CentOS 下安装 LEMP 服务(NginxMariaDB/MySQL 和PHP)

Posted 记事本

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了CentOS 下安装 LEMP 服务(NginxMariaDB/MySQL 和PHP)相关的知识,希望对你有一定的参考价值。

本文环境基于 CentOS 7 

1)安装Nginx

# yum install nginx 

# systemctl enable nginx.service

# systemctl start nginx.service

2)安装mariadb

# yum install mariadb-server
# systemctl enable mariadb
# systemctl start mariadb

 

安装完成后,首次启动应先运行脚本:

# mysql_secure_installation

这是为数据库服务器进行一些安全强化措施,包括设置(非空)的 root 密码、删除匿名用户、锁定远程访问。

以下是命令和回显:

# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, well need the current
password for the root user.  If youve just installed MariaDB, and
you havent set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] 
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] 
 ... Success!

Normally, root should only be allowed to connect from localhost.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] 
 ... Success!

By default, MariaDB comes with a database named test that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] 
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] 
 ... Success!

Cleaning up...

All done!  If youve completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

 

3)安装PHP

LEMP的安装,至少需要 php-FPM 和 PHP-MySQL 两个模块。

PHP-FPM(FastCGI 进程管理器)实现的是 nginx 服务器和生成动态内容的 PHP 应用程序的访问接口。

PHP-MySQL 模块使 PHP 程序能访问 MariaDB/MySQL 数据库。

其它模块根据实际情况选用

# yum install php php-fpm php-mysql php-gd php-mbstring php-mcrypt 

 

4) 配置和启动 PHP-FPM

# vim /etc/php-fpm.d/www.conf

将其中的 user 和 group 部分改为nginx

user = nginx
group = nginx

然后启动 PHP-FPM

# sudo systemctl start php-fpm
# sudo systemctl enable php-fpm
Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.

继续,调整 PHP 的安全配置选项,在 /etc/php.ini 文件中增加以下两行:

cgi.fix_pathinfo=0
date.timezone ="Asia/Shanghai"

第二行定义的是 PHP 中日期/时间相关函数使用相关的默认时区。使用本文最末段《6)PHP的时区配置》中的方法,找出或者设置您所在的时区,并设置相应 date.timezone 的值。

调整完成后:

# systemctl restart nginx
# systemctl restart php-fpm

 

5) 永久关闭 HTTPD 服务

因为安装php的时候,系统默认把HTTPD 也给安装上了,为确保安全永久关闭该服务。

# systemctl disable httpd

 

6)PHP 的时区配置(timezone)

PHP的缺省时区在php.ini 文件中配置,首先定位配置文件的所在:

# php --ini
Configuration File (php.ini) Path: /etc
Loaded Configuration File:         /etc/php.ini
Scan for additional .ini files in: /etc/php.d
Additional .ini files parsed:      /etc/php.d/curl.ini,
/etc/php.d/fileinfo.ini,
/etc/php.d/gd.ini,
/etc/php.d/json.ini,
/etc/php.d/mbstring.ini,
/etc/php.d/mcrypt.ini,
/etc/php.d/mysql.ini,
/etc/php.d/mysqli.ini,
/etc/php.d/pdo.ini,
/etc/php.d/pdo_mysql.ini,
/etc/php.d/pdo_sqlite.ini,
/etc/php.d/phar.ini,
/etc/php.d/sqlite3.ini,
/etc/php.d/zip.ini
# 

命令回显的第二行显示配置文件位于:/etc/php.ini ,接下来确定我们的时区标记(timezone,TZ),使用 tzselect 命令:

# tzselect
Please identify a location so that time zone rules can be set correctly.
Please select a continent or ocean.
 1) Africa
 2) Americas
 3) Antarctica
 4) Arctic Ocean
 5) Asia
 6) Atlantic Ocean
 7) Australia
 8) Europe
 9) Indian Ocean
10) Pacific Ocean
11) none - I want to specify the time zone using the Posix TZ format.
#? 5
Please select a country.
 1) Afghanistan          18) Israel            35) Palestine
 2) Armenia          19) Japan            36) Philippines
 3) Azerbaijan          20) Jordan            37) Qatar
 4) Bahrain          21) Kazakhstan        38) Russia
 5) Bangladesh          22) Korea (North)        39) Saudi Arabia
 6) Bhutan          23) Korea (South)        40) Singapore
 7) Brunei          24) Kuwait            41) Sri Lanka
 8) Cambodia          25) Kyrgyzstan        42) Syria
 9) China          26) Laos            43) Taiwan
10) Cyprus          27) Lebanon            44) Tajikistan
11) East Timor          28) Macau            45) Thailand
12) Georgia          29) Malaysia            46) Turkmenistan
13) Hong Kong          30) Mongolia            47) United Arab Emirates
14) India          31) Myanmar (Burma)        48) Uzbekistan
15) Indonesia          32) Nepal            49) Vietnam
16) Iran          33) Oman            50) Yemen
17) Iraq          34) Pakistan
#? 9
Please select one of the following time zone regions.
1) Beijing Time
2) Xinjiang Time
#? 1

The following information has been given:

    China
    Beijing Time

Therefore TZ=Asia/Shanghai will be used.
Local time is now:    Thu Mar 29 10:25:09 CST 2018.
Universal Time is now:    Thu Mar 29 02:25:09 UTC 2018.
Is the above information OK?
1) Yes
2) No
#? 1

You can make this change permanent for yourself by appending the line
    TZ=Asia/Shanghai; export TZ
to the file .profile in your home directory; then log out and log in again.

Here is that TZ value again, this time on standard output so that you
can use the /usr/bin/tzselect command in shell scripts:
Asia/Shanghai
# 

我们的时区即为: Asia/Shanghai

现在打开PHP的配置初始化文件 php.ini 找到并修改如下内容:

date.timezone = "Asia/Shanghai"

确定后保存。

 

7)最后重启相关服务,更新配置

# systemctl restart nginx
# systemctl restart php-fpm

 

8) 配置 nginx 的网站

配置文件如下:

server {
    listen 80;
    server_name www.example.com;
    root /var/www/html/example;
    index index.php index.html index.htm;
     
    location / {
  if (-f $request_filename/index.html) {
            rewrite (.*) $1/index.html break;
        }
        if (-f $request_filename/index.php) {
            rewrite (.*) $1/index.php;
        }
        if (!-f $request_filename) {
            rewrite (.*) /index.php;
        }
        try_files $uri $uri/ = 404;
    }
     
    # redirect server error pages to the static page /50x.html
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    }
     
    # nginx passes PHP scripts to FastCGI server via a TCP/9000 socket
    # this setting much be consistent with /etc/php-fpm.d/www.conf
    # try_files prevents nginx from passing bad scripts to FastCGI server
    
    location ~ \.php$ {
      try_files $uri = 404;
      fastcgi_pass 127.0.0.1:9000;
      fastcgi_index index.php;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      include fastcgi_params;
    }
}

server {
    server_name example.com;
    return 301 $scheme://www.example.com$request_uri;
}

 

9) 测试服务器配置

在 /var/www/html/ 目录下,添加文件index.php ,内容如下:

<?php phpinfo();?>

保存后,在浏览器中输入 http://www.example.com/ 查看显示。

 

以上是关于CentOS 下安装 LEMP 服务(NginxMariaDB/MySQL 和PHP)的主要内容,如果未能解决你的问题,请参考以下文章

LEMP平台搭建

作曲家安装,缺少 ext-dom - LEMP Centos 7

Centos下安装配置WordPress与nginx教程

在CentOS上yum安装phpMyAdmin的教程

LNMP的安装及其相关命令

如何在 Debian 9 下安装 LEMP 和 WHMCS 7.5