LANMP_V5.0-centos7.5+nginx1.14+apache2.4.33+php7.2
岳允晨
因项目需要,要将php升级到7,于是将之前的LANMP进行全面升级,centos7.5+nginx1.14+apache2.4.33+php7.2
###初始化系统###
#更新yum源(aliyun)
yum -y install wget mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo yum clean all yum makecache /root/init_system_centos7.sh #init_system_centos7.sh详细见之前博文
#修改hosts文件
echo "192.168.5.32 web32.blufly.com" >> /etc/hosts echo "192.168.5.33 web33.blufly.com" >> /etc/hosts
###更新组件###
yum -y groupinstall 'Development Tools' yum -y install bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg \ libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 \ glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel \ expat-devel libtool libtool-ltdl-devel openssl openssl-devel openldap openldap-devel \ cmake gmp-devel libicu-devel libxslt-devel
###下载安装包###
cd /opt wget http://mirrors.sohu.com/nginx/nginx-1.14.0.tar.gz wget http://mirrors.sohu.com/apache/httpd-2.4.33.tar.bz2 wget http://mirrors.sohu.com/php/php-7.2.6.tar.bz2 wget https://mirrors.shuosc.org/apache/apr/apr-1.6.3.tar.bz2 wget https://mirrors.shuosc.org/apache/apr/apr-util-1.6.1.tar.bz2 #jemalloc 优化nginx,内存管理 wget https://github.com/jemalloc/jemalloc/releases/download/5.1.0/jemalloc-5.1.0.tar.bz2 #字符转换库libiconv wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.15.tar.gz #ImageMagick 是一个图象处理软件。它可以编辑、显示包括JPEG、TIFF、PNM、PNG、GIF和Photo CD在内的绝大多数当今最流行的图象格式 wget http://www.imagemagick.org/download/ImageMagick-7.0.7-35.tar.bz2 #PHP的imagick扩展,用Imagick替代php的GD库 wget http://pecl.php.net/get/imagick-3.4.3.tgz #Suhosin是一个PHP程序的保护系统 wget https://download.suhosin.org/suhosin-0.9.38.tar.gz #ionCube - PHP的加密/解密工具 wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz #pcre支持nginx伪静态 wget https://ftp.pcre.org/pub/pcre/pcre-8.42.tar.gz
###------------ 安装apache -------------###
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www -s /sbin/nologin
mkdir -p /data/www/{blufly,blog}
mkdir -p /data/logs/{blufly,blog}
chown -R www:www /data/www
chown -R www:www /data/logs
cd /opt
tar -zxvf pcre-8.42.tar.gz
cd pcre-8.42
./configure --prefix=/usr/local/pcre
make;make install
cd ../
#安装apr
tar -jvxf apr-1.6.3.tar.bz2 cd apr-1.6.3 ./configure --prefix=/usr/local/apr make;make install
#安装Apr出现的问题rm: cannot remove `libtoolT': No such file or directory
#在configure里面把RM='$RM'改为RM='$RM -f'
cd /opt tar -jvxf apr-util-1.6.1.tar.bz2 cd apr-util-1.6.1 ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/ make;make install cd /opt tar -jxvf httpd-2.4.33.tar.bz2 cd httpd-2.4.33
#隐藏apache版本信息
sed -i 's/#define AP_SERVER_BASEPRODUCT "Apache"/#define AP_SERVER_BASEPRODUCT "Microsoft-IIS 5.0"/' include/ap_release.h sed -i 's/#define PLATFORM "Unix"/#define PLATFORM "win32"/' os/unix/os.h
./configure --prefix=/usr/local/apache \ --enable-deflate \ --enable-headers \ --enable-mime-magic \ --enable-proxy \ --enable-ssl \ --enable-so \ --enable-rewrite \ --enable-suexec \ --with-suexec-bin=/usr/sbin/suexec \ --with-suexec-caller=www \ --with-pcre=/usr/local/pcre/bin/pcre-config \ --with-mpm=prefork \ --with-ssl=/usr \ --with-apr=/usr/local/apr \ --with-apr-util=/usr/local/apr-util/ make;make install
#配置自启动文件
cd ../ cp /usr/local/apache/bin/apachectl /etc/init.d/httpd sed -i '/#!\/bin\/sh/a\# chkconfig: - 85 15\n# description: web server\n# processname: httpd\n# pidfile: /usr/local/apache/logs/httpd.pid\n# config: /usr/local/apache/conf/httpd.conf' /etc/init.d/httpd
#httpd.conf优化
mv /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.bak
#配置mpm_prefork_module
mv /usr/local/apache/conf/extra/httpd-mpm.conf /usr/local/apache/conf/extra/httpd-mpm.conf.bak cat >> /usr/local/apache/conf/extra/httpd-mpm.conf <<EOF <IfModule mpm_prefork_module> ServerLimit 10000 StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxRequestWorkers 10000 MaxConnectionsPerChild 10000 </IfModule> EOF
#配置虚拟主机apache虚拟主机
mv /usr/local/apache/conf/extra/httpd-vhosts.conf /usr/local/apache/conf/extra/httpd-vhosts.conf.bak cat >> /usr/local/apache/conf/extra/httpd-vhosts.conf <<EOF <VirtualHost *:80> ServerAdmin admin@blufly.com DocumentRoot "/data/www/blufly" <Directory "/data/www/blufly"> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory> ServerName www.blufly.com ServerAlias blufly.com ErrorLog "logs/bufly-error_log" CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/blufly/%y_%m_%d.access_log 86400" common </VirtualHost> EOF
#设置apache自启动
cd ../ chmod 700 /etc/init.d/httpd /etc/init.d/httpd start #nginx启动脚本中已有启动apache的命令 #/sbin/chkconfig --add httpd #/sbin/chkconfig --level 2345 httpd on
###-------------- 安装php ----------------###
#安装Atomic仓库
wget http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-21.el7.art.noarch.rpm rpm -ivh atomic-release-1.0-21.el7.art.noarch.rpm
yum -y install php-mcrypt libmcrypt libmcrypt-devel mhash mhash-devel libevent libevent-devel libxml2 \ libxml2-devel bzip2-devel libcurl-devel libjpeg-devel libpng-devel freetype-devel
#安装字符转换库libiconv
cd /opt tar -zxvf libiconv-1.15.tar.gz cd libiconv-1.15/ ./configure --prefix=/usr/local/libiconv
#make时如果报错:./stdio.h:1010:1: 错误:‘gets’未声明
cd srclib/ sed -i -e '/gets is a security/d' ./stdio.in.h cd ../
make;make install cd ../
#编译安装php
tar -jxvf php-7.2.6.tar.bz2 cd php-7.2.6
#configure会报错:configure: error: Cannot find ldap libraries in /usr/lib.
cp -frp /usr/lib64/libldap* /usr/lib/ ./configure --prefix=/usr/local/php \ --with-config-file-path=/usr/local/php/etc \ --with-apxs2=/usr/local/apache/bin/apxs \ --with-iconv-dir=/usr/local/libiconv \ --with-mysqli=mysqlnd \ --with-pdo-mysql=mysqlnd \ --with-libxml-dir \ --with-openssl \ --with-mhash \ --with-pcre-regex \ --with-zlib \ --with-bz2 \ --with-curl \ --with-cdb \ --with-pcre-dir \ --with-gd \ --with-openssl-dir \ --with-jpeg-dir \ --with-png-dir \ --with-zlib-dir \ --with-freetype-dir \ --with-gettext \ --with-gmp \ --with-mhash \ --with-libmbfl \ --with-onig \ --with-zlib-dir \ --with-readline \ --with-libxml-dir \ --with-xsl \ --with-pear \ --enable-soap \ --enable-bcmath \ --enable-calendar \ --enable-dom \ --enable-exif \ --enable-fileinfo \ --enable-filter \ --enable-ftp \ --enable-json \ --enable-mbstring \ --enable-mbregex \ --enable-mbregex-backtrack \ --enable-pdo \ --enable-session \ --enable-shmop \ --enable-simplexml \ --enable-sockets \ --enable-sysvmsg \ --enable-sysvsem \ --enable-sysvshm \ --enable-wddx \ --enable-zip \ --enable-mysqlnd-compression-support \ --enable-intl \ --enable-maintainer-zts \ --disable-rpath \ --disable-debug \ --disable-ipv6
#make报错:error while loading shared libraries: libiconv.so.2: cannot open shared object file: No such file or directory
echo "/usr/local/lib" >> /etc/ld.so.conf /sbin/ldconfig
make #如有报 undefined reference to `libiconv_open' #就用make ZEND_EXTRA_LIBS='-liconv'来进行编译 make install cd ../
cp php.ini-production /usr/local/php/etc/php.ini
############
#如果编译过程中遇到下列信息:PEAR package PHP_Archive not installed: generated phar will require PHP's phar extension be enabled
#cd /opt #wget http://pear.php.net/go-pear.phar #/usr/local/php/bin/php go-pear.phar
############
cd ../
#使用pthreads PHP扩展,可以使PHP真正地支持多线程
#要安装pthreads PHP扩展,在编辑php时要加参数 --enable-maintainer-zts
cd /opt git clone https://github.com/krakjoe/pthreads.git cd pthreads /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make && make install
#安装mysql扩展
cd /opt/php-7.2.6/ext git clone https://github.com/php/pecl-database-mysql mysql --recursive cd mysql /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make && make install
#修改php.ini配置文件
#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20170718" #extension = "mysql.so"
#安装memcached扩展
yum -y install libmemcached libmemcached-devel cd /opt/php-7.2.6/ext git clone https://github.com/php-memcached-dev/php-memcached memcached cd memcached/ git checkout php7 /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make;make install
#安装memcache扩展
cd /opt/php-7.2.6/ext git clone https://github.com/websupport-sk/pecl-memcache memcache cd memcache /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make;make install
#修改php.ini配置文件
#extension = "memcached.so" #extension = "memcache.so"
cd /opt tar -jxvf ImageMagick-7.0.7-35.tar.bz2 cd ImageMagick-7.0.7-35 ./configure --prefix=/usr/local/imagemagick make;make install cd ../ tar -zxvf imagick-3.4.3.tgz cd imagick-3.4.3/ export PKG_CONFIG_PATH=/usr/local/imagemagick/lib/pkgconfig /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config --with-imagick=/usr/local/imagemagick make;make install cd ../ tar -zxvf ioncube_loaders_lin_x86-64.tar.gz cd ioncube mkdir /usr/local/ioncube mv ioncube_loader_lin_7.2.so /usr/local/ioncube/ cd ../
#修改php.ini添加php扩展
sed -i 's#; extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20170718/"\nextension = "memcache.so"\nextension = "memcached.so"\nextension = "mysql.so"\nextension = "pthreads.so"\nextension = "imagick.so"\n#' /usr/local/php/etc/php.ini
#要先添加ionCube扩展
cat >> /usr/local/php/etc/php.ini <<EOF [ionCube Loader] zend_extension=/usr/local/ioncube/ioncube_loader_lin_7.2.so EOF
#再添加opcache扩展
cat >> /usr/local/php/etc/php.ini <<EOF [opcache] zend_extension=/usr/local/php/lib/php/extensions/no-debug-non-zts-20170718/opcache.so opcache.enable=1 opcache.memory_consumption=128 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=4000 opcache.revalidate_freq=60 opcache.fast_shutdown=1 opcache.enable_cli=1 EOF
#查看php已安装扩展
/usr/local/php/bin/php -m
[PHP Modules] bcmath bz2 calendar Core ctype curl date dba dom exif fileinfo filter ftp gd gettext gmp hash iconv imagick intl ionCube Loader json libxml mbstring memcache memcached mysql mysqli mysqlnd openssl pcre PDO pdo_mysql pdo_sqlite Phar posix readline Reflection session shmop SimpleXML soap sockets SPL sqlite3 standard sysvmsg sysvsem sysvshm tokenizer wddx xml xmlreader xmlwriter xsl Zend OPcache zip zlib [Zend Modules] Zend OPcache the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured)
###---------- 安装nginx ----------###
#安装jemalloc内存优化工具
tar -jxvf jemalloc-5.1.0.tar.bz2 cd jemalloc-5.1.0 ./configure --prefix=/usr/local/jemalloc --libdir=/usr/local/lib make;make install echo "/usr/local/lib" > /etc/ld.so.conf.d/local.conf ldconfig cd ../ tar -zxvf nginx-1.14.0.tar.gz cd nginx-1.14.0 ./configure --prefix=/usr/local/nginx \ --with-pcre=/opt/pcre-8.42 \ --user=www \ --group=www \ --with-http_stub_status_module \ --with-http_ssl_module \ --with-http_flv_module \ --with-http_gzip_static_module \ --with-ld-opt="-ljemalloc" \ --with-http_realip_module make;make install cd ../
#添加nginx启动脚本
cat >> /etc/init.d/nginx <<EOF
#! /bin/sh
# Description: Startup script for nginx
# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
$DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"
}
do_reload() {
kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
do_start
echo "."
/etc/init.d/httpd start
;;
stop)
echo -n "Stopping $DESC: $NAME"
do_stop
echo "."
/etc/init.d/httpd stop
;;
reload)
echo -n "Reloading $DESC configuration..."
do_reload
echo "."
/etc/init.d/httpd restart
;;
restart)
echo -n "Restarting $DESC: $NAME"
do_stop
sleep 1
do_start
echo "."
/etc/init.d/httpd restart
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
exit 3
;;
esac
exit 0
EOF
#添加nginx配置文件
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
cat >> /usr/local/nginx/conf/nginx.conf <<EOF
user www www;
worker_processes 8;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
#工作模式及连接数上限
events
{
use epoll;
worker_connections 65535;
}
#设定http服务器,利用它的反向代理功能提供负载均衡支持
http
{
#设定mime类型
include mime.types;
default_type application/octet-stream;
#charset gb2312;
#设定请求缓冲
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 30m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
server_tokens off;
client_body_buffer_size 512k;
proxy_connect_timeout 5;
proxy_send_timeout 60;
proxy_read_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
# fastcgi_connect_timeout 300;
# fastcgi_send_timeout 300;
# fastcgi_read_timeout 300;
# fastcgi_buffer_size 64k;
# fastcgi_buffers 4 64k;
# fastcgi_busy_buffers_size 128k;
# fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
#定义访问日志的写入格式
log_format buflylog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
log_format bloglog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
###禁止通过ip访问站点
server{
server_name _;
return 404;
}
server
{
listen 80;
server_name bufly.com www.bufly.com;
index index.html index.htm index.php;#设定访问的默认首页地址
root /data/www/bufly;#设定网站的资源存放路径
#limit_conn crawler 20;
#301重定向设置
if ($host != 'www.bufly.com' )
{
rewrite ^/(.*)$ http://www.bufly.com/$1 permanent;
}
#目录自动加"/"
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
#所有php的页面均交由apache处理
location ~ \.(php)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:81;#转向apache处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
access_log /data/logs/bufly/bufly_nginx.log buflylog;#设定访问日志的存放路径
}
server
{
listen 80;
server_name blog.bufly.com;
index index.html index.htm index.php;#设定访问的默认首页地址
root /data/www/blog;#设定网站的资源存放路径
#limit_conn crawler 20;
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
#所有php的页面均交由apache处理
location ~ \.(php)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:81;#转向apache处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
access_log /data/logs/blog/blog_nginx.log bloglog;#设定访问日志的存放路径
}
server
{
listen 80;
server_name status.www.bufly.com;
location / {
stub_status on;
access_log off;
}
}
}
EOF
#将nginx添加到启动服务中
chmod 700 /etc/init.d/nginx /etc/init.d/nginx start /sbin/chkconfig --add nginx /sbin/chkconfig --level 2345 nginx on
#验证jemalloc是否生效,如下
[root@web32 ~]# yum -y install lsof [root@web32 ~]# lsof -n | grep jemalloc nginx 989 root mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2 nginx 1357 www mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2 nginx 1358 www mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2 nginx 1390 www mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2 nginx 1391 www mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2 nginx 1488 www mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2 nginx 1498 www mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2 nginx 1505 www mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2 nginx 1522 www mem REG 253,0 4042712 70365103 /usr/local/lib/libjemalloc.so.2
#每天定时切割Nginx日志
cat >> /usr/local/nginx/sbin/cut_nginx_log.sh <<EOF
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path_blufly="/data/logs/blufly/"
logs_path_blog="/data/logs/blog/"
mv ${logs_path_blufly}blufly_nginx.log ${logs_path_blufly}$blufly_nginx_$(date -d "yesterday" +"%Y%m%d").log
mv ${logs_path_blog}blog_nginx.log ${logs_path_blog}blog_nginx_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/nginx/logs/nginx.pid`
EOF
chmod +x /usr/local/nginx/sbin/cut_nginx_log.sh
#添加计划任务,每天凌晨00:00切割nginx访问日志
crontab -e 00 00 * * * /bin/bash /usr/local/nginx/sbin/cut_nginx_log.sh
#让后端apache获取访客真实的IP,Apache-2.4配置mod_remoteip
LoadModule remoteip_module modules/mod_remoteip.so <IfModule remoteip_module> RemoteIPHeader X-Real-IP RemoteIPInternalProxy 127.0.0.1 </IfModule>
#后面我们需要修改accesslog的配置,将%h改成%a,以保证我们在日志里面也能看到客户端的正确IP
<IfModule log_config_module>
LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%a %l %u %t \"%r\" %>s %b" common
#删除7天以前的日志
cat /root/del_log.sh
#!/bin/sh
find /data/logs/ -mtime +7 -type f -exec rm -rf {} \;
chmod +x /root/del_log.sh
#添加计划任务,每天凌晨00:00清理日志
crontab -e 00 00 * * * /bin/bash /root/del_log.sh
类似资料: