Easily deploy your PHP7 runtime environment on the server

brief introduction

Sometimes the installation and deployment of the server, each time in some process, forgot to always find out the previous notes, now the whole process will be sorted out.

This is Centos 7.2, which will help you to spend less time looking for notes in the future.

Blog Address

My github address Welcome your attention

Service catalogue

  • Nginx /etc/nginx

  • Mysql /var/lib/mysql

  • php7.1 /usr/local/php

  • php-fpm /usr/local/bin/php-fpm

  • phpmyadmin /data/www/phpmyadmin

  • Site root directory/data/www/

Install nginx

$ sudo yum install nginx

Here you can choose to install the compiler or install the compiler in the form of this repository. Better selectivity, you can install the compiler to the specified directory.

For example, we usually put it in / usr/local/nginx

Here is the installation of packages when nginx is installed after / etc/nginx is installed.

$ nginx -v

NginxSome command forms of services

$ systemctl restart nginx
$ systemctl stop nginx
$ systemctl start nginx

Install Mysql57

1. Download the YUM source of mysql57-community-release-el7-8.noarch.rpm:

$ wget http://repo.mysql.com/mysql57-community-release-el7-8.noarch.rpm

2. Check whether the mysql source has been successfully installed

$ yum repolist enabled | grep "mysql.*-community.*"

  1. Install MySQL (all the way Y is OK):

$ yum install mysql-community-server

4. Start Mysql

$ systemctl start mysqld

5. Set up boot start

$ systemctl enable mysqld
$ systemctl daemon-reload

6. The next step is to modify the password of the database.

After the installation of mysql is completed, a default password is generated for root in the / var/log/mysqld.log file. Find the root default password by following, then login mysql to modify it:

Must be after starting mysql

$ grep 'temporary password' /var/log/mysqld.log

With this password to log in to mysql

$ mysql -u root -p

Mysql 5.7 installs the password security checking plug-in (validate_password) by default. The default password checking policy requires that the password must include:
Upper and lower case letters, numbers and special symbols, and the length can not be less than 8 bits. Otherwise ERROR 1819 (HY000):
Your password does not satisfy the current policy requirements error,

So the solution here is to either modify the password to meet his verification rules. If you want the password to be less complex, then you can close the verification rules.

7. Add the validate_password_policy configuration to the / etc/my.cnf file to specify the password policy

Of course, you can also turn off validation directly.

$ vim /etc/my.cnf

Then add at the end:

$ validate_password = off

After completing the password, you can log in and set the password:

$ set password = password("xxxx");

8. Restart our mysql

$ systemctl restart mysqld

Next, we can use the password we just set to login to mysql of the server directly.

9. Some orders

  • Start MySQL service: service mysqld start

  • Close MySQL service: service mysqld stop

  • Restart MySQL service: service mysqld restart

  • View the status of MySQL: service mysqld status & System CTL status mysqld

10. Add remote login users
By default, only root accounts are allowed to log in locally. If you want to connect mysql on other machines, you must modify root to allow remote connections.
Or add an account that allows remote connections (ideally), where we first give all users permission

$ grant all privileges on *.* to 'root'@'%' identified by '123456' with grant option;
# Root is the user name,% represents any host,'123456'specifies the login password (this can be set differently from the local root password, without affecting each other).
$ flush privileges; # Overload system permissions
$ exit;

12.Centos 7 Fireproof Open 3306 Port

Then edit the list of open ports, add 3306 ports and restart the firewall.

vi /etc/sysconfig/iptables # It's also possible to add the following line of rules
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
$ iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT

13. Configure the default encoding to utf8
Modify the / etc/my.cnf configuration file and add the encoding configuration under [mysqld], as follows:

[mysqld]
character_set_server=utf8
init_connect='SET NAMES utf8'

14 File directories:

Directory for storing database files/var/lib/mysql

Default profile path: / etc/my.cnf

Log file: / var/log//var/log/mysqld.log

Service startup script: / usr / lib / system D / system / mysqld.

socket file: / var/run/mysqld/mysqld.pid

Install phpmyadmin

1. Official website download

phpmyadmin

A directory that can be uploaded to the server after downloading, such as / root/phpmyadmin/

2. Enter directory to extract files

$ cd /root/phpmyadmin
$ unzip phpMyAdmin-4.7.0-all-languages.zip

3. Move the decompressed file to the site root directory (nginx configuration root path is / data/www), such as

$  mv phpMyAdmin-4.7.0-all-languages /data/www/phpmyadmin

4. Advocates of document modification

$ chown root:root /data/www/phpmyadmin

5. Problems that may arise here

The prompt did not find the specified file

Create if / var/mysql does not exist

$ sudo mkdir /var/mysql

Then create a soft connection

$ sudo ln -s /var/lib/mysql/mysql.sock /var/mysql/mysql.sock

If you can't find the files on your server, you can find them (just my directory above):

$ sudo find / -name mysql.sock

Need a ciphertext

Then fill in the configuration file with a string greater than 32:

$cfg['blowfish_secret']='';

Then you can create phpmyadmin.conf under / etc/nginx.

location /phpMyAdmin {
    alias /data/www/phpMyAdmin;
    index index.php;
    location ~ ^/phpMyAdmin/.+\.php$ {
        alias /data/www/phpMyAdmin;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME /data/www$fastcgi_script_name;
        include        fastcgi_params;
    }
}

Then you can include the configuration file in nginx.conf

 location ~* \.php$ {
            fastcgi_index   index.php;
            fastcgi_pass    127.0.0.1:9000;
            include         fastcgi_params;
            fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
            fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
 }
 include /etc/nginx/phpmyadmin.conf;

Then you can access http://example.com/phpmyadmin to access the phpMyAdmin operation database.

Compile and install PHP7

1. Download

wget -O php7.tar.gz http://cn2.php.net/get/php-7.1.1.tar.gz/from/this/mirror

2. Decompress php7

$ tar -xvf php7.tar.gz

3. Enter the php7 directory

$ cd PHP-7.1.1

4. Download-related dependencies

$ yum install -y libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel

5. Of course, you need to download gcc compilation before compiling and installing

$ yum install -y gcc

6. Compile Configuration

./configure \ 
--prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--exec-prefix=/usr/local/php \
--bindir=/usr/local/php/bin \
--sbindir=/usr/local/php/sbin \
--includedir=/usr/local/php/include \
--libdir=/usr/local/php/lib/php \
--mandir=/usr/local/php/php/man \
--enable-fpm \
--with-fpm-user=nginx \
--with-fpm-group=nginx \
--enable-inline-optimization \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-libxml-dir \
--with-xmlrpc \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-pcre-regex \
--with-sqlite3 \
--with-zlib \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--with-cdb \
--enable-dom \
--enable-exif \
--enable-fileinfo \
--enable-filter \
--with-pcre-dir \
--enable-ftp \
--with-gd \
--with-openssl-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir \
--with-freetype-dir \
--enable-gd-native-ttf \
--enable-gd-jis-conv \
--with-gettext \
--with-gmp \
--with-mhash \
--enable-json \
--enable-mbstring \
--enable-mbregex \
--enable-mbregex-backtrack \
--with-libmbfl \
--with-onig \
--enable-pdo \
--with-mysql=mysqlnd \ 
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \                    
--with-zlib-dir \
--with-pdo-sqlite \
--with-readline \
--enable-session \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx \
--with-libxml-dir \
--with-xsl \
--enable-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-opcache

After finishing, it can be executed in the server.

./configure  --prefix=/usr/local/php --exec-prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --bindir=/usr/local/php/bin --sbindir=/usr/local/php/sbin
 --includedir=/usr/local/php/include --libdir=/usr/local/php/lib/php --mandir=/usr/local/php/php/man --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx 
 --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-libxml-dir --with-xmlrpc --with-openssl --with-mcrypt --with-mhash 
 --with-pcre-regex --with-sqlite3 --with-zlib --enable-bcmath --with-iconv --with-bz2 --enable-calendar 
--with-curl --with-cdb --enable-dom --enable-exif --enable-fileinfo --enable-filter --with-pcre-dir --enable-ftp --with-gd --with-openssl-dir --with-jpeg-dir 
--with-png-dir --with-zlib-dir --with-freetype-dir --enable-gd-native-ttf --enable-gd-jis-conv --with-gettext --with-gmp --with-mhash --enable-json --enable-mbstring 
--enable-mbregex --enable-mbregex-backtrack --with-libmbfl --with-onig --enable-pdo --with-mysql=mysqlnd  --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd  --with-zlib-dir
--with-pdo-sqlite --with-readline --enable-session --enable-shmop --enable-simplexml --enable-sockets
--enable-sysvmsg --enable-sysvsem --enable-sysvshm --enable-wddx --with-libxml-dir --with-xsl --enable-zip --enable-mysqlnd-compression-support --with-pear --enable-opcach

Seen from the configuration

--prefix=/usr/local/php \

So the final php installation directory is / usr/local/php

Configuration file settings

$ --with-config-file-path=/usr/local/php/etc \

The configuration file is placed in usr/local/php/etc.

7. Official Installation

$ make && make install

8. Configuring environment variables

$ vi /etc/profile

At the end, add (that is, the path where we install php storage):

PATH=$PATH:/usr/local/php/bin
export PATH

Execute the order to make the change take effect immediately

$ source /etc/profile

10. Configure php-fpm

$  cp php.ini-production /usr/local/php/php.ini

$ cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf

cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf

cp sapi/fpm/init.d.php-fpm /usr/local/bin/php-fpm

So our php-fpm location is usr/local/bin/php-fom.

11. Configure php.ini

It is important to note that if the file does not exist, Nginx is prevented from sending requests to the back-end PHP-FPM module to avoid being attacked by malicious script injection.
Set the configuration item cgi.fix_pathinfo in the php.ini file to 0

vim /usr/local/php/php.ini

Locate cgi.fix_pathinfo= and modify it as follows

cgi.fix_pathinfo=0

Edit nginx.conf

 vim /etc/nginx/nginx.conf

12. Some command forms of php-fpm

/usr/local/bin/php-fpm [start | stop | reload]

Deployment of ssl certificates

    server {
        listen       443 ssl http2 default_server;
        server_name  www.example.com;
        root         /data/www;  #The root directory of the site

        ssl on;
        ssl_certificate "/usr/ssl/1_www.example.com_bundle.crt";
        ssl_certificate_key "/usr/ssl/2_www.example.com.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
            index  index.php  index.html index.htm;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

Here the certificate and decrypted private key files are placed in / usr/ssl / directory
Each certificate provider may provide a different form, but ultimately what we need is the issued certificate and the decrypted private key file.

Related Link Documents

Mysql

PHP

SSL certificate
Certificate Configuration of Tencent Cloud

Keywords: PHP MySQL Nginx phpMyAdmin

Added by codygoodman on Fri, 05 Jul 2019 04:03:16 +0300