準備篇
一、防火墻配置
CentOS 7.x默認使用的是firewall作為防火墻�����,這里改為iptables防火墻��。
1���、關閉firewall:
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall開機啟動
2�����、安裝iptables防火墻
yum install iptables-services #安裝
vi /etc/sysconfig/iptables #編輯防火墻配置文件
# sample configuration for iptables service# you can edit this manually or use system-config-firewall# please do not ask us to add additional ports/services to this default configuration*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT-A INPUT -j REJECT --reject-with icmp-host-prohibited-A FORWARD -j REJECT --reject-with icmp-host-prohibitedCOMMIT
:wq! #保存退出
systemctl restart iptables.service #最后重啟防火墻使配置生效
systemctl enable iptables.service #設置防火墻開機啟動
/usr/libexec/iptables/iptables.init restart #重啟防火墻
二�����、關閉SELINUX
vi /etc/selinux/config
#SELINUX=enforcing #注釋掉
#SELINUXTYPE=targeted #注釋掉
SELINUX=disabled #增加
:wq! #保存退出
setenforce 0 #使配置立即生效
三 �、系統約定
軟件源代碼包存放位置:/usr/local/src
源碼包編譯安裝位置:/usr/local/軟件名字
四�、下載軟件包
1�����、下載nginx
http://nginx.org/download/nginx-1.10.1.tar.gz
2���、下載MySQL
http://cdn.mysql.com/Downloads/MySQL-5.6/mysql-5.6.33.tar.gz
3、下載php
http://cn2.php.net/distributions/php-5.6.26.tar.gz
4����、下載cmake(MySQL編譯工具)
https://cmake.org/files/v3.6/cmake-3.6.2.tar.gz
5����、下載pcre (支持nginx偽靜態)
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.39.tar.gz
6�、下載openssl(nginx擴展)
https://www.openssl.org/source/openssl-1.0.2j.tar.gz
7、下載zlib(nginx擴展)
http://zlib.net/zlib-1.2.8.tar.gz
8�、下載libmcrypt(php擴展)
http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
9����、下載yasm(php擴展)
http://www.tortall.net/projects/yasm/releases/yasm-1.3.0.tar.gz
10���、t1lib(php擴展)
ftp://sunsite.unc.edu/pub/Linux/libs/graphics/t1lib-5.1.2.tar.gz
11�����、下載gd庫安裝包
https://bitbucket.org/libgd/gd-libgd/downloads/libgd-2.1.1.tar.gz
12��、libvpx(gd庫需要)
http://ftp.osuosl.org/pub/blfs/conglomeration/libvpx/libvpx-1.6.0.tar.bz2
13���、tiff(gd庫需要)
http://download.osgeo.org/libtiff/tiff-4.0.6.tar.gz
14、libpng(gd庫需要)
ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng16/libpng-1.6.25.tar.gz
15�����、freetype(gd庫需要)
http://download.savannah.gnu.org/releases/freetype/freetype-2.7.tar.gz
16�����、jpegsrc(gd庫需要)
http://www.ijg.org/files/jpegsrc.v9b.tar.gz
17�����、Boost(編譯mysql需要)
http://nchc.dl.sourceforge.net/project/boost/boost/1.59.0/boost_1_59_0.tar.gz
以上軟件包上傳到/usr/local/src目錄
五�、安裝編譯工具及庫文件(使用yum命令安裝)
yum install -y apr* autoconf automake bison bzip2 bzip2* cloog-ppl compat* cpp curl curl-devel fontconfig fontconfig-devel freetype freetype* freetype-devel gcc gcc-c++ gtk+-devel gd gettext gettext-devel glibc kernel kernel-headers keyutils keyutils-libs-devel krb5-devel libcom_err-devel libpng libpng-devel libjpeg* libsepol-devel libselinux-devel libstdc++-devel libtool* libgomp libxml2 libxml2-devel libXpm* libxml* libtiff libtiff* make mpfr ncurses* ntp openssl openssl-devel patch pcre-devel perl php-common php-gd policycoreutils telnet t1lib t1lib* nasm nasm* wget zlib-devel
安裝篇
以下是用putty工具遠程登錄到服務器,在命令行下面操作的
一�����、安裝MySQL
1、安裝cmake
cd /usr/local/srctar zxvf cmake-3.6.2.tar.gzcd cmake-3.6.2./configuremakemake install
2����、安裝MySQL
mkdir -p /usr/local/boost
cd /usr/local/src
cp boost_1_59_0.tar.gz /usr/local/boost
groupadd mysql #添加mysql組
useradd -g mysql mysql -s /bin/false #創建用戶mysql并加入到mysql組,不允許mysql用戶直接登錄系統
mkdir -p /data/mysql #創建MySQL數據庫存放目錄
chown -R mysql:mysql /data/mysql #設置MySQL數據庫存放目錄權限
mkdir -p /usr/local/mysql #創建MySQL安裝目錄
cd /usr/local/src #進入軟件包存放目錄
tar zxvf mysql-5.7.14.tar.gz #解壓
cd mysql-5.7.14 #進入目錄
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DWITH_INNOBASE_STORAGE_ENGINE=1 -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_EMBEDDED_SERVER=OFF -DWITH_BOOST=/usr/local/boost
注意:可以使用-DDOWNLOAD_BOOST=1 -DWITH_BOOST=/usr/local/boost參數在線安裝boost軟件包���,需要服務器聯網,容易下載失敗�����。
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DMYSQL_UNIX_ADDR=/tmp/mysql.sock -DMYSQL_USER=mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DENABLED_LOCAL_INFILE=ON -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_FEDERATED_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITHOUT_EXAMPLE_STORAGE_ENGINE=1 -DWITH_EMBEDDED_SERVER=OFF -DDOWNLOAD_BOOST=1 -DWITH_BOOST=/usr/local/boost
make #編譯
make install #安裝
編譯出錯, 重新編譯前要刪除編譯失敗的文件,重新編譯時�����,需要清除舊的對象文件和緩存信息���。
make clean
rm -f CMakeCache.txt
rm -rf /etc/my.cnf #刪除系統默認的配置文件(如果默認沒有就不用刪除)
cd /usr/local/mysql #進入MySQL安裝目錄
./bin/mysqld --user=mysql --initialize --basedir=/usr/local/mysql --datadir=/data/mysql #生成mysql系統數據庫
--initialize表示默認生成密碼, --initialize-insecure 表示不生成密碼, 密碼為空。
看到這一行[Note] A temporary password is generated for root@localhost: CSJlm3DyTG.d
cp /usr/local/mysql/support-files/my-default.cnf /usr/local/mysql/my.cnf
ln -s /usr/local/mysql/my.cnf /etc/my.cnf #添加到/etc目錄的軟連接
cp /usr/local/mysql/support-files/mysql.server /etc/rc.d/init.d/mysqld #把MySQL加入系統啟動
chmod 755 /etc/init.d/mysqld #增加執行權限
chkconfig mysqld on #加入開機啟動
vi /etc/rc.d/init.d/mysqld #編輯
basedir=/usr/local/mysql #MySQL程序安裝路徑
datadir=/data/mysql #MySQl數據庫存放目錄
:wq! #保存退出
service mysqld start #啟動
vi /etc/profile #把mysql服務加入系統環境變量:在最后添加下面這一行
export PATH=$PATH:/usr/local/mysql/bin
:wq! #保存退出
source /etc/profile #使配置立刻生效
下面這兩行把myslq的庫文件鏈接到系統默認的位置����,這樣你在編譯類似PHP等軟件時可以不用指定mysql的庫文件地址���。
ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln -s /usr/local/mysql/include/mysql /usr/include/mysql
mkdir /var/lib/mysql #創建目錄
ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock #添加軟鏈接
mysql_secure_installation #修改Mysql密碼�����,輸入之前生成的密CSJlm3DyTG.d回車����,根據提示操作。
Press y|Y for Yes, any other key for No: y #是否安裝密碼安全插件�����?選擇y
There are three levels of password validation policy: #有以下幾種密碼強度選擇
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0 #選擇0,只要8位數字即可���,選1要有大寫,小寫�����,特殊字符等
相關操作:進入MySQL控制臺
UNINSTALL PLUGIN validate_password ; #卸載密碼強度插件
mysqladmin -uroot -p password 123456 #修改密碼
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('123456'); #登錄mysql控制臺修改
alter user user() identified by '123456'; #修改密碼
二、安裝Nginx
1��、安裝pcre
cd /usr/local/srcmkdir /usr/local/pcretar zxvf pcre-8.39.tar.gzcd pcre-8.39./configure --prefix=/usr/local/pcremakemake install
2���、安裝openssl
cd /usr/local/srcmkdir /usr/local/openssltar zxvf openssl-1.0.2j.tar.gzcd openssl-1.0.2j./config --prefix=/usr/local/opensslmakemake installvi /etc/profileexport PATH=$PATH:/usr/local/openssl/bin:wq!source /etc/profile
3���、安裝zlib
cd /usr/local/srcmkdir /usr/local/zlibtar zxvf zlib-1.2.8.tar.gzcd zlib-1.2.8./configure --prefix=/usr/local/zlibmakemake install
4、安裝Nginx
groupadd www
useradd -g www www -s /bin/false
cd /usr/local/src
tar zxvf nginx-1.10.1.tar.gz
cd nginx-1.10.1
./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-openssl=/usr/local/src/openssl-1.0.2j --with-zlib=/usr/local/src/zlib-1.2.8 --with-pcre=/usr/local/src/pcre-8.39
注意:--with-openssl=/usr/local/src/openssl-1.0.2j --with-zlib=/usr/local/src/zlib-1.2.8 --with-pcre=/usr/local/src/pcre-8.39指向的是源碼包解壓的路徑����,而不是安裝的路徑��,否則會報錯
make
make install
/usr/local/nginx/sbin/nginx #啟動Nginx
設置nginx開機啟動
vi /etc/rc.d/init.d/nginx #編輯啟動文件添加下面內容
#############################################################!/bin/sh## nginx - this script starts and stops the nginx daemon## chkconfig: - 85 15# description: Nginx is an HTTP(S) server, HTTP(S) reverse /# proxy and IMAP/POP3 proxy server# processname: nginx# config: /etc/nginx/nginx.conf# config: /usr/local/nginx/conf/nginx.conf# pidfile: /usr/local/nginx/logs/nginx.pid# Source function library.. /etc/rc.d/init.d/functions# Source networking configuration.. /etc/sysconfig/network# Check that networking is up.[ "$NETWORKING" = "no" ] && exit 0nginx="/usr/local/nginx/sbin/nginx"prog=$(basename $nginx)NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginxlockfile=/var/lock/subsys/nginxmake_dirs() {# make required directoriesuser=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=/([^ ]*/).*//1/g' -`if [ -z "`grep $user /etc/passwd`" ]; thenuseradd -M -s /bin/nologin $userfioptions=`$nginx -V 2>&1 | grep 'configure arguments:'`for opt in $options; doif [ `echo $opt | grep '.*-temp-path'` ]; thenvalue=`echo $opt | cut -d "=" -f 2`if [ ! -d "$value" ]; then# echo "creating" $valuemkdir -p $value && chown -R $user $valuefifidone}start() {[ -x $nginx ] || exit 5[ -f $NGINX_CONF_FILE ] || exit 6make_dirsecho -n $"Starting $prog: "daemon $nginx -c $NGINX_CONF_FILEretval=$?echo[ $retval -eq 0 ] && touch $lockfilereturn $retval}stop() {echo -n $"Stopping $prog: "killproc $prog -QUITretval=$?echo[ $retval -eq 0 ] && rm -f $lockfilereturn $retval}restart() {#configtest || return $?stopsleep 1start}reload() {#configtest || return $?echo -n $"Reloading $prog: "killproc $nginx -HUPRETVAL=$?echo}force_reload() {restart}configtest() {$nginx -t -c $NGINX_CONF_FILE}rh_status() {status $prog}rh_status_q() {rh_status >/dev/null 2>&1}case "$1" instart)rh_status_q && exit 0$1;;stop)rh_status_q || exit 0$1;;restart|configtest)$1;;reload)rh_status_q || exit 7$1;;force-reload)force_reload;;status)rh_status;;condrestart|try-restart)rh_status_q || exit 0;;*)echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"exit 2esac############################################################ :wq! #保存退出
chmod 775 /etc/rc.d/init.d/nginx #賦予文件執行權限
chkconfig nginx on #設置開機啟動
/etc/rc.d/init.d/nginx restart #重啟
在瀏覽器中打開服務器IP地址,會看到下面的界面�����,說明Nginx安裝成功��。
三、安裝php
1��、安裝yasm
cd /usr/local/src
tar zxvf yasm-1.3.0.tar.gz
cd yasm-1.3.0
./configure
make
make install
2�����、安裝libmcrypt
cd /usr/local/src
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8
./configure
make
make install
3���、安裝libvpx
cd /usr/local/src
tar xvf libvpx-1.6.0.tar.bz2
cd libvpx-1.6.0
./configure --prefix=/usr/local/libvpx --enable-shared --enable-vp9
make
make install
4、安裝tiff
cd /usr/local/src
tar zxvf tiff-4.0.6.tar.gz
cd tiff-4.0.6
./configure --prefix=/usr/local/tiff --enable-shared
make
make install
5�����、安裝libpng
cd /usr/local/src
tar zxvf libpng-1.6.25.tar.gz
cd libpng-1.6.25
./configure --prefix=/usr/local/libpng --enable-shared
make
make install
6�、安裝freetype
cd /usr/local/src
tar zxvf freetype-2.7.tar.gz
cd freetype-2.7
./configure --prefix=/usr/local/freetype --enable-shared
make
make install
7�����、安裝jpeg
cd /usr/local/src
tar zxvf jpegsrc.v9b.tar.gz
cd jpeg-9b
./configure --prefix=/usr/local/jpeg --enable-shared
make
make install
8���、安裝libgd
cd /usr/local/src
tar zxvf libgd-2.1.1.tar.gz
cd libgd-2.1.1
./configure --prefix=/usr/local/libgd --enable-shared --with-jpeg=/usr/local/jpeg --with-png=/usr/local/libpng --with-freetype=/usr/local/freetype --with-fontconfig=/usr/local/freetype --with-xpm=/usr/ --with-tiff=/usr/local/tiff --with-vpx=/usr/local/libvpx
make
make install
說明:如果libgd編譯失敗��,可以先跳過,直接使用系統默認的2.1.0版本����,在編譯php的時候把參數--with-gd=/usr/local/libgd修改為--with-gd即可�����。
9、安裝t1lib
cd /usr/local/src
tar zxvf t1lib-5.1.2.tar.gz
cd t1lib-5.1.2
./configure --prefix=/usr/local/t1lib --enable-shared
make without_doc
make install
10�����、安裝php
注意:如果系統是64位���,請執行以下命令���,否則安裝php會出錯。
/cp -frp /usr/lib64/libltdl.so* /usr/lib/
/cp -frp /usr/lib64/libXpm.so* /usr/lib/
cd /usr/local/src
tar -zvxf php-7.0.11.tar.gz
cd php-7.0.11
export LD_LIBRARY_PATH=/usr/local/libgd/lib
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-mysqli=/usr/local/mysql/bin/mysql_config --with-mysql-sock=/tmp/mysql.sock --with-pdo-mysql=/usr/local/mysql --with-gd=/usr/local/libgd --with-png-dir=/usr/local/libpng --with-jpeg-dir=/usr/local/jpeg --with-freetype-dir=/usr/local/freetype --with-xpm-dir=/usr/lib64 --with-zlib-dir=/usr/local/zlib --with-iconv --enable-libxml --enable-xml --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-opcache --enable-mbregex --enable-fpm --enable-mbstring --enable-ftp --enable-gd-native-ttf --with-openssl --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --enable-session --with-mcrypt --with-curl --enable-ctype --enable-mysqlnd
make #編譯
make install #安裝
cp php.ini-production /usr/local/php/etc/php.ini #復制php配置文件到安裝目錄
rm -rf /etc/php.ini #刪除系統自帶配置文件
ln -s /usr/local/php/etc/php.ini /etc/php.ini #添加軟鏈接到 /etc目錄
cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf #拷貝模板文件為php-fpm配置文件
ln -s /usr/local/php/etc/php-fpm.conf /etc/php-fpm.conf #添加軟連接到 /etc目錄
vi /usr/local/php/etc/php-fpm.conf #編輯
pid = run/php-fpm.pid #取消前面的分號
:wq! #保存退出
cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf
vi /usr/local/php/etc/php-fpm.d/www.conf #編輯
user = www #設置php-fpm運行賬號為www
group = www #設置php-fpm運行組為www
設置 php-fpm開機啟動
cp /usr/local/src/php-7.0.11/sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm #拷貝php-fpm到啟動目錄
chmod +x /etc/rc.d/init.d/php-fpm #添加執行權限
chkconfig php-fpm on #設置開機啟動
vi /usr/local/php/etc/php.ini #編輯配置文件
找到:disable_functions =
修改為:disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
#列出PHP可以禁用的函數,如果某些程序需要用到這個函數���,可以刪除,取消禁用���。
找到:;date.timezone =
修改為:date.timezone = PRC #設置時區
找到:expose_php = On
修改為:expose_php = Off #禁止顯示php版本的信息
找到:short_open_tag = Off
修改為:short_open_tag = ON #支持php短標簽
找到opcache.enable=0
修改為opcache.enable=1 #php支持opcode緩存
找到:;opcache.enable_cli=1 #php支持opcode緩存
修改為:opcache.enable_cli=0
在最后一行添加:zend_extension=opcache.so #開啟opcode緩存功能
:wq! #保存退出
配置nginx支持php
vi /usr/local/nginx/conf/nginx.conf
修改/usr/local/nginx/conf/nginx.conf 配置文件,需做如下修改
user www www; #首行user去掉注釋,修改Nginx運行組為www www;必須與/usr/local/php/etc/php-fpm.conf中的user,group配置相同���,否則php運行出錯
index index.html index.htm index.php; #添加index.php
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ /.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#取消FastCGI server部分location的注釋,注意fastcgi_param行的參數,改為$document_root$fastcgi_script_name,或者使用絕對路徑
/etc/init.d/nginx restart #重啟nginx
service php-fpm start #啟動php-fpm
測試篇
cd /usr/local/nginx/html/ #進入nginx默認網站根目錄
rm -rf /usr/local/nginx/html/* #刪除默認測試頁
vi index.php #新建index.php文件
:wq! #保存退出
chown www.www /usr/local/nginx/html/ -R #設置目錄所有者
chmod 700 /usr/local/nginx/html/ -R #設置目錄權限
在瀏覽器中打開服務器IP地址�,會看到下面的界面
至此���,CentOS 7.2.1511編譯安裝Nginx1.10.1+MySQL5.7.14+PHP7.0.11教程完成。
