阿里云ECS服务器搭建Nginx+PHP+MySql环境详细步骤(CentOS7环境)

1、下载nginx-release包
wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
2、导入GPG signing key
rpm --import "http://nginx.org/keys/nginx_signing.key"
3、安装1中下载的软件包。
yum install /home/download/nginx-release-centos-7-0.el7.ngx.noarch.rpm
其中“/home/download/”为软件包的下载路径。
4、安装nginx服务器
yum install nginx
二、安装PHP
1、安装gcc及libxml2
yum install gcc -y
yum install libxml2* -y
2、下载最新PHP官方安装包
3、解压安装包
tar zxvf php-5.6.28.tar.gz
4、安装php
#cd php-5.6.28 #./configure --prefix=/usr/local/php --enable-fpm #make #make install
三、关联Nginx及PHP
1、修改nginx配置文件
vim /etc/nginx/nginx.conf
- <span style=“font-family:Microsoft YaHei;font-size:14px;”>user nginx;
- worker_processes 1;
- error_log /var/log/nginx/error.log warn;
- pid /var/run/nginx.pid;
- events {
- worker_connections 1024;
- }
- http {
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- log_format main ‘$remote_addr – $remote_user [$time_local] “$request” ‘
- ‘$status $body_bytes_sent “$http_referer” ‘
- ‘”$http_user_agent” “$http_x_forwarded_for”‘;
- access_log /var/log/nginx/access.log main;
- sendfile on;
- #tcp_nopush on;
- keepalive_timeout 65;
- fastcgi_connect_timeout 300;
- fastcgi_send_timeout 300;
- fastcgi_read_timeout 300;
- fastcgi_buffer_size 64k;
- fastcgi_buffers 4 64k;
- fastcgi_busy_buffers_size 128k;
- fastcgi_temp_file_write_size 256k;
- #gzip on;
- server
- {
- listen 80 default_server;
- #listen [::]:80 default_server ipv6only=on;
- server_name www.yourserver.com;
- index index.html index.htm index.php;
- root /usr/share/nginx/html;
- #error_page 404 /404.html;
- include enable-php.conf;
- }
- include /etc/nginx/conf.d/*.conf;
- }</span>
2、生成一个enable-php.conf文件
- <span style=“font-family:Microsoft YaHei;font-size:14px;”> location ~ [^/]\.php(/|$)
- {
- try_files $uri =404;
- fastcgi_pass 127.0.0.1:9000;
- fastcgi_index index.php;
- include fastcgi.conf;
- }</span>
3、生成一个fastcgi.conf文件
- <span style=“font-family:Microsoft YaHei;font-size:14px;”>fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param QUERY_STRING $query_string;
- fastcgi_param REQUEST_METHOD $request_method;
- fastcgi_param CONTENT_TYPE $content_type;
- fastcgi_param CONTENT_LENGTH $content_length;
- fastcgi_param SCRIPT_NAME $fastcgi_script_name;
- fastcgi_param REQUEST_URI $request_uri;
- fastcgi_param DOCUMENT_URI $document_uri;
- fastcgi_param DOCUMENT_ROOT $document_root;
- fastcgi_param SERVER_PROTOCOL $server_protocol;
- fastcgi_param REQUEST_SCHEME $scheme;
- fastcgi_param HTTPS $https if_not_empty;
- fastcgi_param GATEWAY_INTERFACE CGI/1.1;
- fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
- fastcgi_param REMOTE_ADDR $remote_addr;
- fastcgi_param REMOTE_PORT $remote_port;
- fastcgi_param SERVER_ADDR $server_addr;
- fastcgi_param SERVER_PORT $server_port;
- fastcgi_param SERVER_NAME $server_name;
- # PHP only, required if PHP was built with –enable-force-cgi-redirect
- fastcgi_param REDIRECT_STATUS 200;</span>
4、拷贝生产环境的PHP配置文件
cp /home/develop/php-5.6/php.ini-production /usr/local/php/etc/php.ini
5、拷贝php-fpm配置文件 (如果没有特殊要求,则直接使用默认配置即可)
cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
四、分别启动nginx和php-fpm服务
1、启动nginx
/usr/sbin/nginx
2、启动php
/usr/local/php/sbin/php-fpm -c /usr/local/php/etc/php.ini -y /usr/local/php/etc/php-fpm.conf
五、测试
1、创建phpinfo.php文件
vim /usr/share/nginx/html/phpinfo.php
输入以下内容
<?php
phpinfo();
2、在浏览器中打开页面(http://yourserver/phpinfo.php),观察是否显示正常.
六、安装php-mysql扩展
1、安装autoconf
yum install autoconf -y
2、安装mysql-devel开发包(不是完整的mysql-server,仅包含mysql二次开发使用的各种库及头文件)
yum install mysql-devel -y
注:如果是64位的操作系统的话,还需要做个软链接,否则在配置(configure)的时候会报错找不到lib文件,即: ln -s /usr/lib64/mysql /usr/lib/mysql
3、编译php-mysql扩展库
cd php-5.6.28/ext/mysql
/usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config --with-mysql=/usr make make install
4、修改php配置文件
上一步安装完毕之后,系统会提示生成 .so 文件的所在路径。我的是 /usr/local/php/lib/php/extensions/no-debug-non-zts-20100525/
1> 打开php.ini,添加部分内容
vim php.ini
2> 明确指定php扩展库路径
extension_dir="/usr/local/php/lib/php/extensions/no-debug-non-zts-20100525/"
3> 新增mysql扩展
extension=mysql.so 5、重启php-fpm及nginx服务即可
killall php-fpm
killall nginx
/usr/sbin/nginx
/usr/local/php/sbin/php-fpm -c /usr/local/php/etc/php.ini -y /usr/local/php/etc/php-fpm.conf
七、安装mysql服务
1、安装libaio
yum install libaio # 安装依赖包
2、安装mysql服务
wget http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm yum localinstall mysql-community-release-el7-5.noarch.rpm yum install mysql-community-server
3、启动和关闭 MySQL Server 启动 MySQL Server systemctl start mysqld 查看 MySQL Server 状态 systemctl status mysqld 关闭 MySQL Server systemctl stop mysqld
4、防火墙设置 远程访问 MySQL, 需开放默认端口号 3306. 方式1:iptables(CentOS 7.x版本之前用法,不推荐) 打开 iptables 的配置文件: vi /etc/sysconfig/iptables 修改
- <span style=”font-family:Microsoft YaHei;font-size:14px;”>*filter
- :INPUT ACCEPT [0:0]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [0:0]
- -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -p icmp -j ACCEPT
- -A INPUT -i lo -j ACCEPT
- -A INPUT -p tcp -m state –state NEW -m tcp –dport 22 -j ACCEPT
- -A INPUT -j REJECT –reject-with icmp-host-prohibited
- -A FORWARD -j REJECT –reject-with icmp-host-prohibited
- COMMIT</span>
在里面加入这2行: -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT -A RH-Firewall-1-INPUT -m state –state NEW -m udp -p udp –dport 3306 -j ACCEPT 改为
- <span style=”font-family:Microsoft YaHei;font-size:14px;”>*filter
- :INPUT ACCEPT [0:0]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [0:0]
- -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -p icmp -j ACCEPT
- -A INPUT -i lo -j ACCEPT
- -A INPUT -p tcp -m state –state NEW -m tcp –dport 22 -j ACCEPT
- -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT
- -A RH-Firewall-1-INPUT -m state –state NEW -m udp -p udp –dport 3306 -j ACCEPT
- -A INPUT -j REJECT –reject-with icmp-host-prohibited
- -A FORWARD -j REJECT –reject-with icmp-host-prohibited
- COMMIT</span>
如果该 iptables 配置文件 不存在,先执行 yum install iptables-services 安装 执行 iptables 重启生效 service iptables restart 方式2:firewall-cmd(推荐) 执行 firewall-cmd –permanent –zone=public –add-port=3306/tcp firewall-cmd –permanent –zone=public –add-port=3306/udp 这样就开放了相应的端口。 执行 firewall-cmd –reload 使最新的防火墙设置规则生效。
5、创建root外的其他账号
创建一个普通用户 sa ,密码是 some_pass CREATE USER 'sa'@'%' IDENTIFIED BY 'some_pass'; 给这个用户授予 SELECT,INSERT,UPDATE,DELETE 的远程访问的权限,这个账号一般用于提供给实施的系统访问 GRANT SELECT,INSERT,UPDATE,DELETE ON *.* TO 'sa'@'%';
创建一个管理员用户 admin 账号 ,密码是 some_pass CREATE USER 'admin'@'%' IDENTIFIED BY 'some_pass'; 给这个用户授予所有的远程访问的权限。这个用户主要用于管理整个数据库、备份、还原等操作。 GRANT ALL ON *.* TO 'admin'@'%'; 使授权立刻生效 flush privileges;