CentOS7.2編譯安裝LNMP(Nginx1.16+MySQL5.6+PHP5.6)
最近停掉了兩臺用了兩年多的安暢真機服務器,換騰訊雲CentOS,原環境是Win2008+Apache2.4+PHP5.6+MySQL5.5,所以花點時間折騰一下LNMP,順便學學Linux。
一、準備工作
(一) CentOS系統
騰訊雲服務器,選擇CentOS 7.2 x64
(二)已安裝軟件清理
1.清理已安裝的軟件
騰訊雲主機系統可能會默認安裝一些常用服務器軟件(Apache、Mysql、PHP等),爲避免衝突故先清理乾淨。
#檢查apache、mysql、php軟件是否已安裝,並卸之
rpm -e httpd
rpm -e mysql
rpm -e php
yum -y remove httpd
yum -y remove mysql
yum -y remove php
#檢查Mysql是否已安裝
rpm -qa|grep mysql
#強制卸載Mysql
rpm -e mysql-libs-5.1.73-3.el6_5.x86_64 --nodeps
#清理Aapche
#搜索apache包
rpm -qa http*
#強制卸載apache包
rpm -e --nodeps 查詢出來的文件名
#檢查是否卸載乾淨
rpm -qa|grep http*
2.需安裝的軟件及版本
可以用wget下載
(1).CMake2.8.12 : http://www.cmake.org/files/v2.8/cmake-2.8.12.2.tar.gz
(2).MySQL5.6.39 x64 : https://dev.mysql.com/downloads/file/?id=474411
(3).Nginx-1.16 : http://nginx.org/download/nginx-1.16.2.tar.gz
(4).PHP5.6.34 : http://php.net/get/php-5.6.34.tar.gz/from/a/mirror
把上述軟件安裝包文件拷到服務器/usr/local/XXX/software/
3.修改系統緩存
#單次修改系統默認緩存大小
sysctl -w vm.max_map_count=262144
sysctl -a|grep vm.max_map_count
4.安裝相關依賴
#命令格式:yum -y install xxx組件1 xxxx組件2 (-y表示不詢問yes or no)
yum -y install gcc gcc-c++
yum -y install bison git ncurses-devel gcc gcc-c++
yum install -y ncurses-devel
yum -y install make gcc-c++ bison-devel ncurses-devel libaio libaio-devel perl-Data-Dumper net-tools
yum -y install autoconf
yum install ncurses ncurses-devel ncurses-libs
yum install *ncurses*
yum -y install libmcrypt libmcrypt-devel mcrypt mhash libxml2
yum -y install libxml2 libxml2-devel
yum -y install bzip2-devel.x86_64
yum -y install openssl.x86_64 openssl-devel.x86_64
yum -y install libcurl.x86_64 libcurl-devel.x86_64
yum -y install libjpeg.x86_64 libpng.x86_64 freetype.x86_64 libjpeg-devel.x86_64 libpng-devel.x86_64 freetype-devel.x86_64
yum -y install libjpeg-devel
yum -y install zlib zlib-devel openssl* pcre pcre-devel gd-devel
5.規劃各軟件安裝位置(便於以後查找和維護)
| 序號 |
軟件名稱及版本 |
安裝位置 |
配置文件位置 |
| 1 | CMake2.8.12.2 | /usr/local/tools/cmake2.8.12.2 | 無 |
| 2 | MySQL5.6.39 | /usr/local/prd/mysql |
/usr/local/prd/mysql/my.cnf |
| 3 | PHP5.6.34 | /usr/local/prd/php |
/usr/local/prd/php/etc/php-fpm.conf /usr/local/prd/php/etc/php.ini |
| 4 | Nginx1.16.2 | /usr/local/prd/nginx | /usr/local/prd/nginx/conf/nginx.conf |
二、安裝各軟件
(一).CMake
#創建工具目錄
mkdir /usr/local/tools
#把CMake2.8.12.2拷貝到 /usr/local/tools
cp /usr/local/XXX/software/CMake/cmake-2.8.12.2.tar.gz /usr/local/tools/
cd /usr/local/tools/
#解壓
tar zxvf cmake-2.8.12.2.tar.gz
#編譯並安裝
cd cmake-2.8.12.2
./configure
make && make install
#如果安裝過程提示如下信息:
Cannot find appropriate C compiler on this system.
則表示可能沒有安裝配置好gcc及 gcc-c++,安之
yum install gcc
yum install gcc-c++
#安裝完成後查看版本信息
cmake –version
# cmake version 2.8.12.2
(二)MySQL
1.創建MySQL運行所需的系統用戶和權限
#創建羣組
groupadd mysql
#創建一個用戶mysql,不允許登陸和不創主目錄
useradd -s /sbin/nologin -g mysql -M mysql
#檢查剛創建的用戶
tail -1 /etc/passwd
##此時會顯示:mysql:x:1000:1000::/home/mysql:/sbin/nologin
2.建立MySQL所需的一些目錄和文件
#創建MySQL數據的運行日誌目錄和文件
mkdir /usr/local/prd
mkdir /usr/local/prd/mysql
mkdir /usr/local/prd/mysql/logs
touch /usr/local/prd/mysql/logs/mariadb.log
chown -R mysql:mysql /usr/local/prd/mysql/logs/
3.解壓安裝包
#把mysql-5.6.39的源碼拷貝到 /usr/local/prd
#注意一定要用源碼包才能用此方式編譯。http://dev.mysql.com/downloads/mysql/ 下載時,要選擇的是 MySQLCommunity Server 下的 Source Code
cp /usr/local/XXX/software/MySQL/mysql-5.6.39.tar.gz /usr/local/prd/
cd /usr/local/prd/
#解壓
tar zxvf mysql-5.6.39.tar.gz
cd /usr/local/prd/mysql-5.6.39/
4.按預定參編譯並安裝
cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/prd/mysql \
-DMYSQL_DATADIR=/usr/local/prd/mysql/data \
-DSYSCONFDIR=/usr/local/prd/mysql/ \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DWITH_MEMORY_STORAGE_ENGINE=1 \
-DMYSQL_UNIX_ADDR=/usr/local/prd/mysql/tmp/mysql.sock \
-DMYSQL_TCP_PORT=3306 -DENABLED_LOCAL_INFILE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DEXTRA_CHARSETS=all -DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DMYSQL_USER=mysql \
-DWITH_DEBUG=0 \
-DENABLE_DOWNLOADS=1
make && make install
編譯過程可能會報一些錯誤,通常都是因爲依賴組件沒有裝,例如下如信息:
-- Could NOT find Git (missing: GIT_EXECUTABLE)
NOTFOUND" was not found. Please set CMAKE_C_COMPILER to a valid compiler path or name.
(1).按上文一.(4).方便根據錯誤提示安裝對應的依賴。
(2).取消一些編譯參數,例如SSL報錯,應取消兩個選項:
DWITH_READLINE=1和-DWITH_SSL=YES
直到編譯過程不再報:“-- Configuring incomplete, errors occurred!”,即可進行安裝,約持續10分鐘。
5.刪除MySQL安裝源碼目錄
rm -Rf /usr/local/prd/mysql-5.6.39
6.修改MySQL目錄權限
chmod +w /usr/local/prd/mysql
chown -R mysql:mysql /usr/local/prd/mysql
7.初始化MySQL配置
(1).my.cnf配置文件
上述安裝操作完成後,會在/etc/目錄下生成my.cnf配置,按上文“二.軟件安裝—安裝位置”約定,需要把它移到/usr/local/prd/mysql/下。
mv /etc/my.cnf /etc/my.cnf.bak
cp /usr/local/prd/mysql/support-files/my-default.cnf /usr/local/prd/mysql/my.cnf
MySQL在啓動服務時,會按照一定次序搜索my.cnf:先在/etc目錄下找,找不到則會搜索”$basedir/my.cnf”就是安裝目錄下/usr/local/prd/mysql/my.cnf,這是新版MySQL的配置文件的默認位置!注意:在最小安裝完成後,在/etc目錄下會存在一個my.cnf,需要將此文件更名爲其他的名字。如:/etc/my.cnf.bak,否則,該文件會干擾源碼安裝的MySQL的正確配置,造成無法啓動。
(2).MySQL初始化數據
/usr/local/prd/mysql/scripts/mysql_install_db --defaults-file=/usr/local/prd/mysql/my.cnf --basedir=/usr/local/prd/mysql --datadir=/usr/local/prd/mysql/data --user=mysql &
執行完畢後會顯示:
20YY-MM-DD HH:Mi:SS 29803 [Note] InnoDB: Shutdown completed; log sequence number 1625987 OK
8.設置MySQL自動運行參數
(1).設置環境變量
#先設置PATH,否則不能直接調用mysql
#修改/etc/profile文件
vim /etc/profile
#在文件末尾添加
PATH=/usr/local/prd/mysql/bin:$PATH
export PATH
#讓配置立即生效
source /etc/profile
(2).建立臨時目錄,並通過MySQL配置文件my.cnf設置運行參數
#建立mysql所需的臨時目錄,並授權給mysql用戶訪問
mkdir /usr/local/prd/mysql/tmp
chown -R mysql:mysql /usr/local/prd/mysql/tmp
#如果後面報錯,再執行這句:
chmod -R 777 /usr/local/prd/mysql/tmp
#爲mysql用戶授權訪問data目錄
chown -R mysql:mysql /usr/local/prd/mysql/data
修改MYSQL的配置文件,指定相關運行以參數
#修改MYSQL的配置文件,指定相關運行以參數
vim /usr/local/prd/mysql/my.cnf
#啓用編輯模式(Shift + I),把如下內容加到文件末尾,然後按(Shift + : wq)保存退出
basedir=/usr/local/prd/mysql
datadir=/usr/local/prd/mysql/data
socket=/usr/local/prd/mysql/tmp/mysql.sock
port=3306
server-id=1
[mysqld_safe]
log-error=/usr/local/prd/mysql/logs/mariadb.log
pid-file=/usr/local/prd/mysql/tmp/mariadb.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
(3).設置自動啓動
#把支持目錄裏support-files/mysql.server拷到系統啓動目錄
cp /usr/local/prd/mysql/support-files/mysql.server /etc/init.d/mysqld
#賦予權限、設置開機自啓並啓動
chmod +x /etc/init.d/mysqld
chkconfig mysqld on
#啓動MySQL服務
service mysqld start
#或者
/etc/init.d/mysqld start
啓動成功後會顯示“Starting MySQL. SUCCESS!”
(4).初始化數據庫超管密碼
MySQL5.6源碼版剛裝好是沒有密碼的,可以直接登錄
#mysql -uroot –p
#退出
exit;
bye
#設置root帳號的密碼
#設置root帳號的密碼
/usr/local/prd_run/mysql/bin/mysqladmin -uroot -p password '你的密碼'
##如果出現“error: 'Access denied for user 'root'@'localhost' (using password: YES)'”則需要使用下面的方法
#重置root密碼,直接用root登錄,不輸密碼
/usr/local/prd_run/mysql/bin/mysql –uroot –p
#出現 Enter password時直接回車
##用SQL語句更新root密碼
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('你的密碼');
SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('你的密碼');
(三)PHP
1.創建PHP所需的系統用戶www
#按照標準,給php-fpm創建一個指定的用戶和組
#創建羣組www
groupadd www
#創建一個用戶www,不允許登陸和不創主目錄
useradd -s /sbin/nologin -g www -M www
2.安裝依賴
yum -y install libmcrypt libmcrypt-devel mcrypt mhash libxml2
3.解壓安裝包
#把php-5.6.34.tar.gz拷貝到 /usr/local/prd/
cp /usr/local/xxx/software/PHP/php-5.6.34.tar.gz /usr/local/prd/
#解壓
tar zxvf php-5.6.34.tar.gz
4.編譯並安裝
cd php-5.6.34
./configure --prefix=/usr/local/prd/php --with-config-file-path=/usr/local/prd/php/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-iconv-dir --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-magic-quotes --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --enable-mbregex --enable-mbstring --with-mcrypt --enable-ftp --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --disable-fileinfo --enable-maintainer-zts
make && make install
5.可能出現的錯誤
(1).缺少依賴包
- 出現“configure: error: xml2-config not found. Please check your libxml2 installation.”則重新安裝 libxml2
yum -y install libxml2 libxml2-devel
##查看已安裝的libxml2版本
rpm -qa |grep libxml2
#此處應顯示三個相關程序和版本
#查找“xml2-config”文件是否存在
find / -name "xml2-config"
#此處應顯示:/usr/bin/xml2-config
- 出現“configure: error: Cannot find OpenSSL's <evp.h>”則安裝SSL
yum -y install bzip2-devel.x86_64
yum -y install openssl.x86_64 openssl-devel.x86_64
- 出現“configure: error: Please reinstall the libcurl distribution - easy.h should be in <curl-dir>/inc”則安裝CURL
yum -y install libcurl.x86_64 libcurl-devel.x86_64
- 出現“configure: error: jpeglib.h not found.”則安裝GD庫
yum -y install libjpeg.x86_64 libpng.x86_64 freetype.x86_64 libjpeg-devel.x86_64 libpng-devel.x86_64 freetype-devel.x86_64
yum -y install libjpeg-devel
yum install libjpeg.x86_64 libpng.x86_64 freetype.x86_64 libjpeg-devel.x86_64 libpng-devel.x86_64 freetype-devel.x86_64 -y
(2).編譯錯誤:無。
6.安裝完成,拷貝所需配置文件後,刪除PHP安裝源碼目錄
#此時應出現新目錄 /usr/local/prd/php
cd /usr/local/prd/php-5.6.34
#拷貝PHP配置文件到PHP目錄
cp /usr/local/prd/php-5.6.34/php.ini-production /usr/local/prd/php/etc/php.ini
#拷貝啓動腳本php-fpm啓動腳本到init.d
cp /usr/local/prd/php-5.6.34/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
#刪除PHP安裝源碼目錄
rm -Rf /usr/local/prd_run/php-5.6.34
7.配置php參數
#進入PHP運行目錄
cd /usr/local/prd/php
#賦予執行權限
chmod +x /etc/init.d/php-fpm
8.設置php自啓動
#添加爲啓動項
chkconfig --add php-fpm
#設置開機啓動
chkconfig php-fpm on
#立即啓動php-fpm
/etc/init.d/php-fpm start
#此處應顯示“Starting php-fpm done”
(四)Nginx
1.創建Nginx所需的系統用戶nginx
#按照標準,給Nginx創建一個指定的用戶和組
#創建羣組nginx
groupadd -r nginx
#創建一個用戶www,不允許登陸和不創主目錄
useradd -s /sbin/nologin -g nginx -M nginx
2.安裝依賴
yum -y install zlib zlib-devel openssl* pcre pcre-devel gd-devel
3.解壓安裝包
#把nginx-1.12.2.tar.gz拷貝到 /usr/local/prd_run/
cp /usr/local/denghan/software/Nginx/nginx-1.12.2.tar.gz /usr/local/prd_run/
#解壓
tar zxvf nginx-1.12.2.tar.gz
4.編譯並安裝
cd nginx-1.12.2
./configure --prefix=/usr/local/prd/nginx --sbin-path=/usr/local/prd/nginx/bin/nginx --conf-path=/usr/local/prdn/nginx/conf/nginx.conf --error-log-path=/usr/local/prd/nginx/log/error.log --http-log-path=/usr/local/prd/nginx/log/access.log --pid-path=/usr/local/prd/nginx/tmp/pid/nginx.pid --lock-path=/usr/local/prd/nginx/tmp/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/prd/nginx/tmp/client/ --http-proxy-temp-path=/usr/local/prd/nginx/tmp/proxy/ --http-fastcgi-temp-path=/usr/local/prd/nginx/tmp/fcgi/ --http-uwsgi-temp-path=/usr/local/prd/nginx/tmp/uwsgi --http-scgi-temp-path=/usr/local/prd/nginx/tmp/scgi --with-pcre
make && make install
5.配置Nginx啓動參數
#新建Nginx啓動文件
touch /etc/init.d/nginx
#編輯該文件
vi /etc/init.d/nginx
輸入粘貼如下內容(注意相關參數必須與上面編譯時的配置及路徑保持一致)
#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# it is v.0.0.2 version.
# chkconfig: - 85 15
# description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# processname: nginx
# pidfile: /var/run/nginx.pid
# config: /usr/local/nginx/conf/nginx.conf
## denghan added follow this on 2018-03-28
nginxd=/usr/local/prd_run/nginx/bin/nginx
nginx_config=/usr/local/prd_run/nginx/conf/nginx.conf
nginx_pid=/usr/local/prd_run/nginx/tmp/pid/nginx.pid
RETVAL=0
prog="nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -x $nginxd ] || exit 0
# Start nginx daemons functions.
start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"Starting $prog: "
daemon $nginxd -c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /usr/local/prd_run/nginx/tmp/lock/nginx.lock
return $RETVAL
}
# Stop nginx daemons functions.
stop() {
echo -n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /usr/local/prd_run/nginx/tmp/lock/nginx.lock /usr/local/prd_run/nginx/tmp/pid/nginx.pid
}
# reload nginx service functions.
reload() {
echo -n $"Reloading $prog: "
#kill -HUP `cat ${nginx_pid}`
killproc $nginxd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $RETVAL
6.設置自動啓動
#給啓動文件賦權
chmod +x /etc/init.d/nginx
#加入自啓動序列
chkconfig --add nginx
chkconfig nginx on
#然後就可以啓動服務了
systemctl restart nginx.service
#或
/etc/init.d/nginx start
打開瀏覽器輸入服務器IP,可看到如下畫面
7.啓動失敗的處理
如果輸入 “systemctl restart nginx.service”或“service nginx restart”出現這句錯誤提示“Job for nginx.service failed because the control process exited with error code.nginx php 多域名配置”,則表示可能編譯時未正確生成nginx.service文件,不用慌,手工寫一下即可:
touch /usr/lib/systemd/system/nginx.service
vi /usr/lib/systemd/system/nginx.service
輸入如下內容(注意各參數須與上文匹配)
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/prd/nginx/tmp/pid/nginx.pid
ExecStartPre=/usr/bin/rm -f /usr/local/prd/nginx/tmp/pid/nginx.pid
ExecStartPre=/usr/local/prd/nginx/bin/nginx -t
ExecStart=/usr/local/prd/nginx/bin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillMode=process
KillSignal=SIGQUIT
TimeoutStopSec=5
PrivateTmp=true
[Install]
WantedBy=multi-user.target
這個文件不管是新建還是修改,需要在完成後執行一下下面的命令,讓systemd加載:
systemctl daemon-reload
這時你會發現,可以成功執行“systemctl restart nginx.service”了。
8.安裝完成,刪除Ngnix安裝源碼目錄
#刪除Ngnix安裝源碼目錄
rm -Rf /usr/local/prd/nginx-1.12.2
三、配置Nginx和PHP
(一).整合Nginx和PHP
1.編輯Nginx.conf,啓用如下選項
#vim /usr/local/prd/nginx/conf/nginx.conf
#啓動“location ~ \.php$”段,內容如下
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
2.編輯/usr/local/prd_run/nginx/conf/fastcgi_params
#先備份原文件
cd /usr/local/prd_run/nginx/conf
cp fastcgi_params fastcgi_params.bak
vim fastcgi_params
##內容如下
fastcgi_params文件內容
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
3.重啓Nginx,在html目錄放測試php頁,瀏覽器打開可看到已經整合成功
至此CenOS72下LNMP編譯安裝完畢!
(二).配置Nginx實現多域名多站點、支持SSL、支持PATHINFO模式等
1、增加一個配置文件,用於多站點配置
(1).在Nginx的配置文件目錄增加子目錄servers
mkdir /usr/local/prd/nginx/conf/servers
(2).在servers新建vhosts.conf文件
cd /usr/local/prd/nginx/conf/servers
touch vhosts.conf
(3).在/usr/local/prd/nginx/conf/nginx.conf文件中如下位置增加一行:
#修改ngnix.conf , 在http{ } 之間增加一句:“include servers/vhost.conf;”
#在nginx.conf文件的http段最後位置增加一句引用上文的 ./servers/vhosts.conf
http {
。。。。
。。。。
#引用 /usr/local/prd/nginx/conf/servers/vhosts.conf
include servers/vhost.conf;
}
2、支持多個域名多個站點
#在/usr/local/prd/nginx/conf/servers/vhosts.conf文件中編寫如下配置內容
vim vhosts.conf
server{
listen 80;
server_name www.yourdomain.com;
root /data/web/www.yourdomain.com/root;
index index.php index.html;
access_log log/www_yourdomain_com.log;
#Include public php_fastcgi setting
include bind_php.conf;
}
server{
listen 80;
server_name test.yourdomain.com;
root /data/web/test.yourdomain.com/root;
index index.php index.html;
access_log log/test_yourdomain_com.log;
#Include public php_fastcgi setting
include bind_php.conf;
}
#重啓Nginx使配置生效
/etc/init.d/nginx restart
3、支持SSL模式
(1).在Nginx的根目錄增加子目錄cert,用於存放證書文件
mkdir /usr/local/prd/nginx/cert
(2).把在域名服務商申請的SSL證書下載回來,並上傳到該cert目錄,通常是兩個文件:證書文件和私鑰文件
(3).調整vhosts.conf文件,配置https參數如下
server{
listen 80;
server_name www.yourdomain.com;
rewrite ^(.*)$ https://$host$1 permanent; #transport http's request to https
}
server {
listen 443;
server_name www.yourdomain.com;
root /data/web/www.yourdomain.com/root;
index index.php index.html;
access_log log/test_yourdomain_com.log;
#SSL Setting
ssl on;
ssl_certificate /usr/local/prd/nginx/cert/1_muchsource.com_bundle.crt; #證書文件
ssl_certificate_key /usr/local/prd/nginx/cert/2_muchsource.com.key; #證書私鑰
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #證書協議
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#T證書密碼
ssl_prefer_server_ciphers on;
#Include public php_fastcgi setting
#include bind_php.conf;
}
(4).檢查配置文件
/usr/local/prd/nginx/bin/nginx –t
##此時應出現
nginx: the configuration file /usr/local/prd/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/prd/nginx/conf/nginx.conf test is successful
(5).重啓Nginx
systemctl restart nginx.service
此時可使用https://www.域名.com 訪問網站
3、支持PATHINFO模式
PATHINFO模式常見於ThinkPHP3.x\5.x等MVC框架,多用於API的URL式傳參。
Nigix支持PATHINFO模式的要點在於配置FastCGI的URL以正則表達式轉換
(1).打開PHP的 cgi.fix_pathinfo參數
# /usr/local/prd/php/etc/php.ini 大約771行,去掉行前的分號
cgi.fix_pathinfo=1
(2).修改Nginx的配置文件,增加如下內容
因上文已經配置爲外鏈多個虛擬主機配置文件, 所以是編輯打開這個文件:
vim /usr/local/prd/nginx/conf/servers/vhost.conf
# /usr/local/prd/nginx/conf/servers/vhost.conf
# server { } 的花括號前增加如下內容:
#URL中 "server_name"之後的內容
location / {
# re-wirte url for hidden "*.php"
if ( !-e $request_filename) {
# 使“domain/xxx/*” 轉換爲“domain/xxx.php/*”
rewrite ^/store/(.*)$ /store.php/$1 last;
rewrite ^/api/(.*)$ /api.php/$1 last;
break;
}
}
#增加如下對PHP文件的轉換
location ~ \.php(.*)$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#下面兩句是給fastcgi權限,可以支持 ?s=/module/controller/action的url訪問模式
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#下面兩句支持 index.php/index/index/index的pathinfo模式
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
(3).重啓php和Ngnix
# 重啓
/etc/init.d/php-fpm restart
systemctl restart nginx.service
(4).驗證:http://域名/index/user/login 相當於 http://域名/index.php/user/login