debian 下安装切换apache到nginx,php5

1: 前言 以前debian作开发机server是apache，工作需要切换到nginx，有时候两个都要使用。作个简单的笔记。注意，本文仅仅是在debian 7（wheezy） 上。其它OS有其它OS的配置和安装，不能保证一致性。apache的安装配置就参考前面发的文章了。 2: 安装 nginx ph

1:前言

以前debian作开发机server是apache，工作需要切换到nginx，有时候两个都要使用。作个简单的笔记。注意，本文仅仅是在debian 7（wheezy） 上。其它OS有其它OS的配置和安装，不能保证一致性。apache的安装配置就参考前面发的文章了。

2:安装 nginx php5-cgi php5-fpm spawn-fcgi

#apt-get install nginx nginx-full nginx-common php5-cgi php5-fpm spawn-fcgi

3:配置各个的php.ini

可以#cd /etc/php5 里面看见，

有

/etc/php5/apache2/php.ini

/etc/php5/cgi/php.ini

/etc/php5/cli/php.ini

/etc/php5/fpm/php.ini 分别对应不同的php.ini 配置

#vim /etc/php5/cgi/php.ini 去掉cgi.fix-pathinfo=1 的注释

4:配置nginx.conf

在/etc/nginx/nginx.conf

把下面的复制进去, 或者你可以对比下修改

user www-data;
worker_processes 12;
pid /var/run/nginx.pid;

worker_rlimit_nofile 51200;
events {
	worker_connections 30760;
	# multi_accept on;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 60;
	types_hash_max_size 2048;
	client_max_body_size 80m;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	fastcgi_connect_timeout 300;
	fastcgi_send_timeout 300;
	fastcgi_read_timeout 300;
	fastcgi_buffer_size 64k;
	fastcgi_buffers 4 64k;
	fastcgi_busy_buffers_size 128k;
	fastcgi_temp_file_write_size 128k;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "msie6";

	gzip_vary on;
	gzip_min_length 1k;
	# gzip_proxied any;
	gzip_comp_level 2;
	gzip_buffers 4 16k;
	gzip_http_version 1.1;
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# nginx-naxsi config
	##
	# Uncomment it if you installed nginx-naxsi
	##

	#include /etc/nginx/naxsi_core.rules;

	##
	# nginx-passenger config
	##
	# Uncomment it if you installed nginx-passenger
	##
	
	#passenger_root /usr;
	#passenger_ruby /usr/bin/ruby;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
# 
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}

5: 配置default

在/etc/nginx/sites-available/default, 注意，下面我的配置文件写了两个 注释掉了 php5-cgi 的， 打开了php5-fpm的。 我这里用的是php5-fpm

如果你需要用spawn-fcgi，就需要php5-cgi 加########的那段。/home/www 是我的www目录。你可以对着改成你的www目录。root /home/www 这里也是。 我打开了自动索引，autoindex这个。

# You may add here your
# server {
#	...
# }
# statements for each of your virtual hosts to this file

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

log_format access '$remote_addr - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" $http_x_forwarded_for';
server {
	#listen   80; ## listen for ipv4; this line is default and implied
	#listen   [::]:80 default_server ipv6only=on; ## listen for ipv6
	root /home/www;
	index index.html index.htm index.php;

	# Make site accessible from http://localhost/
	server_name localhost;
	charset utf-8;

    #server_name _test1.com _test2.com _test3.com
    #error_page 400 /errpage/400.html;
    #error_page 403 /errpage/403.html;
    #error_page 404 /errpage/404.html;

	location ~ .*\.(git|jpg|jpeg|png|bmp|swf)$ {
		expires 1d;
	}
	location ~ .*\.(js|css)?$ {
		expires 1h;
	}
	location / {
		autoindex on;
		autoindex_exact_size on;
		autoindex_localtime on;
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ /index.html;
		# Uncomment to enable naxsi on this location
		# include /etc/nginx/naxsi.rules
	}

	location /doc/ {
		alias /usr/share/doc/;
		autoindex on;
		allow 127.0.0.1;
		allow ::1;
		deny all;
	}

	# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
	#location /RequestDenied {
	#	proxy_pass http://127.0.0.1:8080;    
	#}

	#error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html
	#
	#error_page 500 502 503 504 /50x.html;
	#location = /50x.html {
	#	root /usr/share/nginx/www;
	#}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	#location ~ \.php$ {
	#	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	#	# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
	#
	#	# With php5-cgi alone:
	#	fastcgi_pass 127.0.0.1:9000;
	#	# With php5-fpm:
	#	fastcgi_pass unix:/var/run/php5-fpm.sock;
	#	fastcgi_index index.php;
	#	include fastcgi_params;
	#}
	location ~ \.php$ {

        #######with php5-cgi####################
        #fastcgi_pass 127.0.0.1:9000;
        ########################################
        #######with php5-fpm####################
        fastcgi_pass unix:/var/run/php5-fpm.sock;
	########################################
        fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME /home/www$fastcgi_script_name;
	include fastcgi_params;
	}


	access_log /var/log/nginx/access.log access;
	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	#	deny all;
	#}
}


# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#	listen 8000;
#	listen somename:8080;
#	server_name somename alias another.alias;
#	root html;
#	index index.html index.htm;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}


# HTTPS server
#
#server {
#	listen 443;
#	server_name localhost;
#
#	root html;
#	index index.html index.htm;
#
#	ssl on;
#	ssl_certificate cert.pem;
#	ssl_certificate_key cert.key;
#
#	ssl_session_timeout 5m;
#
#	ssl_protocols SSLv3 TLSv1;
#	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
#	ssl_prefer_server_ciphers on;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}

6:启动

启动模式有几种，可以是spawn-fcgi 或者是php5-fpm 或者还是apache

如果是自启动php-fpm ,

可以通过sysv-rc-conf 工具查看是否在开机启动里面 (#apt-get install sysv-rc-conf), 默认是在的

关掉spawn-fcgi 或者php5-fpm

spawn-fcgi

#netstat -anp | grep 9000

#killall -HUP php5-cgi

php5-fpm

#/etc/init.d/php5-fpm stop

如果想要spawn-fcgi 支持/etc/init.d/

开机自启动spawn-fcgi 模式

#vim /etc/rc.local 增加

/usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -g www-data -f /usr/bin/php5-cgi -P /var/run/fastcgi-php.pid -C 4

参数根据你机器性能来，我这里是测试机。

创建系统启动停止命令

#cd /etc/init.d/

#touch fastcgi

把下面的文件保存到刚才创建的fastcgi, 就可以支持 /etc/init.d/fastcgi start|stop|reload 等操作了

#!/bin/bash
# DESC: NGINX php5 FastCGI(spawn-fcgi) init shell script

PROVIDES=php5-cgi
LIGHTTPD_FCGI=/usr/bin/spawn-fcgi
SERVER_IP=127.0.0.1
SERVER_PORT=9000
SERVER_USER=www-data
SERVER_GROUP=www-data
PHP_CGI=/usr/bin/php5-cgi
KILLALL=/usr/bin/killall

. /lib/lsb/init-functions

cmd=$1

pcgi_start(){
	echo "Starting $PROVIDES..."
	$LIGHTTPD_FCGI -a $SERVER_IP -p $SERVER_PORT -u $SERVER_USER -g $SERVER_GROUP -f $PHP_CGI -C 15 -P /var/run/fastcgi-php.pid
	echo "Done."
}

pcgi_stop(){
	echo "Killing $PROVIDES..."
	$KILLALL $PROVIDES
	echo "Done."
}

pcgi_restart(){
	pcgi_stop
	pcgi_start
}

pcgi_status(){
	status_of_proc -p /var/run/fastcgi-php.pid "/usr/bin/php5-cgi" php5-cgi && exit 0 || exit $?
}

pcgi_help(){
	echo "Usage: $0 {start|stop|restart|status}"
}

case ${cmd} in
	[Ss][Tt][Aa][Rr][Tt]) pcgi_start;;
	[Ss][Tt][Oo][Pp]) pcgi_stop;;
	[Rr][Ee][Ss][Tt][Aa][Rr][Tt]) pcgi_restart;;
	[Ss][Tt][Aa][Tt][Uu][Ss]) pcgi_status ;;
	*)      pcgi_help ;;
esac

如果要停止php5-fpm切换到spawn-fcgi

#/etc/init.d/php5-fpm stop

编辑/etc/nginx/sites-available/default 把php5-fpm

#fastcgi_pass unix:/var/run/php5-fpm.sock;

注释掉，打开php5-fcgi 那个

fastcgi_pass 127.0.0.1:9000;

保存

重启nginx 配置

#/etc/init.d/nginx reload

查看phpinfo

如果要停止掉php5-fpm 类似，如果要关掉nginx启用apache更简单了

#/etc/init.d/nginx stop

#/etc/init.d/apache2 restart

7: 如果需要配置多个不同的项目，可以在/etc/nginx/nginx.conf 里面的

include /etc/nginx/sites-enabled/*; 这里改成其他的子配置文件，到时根据需求方便切换。然后/etc/init.d/nginx reload 就可以了

8: 如果想要apache和nginx都同时可以工作, 这里我们让nginx走80端口, apache走8080, 修改/etc/apache/ports.conf文件, 改80为8080, 同理还要修改/etc/apache/site-available/里面的虚拟主机的端口为8080

NameVirtualHost *:8080
Listen 8080

重启apache即可通过xxx.xxx.xxx.xxx:8080来访问了

9: 如果nginx 和php5-fpm 搭配的时候访问php页面报502, 检查/etc/php5/fpm/pool.d/www.conf 里面的配置,

比如, 因为我的www目录授权是给的tom, 所以这里要修改. 保存后重启fpm和nginx即可.

listen.owner = tom
listen.group = tom

listen = /var/run/php5-fpm.sock;

listen.allowed_clients = 127.0.0.1

10: 如果要关掉nginx和php的版本号显示, 防止别人来嗅探对应的版本的漏洞.

nginx在http那段, 把 server_tokens off; 开启

并且把对应的/etc/nginx/fastcgi_params 删除掉$nginx_version

        fastcgi_param SERVER_SOFTWARE nginx;

然后去关掉所有的php的版本, 找到php.ini(cgi的,fpm的,cli的,apache的 一共有四份不同的php.ini对应不同的)

把下面的on关闭为off 重启对应的fpm/cgi/apache 和nginx服务器就可以了.

expose_php = Off

curl --head http://127.0.0.1/info.php

会看不到nginx和php的版本信息了.