centos6.5编译安装LNMP

一、环境准备

1、操作系统安装:CentOS 6.5 64位最小化安装。

2、配置好IP、DNS、网关、主机名

3、配置防火墙,开启80、3306端口

1
2
3
/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
/etc/rc.d/init.d/iptables save
/etc/init.d/iptables restart

这样就搞定了,查看效果

1
2
/etc/init.d/iptables status
/etc/init.d/iptables restart #最后重启防火墙使配置生效

PS

Centos升级到7之后,发现无法使用iptables控制Linuxs的端口,google之后发现Centos 7使用firewalld代替了原来的iptables。下面记录如何使用firewalld开放Linux端口:

1
2
3
4
#开启端口
firewall-cmd --zone=public --add-port=80/tcp --permanent
#重启防火墙
firewall-cmd --reload

命令含义:

–zone #作用域

–add-port=80/tcp #添加端口,格式为:端口/通讯协议

–permanent #永久生效,没有此参数重启后失效

4、关闭SELinux

查看selinux状态:

1
2
3
4
5
6
/usr/sbin/sestatus -v
SELinux status: disabled //禁用selinux
getenforce
Disabled //禁用selinux
getenforce
Enforcing //启动

关闭selinux方法:
setenforce 0 #设置SELinux 成为permissive模式
setenforce 1 #设置SELinux 成为enforcing模式
第二种方法:
vim /etc/selinux/config 编辑文件

1
2
3
4
5
6
7
8
9
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
#permissive - SELinux prints warnings instead of enforcing.
#disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.

将SELINUX=enforceing 改为 SELINUX=disabled 重启机器就ok了

二、系统约定

硬盘分区:50G(/boot 200M /swap 8192M /)+100G(/opt)

软件源代码包存放位置:/opt/local/src

源码包编译安装位置:/opt/local/软件名

数据库数据文件存储路径/opt/local/mysql/var

三、软件包下载

  • 下载nginx(目前稳定版):http://nginx.org/download/nginx-1.4.4.tar.gz
  • 下载pcre (支持nginx伪静态):ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.34.tar.gz
  • 下载MySQL:http://cdn.mysql.com/Downloads/MySQL-5.5/mysql-5.5.35.tar.gz
  • 下载php:http://cn2.php.net/distributions/php-5.5.7.tar.gz
  • 下载cmake(MySQL编译工具):http://www.cmake.org/files/v2.8/cmake-2.8.12.1.tar.gz
  • 下载libmcrypt(PHPlibmcrypt模块):http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
  • 下载GD库安装包(php页面图片验证码支持):https://phpsqq.googlecode.com/files/gd-2.0.36RC1.tar.gz
  • 将以上软件包上传到/opt/local/src目录

    四、安装编译工具及库文件

    使用CentOS yum命令一键安装

    1
    yum install -y make apr* autoconf automake curl curl-devel gcc gcc-c++ gtk+-devel zlib-devel openssl openssl-devel pcre-devel gd kernel keyutils patch perl kernel-headers compat* cpp glibc libgomp libstdc++-devel keyutils-libs-devel libsepol-devel libselinux-devel krb5-devel libXpm* freetype freetype-devel freetype* fontconfig fontconfig-devel libjpeg* libpng* php-common php-gd gettext gettext-devel ncurses* libtool* libxml2 libxml2-devel patch policycoreutils bison

    五、软件安装篇

    1、安装cmake

    1
    2
    3
    4
    5
    6
    cd /opt/local/src
    tar zxvf cmake-2.8.8.tar.gz
    cd cmake-2.8.8
    ./configure --prefix=/opt/local/cmake
    make #编译
    make install #安装
    1
    2
    3
    vim /etc/profile 在path路径中增加cmake执行文件路径
    export PATH=$PATH:/opt/local/cmake/bin
    source /etc/profile使配置立即生效

    2、安装pcre

    PS:Pcre版本不能太高,8最好,要不编译不能通过

    1
    2
    3
    4
    5
    6
    cd /opt/local/src
    mkdir /usr/local/pcre #创建安装目录
    tar zxvf pcre-8.34.tar.gz
    cd pcre-8.34
    ./configure --prefix=/opt/local/pcre #配置
    make && make install

    3、安装libmcrypt

    1
    2
    3
    4
    5
    6
    cd /opt/local/src
    tar zxvf libmcrypt-2.5.8.tar.gz #解压
    cd libmcrypt-2.5.8 #进入目录
    ./configure #配置
    make #编译
    make install #安装

    4、安装gd库

    1
    2
    3
    4
    5
    6
    cd /opt/local/src
    tar zxvf gd-2.0.36RC1.tar.gz
    cd gd-2.0.36RC1
    ./configure --enable-m4_pattern_allow --prefix=/opt/local/gd --with-jpeg=/usr/lib --with-png=/usr/lib --with-xpm=/usr/lib --with-freetype=/usr/lib --with-fontconfig=/usr/lib #配置
    make #编译
    make install #安装

    5、安装Mysql

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    groupadd mysql #添加mysql组
    useradd -g mysql mysql -s /bin/false #创建用户mysql并加入到mysql组,不允许mysql用户直接登录系统
    mkdir -p /opt/data/mysql/var #创建MySQL数据库存放目录
    chown -R mysql:mysql /opt/data/mysql/var #设置MySQL数据库目录权限
    cd /opt/local/src
    tar zxvf mysql-5.5.35.tar.gz #解压
    cd mysql-5.5.35
    cmake . -DCMAKE_INSTALL_PREFIX=/opt/local/mysql -DMYSQL_DATADIR=/opt/data/mysql/var -DSYSCONFDIR=/etc #配置
    make #编译
    make install #安装

    cd /opt/local/mysql
    cp ./support-files/my-huge.cnf /etc/my.cnf #拷贝配置文件(注意:如果/etc目录下面默认有一个my.cnf,直接覆盖即可)
    vi /etc/my.cnf #编辑配置文件,在 [mysqld] 部分增加
    datadir = /opt/data/mysql/var #添加MySQL数据库路径

    ./scripts/mysql_install_db --user=mysql #生成mysql系统数据库

    cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld #把Mysql加入系统启动
    chmod 755 /etc/init.d/mysqld #增加执行权限
    chkconfig mysqld on #加入开机启动
    vi /etc/rc.d/init.d/mysqld #编辑
    basedir = /opt/local/mysql #MySQL程序安装路径
    datadir = /opt/local/mysql/var #MySQl数据库存放目录
    service mysqld start #启动
    vi /etc/profile #把mysql服务加入系统环境变量:在最后添加下面这一行
    export PATH=$PATH:/opt/local/cmake/bin:/opt/local/mysql/bin
    source /etc/profile #使配置立即生效
    mkdir /var/lib/mysql #创建目录
    ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock #添加软链接
    mysql_secure_installation #设置Mysql密码,根据提示按Y 回车输入2次密码
    #执行mysql_secure_installation时可能会报错
    #ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
    #这时检查 /etc/my.cnf里面
    #[mysqld]
    #socket=/tmp/mysql.sock是否设置正确,这里把这里的目录修改成和报错一样的就可以
    /opt/local/mysql/bin/mysqladmin -u root -p password "123456" #或者直接修改密码

    到此,mysql安装完成!

    6、安装 nginx

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    cd /opt/local/src
    groupadd www #添加www组
    useradd -g www www -s /bin/false #创建nginx运行账户www并加入到www组,不允许www用户直接登录系统
    tar zxvf nginx-1.4.4.tar.gz
    cd nginx-1.4.4
    ./configure --prefix=/opt/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-openssl=/usr/ --with-pcre=/opt/local/src/pcre-8.36

    make
    make install
    /opt/local/nginx/sbin/nginx #启动nginx

    注意:–with-pcre=/opt/local/src/pcre-8.64指向的是源码包解压的路径,而不是安装的路径,否则会报错

    设置nginx开启启动

    vi /etc/rc.d/init.d/nginx #编辑启动文件添加下面内容

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    #!/bin/bash
    # nginx Startup script for the Nginx HTTP Server
    # it is v.0.0.2 version.
    # chkconfig: - 85 15
    # description: Nginx is a high-performance web and proxy server.
    # It has a lot of features, but it's not for everyone.
    # processname: nginx
    # pidfile: /var/run/nginx.pid
    # config: /usr/local/nginx/conf/nginx.conf
    nginxd=/opt/local/nginx/sbin/nginx
    nginx_config=/opt/local/nginx/conf/nginx.conf
    nginx_pid=/opt/local/nginx/logs/nginx.pid
    RETVAL=0
    prog="nginx"
    # Source function library.
    . /etc/rc.d/init.d/functions
    # Source networking configuration.
    . /etc/sysconfig/network
    # Check that networking is up.
    [ ${NETWORKING} = "no" ] && exit 0
    [ -x $nginxd ] || exit 0
    # Start nginx daemons functions.
    start() {
    if [ -e $nginx_pid ];then
    echo "nginx already running...."
    exit 1
    fi
    echo -n $"Starting $prog: "
    daemon $nginxd -c ${nginx_config}
    RETVAL=$?
    echo
    [ $RETVAL = 0 ] && touch /var/lock/subsys/nginx
    return $RETVAL
    }
    # Stop nginx daemons functions.
    stop() {
    echo -n $"Stopping $prog: "
    killproc $nginxd
    RETVAL=$?
    echo
    [ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /usr/local/nginx/logs/nginx.pid
    }
    reload() {
    echo -n $"Reloading $prog: "
    #kill -HUP `cat ${nginx_pid}`
    killproc $nginxd -HUP
    RETVAL=$?
    echo
    }
    # See how we were called.
    case "$1" in
    start)
    start
    ;;
    stop)
    stop
    ;;
    reload)
    reload
    ;;
    restart)
    stop
    start
    ;;
    status)
    status $prog
    RETVAL=$?
    ;;
    *)
    echo $"Usage: $prog {start|stop|restart|reload|status|help}"
    exit 1
    esac
    exit $RETVAL
    1
    2
    3
    4
    5
    6
    :wq! #保存退出

    chmod 775 /etc/rc.d/init.d/nginx #赋予文件执行权限
    chkconfig nginx on #设置开机启动
    /etc/rc.d/init.d/nginx restart #重新启动Nginx
    service nginx restart

    7、安装php

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    cd /opt/local/src
    tar -zvxf php-5.5.7.tar.gz
    cd php-5.5.7.
    ./configure --prefix=/opt/local/php --with-config-file-path=/opt/local/php/etc --with-mysql=/opt/local/mysql --with-mysql-sock=/tmp/mysql.sock --with-gd --with-iconv --with-zlib --enable-xml --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex --enable-fpm --enable-mbstring --enable-ftp --enable-gd-native-ttf --with-openssl --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --enable-session --with-mcrypt --with-curl --with-jpeg-dir --with-freetype-dir
    make #编译
    make install #安装
    cp php.ini-production /opt/local/php/etc/php.ini #复制php配置文件到安装目录
    rm -rf /etc/php.ini #删除系统自带配置文件
    ln -s /opt/local/php/etc/php.ini /etc/php.ini #添加软链接
    cp /opt/local/php/etc/php-fpm.conf.default /opt/local/php/etc/php-fpm.conf #拷贝模板文件为php-fpm配置文件
    vi /opt/local/php/etc/php-fpm.conf #编辑
    user = www #设置php-fpm运行账号为www
    group = www #设置php-fpm运行组为www
    pid = run/php-fpm.pid #取消前面的分号

    设置 php-fpm开机启动

    1
    2
    3
    cp /opt/local/src/php-5.5.7/sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm #拷贝php-fpm到启动目录
    chmod +x /etc/rc.d/init.d/php-fpm #添加执行权限
    chkconfig php-fpm on #设置开机启动

    vi /opt/local/php/etc/php.ini #编辑配置文件

    1
    2
    3
    4
    5
    6
    7
    8
    修改为:disable_functions= passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
    #列出PHP可以禁用的函数,如果某些程序需要用到这个函数,可以删除,取消禁用
    找到:;date.timezone =
    修改为:date.timezone = PRC #设置时区
    找到:expose_php = On
    修改为:expose_php = OFF #禁止显示php版本的信息
    找到:short_open_tag = Off
    修改为:short_open_tag = ON #支持php短标签

    8、配置nginx支持php

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    vi /opt/local/nginx/conf/nginx.conf
    修改/opt/local/nginx/conf/nginx.conf 配置文件,需做如下修改
    user www www; #首行user去掉注释,修改Nginx运行组为www www;必须与/opt/local/php/etc/php-fpm.conf中的user,group配置相同,否则php运行出错
    user www www;
    worker_processes 1;
    events {
    worker_connections 1024;
    }
    http {
    include mime.types;
    default_type application/octet-stream;
    sendfile on;
    keepalive_timeout 65;
    server {
    listen 80;
    server_name localhost;
    location / {
    root html;
    index index.php index.html index.htm;
    }
    location ~ \.php$ {
    root html;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
    }
    }
    }
    /etc/init.d/nginx restart #重启nginx

    六、测试篇

    1
    2
    3
    4
    5
    6
    7
    8
    9
    cd /opt/local/nginx/html/ #进入nginx默认网站根目录
    rm -rf /opt/local/nginx/html/* #删除默认测试页
    vi index.php #新建index.php文件
    <?php
    phpinfo();
    ?>
    :wq! #保存退出
    chown www.www /opt/local/nginx/html/ -R #设置目录所有者
    chmod 700 /opt/local/nginx/html/ -R #设置目录权限

    七、其它说明

    服务器相关操作命令

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    service nginx restart #重启nginx
    service mysqld restart #重启mysql
    /usr/local/php/sbin/php-fpm #启动php-fpm
    /etc/rc.d/init.d/php-fpm restart #重启php-fpm
    /etc/rc.d/init.d/php-fpm stop #停止php-fpm
    /etc/rc.d/init.d/php-fpm start #启动php-fpm
    nginx默认站点目录是:/opt/local/nginx/html/
    权限设置:chown www.www /opt/local/nginx/html/ -R
    MySQL数据库目录是:/opt/local/mysql/var
    权限设置:chown mysql.mysql -R /opt/local/mysql/var
    重启nginx
    cd /lnmp/nginx/sbin
    ./nginx -s reload