一、装置前筹备
资源附件:
https://download.csdn.net/download/u011159821/13119645
下载后搁置:/usr/local/src 目录下
环境依赖:
groupadd www;
useradd -g www -s /sbin/nologin -M www;
yum -y install gcc gcc-c++ openssl openssl-devel libxml2 libxml2-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel sqlite-devel screen autoconf;
mkdir -p /opt/nginx/1.19;
mkdir -p /opt/php/7.4;
mkdir -p /data/mysql/data;
mkdir -p /opt/redis/6.0;
mkdir -p /opt/mongodb/4.4;
二、装置 Nginx 1.19
cd /usr/local/src;
tar -zxvf nginx-1.19.4.tar.gz;
cd nginx-1.19.4;
./configure --prefix=/opt/nginx/1.19 --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-http_realip_module --with-stream --with-http_v2_module;
make -j;
make install;
ln -s /opt/nginx/1.19/sbin/nginx /usr/local/bin/nginx;
编辑 Nginx.conf,复制以下内容:
user www www;
worker_processes auto;
error_log logs/error.log crit;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
worker_rlimit_nofile 51200;
events {
use epoll;
worker_connections 51200;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local]"$request" '
# '$status $body_bytes_sent"$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
log_format access '$remote_addr - $remote_user [$time_local]"$request"''$status $body_bytes_sent "$http_referer" "$request_body" ''"$http_user_agent"$http_x_forwarded_for';
#access_log logs/access.log main;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 65;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
#server {
#listen 80;
#server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
#location / {
# root html;
# index index.html index.htm;
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root html;
#}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
#}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
include vhost/*.conf;
# 见 vhost 附件
}
服务命令
nginx # 启动服务
nginx -s reload # 重启服务
nginx -s stop # 进行服务
三、装置 PHP 7.4
cd /usr/local/src;
tar -xvf php-7.4.12.tar.gz;
cd php-7.4.12;
配置 PHP:
./configure \
--prefix=/opt/php/7.4 \
--with-config-file-path=/opt/php/7.4/etc \
--enable-fpm \
--with-fpm-user=nginx \
--with-fpm-group=nginx \
--enable-inline-optimization \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-libxml-dir \
--with-xmlrpc \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-pcre-regex \
--with-sqlite3 \
--with-zlib \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--with-cdb \
--enable-dom \
--enable-exif \
--enable-fileinfo \
--enable-filter \
--with-pcre-dir \
--enable-ftp \
--with-gd \
--with-openssl-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir \
--with-freetype-dir \
--enable-gd-native-ttf \
--enable-gd-jis-conv \
--with-gettext \
--with-gmp \
--with-mhash \
--enable-json \
--enable-mbregex \
--enable-mbregex-backtrack \
--with-libmbfl \
--with-onig \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-zlib-dir \
--with-pdo-sqlite \
--with-readline \
--enable-session \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx \
--with-libxml-dir \
--with-xsl \
--enable-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-opcache
编译装置:
make && make install;
惯例设置:
# 批改 fpm 配置 php-fpm.conf.default 文件名称
mv /opt/php/7.4/etc/php-fpm.conf.default /opt/php/7.4/etc/php-fpm.conf;
# 复制 php.ini 配置文件
cp php.ini-production /opt/php/7.4/etc/php.ini;
# 复制 php-fpm 启动脚本到 init.d
cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm;
# 复制 www.conf 配置文件
cp /opt/php/7.4/etc/php-fpm.d/www.conf.default /opt/php/7.4/etc/php-fpm.d/www.conf;
# 批改 www.conf 配置文件
vim /opt/php/7.4/etc/php-fpm.d/www.conf;
// 23、24 行,nginx 批改为 www
# 赋予执行权限
chmod +x /etc/init.d/php-fpm;
# 增加为启动项
chkconfig --add php-fpm;
# 设置开机启动
chkconfig php-fpm on;
# 建设软链接
ln -s /opt/php/7.4/bin/php /usr/local/bin/php;
ln -s /opt/php/7.4/bin/phpize /usr/local/bin/phpize;
ln -s /opt/php/7.4/bin/php-config /usr/local/bin/php-config;
php.ini 根底批改
vim /opt/php/7.4/etc/php.ini
# 找到 expose_php = On,批改为:expose_php = Off
# 找到;extension_dir = "./",批改为:extension_dir = "/opt/php/7.4/lib/php/extensions/no-debug-non-zts-20190902"
# 找到 disable_functions = 批改为:disable_functions = passthru,system,chroot,chgrp,chown,shell_exec,popen,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,popepassthru,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
# 找到;date.timezone = 批改为:date.timezone = PRC
服务命令
service php-fpm start # 启动 PHP
service php-fpm reload # 重启 PHP
service php-fpm stop # 进行 PHP
四、装置 MySQL 5.7
cd /usr/local/src;
yum -y install mysql57-community-release-el7-10.noarch.rpm;
yum -y install mysql-community-server;
呈现以下,至此 MySql 就装置实现了;
批改 /etc/my.cnf
[client]
#password = your_password
port = 4363
socket = /tmp/mysql.sock
[mysqld]
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
#skip-grant-tables
#wait_timeout=500
#interactive_timeout=500
port = 4363
socket = /tmp/mysql.sock
datadir = /data/mysql/data
default_storage_engine = InnoDB
performance_schema_max_table_instances = 400
table_definition_cache = 400
skip-external-locking
key_buffer_size = 256M
max_allowed_packet = 100G
table_open_cache = 1024
sort_buffer_size = 4M
net_buffer_length = 4K
read_buffer_size = 4M
read_rnd_buffer_size = 256K
myisam_sort_buffer_size = 64M
thread_cache_size = 128
query_cache_size = 128M
tmp_table_size = 128M
sql-mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
pid-file=/data/mysql/mysqld.pid
explicit_defaults_for_timestamp = true
#skip-name-resolve
max_connections = 500
max_connect_errors = 500
open_files_limit = 65535
log-bin=mysql-bin
binlog_format=mixed
server-id = 1
expire_logs_days = 10
slow_query_log=1
slow-query-log-file=/data/mysql/logs/mysql-slow.log
long_query_time=3
#log_queries_not_using_indexes=on
early-plugin-load = ""
character_set_server=utf8
init_connect='SET NAMES utf8'
innodb_data_home_dir = /data/mysql/data
innodb_data_file_path = ibdata1:10M:autoextend
innodb_log_group_home_dir = /data/mysql/data
innodb_buffer_pool_size = 1024M
innodb_log_file_size = 512M
innodb_log_buffer_size = 128M
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 50
innodb_max_dirty_pages_pct = 90
innodb_read_io_threads = 4
innodb_write_io_threads = 4
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
log-error=/data/mysql/logs/mysqld.error.log
[mysqld_safe]
log-error=/data/mysql/logs/mysqld.error.log
pid-file=/data/mysql/mysqld.pid
[mysqldump]
quick
max_allowed_packet = 500M
[mysql]
no-auto-rehash
[myisamchk]
key_buffer_size = 256M
sort_buffer_size = 4M
read_buffer = 2M
write_buffer = 2M
[mysqlhotcopy]
interactive-timeout
初始化明码:
grep "password" /var/log/mysqld.log
命令行进入数据库,批改初始化明码
mysql -uroot -p
mysql>ALTER USER 'root'@'localhost' IDENTIFIED BY 'qoL5P*49KIlJ';
开启近程拜访
mysql>use mysql;
mysql>select 'host' from user where user='root';
mysql>update user set host = '%' where user ='root';
mysql>flush privileges;
mysql>select 'host' from user where user='root';
mysql>exit;
服务命令
# 首次服务启动前,确认 /data/mysql 目录权限为:mysql:mysql
# chown -R mysql:mysql /data/mysql;
systemctl start mysqld.service # 启动 Mysql
systemctl restart mysqld #重启 Mysql
systemctl stop mysqld #进行 Mysql
为 Firewalld 增加凋谢端口
增加 mysql 端口
firewall-cmd --zone=public --add-port=4363/tcp --permanent
而后再从新载入
firewall-cmd --reload
注:若提醒 FirewallD is not running,则服务未开启:
# 开启 Firewall 防火墙服务
systemctl start firewalld.service
五、装置 Redis 6.0
# 为了防止报错先执行以下命令:yum -y install gcc tcl;
yum -y install centos-release-scl;
yum -y install devtoolset-9-gcc devtoolset-9-gcc-c++ devtoolset-9-binutils;
echo "source /opt/rh/devtoolset-9/enable" >> /etc/profile;
# 重连 Shell 后执行
cd /usr/local/src;
tar xzf redis-6.0.9.tar.gz;
mv ./redis-6.0.9 /opt/redis/6.0;
cd /opt/redis/6.0;
make;
# 批改 redis.conf 配置
# 找到 port 6379,批改为:port 6397
# 找到# requirepass foobared,批改为:# 此次批改的是 Redis 明码
requirepass AmYQn2Hv6AytY4Ux
# 创立软链接
ln -s /opt/redis/6.0/src/redis-cli /usr/local/bin/redis-cli;
创立虚拟空间运行 Redis 服务
# 创立 Screen 环境
screen -R RedisServe;
[RedisServe]:src/redis-server /opt/redis/6.0/redis.conf;
# CTRL + A + D 退出 Screen 环境
# 进入已创立的 Screen 环境
screen -r RedisServe;
PHP 退出 Redis 扩大
cd /usr/local/src/;
tar zxvf redis-5.3.2.tgz;
cd redis-5.3.2/;
phpize # 或 /opt/php/7.4/bin/phpize;
./configure --with-php-config=/opt/php/7.4/bin/php-config;
make;
make install;
# 批改 php.ini
vim /opt/php/7.4/etc/php.ini;
extension=redis.so # 949 行,;extension=xsl 前面追加
# 重启 PHP 服务
service php-fpm reload;
六、装置 MongoDB 4.4
cd /usr/local/src;
tar -zxvf mongodb-linux-x86_64-rhel70-4.4.1.tgz;
mv /usr/local/src/mongodb-linux-x86_64-rhel70-4.4.1/* /opt/mongodb/4.4/
export PATH=/opt/mongodb/4.4/bin:$PATH;
# 设置开机启动
systemctl enable mongod.service
启动前配置
mkdir -p /data/mongo/data/db;
cd /data/mongo;
mkdir logs;
touch mongodb.log;
mkdir etc;
touch mongodb.conf;
# 编辑 mongodb.conf
# 更多配置项,可通过 mongod --help 查看
dbpath=/data/mongo/data/db # 指定数据存储目录
logpath=/data/mongo/logs/mongodb.log # 指定日志文件存储目录
logappend=true # 应用追加形式写日志
port=27017 # 端口
fork=true # 以守护过程形式运行
auth=true # 启用验证
bind_ip=0.0.0.0 # 容许任意内部地址拜访
# 启动服务
mongod --config /data/mongo/etc/mongodb.conf;
# 进入 mongo 命令行下创立超级管理员
# root@dev-PC:~# mongo
db.createUser({user:"root",pwd:"K8gEBx05@F$9#jUe",roles:["root"]})
服务命令
# 启动 mongodb
mongod --config /data/mongo/etc/mongodb.conf;
# 进行 mongodb
ps -ef | grep mongodb;
kill -9 [对应 MongoDB 过程 ID]
六、SSH 端口批改
vi /etc/ssh/sshd_config
# 找到上面的 Port 指定批改
#Port 22
Port 2063 #本人新设的端口
# 批改防火墙,减少对方才的端口拜访
# 重启使 ssh 配置失效
systemctl restart sshd.service
# 若防火墙服务有开启,则须要将新端口退出端口名单中,并重启服务器