Off
Changed to: short_open_tag = ON # php short labels supported
8. Configure nginx to support php
Vi/opt/local/nginx/conf/nginx. conf
Modify the/opt/local/nginx/conf/nginx. conf file as follows:
User www; # Remove comments from the first line of user and change the Nginx running group to www; the group configuration must be the same as that in the/opt/local/php/etc/php-fpm.conf, otherwise, an error occurred while running php.
User www;
Worker_processes 1;
Events {
Worker_connections 1024;
}
Http {
Include mime. types;
Default_type application/octet-stream;
Sendfile on;
Keepalive_timeout 65;
Server {
Listen 80;
Server_name localhost;
Location /{
Root html;
Index. php index.html index.htm;
}
Location ~ \. Php $ {
Root html;
Fastcgi_pass 127.0.0.1: 9000;
Fastcgi_index index. php;
Fastcgi_param SCRIPT_FILENAME $ document_root $ fastcgi_script_name;
Include fastcgi_params;
}
}
}
/Etc/init. d/nginx restart # restart nginx
Vi. Test
Cd/opt/local/nginx/html/# enter the default nginx website root directory
Rm-rf/opt/local/nginx/html/* # Delete the default test page
Vi index. php # create an index. php file
Phpinfo ();
?>
: Wq! # Save and exit
Chown www. www/opt/local/nginx/html/-R # Set the directory owner
Chmod 700/opt/local/nginx/html/-R # Set Directory Permissions
VII. Other Instructions
Server-related operation commands
Service nginx restart # restart nginx
Service mysqld restart # restart mysql
/Usr/local/php/sbin/php-fpm # Start php-fpm
/Etc/rc. d/init. d/php-fpm restart # restart php-fpm
/Etc/rc. d/init. d/php-fpm stop # stop php-fpm
/Etc/rc. d/init. d/php-fpm start # start php-fpm
The default nginx site directory is/opt/local/nginx/html/
Permission settings: chown www. www/opt/local/nginx/html/-R
The MySQL database directory is/opt/local/mysql/var.
Permission settings: chown mysql. mysql-R/opt/local/mysql/var
VIII. Security Optimization
Sherwin @ rocnic ~ $ Ssh root@172.16.134.141.
Root@172.16.134.141's password:
Last login: Sat Jan 18 12:11:57 2014 from 172.16.134.1
-Bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory
[Root @ dev01 ~] # Locale
Locale: Cannot set LC_CTYPE to default locale: No such file or directory
Locale: Cannot set LC_ALL to default locale: No such file or directory
LANG = en_US.UTF-8
LC_CTYPE = UTF-8
LC_NUMERIC = "en_US.UTF-8"
LC_TIME = "en_US.UTF-8"
LC_COLLATE = "en_US.UTF-8"
LC_MONETARY = "en_US.UTF-8"
LC_MESSAGES = "en_US.UTF-8"
LC_PAPER = "en_US.UTF-8"
LC_NAME = "en_US.UTF-8"
LC_ADDRESS = "en_US.UTF-8"
LC_TELEPHONE = "en_US.UTF-8"
LC_MEASUREMENT = "en_US.UTF-8"
LC_IDENTIFICATION = "en_US.UTF-8"
LC_ALL =
Ubuntu 14.04 LTS install LNMP Nginx \ PHP5 (PHP-FPM) \ MySQL
Install the LAMP \ Vsftpd \ Webmin \ phpMyAdmin service and settings in Ubuntu 13.04
Build and install the LNMP production environment in CentOS 6.4
Practical Production Environment-LNMP architecture compilation and installation + SSL encryption implementation
LNMP full-featured compilation and installation for CentOS 6.3 notes
Install LNMP in CentOS 6.3 (PHP 5.4, MyySQL5.6)
Nginx startup failure occurs during LNMP deployment.
Ubuntu install Nginx php5-fpm MySQL (LNMP environment setup)