搭建前后端web生产环境Linux+Apache+Nginx+MySQL+PHP

技术2025-07-12 14

最近看到很多人都在LNAMP，变得越来越流行了，干脆将我之前自己做的重新优化了一边，更新了新版程序，并降低了55%的内存消耗，速度和负载都比0.1版提高了不少。

LNAMP 女神工作室0.2版介绍：

Centos 5.5 32bitApache 2.2.17Nginx 0.8.54MySQL 5.1.55PHP 5.2.17

一、重装Centos系统，删除不比要的程序，并安装相关组件：

yum -y remove httpd mysql php

安装相关组件

yum -y install yum-fastestmirroryum -y updateyum -y install patch make gcc gcc-c++ gcc-g77 flex bison taryum -y install libtool libtool-libs kernel-devel autoconf213yum -y install libjpeg libjpeg-devel libpng libpng-develyum -y install libtiff libtiff-devel gettext gettext-develyum -y install freetype freetype-devel libxml2 libxml2-devel zlib zlib-develyum -y install file glib2 glib2-devel bzip2 diff* openldap-develyum -y install bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogsyum -y install e2fsprogs-devel krb5 krb5-devel libidn libidn-develyum -y install openssl openssl-devel vim-minimal unzipexport PHP_AUTOCONF=/usr/bin/autoconf-2.13export PHP_AUTOHEADER=/usr/bin/autoheader-2.13

安装PHP 5.2.x 所需的支持库

cd /usr/local/src

wget -c http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gztar zxvf libiconv-1.13.1.tar.gzcd libiconv-1.13.1/./configure --prefix=/usr/localmakemake installcd ../

wget -c http://monkey.org/~provos/libevent-2.0.10-stable.tar.gztar zxvf libevent-2.0.10-stable.tar.gzcd libevent-2.0.10-stable/./configure --prefix=/usrmakemake installcd ../

wget -c http://ncu.dl.sourceforge.net/sourceforge/mcrypt/libmcrypt-2.5.8.tar.gztar zxvf libmcrypt-2.5.8.tar.gzcd libmcrypt-2.5.8/./configuremakemake install/sbin/ldconfigcd libltdl/./configure --enable-ltdl-installmakemake installcd ../../

wget -c http://nchc.dl.sourceforge.net/sourceforge/mhash/mhash-0.9.9.9.tar.gztar zxvf mhash-0.9.9.9.tar.gzcd mhash-0.9.9.9/./configuremakemake installcd ../

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.laln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.soln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.aln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.laln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.soln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

wget -c http://nchc.dl.sourceforge.net/sourceforge/mcrypt/mcrypt-2.6.8.tar.gztar zxvf mcrypt-2.6.8.tar.gzcd mcrypt-2.6.8/./configuremakemake installcd ../

安装GD图形支持库：

cd /usr/local/srcwget http://www.libgd.org/releases/gd-2.0.35.tar.gztar xzvf gd-2.0.35.tar.gzcd gd-2.0.35./configure --prefix=/usr/local/gd --mandir=/usr/share/man --with-jpeg --with-png --with-freetype --with-zlib --with-fontconfigmake //如果GD报错:configure.ac:64: warning: macro `AM_ICONV' not found in library 你就make clean一下，然后再makemake install

二、安装 Mysql 5.1.x：

1）先安装Google的开源TCMalloc库，可以提高MySQL在高并发情况下的性能

cd /usr/local/src

wget -c http://google-perftools.googlecode.com/files/google-perftools-1.7.tar.gztar zxvf google-perftools-1.7.tar.gzcd google-perftools-1.7/./configuremake && make installecho "/usr/local/lib" > /etc/ld.so.conf.d/usr_local_lib.conf/sbin/ldconfigcd ../

2）开始安装Mysql 5.1.x

cd /usr/local/src

wget -c http://mysql.proserve.nl/Downloads/MySQL-5.1/mysql-5.1.55.tar.gztar -zxvf mysql-5.1.55.tar.gzcd mysql-5.1.55./configure --prefix=/usr/local/mysql --with-extra-charsets=all --enable-thread-safe-client --enable-assembler --with-charset=utf8 --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --without-debug --without-innodb --without-isam --with-mysqld-ldflags=-ltcmalloc_minimalmake && make installcd ../groupadd mysqluseradd -g mysql mysqlcp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf/usr/local/mysql/bin/mysql_install_db --user=mysqlchown -R mysql /usr/local/mysql/varchgrp -R mysql /usr/local/mysql/.cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysqlchmod 755 /etc/init.d/mysqlchkconfig --level 345 mysql onecho "/usr/local/mysql/lib/mysql" >> /etc/ld.so.confecho "/usr/local/lib" >>/etc/ld.so.confldconfigln -s /usr/local/mysql/lib/mysql /usr/lib/mysqlln -s /usr/local/mysql/include/mysql /usr/include/mysqlservice mysql start/usr/local/mysql/bin/mysqladmin -u root password mgrei //修改红色部分为你的密码service mysql restart

3）设置MySQL：

打开“/etc/my.cnf”文件，修改以下设置，如果没有，可手动添加：

关闭远程连接，即3306端口。这是MySQL的默认监听端口。由于此处MySQL只服务于本地脚本，所以不需要远程连接。尽管MySQL内建的安全机制很严格，但监听一个TCP端口仍然是危险的行为，因为如果MySQL程序本身有问题，那么未授权的访问完全可以绕过MySQL的内建安全机制。（你必须确定，你是否真的不需要远程连接mysql，一般数据库地址为localhost的，即使本地数据库，不需要外链）

skip-networking

保存后退出。

修改完my.cnf后，还需要对mysql的用户名、帐号、及默认数据库进行调整

首先先登录mysql，在终端窗口输入

/usr/local/mysql/bin/mysql -u root -p

然后会提示输入密码，输入正确密码后，会出现mysql>提示符。

输入以下命令：

mysql>use mysql;mysql>select Host,User,Password,Select_priv,Grant_priv from user;mysql>delete from user where user=''; （删除user用户）mysql>delete from user where password=''; （删除user用户）mysql>delete from user where host=''; （删除user用户）mysql>drop database test; (删除默认的test数据库)mysql>flush privileges; （刷新mysql的缓存，让以上设置立即生效）mysql>quit;

为了使以上优化和安全设置生效，请重启Mysql服务或Linux。

service mysql restart

三、安装Apache：

1）下载Apache并解压缩：

cd /usr/local/srcgroupadd wwwuseradd -g www -s /sbin/nologin -M www

wget -c http://www.apache.org/dist//httpd/httpd-2.2.17.tar.gz

tar zxvf httpd-2.2.17.tar.gzcd httpd-2.2.17

Apache默认最大连接数和最大客户端数为40000，如果你的服务器要求更大，可以编译Apache安装文件中的：

server/mpm/worker/worker.c

找到下面几行，并改成如下的数值，其目的是在源码中修改apache可支持的最大线程数和最大客户端数目。

define DEFAULT_SERVER_LIMIT 32define MAX_SERVER_LIMIT 20000define DEFAULT_THREAD_LIMIT 64define MAX_THREAD_LIMIT 20000

以上数值据说改小后，能减低服务器消耗。不过柒月修改后，发现没什么实质变化。

2）安装Apache 2.2

cd /usr/local/src/httpd-2.2.17./configure --prefix=/usr/local/apache2 --enable-headers --enable-so --enable-rewrite --with-mpm=prefork --disable-userdir --disable-cgid --disable-cgimake && make install

如果你需要编译apache其他功能，可以自行增加。不过在这里，我们只是用Apache作为后端并处理伪静态，无需添加过多设置来浪费内存

配置源代码树：

--prefix=/usr/local/apache2 //体系无关文件的顶级安装目录PREFIX ，也就Apache的安装目录。--enable-module=so //打开 so 模块，so 模块是用来提 DSO 支持的 apache 核心模块--enable-mods-shared=all //编译全部的模板，对于不需要我们可以在httpd.conf去掉。--enable-cache //支持缓存--enable-file-cache //支持文件缓存--enable-mem-cache //支持记忆缓存--enable-disk-cache //支持磁盘缓存--enable-static-support //支持静态连接(默认为动态连接)--enable-static-htpasswd //使用静态连接编译 htpasswd - 管理用于基本认证的用户文件--enable-static-htdigest //使用静态连接编译 htdigest - 管理用于摘要认证的用户文件--enable-static-rotatelogs //使用静态连接编译 rotatelogs - 滚动 Apache 日志的管道日志程序--enable-static-logresolve //使用静态连接编译 logresolve - 解析 Apache 日志中的IP地址为主机名--enable-static-htdbm //使用静态连接编译 htdbm - 操作 DBM 密码数据库--enable-static-ab //使用静态连接编译 ab - Apache HTTP 服务器性能测试工具--enable-static-checkgid //使用静态连接编译 checkgid--disable-cgid //禁止用一个外部 CGI 守护进程执行CGI脚本--disable-cgi //禁止编译 CGI 版本的 PHP--with-mpm=worker // 让apache以worker方式运行--enable-ssl // 编译 ssl模块。

启动Apache（建议先不要启动，等我们全部设置完毕后，和Nginx启动）

/usr/local/apache2/bin/apachectl start

查看apache是否启动

ps aux|grep httpd

将apache设置成开机自启动：

echo '/usr/local/apache2/bin/apachectl start ' >> /etc/rc.local //将 apachectl 的调用加入到你的系统启动文件中。

四、安装 PHP5.2.x：

1）下载PHP 并解压缩：

cd /usr/local/srcwget -c http://us.php.net/distributions/php-5.2.17.tar.gztar zxvf php-5.2.17.tar.gzcd php-5.2.17./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-config-file-path=/etc --with-zlib --with-libxml-dir --with-gd=/usr/local/gd --with-freetype-dir --with-jpeg-dir --with-png-dir --with-ttf --with-iconv --with-openssl --with-mcrypt --enable-sockets --enable-bcmath --enable-calendar --enable-exif --enable-libxml --enable-magic-quotes --enable-mbstring --with-bz2 --with-curl --with-xmlrpc --with-gettext --disable-cli --disable-cgi --disable-debugmake ZEND_EXTRA_LIBS='-liconv'make installcp php.ini-dist /etc/php.ini

2）安装PHP扩展：

2.1）安装eaccelerator加速软件

eaccelerator是php的加速软件，使用后php的执行效率会有很大幅度的提升。

cd /usr/local/srcwget http://bart.eaccelerator.net/source/0.9.6.1/eaccelerator-0.9.6.1.tar.bz2tar -jxvf eaccelerator-0.9.6.1.tar.bz2cd eaccelerator-0.9.6.1/usr/local/php/bin/phpize./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-configmake && make install

编译安装后我们会看到屏幕提示的eaccelerator.so所在的目录，php5.2.x系列是在 /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/，记住这个路径，待会要用到

修改php.ini 文件，将以下内容输入（详细设置）：

[eaccelerator]zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"eaccelerator.shm_size="16"eaccelerator.cache_dir="/tmp/eaccelerator"eaccelerator.enable="1"eaccelerator.optimizer="1"eaccelerator.check_mtime="1"eaccelerator.debug="0"eaccelerator.filter=""eaccelerator.shm_max="0"eaccelerator.shm_ttl="3600"eaccelerator.shm_prune_period="3600"eaccelerator.shm_only="0"eaccelerator.compress="1"eaccelerator.compress_level="9"

注意：这部分内容务必放在[zend]之前，不然可能会出现不可预期的服务器问题。

然后建立文件夹并设置权限：

mkdir /tmp/eacceleratorchmod 777 /tmp/eaccelerator

2.2）安装Zend（如果程序没要求，尽量不要装Zend，容易和eA产生冲突）：

cd /usr/local/srcwget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gztar -zxvf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gzcp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/

修改php.ini 文件：

vi /usr/local/php/php.ini

将以下代码放入php.ini文件最底部

[Zend Optimizer]zend_optimizer.optimization_level=1zend_optimizer.encoder_loader=0zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/ZendOptimizer.so"

2.3）安装PDO_MYSQL

cd /usr/local/srcwget -c http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgztar zxvf PDO_MYSQL-1.0.2.tgzcd PDO_MYSQL-1.0.2//usr/local/php/bin/phpize./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysqlmakemake install

继续修改 php.ini 文件

vi /usr/local/php/php.ini

查找代码：

extension_dir = "./"

替换为：

extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"extension="pdo_mysql.so"

2.4）安装 suhosin：

cd /usr/local/srcwget -c http://download.suhosin.org/suhosin-0.9.32.1.tar.gztar -zxvf suhosin-0.9.32.1.tar.gzcd suhosin-0.9.32.1/usr/local/php/bin/phpize./configure --with-php-config=/usr/local/php/bin/php-configmake && make install

继续修改 php.ini 文件

vi /usr/local/php/php.ini

查找代码：

extension_dir = "./"

替换为：

extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"extension="suhosin.so"

五、Apache 整合 PHP 以及相关优化：

1）Apache设置：

编辑 httpd.conf ：

vi /usr/local/apache2/conf/httpd.conf

查找代码：

DocumentRoot "/usr/local/apache2/htdocs"

修改为：

DocumentRoot "/home/www"

查找代码：

修改为：

找到以下代码并根据提示修改

<Directory />Options FollowSymLinksAllowOverride AllOrder deny,allowDeny from all //这句改为Allow from all</Directory>

找到这一段并修改，以使Apache支持rewrite（伪静态）：

# AllowOverride controls what directives may be placed in .htaccess files.# It can be "All", "None", or any combination of the keywords:# Options FileInfo AuthConfig Limit#AllowOverride None

更改为

AllowOverride All

将以下代码注释掉，禁止目录列表：

Options Indexes FollowSymLinks

找到以下代码，修改用户为 www

User daemon //改为wwwGroup daemon //改为www

</IfModule></IfModule>

设置 ServerAdmin you@example.com 改为你自己的mail地址

查找：

Listen 80

改为

Listen 81

分别找到以下四段代码，将之前的注释#去除：

Include conf/extra/httpd-mpm.conf

Include conf/extra/httpd-info.conf

Include conf/extra/httpd-vhosts.conf

Include conf/extra/httpd-default.conf

编辑 Include conf/extra/httpd-mpm.conf 找到如下选项，并改成对应的数值

<IfModule mpm_prefork_module>StartServers 5MinSpareServers 5MaxSpareServers 10MaxClients 150MaxRequestsPerChild 1000</IfModule>

编辑 conf/extra/httpd-default.conf

Timeout 60 #与nginx的保持一至KeepAlive OnMaxKeepAliveRequests 1000KeepAliveTimeout 5

复制以下文件：

cp /usr/local/apache2/bin/apachectl /etc/rc.d/init.d/httpd

这样以后Apache 启动、关闭、重启只需要输入以下命令：

service httpd start/stop/restart

2）整合Apache与php

编辑 /usr/local/apache2/conf/httpd.conf

找到AddType application/x-gzip .gz .tgz在其下加以下内容

AddType application/x-httpd-php .phpAddType application/x-httpd-php-source .phps

查找:(设置WEB默认文件)

DirectoryIndex index.html

改成：

DirectoryIndex index.php index.htm index.html index.html.var

保存退出

以上设置完毕后，全部保存退出，然后建立一个虚拟主机做测试：

编辑 Include conf/extra/httpd-vhosts.conf

<VirtualHost *:81>ServerAdmin webmaster@example.comDocumentRoot "/home/www"ServerName 你的IP地址或域名ErrorLog "logs/IP-error_log"CustomLog "logs/IP-access_log" common</VirtualHost>

保存退出，并重启Apache

service httpd restart 或 /usr/local/apache2/bin/apachectl restart

然后建立一个 index.php文件，放入 /home/www 目录，php文件内容为：

<?phpphpinfo();?>

然后在浏览器中输入：IP:81 是否成功显示了？

六、优化MySQL

通过Tcmalloc 优化mysql性能

# vi /etc/init.d/mysql

添加一行

export LD_PRELOAD=/usr/local/lib/libtcmalloc.so

重新启动mysql

service mysql restart

检测是否成功，在SSH中输入：

lsof -n|grep tcmalloc

出现相关进程即可

七、安装Nginx：

1）安装所需组件：

cd /usr/local/srcwget -c ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.12.tar.gztar -zxvf pcre-8.12.tar.gzcd pcre-8.12/./configuremake && make install

cd ..rm -rf pcre-8.12rm -rf /usr/bin/pcre-configcp -a /usr/local/bin/pcre-config /usr/bin/rm -rf /usr/lib/libpcre.acp -a /usr/local/lib/libpcre.a /usr/lib/

2）安装 Nginx 0.8.x：

cd /usr/local/srcwget -c http://nginx.org/download/nginx-0.8.54.tar.gztar zxvf nginx-0.8.54.tar.gzcd nginx-0.8.54./configure --user=www --group=www --prefix=/usr/local/nginx --pid-path=/usr/local/nginx/logs/nginx.pid --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --with-http_stub_status_module --with-http_ssl_module --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_gzip_static_module --with-google_perftools_module --with-ld-opt='-ltcmalloc_minimal' --with-ipv6

make && make installcd ../

编辑 nginx.conf 文件：

vi /usr/local/nginx/conf/nginx.conf

输入以下内容：

user www;worker_processes 4;pid logs/nginx.pid;

google_perftools_profiles /var/tmp/tcmalloc;

worker_rlimit_nofile 51200;events{use epoll;worker_connections 51200;}

http{

include mime.types;default_type application/octet-stream;

access_log off;error_log /dev/null;

server_names_hash_bucket_size 128;client_header_buffer_size 32k;large_client_header_buffers 4 32k;client_max_body_size 8m;

sendfile on;tcp_nopush on;

keepalive_timeout 120;#fastcgi_connect_timeout 300;#fastcgi_send_timeout 300;#fastcgi_read_timeout 300;#fastcgi_buffer_size 64k;#fastcgi_buffers 4 64k;#fastcgi_busy_buffers_size 128k;#fastcgi_temp_file_write_size 128k;tcp_nodelay on;

gzip on;gzip_min_length 1k;gzip_buffers 4 16k;gzip_http_version 1.0;gzip_comp_level 2;gzip_types text/plain application/x-javascript text/css application/xml;gzip_vary on;

include vhost/*.conf;

}

在 /usr/local/nginx/conf 目录新建proxy.conf 文件，并输入以下内容：

proxy_redirect off;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;client_max_body_size 50m;client_body_buffer_size 256k;proxy_connect_timeout 30;proxy_send_timeout 30;proxy_read_timeout 60;

proxy_buffer_size 4k;proxy_buffers 4 32k;proxy_busy_buffers_size 64k;proxy_temp_file_write_size 64k;proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;proxy_max_temp_file_size 128m;

#Nginx cacheclient_body_temp_path client_body 1 2;proxy_temp_path proxy_temp 1 2;

#client_body_temp_path /tmpfs/client_body_temp 1 2;#proxy_temp_path /tmpfs/proxy_temp 1 2;#fastcgi_temp_path /tmpfs/fastcgi_temp 1 2;

建立 Nginx虚拟主机目录，把nginx加入到系统服务：

mkdir -p /usr/local/nginx/conf/vhost

mkdir /home/wwwchmod 755 -R /home/www

chown -R www:www /home/www/ chown www /usr/local/nginx/conf/chmod 777 /etc/init.d/nginx

编辑 /etc/rc.d/init.d/nginx 文件，覆盖为以下代码：

#! /bin/shulimit -n 65535# Description: Startup script for nginx# chkconfig: 2345 55 25PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/binDESC="nginx daemon"NAME=nginxDAEMON=/usr/local/nginx/sbin/$NAMECONFIGFILE=/usr/local/nginx/conf/nginx.confPIDFILE=/usr/local/nginx/logs/$NAME.pidSCRIPTNAME=/etc/init.d/$NAMEset -e[ -x "$DAEMON" ] || exit 0do_start() {$DAEMON -c $CONFIGFILE || echo -n "nginx already running"}do_stop() {kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"}do_reload() {kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"}case "$1" instart)echo -n "Starting $DESC: $NAME"do_startecho "."/etc/init.d/httpd start;;stop)echo -n "Stopping $DESC: $NAME"do_stopecho "."/etc/init.d/httpd stop;;reload)echo -n "Reloading $DESC configuration..."do_reloadecho "."/etc/init.d/httpd restart;;restart)echo -n "Restarting $DESC: $NAME"do_stopsleep 1do_startecho "."/etc/init.d/httpd restart;;*)echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2exit 3;;esacexit 0

#! /bin/shulimit -n 65535# Description: Startup script for nginx# chkconfig: 2345 55 25PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/binDESC="nginx daemon"NAME=nginxDAEMON=/usr/local/nginx/sbin/$NAMECONFIGFILE=/usr/local/nginx/conf/nginx.confPIDFILE=/usr/local/nginx/logs/$NAME.pidSCRIPTNAME=/etc/init.d/$NAMEset -e[ -x "$DAEMON" ] || exit 0do_start() { $DAEMON -c $CONFIGFILE || echo -n "nginx already running"}do_stop() { kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"}do_reload() { kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"}case "$1" in start) echo -n "Starting $DESC: $NAME" do_start echo "." /etc/init.d/httpd start ;; stop) echo -n "Stopping $DESC: $NAME" do_stop echo "." /etc/init.d/httpd stop ;; reload) echo -n "Reloading $DESC configuration..." do_reload echo "." /etc/init.d/httpd restart ;; restart) echo -n "Restarting $DESC: $NAME" do_stop sleep 1 do_start echo "." /etc/init.d/httpd restart ;; *) echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2 exit 3 ;;esacexit 0

在ssh 中輸入：

chmod a+x /etc/rc.d/init.d/nginxchkconfig --add nginxchkconfig nginx on

在Nginx虚拟主机目录 /usr/local/nginx/conf/vhost 建立一个虚拟主机：

新建文件：Default.conf 输入以下代码：

server{listen 80;server_name 你的IP或域名;index index.html index.htm index.php;root /home/www/;

location /nginx {stub_status on;auth_basic "NginxStatus";# auth_basic_user_file conf/htpasswd;#密码由apache的htpasswd工具来产生access_log off;}

location / {location ~ .*/.(php|php5)?$ {index index.php;root /home/www/;proxy_pass http://127.0.0.1:81;}

include proxy.conf;

if ( !-e $request_filename) {proxy_pass http://127.0.0.1:81;}

location ~* /.(jpg|jpeg|gif|png|swf)$ {if (-f $request_filename) {root /home/www/;expires 30d;break;}}location ~* /.(js|css)$ {if (-f $request_filename) {root /home/www/;expires 1d;break;}}}

error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}

#如果需要记录把下面的注释去掉# log_format access '$http_x_forwarded_for - $remote_user [$time_local] "$request"'# '$status $body_bytes_sent "$http_referer"'# '"$http_user_agent" $remote_addr';# access_log logs/IP_access.log access;

}

以上全部保存完毕后，启动 nginx：

service nginx start

八、为apache安装rpaf模块，该模块用于apache做后端时获取访客真实的IP（建议在LNAMP最后安装。。。之前安装有时会出错）

1）使用apxs安装模块.这里要使用此前apache编译安装后的apxs

cd /usr/local/src

wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz

tar -zxf mod_rpaf-0.6.tar.gz

cd mod_rpaf-0.6

/usr/local/apache2/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

2）编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:

LoadModule rpaf_module modules/mod_rpaf-2.0.so#Mod_rpaf settingsRPAFenable OnRPAFproxy_ips 127.0.0.1 [your_ips]RPAFsethostname OnRPAFheader X-Forwarded-For

上面出现的[your_ips]请修改为你本机所监听web服务的ip.多个IP用空格空开.

Apache、Nginx、MySQL 启动/重启/关闭命令：

service mysql start/stop/restartservice httpd start/stop/restartservice nginx start/stop/restart

另一个版本

前言:谈到Linux下的web生产环境,大家就会想到apache这个开源服务器软件.apache可以整合大多数应用,比如jsp,php,cgi,python等等,但是apache过于臃肿以及对静态文件响应过于缓慢让很多使用者感到头疼.而nginx作为新崛起的服务器软件,在很多方面超出apache,定位也很明确:高性能的 HTTP 和反向代理服务器.因而,本篇主要讲的是nginx作为前端,apache作为后端的应用环境搭建过程.

为什么不使用nginx+php(fastcgi)作为生产环境?

php(fastcgi)不够稳定,容易出现50x错误,在生成相对复杂的页面时没有优势,长时间占用也会使php-cgi进程死去. 在安全性,多用户多站点的权限问题比较严重.php(fastcgi)在应对多用户多站点往往捉襟见肘,不易于实施. 整合其他语言,apache表现得游刃有余.资源利用恰到好处.

为什么采用nginx做前端,apache作为后端的方案?nginx在处理静态内容上较apache是几倍或几十倍的差异,因而放在前面过滤静态内容是最为恰当的.同时nginx也是一个负载均衡器,低资源消耗,高性能转发是它的特点.经过nginx在前面的过滤,后端的apache需要处理的内容相对就比较少了.只需负责处理动态内容就可以了.在性能与稳定性的权衡下,使用nginx+apache搭配会让它们在各自擅长的领域展现自身的价值.

本教程以CentOS 5.4 32bit为环境.其他Linux发行版本暂未测试.nginx,php,apache,mysql,pureftpd均为最新稳定版.

获取操作系统源更新.

yum updateyum -y install gcc gcc-c++ bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel openldap openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool libtool-ltdl-devel

如果系统默认安装了apache,请先卸载.执行:

yum remove httpd

下载最新稳定版的程序源码包,以下都是到官方网站或sourceforge下载的源码包.

cd /usr/local/srcwget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.45.tar.gz/from/http://mysql.he.net/wget http://www.apache.org/dist/httpd/httpd-2.2.15.tar.gzwget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gzwget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gzwget http://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.bz2/downloadwget http://sourceforge.net/projects/mcrypt/files/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz/downloadwget http://sourceforge.net/projects/mhash/files/mhash/0.9.9.9/mhash-0.9.9.9.tar.bz2/downloadwget http://www.php.net/get/php-5.2.13.tar.gz/from/this/mirrorwget http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/php5-mail-header.patchwget http://pecl.php.net/get/memcache-2.2.5.tgzwget http://bart.eaccelerator.net/source/0.9.6/eaccelerator-0.9.6.tar.bz2wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gzwget http://pecl.php.net/get/imagick-2.3.0.tgzwget http://download.suhosin.org/suhosin-0.9.29.tgzwget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gzwget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gzwget http://monkey.org/~provos/libevent-1.4.13-stable.tar.gzwget http://memcached.googlecode.com/files/memcached-1.4.4.tar.gzwget http://sourceforge.net/projects/pcre/files/pcre/8.01/pcre-8.01.tar.gz/downloadwget http://nginx.org/download/nginx-0.7.65.tar.gzwget http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.28.tar.gz

一.安装Mysql.安装最新稳定版5.1.45版本,并没有采用最新开发版.

groupadd mysql -g 27useradd mysql -u 27 -g 27 -c "MySQL Server" -d /var/lib/mysql -mcd /usr/local/srctar -zxf mysql-5.1.45.tar.gzcd mysql-5.1.45./configure --prefix=/usr/local/mysql --localstatedir=/var/lib/mysql --with-unix-socket-path=/var/lib/mysql/mysql.sock --with-mysqld-user=mysql --enable-assembler --enable-thread-safe-client --with-extra-charsets=all --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innodb_plugin,myisam,myisammrgmake && make installcd ../

cp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf/usr/local/mysql/bin/mysql_install_db --user=mysqlchown -R mysql.mysql /var/lib/mysqlchgrp -R mysql /usr/local/mysql/.cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysqlchmod u+x /etc/init.d/mysqlchkconfig --level 345 mysql onecho "/usr/local/mysql/lib/mysql" >> /etc/ld.so.confecho "/usr/local/lib" >>/etc/ld.so.confldconfigln -s /usr/local/mysql/lib/mysql /usr/lib/mysqlln -s /usr/local/mysql/include/mysql /usr/include/mysqlln -s /usr/local/mysql/bin/mysql_config /usr/bin/mysql_configservice mysql start/usr/local/mysql/bin/mysqladmin -u root password rootservice mysql restartservice mysql stop

二.编译安装apache(httpd).apache的执行用户为nobody.

cd /usr/local/srctar -zxf httpd-2.2.15.tar.gzcd httpd-2.2.15./configure --prefix=/usr/local/apache --enable-headers --enable-mime-magic --enable-proxy --enable-rewrite --enable-ssl --enable-suexec --disable-userdir --with-included-apr --with-mpm=prefork --with-ssl=/usr --with-suexec-caller=nobody --with-suexec-docroot=/ --with-suexec-gidmin=100 --with-suexec-logfile=/usr/local/apache/logs/suexec_log --with-suexec-uidmin=100 --with-suexec-userdir=public_htmlmakemake installmkdir /usr/local/apache/domlogscp /usr/local/apache/bin/apachectl /etc/init.d/httpd

1.编辑/etc/init.d/httpd,在首行#!/bin/sh下添加:

# Startup script for the Apache Web Server## chkconfig: - 85 15# description: Apache is a World Wide Web server. It is used to serve /# HTML files and CGI.# processname: httpd# pidfile: /usr/local/apache/logs/httpd.pid# config: /usr/local/apache/conf/httpd.conf

ulimit -n 1024ulimit -n 4096ulimit -n 8192ulimit -n 16384ulimit -n 32768

保存退出.

2.配置apache配置参数文件httpd.conf,位于/usr/local/apache/conf/目录

cd /usr/local/apache/conf/mv httpd.conf httpd.conf.bakmkdir vhostsvi httpd.conf

输入以下内容:

PidFile logs/httpd.pid LockFile logs/accept.lock ServerRoot "/usr/local/apache" Listen 0.0.0.0:81 User nobody Group nobody ServerAdmin admin@evlit.com ServerName host.evlit.com Timeout 300 KeepAlive Off MaxKeepAliveRequests 100 KeepAliveTimeout 5 UseCanonicalName Off AccessFileName .htaccess TraceEnable Off ServerTokens ProductOnly FileETag None ServerSignature Off HostnameLookups Off # LoadModule perl_module modules/mod_perl.so DocumentRoot "/usr/local/apache/htdocs" <Directory "/"> Options ExecCGI FollowSymLinks Includes IncludesNOEXEC -Indexes -MultiViews SymLinksIfOwnerMatch Order allow,deny Allow from all AllowOverride All </Directory> <Directory "/usr/local/apache/htdocs"> Options Includes -Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> DefaultType text/plain RewriteEngine on AddType text/html .shtml AddHandler cgi-script .cgi .pl .plx .ppl .perl AddHandler server-parsed .shtml <IfModule mime_module> TypesConfig conf/mime.types AddType application/perl .pl .plx .ppl .perl AddType application/x-img .img AddType application/x-httpd-php .php .php3 .php4 .php5 .php6 AddType application/x-httpd-php-source .phps AddType application/cgi .cgi AddType text/x-sql .sql AddType text/x-log .log AddType text/x-config .cnf conf AddType text/x-registry .reg AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddType text/html .shtml AddType application/x-tar .tgz AddType application/rar .rar AddType application/x-compressed .rar AddType application/x-rar .rar AddType application/x-rar-compressed .rar AddType text/vnd.wap.wml .wml AddType image/vnd.wap.wbmp .wbmp AddType text/vnd.wap.wmlscript .wmls AddType application/vnd.wap.wmlc .wmlc AddType application/vnd.wap.wmlscriptc .wmlsc </IfModule> <IfModule dir_module> DirectoryIndex index.html index.htm index.shtml index.php index.perl index.pl index.cgi </IfModule> <Files ~ "^error_log$"> Order allow,deny Deny from all Satisfy All </Files> <FilesMatch "^/.ht"> Order allow,deny Deny from all Satisfy All </FilesMatch> ErrorLog "logs/error_log" LogLevel warn <IfModule log_config_module> LogFormat "%h %l %u %t /"%r/" %>s %b /"%{Referer}i/" /"%{User-Agent}i/"" combined LogFormat "%h %l %u %t /"%r/" %>s %b" common <IfModule logio_module> LogFormat "%h %l %u %t /"%r/" %>s %b /"%{Referer}i/" /"%{User-Agent}i/" %I %O" combinedio </IfModule> CustomLog "logs/access_log" common </IfModule> <IfModule alias_module> ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/" </IfModule> <Directory "/usr/local/apache/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all </Directory> <IfModule mpm_prefork_module> StartServers 3 MinSpareServers 3 MaxSpareServers 5 MaxClients 150 MaxRequestsPerChild 1024 </IfModule> <IfModule mod_headers.c> <FilesMatch "/.(html|htm|shtml)$"> Header set Cache-Control "max-age=3600, must-revalidate" </FilesMatch> </IfModule> ReadmeName README.html HeaderName HEADER.html IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t Include conf/extra/httpd-languages.conf <Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from 127.0.0.1 </Location> ExtendedStatus On <Location /server-info> SetHandler server-info Order deny,allow Deny from all Allow from 127.0.0.1 </Location> <IfModule ssl_module> Listen 0.0.0.0:443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLPassPhraseDialog builtin SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache SSLSessionCacheTimeout 300 SSLMutex file:/usr/local/apache/logs/ssl_mutex SSLRandomSeed startup builtin SSLRandomSeed connect builtin </IfModule> #Vhosts NameVirtualHost 127.0.0.1:81 NameVirtualHost * <VirtualHost 127.0.0.1:81 *> ServerName host.evlit.com DocumentRoot /var/www/html ServerAdmin admin@evlit.com </VirtualHost> Include conf/vhosts/*

上述虚拟主机配置中出现的127.0.0.1请改为你本机公网IP.

三.编译安装php(mod_php)

1.编译安装相关支持库

cd /usr/local/srctar -zxf libiconv-1.13.1.tar.gzcd libiconv-1.13.1/./configuremakemake install

cd /usr/local/srctar -jxf libmcrypt-2.5.8.tar.bz2cd libmcrypt-2.5.8/./configuremakemake install/sbin/ldconfigcd libltdl/./configure --enable-ltdl-installmakemake install

cd /usr/local/srctar -jxf mhash-0.9.9.9.tar.bz2cd mhash-0.9.9.9/./configuremakemake install

cd /usr/local/srctar -zxf mcrypt-2.6.8.tar.gzcd mcrypt-2.6.8//sbin/ldconfig./configuremakemake install

2.编译php,这里为php打入补丁.有助于防止邮件发送被滥用(多用户)以及在邮件中提供有价值的信息.补丁介绍信息请访问:http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/

cd /usr/local/srctar -zxf php-5.2.13.tar.gzpatch -d php-5.2.13 -p1 < php5-mail-header.patchcd php-5.2.13./configure --prefix=/usr/local --with-config-file-path=/etc --with-apxs2=/usr/local/apache/bin/apxs --enable-bcmath --enable-calendar --enable-exif --enable-ftp --enable-gd-native-ttf --enable-libxml --enable-magic-quotes --enable-mbstring --enable-pdo=shared --enable-soap --enable-sockets --enable-zip --with-bz2 --with-curl --with-curlwrappers --with-freetype-dir --with-gd --with-gettext --with-jpeg-dir --with-kerberos --with-libexpat-dir=/usr --with-libxml-dir=/usr --with-mcrypt=/usr --with-mhash=/usr --with-mysql=/usr --with-mysql-sock=/var/lib/mysql/mysql.sock --with-mysqli=/usr/bin/mysql_config --with-openssl=/usr --with-openssl-dir=/usr --with-pdo-mysql=shared --with-pdo-sqlite=shared --with-png-dir=/usr --with-sqlite=shared --with-ttf --with-xmlrpc --with-zlib -with-zlib-dir=/usrmake ZEND_EXTRA_LIBS='-liconv'make installcp php.ini-dist /etc/php.ini

3.安装php扩展模块

cd /usr/local/srctar -zxf memcache-2.2.5.tgzcd memcache-2.2.5/phpize./configure --with-php-config=/usr/local/bin/php-config --with-zlib-dir --enable-memcachemakemake install

cd /usr/local/srctar -jxf eaccelerator-0.9.6.tar.bz2cd eaccelerator-0.9.6/phpize./configure --enable-eaccelerator=shared --with-php-config=/usr/local/bin/php-configmakemake installmkdir -p /tmp/eacceleratorchmod 777 /tmp/eacceleratorecho "mkdir -p /tmp/eaccelerator" >> /etc/rc.localecho "chmod 777 /tmp/eaccelerator" >> /etc/rc.local

cd /usr/local/srctar -zxf ImageMagick.tar.gzcd ImageMagick-*./configuremakemake install

cd /usr/local/srctar -zxf imagick-2.3.0.tgzcd imagick-2.3.0/phpize./configure --with-php-config=/usr/local/bin/php-configmakemake install

cd /usr/local/srctar -zxf suhosin-0.9.29.tgzcd suhosin-0.9.29phpize./configuremakemake install

cd /usr/local/srctar -zxf ioncube_loaders_lin_x86.tar.gzcd ioncubemkdir /usr/local/ioncubemv ioncube_loader_lin_5.2.so /usr/local/ioncube/

cd /usr/local/srctar -zxf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gzmkdir -p /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.xcp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x/ZendOptimizer.so

3.1.修改php.ini.

查找/etc/php.ini中的extension_dir = "./".将其修改为extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20060613/"查找;include_path = ".:/php/includes",删除前面的分号,并修改为include_path = ".:/usr/lib/php:/usr/local/lib/php"跳到最后一行,然后添加以下内容:

extension = "memcache.so"extension = "pdo.so"extension = "pdo_mysql.so"extension = "pdo_sqlite.so"extension = "sqlite.so"extension = "eaccelerator.so"eaccelerator.shm_size = 32eaccelerator.cache_dir = "/tmp/eaccelerator"eaccelerator.enable = 1eaccelerator.optimizer = 0eaccelerator.debug = 0eaccelerator.name_space = ""eaccelerator.check_mtime = 1eaccelerator.filter = ""eaccelerator.shm_max = 0eaccelerator.shm_ttl = 3600eaccelerator.shm_prune_period = 3600eaccelerator.shm_only = 0eaccelerator.compress = 0eaccelerator.compress_level = 9eaccelerator.keys = shmeaccelerator.sessions = shmeaccelerator.content = shm

zend_extension = "/usr/local/ioncube/ioncube_loader_lin_5.2.so"zend_extension = "/usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x/ZendOptimizer.so"

4,安装Memcached(可选)

cd /usr/local/srctar -xzf libevent-1.4.13-stable.tar.gzcd libevent-1.4.13-stable./configuremakemake installecho "/usr/local/lib/" > /etc/ld.so.conf.d/libevent.confldconfig -v

cd /usr/local/srctar -xzf memcached-1.4.4.tar.gzcd memcached-1.4.4./configuremakemake install

基本使用方法:

启动:/usr/local/bin/memcached -d -m 64 -p 11211 -u nobody -l localhost关闭:killall -9 memcached

四.安装nginx

1.安装pcre库

cd /usr/local/srctar -zxf pcre-8.01.tar.gzcd pcre-8.01./configuremakemake install

2.安装nginx

cd /usr/local/srctar -zxf nginx-0.7.65.tar.gzcd nginx-0.7.65./configure --user=nobody --group=nobody --prefix=/usr/local/nginx --pid-path=/usr/local/nginx/logs/nginx.pid --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_stub_status_modulemakemake install

2.1.添加init控制脚本

#! /bin/sh ulimit -n 65535 # Description: Startup script for nginx # chkconfig: 2345 55 25 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DESC="nginx daemon" NAME=nginx DAEMON=/usr/local/nginx/sbin/$NAME CONFIGFILE=/usr/local/nginx/conf/nginx.conf PIDFILE=/usr/local/nginx/logs/$NAME.pid SCRIPTNAME=/etc/init.d/$NAME set -e [ -x "$DAEMON" ] || exit 0 do_start() { $DAEMON -c $CONFIGFILE || echo -n "nginx already running" } do_stop() { kill -INT `cat $PIDFILE` || echo -n "nginx not running" } waitforexit() { count=${2:-30} while [ 0$count -gt 0 ] do PIDS=`ps -C$NAME --no-heading e | grep $DAEMON` || break PIDS=`echo "$PIDS" | awk '{print $1}' | tr '/n' ' '` echo Remaining processes: $PIDS do_stop sleep 2 count=`expr $count - 1` done if [ 0$count -eq 0 ]; then echo Remaining processes: $PIDS return 1 fi return 0 } do_reload() { kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload" } case "$1" in start) echo -n "Starting $DESC: $NAME" do_start echo "." /etc/init.d/httpd start ;; stop) echo -n "Stopping $DESC: $NAME" do_stop echo "." /etc/init.d/httpd stop ;; reload) echo -n "Reloading $DESC configuration..." do_reload echo "." /etc/init.d/httpd restart ;; restart) echo -n "Restarting $DESC: $NAME" waitforexit "nginx" 20 do_start echo "." /etc/init.d/httpd restart ;; *) echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2 exit 3 ;; esac exit 0

保存退出,给该文件赋予执行权限并设置开机启动

chmod 755 /etc/init.d/nginxchkconfig --level 345 nginx on

2.2.修改nginx配置文件,位于:/usr/local/nginx/conf/目录

mkdir -p /var/cache/nginx/cachedchmod 600 /var/cache/nginx/cachedcd /usr/local/nginx/conf/mv nginx.conf nginx.conf.bakmkdir vhostsvi nginx.conf

输入以下内容:

worker_processes 2; worker_rlimit_nofile 20480; events { worker_connections 20480; use epoll; } error_log /usr/local/nginx/logs/error.log info; http { server_name_in_redirect off; server_names_hash_max_size 2048; server_names_hash_bucket_size 256; include mime.types; default_type application/octet-stream; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 60; gzip on; gzip_http_version 1.0; gzip_min_length 1100; gzip_comp_level 3; gzip_buffers 4 32k; # gzip_types text/plain application/x-javascript text/xml text/css; gzip_types text/plain text/xml text/css application/x-javascript application/xml application/xml+rss text/javascript application/atom+xml; ignore_invalid_headers on; client_header_timeout 300; client_body_timeout 300; send_timeout 30; reset_timedout_connection on; connection_pool_size 256; client_header_buffer_size 256k; large_client_header_buffers 4 256k; request_pool_size 32k; output_buffers 4 32k; postpone_output 1460; proxy_cache_path /var/cache/nginx/cached levels=2:2 keys_zone=global:100m inactive=60m max_size=500m; proxy_temp_path /tmp/nginx_proxy; include "/usr/local/nginx/conf/vhosts/*.conf"; }

保存退出.

五.为apache安装rpaf模块,该模块用于apache做后端时获取访客真实的IP.

1.使用apxs安装模块.这里要使用此前apache编译安装后的apxs

cd /usr/local/src/tar -zxf mod_rpaf-0.6.tar.gzcd mod_rpaf-0.6/usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

2.编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:

LoadModule rpaf_module modules/mod_rpaf-2.0.so#Mod_rpaf settingsRPAFenable OnRPAFproxy_ips 127.0.0.1 [your_ips]RPAFsethostname OnRPAFheader X-Forwarded-For

上面出现的[your_ips]请修改为你本机所监听web服务的ip.多个IP用空格空开.

六.安装ftp服务器:pure-ftpd

1.编译安装

cd /usr/local/src/tar -zxf pure-ftpd-1.0.28.tar.gzcd pure-ftpd-1.0.28./configure --prefix=/usr/local/pureftpd --with-language=simplified-chinese --with-everythingmakemake installchmod 755 configuration-file/pure-config.plcp configuration-file/pure-config.pl /usr/local/pureftpd/sbin/mkdir /usr/local/pureftpd/etc/cp configuration-file/pure-ftpd.conf /usr/local/pureftpd/etc/ln -s /usr/local/pureftpd/bin/pure-pw /usr/local/bin/

2.配置pure-ftpd,这里采用PureDB的验证方式.

vi /usr/local/pureftpd/etc/pure-ftpd.conf

查找 PureDB /etc/pureftpd.pdb 取消前面的#号并设置成PureDB/usr/local/pureftpd/etc/pureftpd.pdb查找 PassivePortRange 取消前面的#号其他参数根据需要进行修改

3.添加自启动.这里不创建init脚本.直接放在/etc/rc.local启动即可

echo "/usr/local/pureftpd/sbin/pure-config.pl /usr/local/pureftpd/etc/pure-ftpd.conf --daemonize" >> /etc/rc.local

至此.所有安装工作结束.

如何使用这套系统

一,做好必要的安全工作

设置用户家目录/home/user,相关配置参数文件,以及访问日志等目录的权限.

chmod 711 /homechmod 711 /usr/local/pureftpd/etcchmod 711 /usr/local/apache/conf/vhostschmod 711 /usr/local/nginx/conf/vhostschmod 711 /usr/local/apache/domlogschmod 711 /usr/local/apache/logschmod 600 /var/cache/nginx/cached

二,如何创建用户

创建用户分两个步骤.第一步创建系统用户.该命令直接创建用户家目录.第二步创建ftp用户.创建该用户依赖系统用户的创建.步骤如下(以创建用户名为admin为例):

useradd admin -m -s /sbin/nologinpure-pw useradd admin -u admin -g admin -d /home/admin -m[第一次执行不可用]pure-pw mkdb[仅限第一次执行]

注意.通过上述方法安装的ftp服务器在第一次创建用户的时候不可以在pure-pw useradd ...后直接添加参数-m更新ftp用户数据库.需要分两步执行.以后可以直接在创建用户时在后面添加参数-m,执行之后会提示让你输入密码.需要重复输入两次.

三.如何绑定域名

由于采用前后端操作.因此需要修改两个服务器软件的虚拟主机参数.实例如下(以admin.com为例,用户目录承接上文的/home/admin):

1.创建nginx虚拟主机参数

首先先把公共cache参数和proxy参数写进文件中

cd /usr/local/nginx/conftouch cache.inc proxy.inc

然后分别编辑者两个文件。

vi cache.inc

proxy_cache global;proxy_cache_key $host$uri$is_args$args;#proxy_cache_valid 200 302 10m;#proxy_cache_valid 301 1h;#proxy_cache_valid any 1m;proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;proxy_temp_file_write_size 64k;proxy_max_temp_file_size 56m;

vi proxy.inc

proxy_connect_timeout 30s;proxy_send_timeout 300;proxy_read_timeout 300;proxy_buffer_size 64k;proxy_buffers 16 32k;proxy_busy_buffers_size 64k;#proxy_pass http://127.0.0.1:81;proxy_redirect off;proxy_hide_header Vary;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

然后再编辑虚拟主机文件就会很清晰了

cd /usr/local/nginx/conf/vhoststouch admin.com.confvi admin.com.conf输入以下内容:

server { error_log /var/log/nginx/vhost-error_log warn; listen 127.0.0.1:80; server_name admin.com www.admin.com; access_log /usr/local/apache/domlogs/admin.com combined; location / { root /home/admin/public_html; proxy_cache_valid 200 301 302 10m; proxy_cache_valid any 1m; expires 1d; proxy_pass http://127.0.0.1:81; include proxy.inc; include cache.inc; } location ~ .*/.(jpg|jpeg|png|gif|bmp|ico|js|css|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ { proxy_cache_valid 200 10s; expires 7d; proxy_pass http://127.0.0.1:81; include proxy.inc; include cache.inc; } location ~ .*/.(php|jsp|cgi)?$ { proxy_pass http://127.0.0.1:81; include proxy.inc; } location ~ //.ht { deny all; } }

保存退出,注意将上述出现的127.0.0.1替换本机监听web服务的IP

2.创建apache虚拟主机配置文件

cd /usr/local/apache/conf/vhoststouch admin.com.confvi admin.com.conf输入以下内容:

<VirtualHost 127.0.0.1:81> ServerName admin.com ServerAlias www.admin.com DocumentRoot /home/admin/public_html ServerAdmin admin@evlit.com UseCanonicalName Off php_admin_value open_basedir "/home/admin:/usr/lib/php:/usr/local/lib/php:/tmp" <IfModule !mod_disable_suexec.c> SuexecUserGroup admin admin </IfModule> ScriptAlias /cgi-bin/ /home/admin/public_html/cgi-bin/ </VirtualHost>

保存退出,注意将上述出现的127.0.0.1替换本机监听web服务的IP,用户名admin改为虚拟主机用户的名称.

四.如何管理MySQL数据库

1.下载最新版PhpMyAdmin源码包

mkdir -p /var/www/htmlchmod -R 711 /var/wwwcd /var/www/htmlwget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.3.3/phpMyAdmin-3.3.3-all-languages.zip/downloadunzip phpMyAdmin-3.3.3-all-languages.zipmv phpMyAdmin-3.3.3-all-languages phpmyadmin

2.增加apache配置,编辑httpd.conf,转到最后一行

cd /usr/local/apache/confvi httpd.conf /* shift+g转到最后一行 */#Managed Tools<VirtualHost 127.0.0.1:81 *>ServerName localhostServerAlias pma.*DocumentRoot /var/www/html/phpmyadminServerAdmin admin@localhostUseCanonicalName Off</VirtualHost>

同样,修改上述出现的127.0.0.1为你提供web服务的IP.重启apache后.我们打开绑定到服务器IP的pma.yourdomain.com即可访问到phpmyadmin.第一次使用.需要进行配置.具体配置请善用Google.

其他没有照顾到的地方自行添加即可.如perl,sendmail等.

最新回复(0)