欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  php教程

搭建前后端web生产环境Linux+Apache+Nginx+MySQL+PHP

程序员文章站 2022-04-26 11:06:42
...

最近看到很多人都在LNAMP,变得越来越流行了,干脆将我之前 自己做的 重新优化了一边,更新了新版程序,并降低了55%的内存消耗,速度和负载都比0.1版提高了不少。 LNAMP 女神工作室0.2版 介绍: Centos 5.5 32bit Apache 2.2.17 Nginx 0.8.54 MySQL 5.1.55 P

最近看到很多人都在LNAMP,变得越来越流行了,干脆将我之前自己做的重新优化了一边,更新了新版程序,并降低了55%的内存消耗,速度和负载都比0.1版提高了不少。

LNAMP 女神工作室0.2版 介绍:

  • Centos 5.5 32bit
  • Apache 2.2.17
  • Nginx 0.8.54
  • MySQL 5.1.55
  • PHP 5.2.17

一、重装Centos系统,删除不比要的程序,并安装相关组件:

yum -y remove httpd mysql php

安装相关组件

yum -y install yum-fastestmirror
yum -y update
yum -y install patch make gcc gcc-c++ gcc-g77 flex bison tar
yum -y install libtool libtool-libs kernel-devel autoconf213
yum -y install libjpeg libjpeg-devel libpng libpng-devel
yum -y install libtiff libtiff-devel gettext gettext-devel
yum -y install freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel
yum -y install file glib2 glib2-devel bzip2 diff* openldap-devel
yum -y install bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs
yum -y install e2fsprogs-devel krb5 krb5-devel libidn libidn-devel
yum -y install openssl openssl-devel vim-minimal unzip
export PHP_AUTOCONF=/usr/bin/autoconf-2.13
export PHP_AUTOHEADER=/usr/bin/autoheader-2.13

安装PHP 5.2.x 所需的支持库

cd /usr/local/src

wget -c http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz
tar zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure --prefix=/usr/local
make
make install
cd ../

wget -c http://monkey.org/~provos/libevent-2.0.10-stable.tar.gz
tar zxvf libevent-2.0.10-stable.tar.gz
cd libevent-2.0.10-stable/
./configure --prefix=/usr
make
make install
cd ../

wget -c http://ncu.dl.sourceforge.net/sourceforge/mcrypt/libmcrypt-2.5.8.tar.gz
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ../../

wget -c http://nchc.dl.sourceforge.net/sourceforge/mhash/mhash-0.9.9.9.tar.gz
tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

wget -c http://nchc.dl.sourceforge.net/sourceforge/mcrypt/mcrypt-2.6.8.tar.gz
tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
./configure
make
make install
cd ../

安装GD图形支持库:

cd /usr/local/src
wget http://www.libgd.org/releases/gd-2.0.35.tar.gz
tar xzvf gd-2.0.35.tar.gz
cd gd-2.0.35
./configure --prefix=/usr/local/gd --mandir=/usr/share/man --with-jpeg --with-png --with-freetype --with-zlib --with-fontconfig
make //如果GD报错:configure.ac:64: warning: macro `AM_ICONV' not found in library 你就make clean一下,然后再make
make install

二、安装 Mysql 5.1.x:

1)先安装Google的开源TCMalloc库,可以提高MySQL在高并发情况下的性能

cd /usr/local/src

wget -c http://google-perftools.googlecode.com/files/google-perftools-1.7.tar.gz
tar zxvf google-perftools-1.7.tar.gz
cd google-perftools-1.7/
./configure
make && make install
echo "/usr/local/lib" > /etc/ld.so.conf.d/usr_local_lib.conf
/sbin/ldconfig
cd ../

2)开始安装Mysql 5.1.x

cd /usr/local/src

wget -c http://mysql.proserve.nl/Downloads/MySQL-5.1/mysql-5.1.55.tar.gz
tar -zxvf mysql-5.1.55.tar.gz
cd mysql-5.1.55
./configure --prefix=/usr/local/mysql --with-extra-charsets=all --enable-thread-safe-client --enable-assembler --with-charset=utf8 --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --without-debug --without-innodb --without-isam --with-mysqld-ldflags=-ltcmalloc_minimal
make && make install
cd ../
groupadd mysql
useradd -g mysql mysql
cp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf
/usr/local/mysql/bin/mysql_install_db --user=mysql
chown -R mysql /usr/local/mysql/var
chgrp -R mysql /usr/local/mysql/.
cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysql
chmod 755 /etc/init.d/mysql
chkconfig --level 345 mysql on
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
echo "/usr/local/lib" >>/etc/ld.so.conf
ldconfig
ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln -s /usr/local/mysql/include/mysql /usr/include/mysql
service mysql start
/usr/local/mysql/bin/mysqladmin -u root password mgrei //修改红色部分为你的密码
service mysql restart

3)设置MySQL:

打开“/etc/my.cnf”文件,修改以下设置,如果没有,可手动添加:

关闭远程连接,即3306端口。这是MySQL的默认监听端口。由于此处MySQL只服务于本地脚本,所以不需要远程连接。尽管MySQL内建的安全机制很严格,但监听一个TCP端口仍然是危险的行为,因为如果MySQL程序本身有问题,那么未授权的访问完全可以绕过MySQL的内建安全机制。(你必须确定,你是否真的不需要远程连接mysql,一般数据库地址为localhost的,即使本地数据库,不需要外链)

skip-networking

保存后退出。

修改完my.cnf后,还需要对mysql的用户名、帐号、及默认数据库进行调整

首先先登录mysql,在终端窗口输入

/usr/local/mysql/bin/mysql -u root -p

然后会提示输入密码,输入正确密码后,会出现mysql>提示符。

输入以下命令:

mysql>use mysql;
mysql>select Host,User,Password,Select_priv,Grant_priv from user;
mysql>delete from user where user=''; (删除user用户)
mysql>delete from user where password=''; (删除user用户)
mysql>delete from user where host=''; (删除user用户)
mysql>drop database test; (删除默认的test数据库)
mysql>flush privileges; (刷新mysql的缓存,让以上设置立即生效)
mysql>quit;

为了使以上优化和安全设置生效,请重启Mysql服务或Linux。

service mysql restart

三、安装Apache:

1)下载Apache并解压缩:

cd /usr/local/src
groupadd www
useradd -g www -s /sbin/nologin -M www

wget -c http://www.apache.org/dist//httpd/httpd-2.2.17.tar.gz

tar zxvf httpd-2.2.17.tar.gz
cd httpd-2.2.17

Apache默认最大连接数和最大客户端数为40000,如果你的服务器要求更大,可以编译Apache安装文件中的:

server/mpm/worker/worker.c

找到下面几行,并改成如下的数值,其目的是在源码中修改apache可支持的最大线程数和最大客户端数目。

define DEFAULT_SERVER_LIMIT 32
define MAX_SERVER_LIMIT 20000
define DEFAULT_THREAD_LIMIT 64
define MAX_THREAD_LIMIT 20000

以上数值据说改小后,能减低服务器消耗。不过柒月修改后,发现没什么实质变化。

2)安装Apache 2.2

cd /usr/local/src/httpd-2.2.17
./configure --prefix=/usr/local/apache2 --enable-headers --enable-so --enable-rewrite --with-mpm=prefork --disable-userdir --disable-cgid --disable-cgi
make && make install

如果你需要编译apache其他功能,可以自行增加。 不过在这里,我们只是用Apache作为后端并处理伪静态,无需添加过多设置来浪费内存

配置源代码树:

--prefix=/usr/local/apache2 //体系无关文件的*安装目录PREFIX ,也就Apache的安装目录。
--enable-module=so //打开 so 模块,so 模块是用来提 DSO 支持的 apache 核心模块
--enable-mods-shared=all //编译全部的模板,对于不需要我们可以在httpd.conf去掉。
--enable-cache //支持缓存
--enable-file-cache //支持文件缓存
--enable-mem-cache //支持记忆缓存
--enable-disk-cache //支持磁盘缓存
--enable-static-support //支持静态连接(默认为动态连接)
--enable-static-htpasswd //使用静态连接编译 htpasswd - 管理用于基本认证的用户文件
--enable-static-htdigest //使用静态连接编译 htdigest - 管理用于摘要认证的用户文件
--enable-static-rotatelogs //使用静态连接编译 rotatelogs - 滚动 Apache 日志的管道日志程序
--enable-static-logresolve //使用静态连接编译 logresolve - 解析 Apache 日志中的IP地址为主机名
--enable-static-htdbm //使用静态连接编译 htdbm - 操作 DBM 密码数据库
--enable-static-ab //使用静态连接编译 ab - Apache HTTP 服务器性能测试工具
--enable-static-checkgid //使用静态连接编译 checkgid
--disable-cgid //禁止用一个外部 CGI 守护进程执行CGI脚本
--disable-cgi //禁止编译 CGI 版本的 PHP
--with-mpm=worker // 让apache以worker方式运行
--enable-ssl // 编译 ssl模块。

启动Apache(建议先不要启动,等我们全部设置完毕后,和Nginx启动)

/usr/local/apache2/bin/apachectl start

查看apache是否启动

ps aux|grep httpd

将apache设置成开机自启动:

echo '/usr/local/apache2/bin/apachectl start ' >> /etc/rc.local //将 apachectl 的调用加入到你的系统启动文件中。

四、安装 PHP5.2.x:

1)下载PHP 并解压缩:

cd /usr/local/src
wget -c http://us.php.net/distributions/php-5.2.17.tar.gz
tar zxvf php-5.2.17.tar.gz
cd php-5.2.17
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-config-file-path=/etc --with-zlib --with-libxml-dir --with-gd=/usr/local/gd --with-freetype-dir --with-jpeg-dir --with-png-dir --with-ttf --with-iconv --with-openssl --with-mcrypt --enable-sockets --enable-bcmath --enable-calendar --enable-exif --enable-libxml --enable-magic-quotes --enable-mbstring --with-bz2 --with-curl --with-xmlrpc --with-gettext --disable-cli --disable-cgi --disable-debug
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /etc/php.ini

2)安装PHP扩展:

2.1)安装eaccelerator加速软件

eaccelerator是php的加速软件,使用后php的执行效率会有很大幅度的提升。

cd /usr/local/src
wget http://bart.eaccelerator.net/source/0.9.6.1/eaccelerator-0.9.6.1.tar.bz2
tar -jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1
/usr/local/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
make && make install

编译安装后我们会看到屏幕提示的eaccelerator.so所在的目录,php5.2.x系列是在 /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/,记住这个路径,待会要用到

修改php.ini 文件,将以下内容输入(详细设置):

[eaccelerator]
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="16"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

注意:这部分内容务必放在[zend]之前,不然可能会出现不可预期的服务器问题。

然后建立文件夹并设置权限:

mkdir /tmp/eaccelerator
chmod 777 /tmp/eaccelerator

2.2)安装Zend(如果程序没要求,尽量不要装Zend,容易和eA产生冲突):

cd /usr/local/src
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
tar -zxvf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/

修改php.ini 文件:

vi /usr/local/php/php.ini

将以下代码放入php.ini文件最底部

[Zend Optimizer]
zend_optimizer.optimization_level=1
zend_optimizer.encoder_loader=0
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/ZendOptimizer.so"

2.3)安装PDO_MYSQL

cd /usr/local/src
wget -c http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
make
make install

继续修改 php.ini 文件

vi /usr/local/php/php.ini

查找代码:

extension_dir = "./"

替换为:

extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
extension="pdo_mysql.so"

2.4)安装 suhosin:

cd /usr/local/src
wget -c http://download.suhosin.org/suhosin-0.9.32.1.tar.gz
tar -zxvf suhosin-0.9.32.1.tar.gz
cd suhosin-0.9.32.1
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install

继续修改 php.ini 文件

vi /usr/local/php/php.ini

查找代码:

extension_dir = "./"

替换为:

extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
extension="suhosin.so"

五、Apache 整合 PHP 以及相关优化:

1)Apache设置:

编辑 httpd.conf :

vi /usr/local/apache2/conf/httpd.conf

查找代码:

DocumentRoot "/usr/local/apache2/htdocs"

修改为:

DocumentRoot "/home/www"

查找代码:

修改为:

找到以下代码并根据提示修改


Options FollowSymLinks
AllowOverride All
Order deny,allow
Deny from all //这句改为Allow from all

找到这一段并修改,以使Apache支持rewrite(伪静态):

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None

更改为

AllowOverride All

将以下代码注释掉,禁止目录列表:

Options Indexes FollowSymLinks

找到以下代码,修改用户为 www


User daemon //改为www
Group daemon //改为www


设置 ServerAdmin you@example.com 改为你自己的mail地址

查找:

Listen 80

改为

Listen 81

分别找到以下四段代码,将之前的注释#去除:

Include conf/extra/httpd-mpm.conf

Include conf/extra/httpd-info.conf

Include conf/extra/httpd-vhosts.conf

Include conf/extra/httpd-default.conf

编辑 Include conf/extra/httpd-mpm.conf 找到如下选项,并改成对应的数值


StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 1000

编辑 conf/extra/httpd-default.conf

Timeout 60 #与nginx的保持一至
KeepAlive On
MaxKeepAliveRequests 1000
KeepAliveTimeout 5

复制以下文件:

cp /usr/local/apache2/bin/apachectl /etc/rc.d/init.d/httpd

这样以后Apache 启动、关闭、重启只需要输入以下命令:

service httpd start/stop/restart

2)整合Apache与php

编辑 /usr/local/apache2/conf/httpd.conf

找到AddType application/x-gzip .gz .tgz在其下加以下内容

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

查找:(设置WEB默认文件)

DirectoryIndex index.html

改成:

DirectoryIndex index.php index.htm index.html index.html.var

保存退出

以上设置完毕后,全部保存退出,然后建立一个虚拟主机做测试:

编辑 Include conf/extra/httpd-vhosts.conf


ServerAdmin webmaster@example.com
DocumentRoot "/home/www"
ServerName 你的IP地址或域名
ErrorLog "logs/IP-error_log"
CustomLog "logs/IP-access_log" common

保存退出,并重启Apache

service httpd restart 或 /usr/local/apache2/bin/apachectl restart

然后建立一个 index.php文件,放入 /home/www 目录,php文件内容为:

phpinfo();
?>

然后在浏览器中输入:IP:81 是否成功显示了?

六、优化MySQL

通过Tcmalloc 优化mysql性能

# vi /etc/init.d/mysql

添加一行

export LD_PRELOAD=/usr/local/lib/libtcmalloc.so

重新启动mysql

service mysql restart

检测是否成功,在SSH中输入:

lsof -n|grep tcmalloc

出现相关进程即可

七、安装Nginx:

1)安装所需组件:

cd /usr/local/src
wget -c ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.12.tar.gz
tar -zxvf pcre-8.12.tar.gz
cd pcre-8.12/
./configure
make && make install

cd ..
rm -rf pcre-8.12
rm -rf /usr/bin/pcre-config
cp -a /usr/local/bin/pcre-config /usr/bin/
rm -rf /usr/lib/libpcre.a
cp -a /usr/local/lib/libpcre.a /usr/lib/

2)安装 Nginx 0.8.x:

cd /usr/local/src
wget -c http://nginx.org/download/nginx-0.8.54.tar.gz
tar zxvf nginx-0.8.54.tar.gz
cd nginx-0.8.54
./configure --user=www --group=www --prefix=/usr/local/nginx --pid-path=/usr/local/nginx/logs/nginx.pid --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --with-http_stub_status_module --with-http_ssl_module --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_gzip_static_module --with-google_perftools_module --with-ld-opt='-ltcmalloc_minimal' --with-ipv6

make && make install
cd ../

编辑 nginx.conf 文件:

vi /usr/local/nginx/conf/nginx.conf

输入以下内容:

user www;
worker_processes 4;
pid logs/nginx.pid;

google_perftools_profiles /var/tmp/tcmalloc;

worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
}

http{

include mime.types;
default_type application/octet-stream;

access_log off;
error_log /dev/null;

server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;

sendfile on;
tcp_nopush on;

keepalive_timeout 120;
#fastcgi_connect_timeout 300;
#fastcgi_send_timeout 300;
#fastcgi_read_timeout 300;
#fastcgi_buffer_size 64k;
#fastcgi_buffers 4 64k;
#fastcgi_busy_buffers_size 128k;
#fastcgi_temp_file_write_size 128k;
tcp_nodelay on;

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;

include vhost/*.conf;

}

在 /usr/local/nginx/conf 目录 新建proxy.conf 文件,并输入以下内容:

proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 50m;
client_body_buffer_size 256k;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;

proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
proxy_max_temp_file_size 128m;

#Nginx cache
client_body_temp_path client_body 1 2;
proxy_temp_path proxy_temp 1 2;

#client_body_temp_path /tmpfs/client_body_temp 1 2;
#proxy_temp_path /tmpfs/proxy_temp 1 2;
#fastcgi_temp_path /tmpfs/fastcgi_temp 1 2;

建立 Nginx虚拟主机目录,把nginx加入到系统服务:

mkdir -p /usr/local/nginx/conf/vhost

mkdir /home/www
chmod 755 -R /home/www

chown -R www:www /home/www/
chown www /usr/local/nginx/conf/
chmod 777 /etc/init.d/nginx

编辑 /etc/rc.d/init.d/nginx 文件,覆盖为以下代码:

#! /bin/sh
ulimit -n 65535
# Description: Startup script for nginx
# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
$DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"
}
do_reload() {
kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
do_start
echo "."
/etc/init.d/httpd start
;;
stop)
echo -n "Stopping $DESC: $NAME"
do_stop
echo "."
/etc/init.d/httpd stop
;;
reload)
echo -n "Reloading $DESC configuration..."
do_reload
echo "."
/etc/init.d/httpd restart
;;
restart)
echo -n "Restarting $DESC: $NAME"
do_stop
sleep 1
do_start
echo "."
/etc/init.d/httpd restart
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
exit 3
;;
esac
exit 0

#! /bin/shulimit -n 65535# Description: Startup script for nginx# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/binDESC="nginx daemon"NAME=nginxDAEMON=/usr/local/nginx/sbin/$NAMECONFIGFILE=/usr/local/nginx/conf/nginx.confPIDFILE=/usr/local/nginx/logs/$NAME.pidSCRIPTNAME=/etc/init.d/$NAME
set -e[ -x "$DAEMON" ] || exit 0
do_start() { $DAEMON -c $CONFIGFILE || echo -n "nginx already running"}
do_stop() { kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"}
do_reload() { kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"}
case "$1" in start) echo -n "Starting $DESC: $NAME" do_start echo "." /etc/init.d/httpd start ;; stop) echo -n "Stopping $DESC: $NAME" do_stop echo "." /etc/init.d/httpd stop ;; reload) echo -n "Reloading $DESC configuration..." do_reload echo "." /etc/init.d/httpd restart ;; restart) echo -n "Restarting $DESC: $NAME" do_stop sleep 1 do_start echo "." /etc/init.d/httpd restart ;; *) echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2 exit 3 ;;esac
exit 0

在ssh 中輸入:

chmod a+x /etc/rc.d/init.d/nginx
chkconfig --add nginx
chkconfig nginx on

在Nginx虚拟主机目录 /usr/local/nginx/conf/vhost 建立一个虚拟主机:

新建文件:Default.conf 输入以下代码:

server
{
listen 80;
server_name 你的IP或域名;
index index.html index.htm index.php;
root /home/www/;

location /nginx {
stub_status on;
auth_basic "NginxStatus";
# auth_basic_user_file conf/htpasswd;
#密码由apache的htpasswd工具来产生
access_log off;
}

location / {
location ~ .*/.(php|php5)?$ {
index index.php;
root /home/www/;
proxy_pass http://127.0.0.1:81;
}

include proxy.conf;

if ( !-e $request_filename) {
proxy_pass http://127.0.0.1:81;
}

location ~* /.(jpg|jpeg|gif|png|swf)$ {
if (-f $request_filename) {
root /home/www/;
expires 30d;
break;
}
}
location ~* /.(js|css)$ {
if (-f $request_filename) {
root /home/www/;
expires 1d;
break;
}
}
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

#如果需要记录把下面的注释去掉
# log_format access '$http_x_forwarded_for - $remote_user [$time_local] "$request"'
# '$status $body_bytes_sent "$http_referer"'
# '"$http_user_agent" $remote_addr';
# access_log logs/IP_access.log access;

}

以上全部保存完毕后,启动 nginx:

service nginx start

八、为apache安装rpaf模块,该模块用于apache做后端时获取访客真实的IP(建议在LNAMP最后安装。。。之前安装有时会出错)

1)使用apxs安装模块.这里要使用此前apache编译安装后的apxs

cd /usr/local/src

wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz

tar -zxf mod_rpaf-0.6.tar.gz

cd mod_rpaf-0.6

/usr/local/apache2/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

2)编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:

LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings
RPAFenable On
RPAFproxy_ips 127.0.0.1 [your_ips]
RPAFsethostname On
RPAFheader X-Forwarded-For

上面出现的[your_ips]请修改为你本机所监听web服务的ip.多个IP用空格空开.

Apache、Nginx、MySQL 启动/重启/关闭命令:

service mysql start/stop/restart
service httpd start/stop/restart
service nginx start/stop/restart


另一个版本


前言:谈到Linux下的web生产环境,大家就会想到apache这个开源服务器软件.apache可以整合大多数应用,比如jsp,php,cgi,python等等,但是apache过于臃肿以及对静态文件响应过于缓慢让很多使用者感到头疼.而nginx作为新崛起的服务器软件,在很多方面超出apache,定位也很明确:高性能的 HTTP 和反向代理服务器.因而,本篇主要讲的是nginx作为前端,apache作为后端的应用环境搭建过程.

为什么使用nginx+php(fastcgi)作为生产环境?

  1. php(fastcgi)不够稳定,容易出现50x错误,在生成相对复杂的页面时没有优势,长时间占用也会使php-cgi进程死去.
  2. 在安全性,多用户多站点的权限问题比较严重.php(fastcgi)在应对多用户多站点往往捉襟见肘,不易于实施.
  3. 整合其他语言,apache表现得游刃有余.资源利用恰到好处.

为什么采用nginx做前端,apache作为后端的方案?nginx在处理静态内容上较apache是几倍或几十倍的差异,因而放在前面过滤静态内容是最为恰当的.同时nginx也是一个负载均衡器,低资源消耗,高性能转发是它的特点.经过nginx在前面的过滤,后端的apache需要处理的内容相对就比较少了.只需负责处理动态内容就可以了.在性能与稳定性的权衡下,使用nginx+apache搭配会让它们在各自擅长的领域展现自身的价值.

本教程以CentOS 5.4 32bit为环境.其他Linux发行版本暂未测试.nginx,php,apache,mysql,pureftpd均为最新稳定版.

获取操作系统源更新.

yum update
yum -y install gcc gcc-c++ bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel openldap openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool libtool-ltdl-devel

如果系统默认安装了apache,请先卸载.执行:

yum remove httpd

下载最新稳定版的程序源码包,以下都是到官方网站或sourceforge下载的源码包.

cd /usr/local/src
wget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.45.tar.gz/from/http://mysql.he.net/
wget http://www.apache.org/dist/httpd/httpd-2.2.15.tar.gz
wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz
wget http://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.bz2/download
wget http://sourceforge.net/projects/mcrypt/files/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz/download
wget http://sourceforge.net/projects/mhash/files/mhash/0.9.9.9/mhash-0.9.9.9.tar.bz2/download
wget http://www.php.net/get/php-5.2.13.tar.gz/from/this/mirror
wget http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/php5-mail-header.patch
wget http://pecl.php.net/get/memcache-2.2.5.tgz
wget http://bart.eaccelerator.net/source/0.9.6/eaccelerator-0.9.6.tar.bz2
wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gz
wget http://pecl.php.net/get/imagick-2.3.0.tgz
wget http://download.suhosin.org/suhosin-0.9.29.tgz
wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
wget http://monkey.org/~provos/libevent-1.4.13-stable.tar.gz
wget http://memcached.googlecode.com/files/memcached-1.4.4.tar.gz
wget http://sourceforge.net/projects/pcre/files/pcre/8.01/pcre-8.01.tar.gz/download
wget http://nginx.org/download/nginx-0.7.65.tar.gz
wget http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.28.tar.gz

一.安装Mysql.安装最新稳定版5.1.45版本,并没有采用最新开发版.

groupadd mysql -g 27
useradd mysql -u 27 -g 27 -c "MySQL Server" -d /var/lib/mysql -m
cd /usr/local/src
tar -zxf mysql-5.1.45.tar.gz
cd mysql-5.1.45
./configure --prefix=/usr/local/mysql --localstatedir=/var/lib/mysql --with-unix-socket-path=/var/lib/mysql/mysql.sock --with-mysqld-user=mysql --enable-assembler --enable-thread-safe-client --with-extra-charsets=all --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innodb_plugin,myisam,myisammrg
make && make install
cd ../

cp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf
/usr/local/mysql/bin/mysql_install_db --user=mysql
chown -R mysql.mysql /var/lib/mysql
chgrp -R mysql /usr/local/mysql/.
cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysql
chmod u+x /etc/init.d/mysql
chkconfig --level 345 mysql on
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
echo "/usr/local/lib" >>/etc/ld.so.conf
ldconfig
ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln -s /usr/local/mysql/include/mysql /usr/include/mysql
ln -s /usr/local/mysql/bin/mysql_config /usr/bin/mysql_config
service mysql start
/usr/local/mysql/bin/mysqladmin -u root password root
service mysql restart
service mysql stop

二.编译安装apache(httpd).apache的执行用户为nobody.

cd /usr/local/src
tar -zxf httpd-2.2.15.tar.gz
cd httpd-2.2.15
./configure --prefix=/usr/local/apache --enable-headers --enable-mime-magic --enable-proxy --enable-rewrite --enable-ssl --enable-suexec --disable-userdir --with-included-apr --with-mpm=prefork --with-ssl=/usr --with-suexec-caller=nobody --with-suexec-docroot=/ --with-suexec-gidmin=100 --with-suexec-logfile=/usr/local/apache/logs/suexec_log --with-suexec-uidmin=100 --with-suexec-userdir=public_html
make
make install
mkdir /usr/local/apache/domlogs
cp /usr/local/apache/bin/apachectl /etc/init.d/httpd

1.编辑/etc/init.d/httpd,在首行#!/bin/sh下添加:

# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve /
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/logs/httpd.pid
# config: /usr/local/apache/conf/httpd.conf

ulimit -n 1024
ulimit -n 4096
ulimit -n 8192
ulimit -n 16384
ulimit -n 32768

保存退出.

2.配置apache配置参数文件httpd.conf,位于/usr/local/apache/conf/目录

cd /usr/local/apache/conf/
mv httpd.conf httpd.conf.bak
mkdir vhosts
vi httpd.conf

输入以下内容:

PidFile logs/httpd.pid
LockFile logs/accept.lock
ServerRoot "/usr/local/apache"
Listen 0.0.0.0:81
User nobody
Group nobody
ServerAdmin admin@evlit.com
ServerName host.evlit.com

Timeout 300
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 5
UseCanonicalName Off
AccessFileName .htaccess
TraceEnable Off
ServerTokens ProductOnly
FileETag None
ServerSignature Off
HostnameLookups Off

# LoadModule perl_module modules/mod_perl.so

DocumentRoot "/usr/local/apache/htdocs"

 Options ExecCGI FollowSymLinks Includes IncludesNOEXEC -Indexes -MultiViews SymLinksIfOwnerMatch
 Order allow,deny
 Allow from all
 AllowOverride All

 Options Includes -Indexes FollowSymLinks
 AllowOverride None
 Order allow,deny
 Allow from all


DefaultType text/plain
RewriteEngine on
AddType text/html .shtml
AddHandler cgi-script .cgi .pl .plx .ppl .perl
AddHandler server-parsed .shtml

    TypesConfig conf/mime.types
    AddType application/perl .pl .plx .ppl .perl
    AddType application/x-img .img
    AddType application/x-httpd-php .php .php3 .php4 .php5 .php6
    AddType application/x-httpd-php-source .phps
    AddType application/cgi .cgi
    AddType text/x-sql .sql
    AddType text/x-log .log
    AddType text/x-config .cnf conf
    AddType text/x-registry .reg
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType text/html .shtml
    AddType application/x-tar .tgz
    AddType application/rar .rar
    AddType application/x-compressed .rar
    AddType application/x-rar .rar
    AddType application/x-rar-compressed .rar
    AddType text/vnd.wap.wml .wml
    AddType image/vnd.wap.wbmp .wbmp
    AddType text/vnd.wap.wmlscript .wmls
    AddType application/vnd.wap.wmlc .wmlc
    AddType application/vnd.wap.wmlscriptc .wmlsc

 DirectoryIndex index.html index.htm index.shtml index.php index.perl index.pl index.cgi

 Order allow,deny
 Deny from all

 Satisfy All

 Order allow,deny
 Deny from all
 Satisfy All


ErrorLog "logs/error_log"
LogLevel warn


 LogFormat "%h %l %u %t /"%r/" %>s %b /"%{Referer}i/" /"%{User-Agent}i/"" combined
 LogFormat "%h %l %u %t /"%r/" %>s %b" common

 
 LogFormat "%h %l %u %t /"%r/" %>s %b /"%{Referer}i/" /"%{User-Agent}i/" %I %O" combinedio
 
 CustomLog "logs/access_log" common

 ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"

 AllowOverride None
 Options None
 Order allow,deny
 Allow from all

 StartServers          3
 MinSpareServers       3
 MaxSpareServers       5
 MaxClients          150
 MaxRequestsPerChild   1024

Header set Cache-Control "max-age=3600, must-revalidate"


ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

Include conf/extra/httpd-languages.conf


 SetHandler server-status
 Order deny,allow
 Deny from all
 Allow from 127.0.0.1

ExtendedStatus On


 SetHandler server-info
 Order deny,allow
 Deny from all
 Allow from 127.0.0.1

Listen 0.0.0.0:443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLPassPhraseDialog  builtin
SSLSessionCache         dbm:/usr/local/apache/logs/ssl_scache
SSLSessionCacheTimeout  300
SSLMutex  file:/usr/local/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin


#Vhosts
NameVirtualHost 127.0.0.1:81
NameVirtualHost *


 ServerName host.evlit.com
 DocumentRoot /var/www/html
 ServerAdmin admin@evlit.com


Include conf/vhosts/*

上述虚拟主机配置中出现的127.0.0.1请改为你本机公网IP.

三.编译安装php(mod_php)

1.编译安装相关支持库

cd /usr/local/src
tar -zxf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure
make
make install

cd /usr/local/src
tar -jxf libmcrypt-2.5.8.tar.bz2
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install

cd /usr/local/src
tar -jxf mhash-0.9.9.9.tar.bz2
cd mhash-0.9.9.9/
./configure
make
make install

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1

cd /usr/local/src
tar -zxf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install

2.编译php,这里为php打入补丁.有助于防止邮件发送被滥用(多用户)以及在邮件中提供有价值的信息.补丁介绍信息请访问:http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/

cd /usr/local/src
tar -zxf php-5.2.13.tar.gz
patch -d php-5.2.13 -p1 cd php-5.2.13
./configure --prefix=/usr/local --with-config-file-path=/etc --with-apxs2=/usr/local/apache/bin/apxs --enable-bcmath --enable-calendar --enable-exif --enable-ftp --enable-gd-native-ttf --enable-libxml --enable-magic-quotes --enable-mbstring --enable-pdo=shared --enable-soap --enable-sockets --enable-zip --with-bz2 --with-curl --with-curlwrappers --with-freetype-dir --with-gd --with-gettext --with-jpeg-dir --with-kerberos --with-libexpat-dir=/usr --with-libxml-dir=/usr --with-mcrypt=/usr --with-mhash=/usr --with-mysql=/usr --with-mysql-sock=/var/lib/mysql/mysql.sock --with-mysqli=/usr/bin/mysql_config --with-openssl=/usr --with-openssl-dir=/usr --with-pdo-mysql=shared --with-pdo-sqlite=shared --with-png-dir=/usr --with-sqlite=shared --with-ttf --with-xmlrpc --with-zlib -with-zlib-dir=/usr
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /etc/php.ini

3.安装php扩展模块

cd /usr/local/src
tar -zxf memcache-2.2.5.tgz
cd memcache-2.2.5/
phpize
./configure --with-php-config=/usr/local/bin/php-config --with-zlib-dir --enable-memcache
make
make install

cd /usr/local/src
tar -jxf eaccelerator-0.9.6.tar.bz2
cd eaccelerator-0.9.6/
phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/bin/php-config
make
make install
mkdir -p /tmp/eaccelerator
chmod 777 /tmp/eaccelerator
echo "mkdir -p /tmp/eaccelerator" >> /etc/rc.local
echo "chmod 777 /tmp/eaccelerator" >> /etc/rc.local

cd /usr/local/src
tar -zxf ImageMagick.tar.gz
cd ImageMagick-*
./configure
make
make install

cd /usr/local/src
tar -zxf imagick-2.3.0.tgz
cd imagick-2.3.0/
phpize
./configure --with-php-config=/usr/local/bin/php-config
make
make install

cd /usr/local/src
tar -zxf suhosin-0.9.29.tgz
cd suhosin-0.9.29
phpize
./configure
make
make install

cd /usr/local/src
tar -zxf ioncube_loaders_lin_x86.tar.gz
cd ioncube
mkdir /usr/local/ioncube
mv ioncube_loader_lin_5.2.so /usr/local/ioncube/

cd /usr/local/src
tar -zxf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
mkdir -p /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x
cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x/ZendOptimizer.so

3.1.修改php.ini.

查找/etc/php.ini中的extension_dir = "./".将其修改为extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20060613/"
查找;include_path = ".:/php/includes",删除前面的分号,并修改为include_path = ".:/usr/lib/php:/usr/local/lib/php"
跳到最后一行,然后添加以下内容:

extension = "memcache.so"
extension = "pdo.so"
extension = "pdo_mysql.so"
extension = "pdo_sqlite.so"
extension = "sqlite.so"
extension = "eaccelerator.so"
eaccelerator.shm_size = 32
eaccelerator.cache_dir = "/tmp/eaccelerator"
eaccelerator.enable = 1
eaccelerator.optimizer = 0
eaccelerator.debug = 0
eaccelerator.name_space = ""
eaccelerator.check_mtime = 1
eaccelerator.filter = ""
eaccelerator.shm_max = 0
eaccelerator.shm_ttl = 3600
eaccelerator.shm_prune_period = 3600
eaccelerator.shm_only = 0
eaccelerator.compress = 0
eaccelerator.compress_level = 9
eaccelerator.keys = shm
eaccelerator.sessions = shm
eaccelerator.content = shm

zend_extension = "/usr/local/ioncube/ioncube_loader_lin_5.2.so"
zend_extension = "/usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x/ZendOptimizer.so"

4,安装Memcached(可选)

cd /usr/local/src
tar -xzf libevent-1.4.13-stable.tar.gz
cd libevent-1.4.13-stable
./configure
make
make install
echo "/usr/local/lib/" > /etc/ld.so.conf.d/libevent.conf
ldconfig -v

cd /usr/local/src
tar -xzf memcached-1.4.4.tar.gz
cd memcached-1.4.4
./configure
make
make install

基本使用方法:

启动:/usr/local/bin/memcached -d -m 64 -p 11211 -u nobody -l localhost
关闭:killall -9 memcached

四.安装nginx

1.安装pcre库

cd /usr/local/src
tar -zxf pcre-8.01.tar.gz
cd pcre-8.01
./configure
make
make install

2.安装nginx

cd /usr/local/src
tar -zxf nginx-0.7.65.tar.gz
cd nginx-0.7.65
./configure --user=nobody --group=nobody --prefix=/usr/local/nginx --pid-path=/usr/local/nginx/logs/nginx.pid --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_stub_status_module
make
make install

2.1.添加init控制脚本

#! /bin/sh
ulimit -n 65535
# Description: Startup script for nginx
# chkconfig: 2345 55 25

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME

set -e
[ -x "$DAEMON" ] || exit 0

do_start() {
 $DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}

do_stop() {
 kill -INT `cat $PIDFILE` || echo -n "nginx not running"
}

waitforexit() {
 count=${2:-30}
 while [ 0$count -gt 0 ]
 do
   PIDS=`ps -C$NAME --no-heading e | grep $DAEMON` || break
   PIDS=`echo "$PIDS" | awk '{print $1}' | tr '/n' ' '`
   echo Remaining processes: $PIDS
   do_stop
   sleep 2
   count=`expr $count - 1`
 done
 if [ 0$count -eq 0 ];
 then
   echo Remaining processes: $PIDS
   return 1
 fi
 return 0
}

do_reload() {
kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
}

case "$1" in
 start)
 echo -n "Starting $DESC: $NAME"
 do_start
 echo "."
 /etc/init.d/httpd start
 ;;
 stop)
 echo -n "Stopping $DESC: $NAME"
 do_stop
 echo "."
 /etc/init.d/httpd stop
 ;;
 reload)
 echo -n "Reloading $DESC configuration..."
 do_reload
 echo "."
 /etc/init.d/httpd restart
 ;;
 restart)
 echo -n "Restarting $DESC: $NAME"
 waitforexit "nginx" 20
 do_start
 echo "."
 /etc/init.d/httpd restart
 ;;
 *)
 echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
 exit 3
 ;;
esac

exit 0

保存退出,给该文件赋予执行权限并设置开机启动

chmod 755 /etc/init.d/nginx
chkconfig --level 345 nginx on

2.2.修改nginx配置文件,位于:/usr/local/nginx/conf/目录

mkdir -p /var/cache/nginx/cached
chmod 600 /var/cache/nginx/cached
cd /usr/local/nginx/conf/
mv nginx.conf nginx.conf.bak
mkdir vhosts
vi nginx.conf

输入以下内容:

worker_processes  2;
worker_rlimit_nofile  20480;
events {
worker_connections  20480;
use epoll;
}
error_log  /usr/local/nginx/logs/error.log info;
http {
server_name_in_redirect off;
server_names_hash_max_size 2048;
server_names_hash_bucket_size 256;
include    mime.types;
default_type  application/octet-stream;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout  60;
gzip on;
gzip_http_version 1.0;
gzip_min_length  1100;
gzip_comp_level  3;
gzip_buffers  4 32k;
# gzip_types    text/plain application/x-javascript text/xml text/css;
gzip_types    text/plain text/xml text/css application/x-javascript application/xml application/xml+rss text/javascript application/atom+xml;
ignore_invalid_headers on;
client_header_timeout  300;
client_body_timeout 300;
send_timeout     30;
reset_timedout_connection on;
connection_pool_size  256;
client_header_buffer_size 256k;
large_client_header_buffers 4 256k;
request_pool_size  32k;
output_buffers   4 32k;
postpone_output  1460;
proxy_cache_path  /var/cache/nginx/cached levels=2:2 keys_zone=global:100m inactive=60m max_size=500m;
proxy_temp_path  /tmp/nginx_proxy;
include "/usr/local/nginx/conf/vhosts/*.conf";
}

保存退出.

五.为apache安装rpaf模块,该模块用于apache做后端时获取访客真实的IP.

1.使用apxs安装模块.这里要使用此前apache编译安装后的apxs

cd /usr/local/src/
tar -zxf mod_rpaf-0.6.tar.gz
cd mod_rpaf-0.6
/usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

2.编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:

LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings
RPAFenable On
RPAFproxy_ips 127.0.0.1 [your_ips]
RPAFsethostname On
RPAFheader X-Forwarded-For

上面出现的[your_ips]请修改为你本机所监听web服务的ip.多个IP用空格空开.

六.安装ftp服务器:pure-ftpd

1.编译安装

cd /usr/local/src/
tar -zxf pure-ftpd-1.0.28.tar.gz
cd pure-ftpd-1.0.28
./configure --prefix=/usr/local/pureftpd --with-language=simplified-chinese --with-everything
make
make install
chmod 755 configuration-file/pure-config.pl
cp configuration-file/pure-config.pl /usr/local/pureftpd/sbin/
mkdir /usr/local/pureftpd/etc/
cp configuration-file/pure-ftpd.conf /usr/local/pureftpd/etc/
ln -s /usr/local/pureftpd/bin/pure-pw /usr/local/bin/

2.配置pure-ftpd,这里采用PureDB的验证方式.

vi /usr/local/pureftpd/etc/pure-ftpd.conf

查找 PureDB /etc/pureftpd.pdb 取消前面的#号并设置成PureDB/usr/local/pureftpd/etc/pureftpd.pdb
查找 PassivePortRange 取消前面的#号
其他参数根据需要进行修改

3.添加自启动.这里不创建init脚本.直接放在/etc/rc.local启动即可

echo "/usr/local/pureftpd/sbin/pure-config.pl /usr/local/pureftpd/etc/pure-ftpd.conf --daemonize" >> /etc/rc.local

至此.所有安装工作结束.

如何使用这套系统

一,做好必要的安全工作

设置用户家目录/home/user,相关配置参数文件,以及访问日志等目录的权限.

chmod 711 /home
chmod 711 /usr/local/pureftpd/etc
chmod 711 /usr/local/apache/conf/vhosts
chmod 711 /usr/local/nginx/conf/vhosts
chmod 711 /usr/local/apache/domlogs
chmod 711 /usr/local/apache/logs
chmod 600 /var/cache/nginx/cached

二,如何创建用户

创建用户分两个步骤.第一步创建系统用户.该命令直接创建用户家目录.第二步创建ftp用户.创建该用户依赖系统用户的创建.步骤如下(以创建用户名为admin为例):

useradd admin -m -s /sbin/nologin
pure-pw useradd admin -u admin -g admin -d /home/admin -m[第一次执行不可用]
pure-pw mkdb[仅限第一次执行]

注意.通过上述方法安装的ftp服务器在第一次创建用户的时候不可以在pure-pw useradd ...后直接添加参数-m更新ftp用户数据库.需要分两步执行.以后可以直接在创建用户时在后面添加参数-m,执行之后会提示让你输入密码.需要重复输入两次.

三.如何绑定域名

由于采用前后端操作.因此需要修改两个服务器软件的虚拟主机参数.实例如下(以admin.com为例,用户目录承接上文的/home/admin):

1.创建nginx虚拟主机参数

首先先把公共cache参数和proxy参数写进文件中

cd /usr/local/nginx/conf
touch cache.inc proxy.inc

然后分别编辑者两个文件。

vi cache.inc

proxy_cache global;
proxy_cache_key $host$uri$is_args$args;
#proxy_cache_valid 200 302 10m;
#proxy_cache_valid 301 1h;
#proxy_cache_valid any 1m;
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
proxy_temp_file_write_size 64k;
proxy_max_temp_file_size 56m;

vi proxy.inc

proxy_connect_timeout 30s;
proxy_send_timeout 300;
proxy_read_timeout 300;
proxy_buffer_size 64k;
proxy_buffers 16 32k;
proxy_busy_buffers_size 64k;
#proxy_pass http://127.0.0.1:81;
proxy_redirect off;
proxy_hide_header Vary;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

然后再编辑虚拟主机文件就会很清晰了

cd /usr/local/nginx/conf/vhosts
touch admin.com.conf
vi admin.com.conf
输入以下内容:

server {
error_log /var/log/nginx/vhost-error_log warn;
listen 127.0.0.1:80;
server_name admin.com www.admin.com;
access_log /usr/local/apache/domlogs/admin.com combined;
location / {
root /home/admin/public_html;
proxy_cache_valid 200 301 302 10m;
proxy_cache_valid any 1m;
expires 1d;
proxy_pass http://127.0.0.1:81;
include proxy.inc;
include cache.inc;
}
location ~ .*/.(jpg|jpeg|png|gif|bmp|ico|js|css|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ {
proxy_cache_valid  200 10s;
expires 7d;
proxy_pass http://127.0.0.1:81;
include proxy.inc;
include cache.inc;
}
location ~ .*/.(php|jsp|cgi)?$ {
proxy_pass http://127.0.0.1:81;
include proxy.inc;
}
location ~ //.ht {
deny all;
}
}

保存退出,注意将上述出现的127.0.0.1替换本机监听web服务的IP

2.创建apache虚拟主机配置文件

cd /usr/local/apache/conf/vhosts
touch admin.com.conf
vi admin.com.conf
输入以下内容:


 ServerName admin.com
 ServerAlias www.admin.com
 DocumentRoot /home/admin/public_html
 ServerAdmin admin@evlit.com
 UseCanonicalName Off
 php_admin_value open_basedir "/home/admin:/usr/lib/php:/usr/local/lib/php:/tmp"
 
 SuexecUserGroup admin admin
 
 ScriptAlias /cgi-bin/ /home/admin/public_html/cgi-bin/

保存退出,注意将上述出现的127.0.0.1替换本机监听web服务的IP,用户名admin改为虚拟主机用户的名称.

四.如何管理MySQL数据库

1.下载最新版PhpMyAdmin源码包

mkdir -p /var/www/html
chmod -R 711 /var/www
cd /var/www/html
wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.3.3/phpMyAdmin-3.3.3-all-languages.zip/download
unzip phpMyAdmin-3.3.3-all-languages.zip
mv phpMyAdmin-3.3.3-all-languages phpmyadmin

2.增加apache配置,编辑httpd.conf,转到最后一行

cd /usr/local/apache/conf
vi httpd.conf /* shift+g转到最后一行 */
#Managed Tools

ServerName localhost
ServerAlias pma.*
DocumentRoot /var/www/html/phpmyadmin
ServerAdmin admin@localhost
UseCanonicalName Off

同样,修改上述出现的127.0.0.1为你提供web服务的IP.重启apache后.我们打开绑定到服务器IP的pma.yourdomain.com即可访问到phpmyadmin.第一次使用.需要进行配置.具体配置请善用Google.

其他没有照顾到的地方自行添加即可.如perl,sendmail等.