brief introduction
Sometimes the installation and deployment of the server, each time in some process, forgot to always find out the previous notes, now the whole process will be sorted out.
This is Centos 7.2, which will help you to spend less time looking for notes in the future.
My github address Welcome your attention
Service catalogue
Nginx /etc/nginx
Mysql /var/lib/mysql
php7.1 /usr/local/php
php-fpm /usr/local/bin/php-fpm
phpmyadmin /data/www/phpmyadmin
Site root directory/data/www/
Install nginx
$ sudo yum install nginx
Here you can choose to install the compiler or install the compiler in the form of this repository. Better selectivity, you can install the compiler to the specified directory.
For example, we usually put it in / usr/local/nginx
Here is the installation of packages when nginx is installed after / etc/nginx is installed.
$ nginx -v
NginxSome command forms of services$ systemctl restart nginx $ systemctl stop nginx $ systemctl start nginx
Install Mysql57
1. Download the YUM source of mysql57-community-release-el7-8.noarch.rpm:
$ wget http://repo.mysql.com/mysql57-community-release-el7-8.noarch.rpm
2. Check whether the mysql source has been successfully installed
$ yum repolist enabled | grep "mysql.*-community.*"
Install MySQL (all the way Y is OK):
$ yum install mysql-community-server
4. Start Mysql
$ systemctl start mysqld
5. Set up boot start
$ systemctl enable mysqld $ systemctl daemon-reload
6. The next step is to modify the password of the database.
After the installation of mysql is completed, a default password is generated for root in the / var/log/mysqld.log file. Find the root default password by following, then login mysql to modify it:
Must be after starting mysql
$ grep 'temporary password' /var/log/mysqld.log
With this password to log in to mysql
$ mysql -u root -p
Mysql 5.7 installs the password security checking plug-in (validate_password) by default. The default password checking policy requires that the password must include:
Upper and lower case letters, numbers and special symbols, and the length can not be less than 8 bits. Otherwise ERROR 1819 (HY000):
Your password does not satisfy the current policy requirements error,
So the solution here is to either modify the password to meet his verification rules. If you want the password to be less complex, then you can close the verification rules.
7. Add the validate_password_policy configuration to the / etc/my.cnf file to specify the password policy
Of course, you can also turn off validation directly.
$ vim /etc/my.cnf
Then add at the end:
$ validate_password = off
After completing the password, you can log in and set the password:
$ set password = password("xxxx");
8. Restart our mysql
$ systemctl restart mysqld
Next, we can use the password we just set to login to mysql of the server directly.
9. Some orders
Start MySQL service: service mysqld start
Close MySQL service: service mysqld stop
Restart MySQL service: service mysqld restart
View the status of MySQL: service mysqld status & System CTL status mysqld
10. Add remote login users
By default, only root accounts are allowed to log in locally. If you want to connect mysql on other machines, you must modify root to allow remote connections.
Or add an account that allows remote connections (ideally), where we first give all users permission
$ grant all privileges on *.* to 'root'@'%' identified by '123456' with grant option; # Root is the user name,% represents any host,'123456'specifies the login password (this can be set differently from the local root password, without affecting each other). $ flush privileges; # Overload system permissions $ exit;
12.Centos 7 Fireproof Open 3306 Port
Then edit the list of open ports, add 3306 ports and restart the firewall.
vi /etc/sysconfig/iptables # It's also possible to add the following line of rules -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
$ iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
13. Configure the default encoding to utf8
Modify the / etc/my.cnf configuration file and add the encoding configuration under [mysqld], as follows:
[mysqld] character_set_server=utf8 init_connect='SET NAMES utf8'
14 File directories:
Directory for storing database files/var/lib/mysql
Default profile path: / etc/my.cnf
Log file: / var/log//var/log/mysqld.log
Service startup script: / usr / lib / system D / system / mysqld.
socket file: / var/run/mysqld/mysqld.pid
Install phpmyadmin
1. Official website download
A directory that can be uploaded to the server after downloading, such as / root/phpmyadmin/
2. Enter directory to extract files
$ cd /root/phpmyadmin
$ unzip phpMyAdmin-4.7.0-all-languages.zip
3. Move the decompressed file to the site root directory (nginx configuration root path is / data/www), such as
$ mv phpMyAdmin-4.7.0-all-languages /data/www/phpmyadmin
4. Advocates of document modification
$ chown root:root /data/www/phpmyadmin
5. Problems that may arise here
The prompt did not find the specified file
Create if / var/mysql does not exist
$ sudo mkdir /var/mysql
Then create a soft connection
$ sudo ln -s /var/lib/mysql/mysql.sock /var/mysql/mysql.sock
If you can't find the files on your server, you can find them (just my directory above):
$ sudo find / -name mysql.sock
Need a ciphertext
Then fill in the configuration file with a string greater than 32:
$cfg['blowfish_secret']='';
Then you can create phpmyadmin.conf under / etc/nginx.
location /phpMyAdmin { alias /data/www/phpMyAdmin; index index.php; location ~ ^/phpMyAdmin/.+\.php$ { alias /data/www/phpMyAdmin; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name; include fastcgi_params; } }
Then you can include the configuration file in nginx.conf
location ~* \.php$ { fastcgi_index index.php; fastcgi_pass 127.0.0.1:9000; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; } include /etc/nginx/phpmyadmin.conf;
Then you can access http://example.com/phpmyadmin to access the phpMyAdmin operation database.
Compile and install PHP7
1. Download
wget -O php7.tar.gz http://cn2.php.net/get/php-7.1.1.tar.gz/from/this/mirror
2. Decompress php7
$ tar -xvf php7.tar.gz
3. Enter the php7 directory
$ cd PHP-7.1.1
4. Download-related dependencies
$ yum install -y libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel
5. Of course, you need to download gcc compilation before compiling and installing
$ yum install -y gcc
6. Compile Configuration
./configure \ --prefix=/usr/local/php \ --with-config-file-path=/usr/local/php/etc \ --exec-prefix=/usr/local/php \ --bindir=/usr/local/php/bin \ --sbindir=/usr/local/php/sbin \ --includedir=/usr/local/php/include \ --libdir=/usr/local/php/lib/php \ --mandir=/usr/local/php/php/man \ --enable-fpm \ --with-fpm-user=nginx \ --with-fpm-group=nginx \ --enable-inline-optimization \ --disable-debug \ --disable-rpath \ --enable-shared \ --enable-soap \ --with-libxml-dir \ --with-xmlrpc \ --with-openssl \ --with-mcrypt \ --with-mhash \ --with-pcre-regex \ --with-sqlite3 \ --with-zlib \ --enable-bcmath \ --with-iconv \ --with-bz2 \ --enable-calendar \ --with-curl \ --with-cdb \ --enable-dom \ --enable-exif \ --enable-fileinfo \ --enable-filter \ --with-pcre-dir \ --enable-ftp \ --with-gd \ --with-openssl-dir \ --with-jpeg-dir \ --with-png-dir \ --with-zlib-dir \ --with-freetype-dir \ --enable-gd-native-ttf \ --enable-gd-jis-conv \ --with-gettext \ --with-gmp \ --with-mhash \ --enable-json \ --enable-mbstring \ --enable-mbregex \ --enable-mbregex-backtrack \ --with-libmbfl \ --with-onig \ --enable-pdo \ --with-mysql=mysqlnd \ --with-mysqli=mysqlnd \ --with-pdo-mysql=mysqlnd \ --with-zlib-dir \ --with-pdo-sqlite \ --with-readline \ --enable-session \ --enable-shmop \ --enable-simplexml \ --enable-sockets \ --enable-sysvmsg \ --enable-sysvsem \ --enable-sysvshm \ --enable-wddx \ --with-libxml-dir \ --with-xsl \ --enable-zip \ --enable-mysqlnd-compression-support \ --with-pear \ --enable-opcache
After finishing, it can be executed in the server.
./configure --prefix=/usr/local/php --exec-prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --bindir=/usr/local/php/bin --sbindir=/usr/local/php/sbin --includedir=/usr/local/php/include --libdir=/usr/local/php/lib/php --mandir=/usr/local/php/php/man --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-libxml-dir --with-xmlrpc --with-openssl --with-mcrypt --with-mhash --with-pcre-regex --with-sqlite3 --with-zlib --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --with-cdb --enable-dom --enable-exif --enable-fileinfo --enable-filter --with-pcre-dir --enable-ftp --with-gd --with-openssl-dir --with-jpeg-dir --with-png-dir --with-zlib-dir --with-freetype-dir --enable-gd-native-ttf --enable-gd-jis-conv --with-gettext --with-gmp --with-mhash --enable-json --enable-mbstring --enable-mbregex --enable-mbregex-backtrack --with-libmbfl --with-onig --enable-pdo --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-zlib-dir --with-pdo-sqlite --with-readline --enable-session --enable-shmop --enable-simplexml --enable-sockets --enable-sysvmsg --enable-sysvsem --enable-sysvshm --enable-wddx --with-libxml-dir --with-xsl --enable-zip --enable-mysqlnd-compression-support --with-pear --enable-opcach
Seen from the configuration
--prefix=/usr/local/php \
So the final php installation directory is / usr/local/php
Configuration file settings
$ --with-config-file-path=/usr/local/php/etc \
The configuration file is placed in usr/local/php/etc.
7. Official Installation
$ make && make install
8. Configuring environment variables
$ vi /etc/profile
At the end, add (that is, the path where we install php storage):
PATH=$PATH:/usr/local/php/bin export PATH
Execute the order to make the change take effect immediately
$ source /etc/profile
10. Configure php-fpm
$ cp php.ini-production /usr/local/php/php.ini $ cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf cp sapi/fpm/init.d.php-fpm /usr/local/bin/php-fpm
So our php-fpm location is usr/local/bin/php-fom.
11. Configure php.ini
It is important to note that if the file does not exist, Nginx is prevented from sending requests to the back-end PHP-FPM module to avoid being attacked by malicious script injection.
Set the configuration item cgi.fix_pathinfo in the php.ini file to 0
vim /usr/local/php/php.ini
Locate cgi.fix_pathinfo= and modify it as follows
cgi.fix_pathinfo=0
Edit nginx.conf
vim /etc/nginx/nginx.conf
12. Some command forms of php-fpm
/usr/local/bin/php-fpm [start | stop | reload]
Deployment of ssl certificates
server { listen 443 ssl http2 default_server; server_name www.example.com; root /data/www; #The root directory of the site ssl on; ssl_certificate "/usr/ssl/1_www.example.com_bundle.crt"; ssl_certificate_key "/usr/ssl/2_www.example.com.key"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { index index.php index.html index.htm; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
Here the certificate and decrypted private key files are placed in / usr/ssl / directory
Each certificate provider may provide a different form, but ultimately what we need is the issued certificate and the decrypted private key file.
Related Link Documents
Mysql
PHP
SSL certificate
Certificate Configuration of Tencent Cloud