lnmp
程序员文章站
2022-05-17 16:45:37
...
lnmp 简介
- lnmp 名词上指的就是,Linux ,nginx ,mysql ,php的第一个字母组成的一种网站服务器架构
- 作为web服务器,相比Apache ,Nginx使更加少的资源还可以支持更高的并发连接,使用更高的效率
安装Nginx
安装环境
| lnmp—server | 192.168.169.20 |
|---|
创建系统用户和组 nginx
[aaa@qq.com ~]# groupadd -r nginx
[aaa@qq.com ~]# useradd -r -M -s /sbin/nologin -g nginx nginx
安装依赖环境
[aaa@qq.com ~]# yum -y install pcre-devel openssl openssl-devel gd-devel
安装开发包
[aaa@qq.com ~]# yum -y groups mark install 'Development Tools'
[aaa@qq.com ~]# yum grouplist //查看是否已经安装
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Available Environment Groups:
Minimal Install
Compute Node
Infrastructure Server
File and Print Server
Basic Web Server
Virtualization Host
Server with GUI
GNOME Desktop
KDE Plasma Workspaces
Development and Creative Workstation
Installed Groups:
Development Tools //表示已经安装
Available Groups:
Compatibility Libraries
Console Internet Tools
Graphical Administration Tools
Legacy UNIX Compatibility
Scientific Support
Security Tools
Smart Card Support
System Administration Tools
System Management
Done
建立存放日志目录,并且修改属主和属组
[aaa@qq.com ~]# mkdir -p /var/log/nginx
[aaa@qq.com ~]# chown -R nginx.nginx /var/log/nginx/
下载nginx
[aaa@qq.com src]# cd /usr/src/
[aaa@qq.com src]# yum install -y wget
[aaa@qq.com src]# wget http://nginx.org/download/nginx-1.12.0.tar.gz
编译安装
[aaa@qq.com src]# tar xf nginx-1.12.0.tar.gz
[aaa@qq.com src]# cd nginx-1.12.0/
[aaa@qq.com nginx-1.12.0]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-debug --with-http_ssl_module --with-http_realip_module --with-http_image_filter_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
编译过程出现如下错误
checking for GD library ... not found
checking for GD library in /usr/local/ ... not found
checking for GD library in /usr/pkg/ ... not found
checking for GD library in /opt/local/ ... not found
./configure: error: the HTTP image filter module requires the GD library.
You can either do not enable the module or install the libraries.
这是缺少 GD这个二进制包的结果,解决方法如下
在次编译就不会出现这个错误了
[aaa@qq.com src]# yum install -y gd-devel-2.0.35-26.el7.x86_64.rpm
重新编译安装
[aaa@qq.com src]# cd nginx-1.12.0/
[aaa@qq.com nginx-1.12.0]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-debug --with-http_ssl_module --with-http_realip_module --with-http_image_filter_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
[aaa@qq.com nginx-1.12.0]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
nginx 安装后配置
加入到环境变量
[aaa@qq.com src]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
[aaa@qq.com src]# . /etc/profile.d/nginx.sh
服务控制方式,使用nginx命令
-t 检查配置文件语法
-v 输出nginx的版本
-c 指定配置文件的路径
-s 发送服务控制信号,可选值有{stop|quit|reopen|reload}
启动nginx
[aaa@qq.com ~]# nginx //直接就可以启动了
[aaa@qq.com ~]# ss -anlt nginx 默认为80 端口
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::8080 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
在浏览器上输入ip 地址测试,出现如下图所示则表示nginx 搭建成功
安装Mysql 数据库
[aaa@qq.com ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel
创建mysql用户和组
[aaa@qq.com ~]# groupadd -r -g 306 mysql
[aaa@qq.com ~]# useradd -M -s /sbin/nologin -g 306 -u 306 mysql
下载mysql 二进制软件包
[aaa@qq.com src]# wget https://downloads.mysql.com/archives/get/file/mysql-5.7.22-linux-glibc2.12-x86_64.tar.gz
[aaa@qq.com src]# tar xf mysql-5.7.22-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
创建软连接
[aaa@qq.com src]# cd /usr/local/
[aaa@qq.com local]# ln -s mysql-5.7.22-linux-glibc2.12-x86_64/ mysql
修改属主和属组
[aaa@qq.com local]# chown -R mysql.mysql /usr/local/mysql
[aaa@qq.com local]# ll
total 0
drwxr-xr-x. 2 root root 6 Nov 5 2016 bin
drwxr-xr-x. 2 root root 6 Nov 5 2016 etc
drwxr-xr-x. 2 root root 6 Nov 5 2016 games
drwxr-xr-x. 2 root root 6 Nov 5 2016 include
drwxr-xr-x. 2 root root 6 Nov 5 2016 lib
drwxr-xr-x. 2 root root 6 Nov 5 2016 lib64
drwxr-xr-x. 2 root root 6 Nov 5 2016 libexec
lrwxrwxrwx. 1 mysql mysql 36 Aug 25 14:30 mysql -> mysql-5.7.22-linux-glibc2.12-x86_64/
drwxr-xr-x. 9 root root 129 Aug 25 14:29 mysql-5.7.22-linux-glibc2.12-x86_64
drwxr-xr-x. 11 root root 151 Aug 25 13:52 nginx
drwxr-xr-x. 2 root root 6 Nov 5 2016 sbin
drwxr-xr-x. 5 root root 49 Jul 14 07:50 share
drwxr-xr-x. 2 root root 6 Nov 5 2016 src
添加至环境变量
[aaa@qq.com local]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[aaa@qq.com local]# . /etc/profile.d/mysql.sh
[aaa@qq.com local]# echo $PATH
/usr/local/mysql/bin:/usr/local/nginx/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
创建数据存放目录
[aaa@qq.com local]# mkdir /opt/data
[aaa@qq.com local]# chown -R mysql.mysql /opt/data/
初始化数据库
[aaa@qq.com local]# /usr/local/mysql/bin/mysqld --initialize --user=mysql --datadir=/opt/data/
2018-08-25T06:43:02.030758Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2018-08-25T06:43:03.364974Z 0 [Warning] InnoDB: New log files created, LSN=45790
2018-08-25T06:43:03.599861Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2018-08-25T06:43:03.660256Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 1dccf3d2-a832-11e8-998d-000c29d4bcce.
2018-08-25T06:43:03.662083Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2018-08-25T06:43:03.663705Z 1 [Note] A temporary password is generated for aaa@qq.com: Sxh=6N1hShfp //这里的密码产生的都不一样
//在最后一行,这里会初始化一个数据库的随机密码,保存下来,后面会用来登录
[aaa@qq.com local]# echo 'Sxh=6N1hShfp'> /1.txt
配置mysql
[aaa@qq.com local]# ln -s /usr/local/mysql/include/ /usr/local/include/mysql
[aaa@qq.com local]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[aaa@qq.com local]# ldconfig -v 验证啰嗦模式
生成配置文件
[aaa@qq.com local]# cat > /etc/my.cnf <<EOF
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data/
socket = /tmp/mysql.sock
port = 3306
pid-file = /tmp/data/mysql.pid
user = mysql
skip-name-resolve
EOF
创建存放pid 对应的文件,和/etc/my.cnf 里面的pid-file 对应的位置一样
[aaa@qq.com ~]# mkdir /tmp/data
[aaa@qq.com data]# touch mysql.pid
修改属主和属组
[aaa@qq.com data]# chown -R mysql.myxql /tmp/data/
启动服务脚本
[aaa@qq.com local]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[aaa@qq.com local]# sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /etc/init.d/mysqld
[aaa@qq.com local]# sed -ri 's#^(datadir=).*#\1/opt/data#g' /etc/init.d/mysqld
启动服务
[aaa@qq.com local]# service mysqld start
Starting MySQL. SUCCESS!
[aaa@qq.com local]# ss -anlt //mysql 端口号默认为3306
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::8080 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 80 :::3306 :::*
修改密码,使用临时密码登录
[aaa@qq.com local]# cat /1.txt //这是前面保存密码的位置
Sxh=6N1hShfp
[aaa@qq.com local]# mysql -uroot -p
Enter password: //请输入临时密码
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.22
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> //看到这里表示登录成功
修改密码
mysql> set password = password('chen'); 修改密码为 chen
Query OK, 0 rows affected, 1 warning (0.01 sec)
安装 php
1.安装php依赖包
[aaa@qq.com ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel
2.下载 php
[aaa@qq.com src]# cd /usr/src/
[aaa@qq.com src]# wget http://cn.php.net/distributions/php-7.2.8.tar.xz
[aaa@qq.com src]# tar xf php-7.2.8.tar.xz
[aaa@qq.com src]# cd php-7.2.8/
3.开始编译安装
[aaa@qq.com php-7.2.8]# ./configure --prefix=/usr/local/php7 --with-curl --with-freetype-dir --with-gd --with-gettext --with-iconv-dir --with-kerberos --with-libdir=lib64 --with-libxml-dir=/usr --with-mysqli=/usr/local/mysql/bin/mysql_config --with-openssl --with-pcre-regex --with-pdo-mysql --with-pdo-sqlite --with-pear --with-jpeg-dir --with-png-dir --with-xmlrpc --with-xsl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-fpm --enable-bcmath --enable-libxml --enable-inline-optimization --enable-mbregex --enable-mbstring --enable-opcache --enable-pcntl --enable-shmop --enable-soap --enable-sockets --enable-sysvsem --enable-xml --enable-zip
[aaa@qq.com php-7.2.8]# make && make install
4.完成后进行配置
[aaa@qq.com php-7.2.8]# echo 'export PATH=/usr/local/php7/bin:$PATH' > /etc/profile.d/php7.sh
[aaa@qq.com php-7.2.8]# source /etc/profile.d/php7.sh
[aaa@qq.com php-7.2.8]# which php
/usr/local/php7/bin/php
5.配置php-fpm
[aaa@qq.com php-7.2.8]# cp php.ini-production /etc/php.ini
[aaa@qq.com php-7.2.8]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[aaa@qq.com php-7.2.8]# chmod +x /etc/rc.d/init.d/php-fpm
[aaa@qq.com php-7.2.8]# cp /usr/local/php7/etc/php-fpm.conf.default /usr/local/php7/etc/php-fpm.conf
[aaa@qq.com php-7.2.8]# cp /usr/local/php7/etc/php-fpm.d/www.conf.default /usr/local/php7/etc/php-fpm.d/www.conf
6.配置文件php-fpm的配置文件
配置php的相关选项为你所需要的值:
[aaa@qq.com php-7.2.8]# vim /usr/local/php7/etc/php-fpm.conf
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 2
pm.max_spare_servers = 8
[aaa@qq.com php-7.2.8]# tail /usr/local/php7/etc/php-fpm.conf
; files from a glob(3) pattern. This directive can be used everywhere in the
; file.
; Relative path can also be used. They will be prefixed by:
; - the global prefix if it's been set (-p argument)
; - /usr/local/php7 otherwise
include=/usr/local/php7/etc/php-fpm.d/*.conf
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 2
pm.max_spare_servers = 8
7.启动php-fpm
[aaa@qq.com ~]# service php-fpm start
Starting php-fpm done
[aaa@qq.com ~]# ss -anlt php-fpm 默认监听在9000 端口
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 :::8080 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 80 :::3306 :::*
修改nginx的主配置文件
[aaa@qq.com conf]# vim /usr/local/nginx/conf/nginx.conf
#user nobody;
worker_processes 1;
error_log logs/error.log; //去掉前面的# 开启错误日志存放路径
#error_log logs/error.log notice;
启用以php结尾的网站模板
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html/chen;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
//修改server下面的内容
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80; //端口号
server_name www.chensh.com; //域名
charset utf-8;
access_log logs/chen.access.log main;
location / {
root html/chen; 表示网站存放的路径
index index.php index.html index.htm;
}
修改fastcgi_param 这一行
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html/chen;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; 修改此处
修改为: fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
启用以下几行
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
创建存放网站名称,写入php网页信息
[aaa@qq.com nginx]# cd /usr/local/nginx/html/
[aaa@qq.com html]# mkdir chen
[aaa@qq.com chen]# vim index.php
<?php
phpinfo();
?>
[aaa@qq.com nginx]#/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
最后在本地的host文件中写入IP 和域名,如果在网页上可以访问相应的php信息说明lnmp 架构搭建成功,如下图.
下一篇: Vulnhub靶场篇:Vulnix