nginx实验---lnmp实现多个虚拟主机,部署wordpress和phpmyadmin,并为后一个主机提供https
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了nginx实验---lnmp实现多个虚拟主机,部署wordpress和phpmyadmin,并为后一个主机提供https相关的知识,希望对你有一定的参考价值。
lnmp实现多个虚拟主机,部署wordpress和phpmyadmin,并为后一个主机提供https。
一、安装nginx
方法一:编译安装
1.下载nginx程序包,传导至CentOS主机中,并解压。
2.进入解压目录
3.~]# ./configure --prefix=/usr/local/nginx--sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf--error-log-path=/var/log/nginx/error.log--http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid--lock-path=/var/lock/subsys/nginx.lock --user=nginx --group=nginx--with-http_ssl_module --with-http_v2_module --with-http_dav_module--with-threads --with-file-aio --with-http_stub_status_module
4. make -j 4 && make install
注意:1.启动服务需要事先创建nginx用户和nginx组;
2.若编译错误提示缺少编译软件可以 yum -y install gcc gcc-c++autoconf automake make
方法二:EPEL源的安装包
[[email protected] ~]# cd /etc/yum.repos.d/
[[email protected]]# vim nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
[[email protected] yum.repos.d]# yum install -y nginx
二、创建虚拟机
[[email protected] ~]# mkdir -pv/var/www/vhost{1,2}
[[email protected] ~]# echo"www1.zrs.com" >> /var/www/vhost1/index.html
[[email protected] ~]# echo"www2.zrs.com" >> /var/www/vhost2/index.html
[[email protected] ~]# vim /etc/nginx/nginx.conf
server {
listen 80;
server_name www1.zrs.com;
location / {
root /var/www/vhost1;
index index.php index.html index.htm;
}
}
server {
listen 80;
server_name www2.zrs.com;
location / {
root /var/www/vhost2;
index index.php index.html index.htm;
}
}
[[email protected] ~]#nginx -t ///检查语法没问题
[[email protected]~]# nginx -s reload ///重启服务
客户端测试
三、安装php和mariadb,测试连接
[[email protected] ~]# yum install -y php-fpm mariadb-server mariadb
配置nginx支持php解析
[[email protected] ~]# vim /etc/nginx/nginx.conf
server {
listen 80;
server_name www1.zrs.com;
location / {
root /var/www/vhost1;
index index.php index.html index.htm;
}
location ~ \.php$ {
root /var/www/vhost1;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/vhost1/$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 80;
server_name www2.zrs.com;
location / {
root /var/www/vhost2;
index index.php index.html index.htm;
}
location ~ \.php$ {
root /var/www/vhost2;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/vhost2/$fastcgi_script_name;
include fastcgi_params;
}
}
[[email protected] ~]# nginx -t ///检查语法没问题
[[email protected] ~]# nginx -s reload ///重启服务
修改两个主页index.html为index.php
并添加测试段内容:
<?php
Phpinfo();
?>
客户端测试
创建数据库,授权用户,并刷新
MariaDB [(none)]> create database wpsdb;
MariaDB [(none)]> grant all on wpsdb.*TO ‘wpuser‘@‘172.16.%.%‘IDENTIFIED BY‘123456‘;
MariaDB [(none)]> create database pma;
MariaDB [(none)]> grant all on pma.* TO‘pmauser‘@‘172.16.%.%‘IDENTIFIED BY‘123456‘;
MariaDB [(none)]> FLUSH PRIVILEGES;
测试php和数据库能否正常连接
[[email protected] ~]# vim/var/www/vhost1/index.php
vhost2也同样设置成这样,相关数据库内容要改为pma的。
客户端测试
四、部署wordpress和phpmyadmin
下载这两个应用并导入虚拟机中,分别解压
[[email protected] ~]# unzipwordpress-3.9-zh_CN.zip
[[email protected] ~]# tar -zxvfphpMyAdmin-4.0.10.20.tar.gz
1.部署wordpress
[[email protected] ~]# mv wordpress/var/www/vhost1/
[[email protected] ~]# cd /var/www/vhost1/wordpress/
[[email protected] wordpress]# mvwp-config-sample.php wp-config.php
[[email protected] wordpress]# vim wp-config.php ///修改配置文件
/** WordPress数据库的名称*/
define(‘DB_NAME‘, ‘wpsdb‘);
/** mysql数据库用户名 */
define(‘DB_USER‘, ‘wpuser‘);
/** MySQL数据库密码 */
define(‘DB_PASSWORD‘, ‘123456‘);
/** MySQL主机 */
define(‘DB_HOST‘, ‘172.16.1.6‘);
客户端测试 
2. 部署phpmyadmin
[[email protected] ~]# mkdir/var/www/vhost2/phpmyadmin
[[email protected] ~]# mv phpMyAdmin-4.0.10.20-all-languages/*/var/www/vhost2/phpmyadmin/
[[email protected] ~]# cd /var/www/vhost2/phpmyadmin/
[[email protected] phpmyadmin]# mvconfig.sample.inc.php config.inc.php
[[email protected] phpmyadmin]# vim config.inc.php ///修改这个文件中的下面一行配置为主机地址
$cfg[‘Servers‘][$i][‘host‘] = ‘172.16.1.6‘;
客户端测试
五、为phpmyadmin提供https
在主机上安装mod_ssl模块
[[email protected] ~]# yum -y install mod_ssl
切换到CA目录下,生成密钥和自签证书
[[email protected] ~]# cd /etc/pki/CA
[[email protected] CA]# (umask 077; openssl genrsa-out private/cakey.pem 2048)
Generating RSA private key, 2048 bit longmodulus
.......+++
...................................+++
e is 65537 (0x10001)
[[email protected] CA]# openssl req -new -x509 -keyprivate/cakey.pem -out cacert.pem
You are about to be asked to enterinformation that will be incorporated
into your certificate request.
What you are about to enter is what iscalled a Distinguished Name or a DN.
There are quite a few fields but you canleave some blank
For some fields there will be a defaultvalue,
If you enter ‘.‘, the field will be leftblank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Hebei
Locality Name (eg, city) [DefaultCity]:QinHuangdao
Organization Name (eg, company) [DefaultCompany Ltd]:Link
Organizational Unit Name (eg, section)[]:ops
Common Name (eg, your name or your server‘shostname) []:ca.link.com
Email Address []:[email protected]
提供辅助文件
[[email protected] CA]# touch index.txt
[[email protected] CA]# echo 01 > serial
生成私钥并且生成证书签署请求
[[email protected]~]# mkdir -pv /etc/nginx/ssl
[[email protected]~]# cd /etc/nginx/ssl
[[email protected] ssl]# (umask 077; openssl genrsa-out nginx.key 1024) ///生成私钥
Generating RSA private key, 1024 bit longmodulus
....++++++
...............................++++++
e is 65537 (0x10001)
[[email protected] ssl]# openssl req -new -keynginx.key -out nginx.csr ///生成证书请求
You are about to be asked to enterinformation that will be incorporated
into your certificate request.
What you are about to enter is what iscalled a Distinguished Name or a DN.
There are quite a few fields but you canleave some blank
For some fields there will be a defaultvalue,
If you enter ‘.‘, the field will be leftblank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name)[]:Hebei
Locality Name (eg, city) [DefaultCity]:QinHuangdao
Organization Name (eg, company) [DefaultCompany Ltd]:Link
Organizational Unit Name (eg, section)[]:ops
Common Name (eg, your name or your server‘shostname) []:ca.link.com
Email Address []:[email protected]
Please enter the following ‘extra‘attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
签发证书
[[email protected] ssl]# cp nginx.csr /tmp/
[[email protected] ssl]# openssl ca -in/tmp/nginx.csr -out /etc/pki/CA/certs/nginx.crt ///根据提示连续按两个“y”
[[email protected] ssl]# cp/etc/pki/CA/certs/nginx.crt /etc/nginx/ssl/ ///把签署好的证书发给请求者
修改nginx配置文件,添加支持ssl
[[email protected] ssl]# vim /etc/nginx/nginx.conf
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.php index.html index.htm;
}
}
客户端测试
本文出自 “12657170” 博客,请务必保留此出处http://12667170.blog.51cto.com/12657170/1972297
以上是关于nginx实验---lnmp实现多个虚拟主机,部署wordpress和phpmyadmin,并为后一个主机提供https的主要内容,如果未能解决你的问题,请参考以下文章
实现LNMP架构,并部署WordPress以及配置NGINX虚拟主机