[CentOS 7] LNMP主機安裝

指令教學

參考網址:https://goo.gl/Bz1F4h

# rpm -qa | grep php //查詢安裝軟體,EX:查 php 安裝軟體

更新檔案

# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm //映像檔
# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm  //映像檔
# yum update -y

安裝 VIM (編輯器)

# yum install vim-enhanced -y
# mv /bin/vi /bin/vi.bak
# ln -s /usr/bin/vim /bin/vi
# echo "set nu" >> /etc/vimrc //顯示行數

修改 Linux 預設的 Language 以免 Putty 顯示不出中文

# vi /etc/sysconfig/selinux
SELINUX=disabled //關閉

開啟 NTP 自動校時服務

# yum install ntp -y
# systemctl start ntpd
# systemctl enable ntpd
# ntpdate tick.stdtime.gov.tw
# systemctl restart ntpd

安裝Server使用工具

# yum install wget rsyslog telnet -y

安裝 PHP

# yum install php71w-pdo php71w-mbstring php71w-xml php71w-common php71w-mysqlnd php71w-gd php71w-devel php71w-soap php71w php71w-cli php71w-xmlrpc php71w-mcrypt -y

設定

修改 php.ini 的配置

#vi /etc/php.ini

short_open_tag = On
max_execution_time = 300
max_input_time = 600
memory_limit = 128M
display_errors = Off
log_errors = On
ignore_repeated_errors = On
ignore_repeated_source = On
post_max_size = 20M
upload_max_filesize = 16M
date.timezone = Asia/Taipei

安裝 Nginx

CentOS 7.1 中,Nginx 並未被正式收錄在 yum,因此無法安裝,可自行加入 Nginx 官方提供的 CentOS 7 yum repository,即可直接安裝。

# rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
# yum install nginx -y

Nginx 相關檔案位置:
所有設定檔:/etc/nginx/
主要設定檔:/etc/nginx/nginx.conf
預設設定檔:/etc/nginx/conf.d/default.conf
程序設定檔:/usr/sbin/nginx
log 檔:/var/log/nginx/

主要設定檔
Nginx 服務的主要設定檔

# vi /etc/nginx/nginx.conf

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
    worker_connections 1024;
}
http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;
    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;
    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    # 讀取此目錄的檔案為 .conf 結尾做 Virtual Host
    include /etc/nginx/conf.d/*.conf;
    # 設定可上傳最大檔案容量 (依需求而定)
    client_max_body_size 30m;
#    server {
#        listen       80 default_server;
#        listen       [::]:80 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
#
# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
}

虛擬主機設定檔
Nginx 預設的主機設定檔

# vi /etc/nginx/conf.d/phpadmin.conf

server {
    # 這個主機的 Port
    listen       80;
    # 這個主機的名稱
    server_name  phpadmin.system.com.tw;
    # 設定預設編碼,但通常都是由網頁 來定義,因此預設註解
    #charset koi8-r;
    # 針對這個主機的 log 檔位置
    #access_log  /var/log/nginx/log/host.access.log  main;
    # html 檔
    location / {
        # 網站的根目錄位置
        root   /usr/share/nginx/html/phpadmin/;
        # 使用「瀏覽器」瀏覽根目錄時,未指定檔名時預設使用的檔案
        index  index.php index.html index.htm;
        # [須手動新增] 在瀏覽器呈現目錄樹為 on;反之 off,正試上線最好設成 off(預設值 off)
        autoindex off;
    }
    # 發生 404 指定導向哪個網頁
    error_page  404              /404.html;
    location = /404.html {
        root   /usr/share/nginx/html;
    }
    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}
    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    # php 檔 (與 PHP-FPM 連動)
    location ~ \.php$ {
        # 網站的根目錄位置
        root           /usr/share/nginx/html/phpadmin;
        # 要使用 FastCGI 解析的檔案位置
        fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
        # 使用「瀏覽器」瀏覽根目錄時,未指定檔名時預設使用的檔案
        fastcgi_index  index.php;
        try_files $uri =404;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

服務設定
啟用服務並開機自動啟用

# systemctl start nginx
# systemctl enable nginx

防火牆
設定 firewall 允許 http(80 Port)、https(443 Port)封包通行

# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --permanent --zone=public --add-service=https
# firewall-cmd --reload

檢設 firewall 的設定

# firewall-cmd --zone=public --list-all
回饋
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client ssh http https
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

安裝 PHP-FPM

php-fpm:也就是 FastCGI,透過它來讓 Nginx 與 PHP 之間交互連動

# yum install php71w-fpm -y

設定
修改 php-fpm 的配置

# vi /etc/php-fpm.d/www.conf

;user = apache
user = nginx

;group = apache
group = nginx

;listen = 127.0.0.1:9000
listen = /var/run/php-fpm/php-fpm.sock

//預設帳戶、群組,為正在運作的帳戶
;listen.owner = nobody
listen.owner = nginx

;listen.group = nobody
listen.group = nginx

//權限(預設為 0666)
;listen.mode = 0660
listen.mode = 0666

; session 的路徑
php_value[session.save_path] = /var/lib/php/session

修改 session 路徑的擁有者、群組為 nginx

# chown nginx:nginx /var/lib/php/session/

修改網站根目錄的擁有者、群組為 nginx

# chown -R nginx:nginx /usr/share/nginx/html

重啟 Nginx 服務

# systemctl restart nginx

服務設定

# systemctl start php-fpm
# systemctl enable php-fpm

安裝 MariaDB

# yum install mariadb-server mariadb -y

初始化設定

須先啟用服務,才可進行初始化

# systemctl start mariadb

進行初始化設定

# mysql_secure_installation

/usr/bin/mysql_secure_installation: line 379: find_mysql_client:命令找不到
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): # 輸入目前 MariaDB 的 root 密碼(第一次設定應該是空的,所以直接「ENTER」即可)
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] # 直接「ENTER」
New password: # 設定新的密碼
Re-enter new password: # 再次確認密碼
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] # 是否要移除 anonymous user 的資料,直接「ENTER」
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] # 是否只允許讓 root 從 localhost 登入,無法從其他的網路登入,直接「ENTER」
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] # 是否移除 test 的資料庫,直接「ENTER」
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] # 是否要重新載入權限的 table 資訊,直接「ENTER」
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

安裝 MC (GUI介面)

參考網址:https://goo.gl/hiqCUq

# yum install mc -y

安裝 ZIP (壓縮軟體)

# yum install zip unzip -y

安裝 nmap (查 Port 軟體)

# yum install nmap -y
# nmap -sT -O localhost

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *