#环境准备:
nginx+php+wordpress 10.0.0.152
mysql+redis 10.0.0.162
#在10.0.0.162编写脚本实现mysqk数据库一键安装
[root@localhost ~]# cat install_mysql.sh
#!/bin/bash
#
#**********************************************************************************************
#Author: tanliang
. /etc/init.d/functions
SRC_DIR=`pwd`
MYSQL='mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz'
COLOR='echo -e \E[01;31m'
END='\E[0m'
MYSQL_ROOT_PASSWORD=123456
check (){
if [ $UID -ne 0 ]; then
action "当前用户不是root,安装失败" false
exit 1
fi
cd $SRC_DIR
if [ ! -e $MYSQL ];then
$COLOR"缺少${MYSQL}文件"$END
$COLOR"请将相关软件放在${SRC_DIR}目录下"$END
exit
elif [ -e /usr/local/mysql ];then
action "数据库已存在,安装失败" false
exit
else
return
fi
}
install_mysql(){
$COLOR"开始安装MySQL数据库..."$END
yum -y -q install libaio numactl-libs libaio &> /dev/null
cd $SRC_DIR
tar xf $MYSQL -C /usr/local/
MYSQL_DIR=`echo $MYSQL| sed -nr 's/^(.*[0-9]).*/\1/p'`
ln -s /usr/local/$MYSQL_DIR /usr/local/mysql
chown -R root.root /usr/local/mysql/
id mysql &> /dev/null || { useradd -s /sbin/nologin -r mysql ; action "创建mysql用户"; }
echo 'PATH=/usr/local/mysql/bin/:$PATH' > /etc/profile.d/mysql.sh
. /etc/profile.d/mysql.sh
ln -s /usr/local/mysql/bin/* /usr/bin/
[ -d /data/mysql ] || mkdir -p /data/mysql
cat > /etc/my.cnf <<EOF
[mysqld]
server-id=`hostname -I|cut -d. -f4`
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
EOF
mysqld --initialize --user=mysql --datadir=/data/mysql
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
chkconfig mysqld on
service mysqld start
[ $? -ne 0 ] && { $COLOR"数据库启动失败,退出!"$END;exit; }
MYSQL_OLDPASSWORD=`awk '/A temporary password/{print $NF}' /data/mysql/mysql.log`
mysqladmin -uroot -p$MYSQL_OLDPASSWORD password $MYSQL_ROOT_PASSWORD&>/dev/null
action "数据库安装完成"
}
check
install_mysql
#执行脚本进行数据库安装
[root@localhost ~]# bash install_mysql.sh
开始安装MySQL数据库...
创建mysql用户 [ OK ]
Starting MySQL. [ OK ]
数据库安装完成 [ OK ]
#创建数据库和用户并授权
[root@localhost ~]# mysql -uroot -p123456
mysql> create database wordpress;
Query OK, 1 row affected (0.01 sec)
mysql> create user wordpress@'10.0.0.%' identified by '123456';
Query OK, 0 rows affected (0.00 sec)
mysql> grant all on wordpress.* to wordpress@'10.0.0.%';
Query OK, 0 rows affected (0.00 sec)
#在10.0.0.152wordpress上连接数据库测试
#安装mysql客户端
[root@localhost ~]#yum install -y mysql
[root@localhost ~]# mysql -uwordpress -h10.0.0.162 -p123456
ERROR 2059 (HY000): Authentication plugin 'caching_sha2_password' cannot be loaded: /usr/lib64/mysql/plugin/caching_sha2_password.so: cannot open shared object file: No such file or directory
连接MySQL数据库时会出现Authentication plugin 'caching_sha2_password' cannot be loaded的错误。
出现这个原因是mysql8 之前的版本中加密规则是mysql_native_password,而在mysql8之后,加密规则是caching_sha2_password, 解决问题方法是把mysql用户登录密码加密规则还原成mysql_native_password.
#返回10.0.0.162,修改密码规则
mysql> ALTER USER wordpress@'10.0.0.%' IDENTIFIED BY 'password' PASSWORD EXPIRE NEVER;
Query OK, 0 rows affected (0.00 sec)
mysql> ALTER USER wordpress@'10.0.0.%' IDENTIFIED WITH mysql_native_password BY '123456';
Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.01 sec)
#返回10.0.0.152连接数据库
[root@localhost ~]# mysql -uwordpress -h10.0.0.162 -p123456
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 31
Server version: 8.0.19 MySQL Community Server - GPL
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]>
#10.0.0.152上编写脚本安装php-fpm
[root@localhost]#vim install_php.sh
yum -y install gcc openssl-devel libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel &>/dev/null
cd /usr/local/src
wget https://www.php.net/distributions/php-7.4.11.tar.xz &>/dev/null
tar -xf php-7.4.11.tar.xz
cd php-7.4.11
./configure --prefix=/apps/php74 --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm --enable-maintainer-zts --disable-fileinfo &>/dev/null
make&&make install &>/dev/null
cp /usr/local/src/php-7.4.11/php.ini-production /etc/php.ini
cp /apps/php74/etc/php-fpm.conf.default /apps/php74/etc/php-fpm.conf
cp /apps/php74/etc/php-fpm.d/www.conf.default /apps/php74/etc/php-fpm.d/www.conf
cat >/apps/php74/etc/php-fpm.d/www.conf <<eof
[www]
user = www
group = www
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.status_path = /pm_status
ping.path = /ping
access.log = log/$pool.access.log
slowlog = log/$pool.log.slow
eof
useradd -r -s /sbin/nologin www
mkdir /apps/php74/log
/apps/php74/sbin/php-fpm -t &>/dev/null
[ $? -ne 0 ] && { echo "php-fpm启动失败,退出!";exit; }
cp /usr/local/src/php-7.4.11/sapi/fpm/php-fpm.service /usr/lib/systemd/system/
systemctl daemon-reload
systemctl enable --now php-fpm &>/dev/null
[ $? -eq 0 ] && { echo "php-fpm is enabled"; }
pstree -p |grep php &>/dev/null
[ $? -eq 0 ] && { echo "php-fpm sever is running"; }
[root@localhost ~]# bash install_php.sh
php-fpm is enabled
php-fpm sever is running
#编写nginx安装脚本进行安装
[root@localhost ~]# cat install_nginx.sh
#!/bin/bash
yum -y install gcc pcre-devel openssl-devel zlib-devel &>/dev/null
[ $? -eq 0 ] && { echo "gcc pcre-devel openssl-devel zlib-devel is install"; }
cd /usr/local/src/
wget http://nginx.org/download/nginx-1.18.0.tar.gz &>/dev/null
tar xf nginx-1.18.0.tar.gz
cd nginx-1.18.0/
./configure --prefix=/apps/nginx --user=www --group=www --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --with-stream_realip_module &>/dev/null
[ $? -eq 0 ] && { echo "编译完成"; }
make &>/dev/null
make install &>/dev/null
[ $? -eq 0 ] && { echo "nginx编译安装完成"; }
cat >/usr/lib/systemd/system/nginx.service <<eof
[Unit]
Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/apps/nginx/run/nginx.pid
ExecStart=/apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf
ExecReload=/bin/kill -s HUP \$MAINPID
ExecStop=/bin/kill -s TERM \$MAINPID
[Install]
WantedBy=multi-user.target
eof
mkdir /apps/nginx/run/ -p
mv /apps/nginx/conf/nginx.conf{,.bak}
cat >/apps/nginx/conf/nginx.conf <<eof
worker_processes 1;
pid /apps/nginx/run/nginx.pid;
events {
worker_connections 1024; }
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.magedu.org;
location / {
root /data/nginx/wordpress;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/(ping|pm_status)$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param PATH_TRANSLATED \$document_root\$fastcgi_script_name;
}
}
}
eof
ln -s /apps/nginx/sbin/nginx /usr/sbin/nginx
/apps/nginx/sbin/nginx -t &>/dev/null
[ $? -eq 0 ] && { echo "configuration file /apps/nginx/conf/nginx.conf test is successful!"; }
systemctl daemon-reload
systemctl enable --now nginx &>/dev/null
[ $? -eq 0 ] && { echo "nginx启动成功!"; }
mkdir -p /data/nginx/wordpress
cat> /data/nginx/wordpress/test.php <<eof
<?php
phpinfo();
?>
eof
[root@localhost ~]# bash install_nginx.sh
nginx编译安装完成
configuration file /apps/nginx/conf/nginx.conf test is successful!
nginx启动成功!
#测试访问php测试页正常
[root@localhost ~]#curl localhost/test.php
#在10.0.0.152上部署wordpress
[root@www ~]# tar xf wordpress-5.4.1-zh_CN.tar.gz
[root@www ~]# cp -r wordpress/* /data/nginx/wordpress
[root@www ~]# chown -R www.www /data/nginx/wordpress/
#在windows访问http://www.magedu.org
[root@www ~]# vim /data/nginx/wordpress/wp-config.php
#在wordpress写文章并发布
#验证发表的文章网页访问http://www.magedu.org
[root@www ~]# tree /data/nginx/wordpress/wp-content/uploads/
/data/nginx/wordpress/wp-content/uploads/
└── 2021
└── 11
└── timg.jpg
2 directories, 1 file
You have mail in /var/spool/mail/root
#配置允许上传大文件
#注意:默认只支持1M以下文件上传,要利用php程序上传大图片,还需要修改下面三项配置,最大上传由三项值的最小值决定
#nginx上传文件大小限制
[root@centos7 ~]#vim /apps/nginx/conf/nginx.conf
server {
client_max_body_size 10m; #默认值为1M
.....
#php上传文件大小限制
[root@centos7 ~]#vim /etc/php.ini
post_max_size = 30M #默认值为8M
upload_max_filesize = 20M #默认值为2M
[root@centos7 ~]#systemctl restart nginx php-fpm
#安全加固
[root@www ~]# vim /apps/nginx/conf/nginx.conf
worker_processes 1;
pid /apps/nginx/run/nginx.pid;
events {
worker_connections 1024; }
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.magedu.org;
client_max_body_size 10m;
server_tokens off;#添加此行,隐藏nginx版本
location / {
root /data/nginx/wordpress;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_hide_header X-Powered-By;#添加此行
}
location ~ ^/(ping|pm_status)$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
}
}
}
[root@www ~]# systemctl reload nginx
#开启opcache加速
[root@www ~]# vim /etc/php.ini
[opcache]
; Determines if Zend OPCache is enabled
zend_extension=opcache.so
opcache.enable=1
[root@www ~]# #systemctl restart php-fpm
#PHP 扩展session模块支持redis
PECL是 PHP 扩展的存储库,提供用于下载和开发 PHP 扩展的所有已知扩展和托管功能的目录
官方链接: http://pecl.php.net/package-stats.php
github: https://github.com/phpredis/phpredis
github安装文档: https://github.com/phpredis/phpredis/blob/develop/INSTALL.markdown
开始在 PHP 中使用 Redis 前, 需要确保已经安装了 redis 服务及 PHP redis 驱动,
PHP redis 驱动下载地址为:https://github.com/phpredis/phpredis/releases
#在10.0.0.152上安装PHP redis 驱动
[root@www ~]# cd /usr/local/src/
[root@www ~]#tar xf phpredis-5.3.3.tar.gz
[root@www src]# cd phpredis-5.3.3/
[root@www phpredis-5.3.3]#/apps/php74/bin/phpize
[root@www phpredis-5.3.3]# ./configure --with-php-config=/apps/php74/bin/php-config
[root@www phpredis-5.3.3]#make -j 2 && make install
[root@www phpredis-5.3.3]#
[root@www phpredis-5.3.3]# ll /apps/php74/lib/php/extensions/no-debug-zts-20190902/
total 9588
-rwxr-xr-x 1 root root 4647668 Nov 29 15:53 opcache.a
-rwxr-xr-x 1 root root 2509416 Nov 29 15:53 opcache.so
-rwxr-xr-x 1 root root 2658240 Nov 30 02:31 redis.so
#编辑php配置文件支持redis
[root@www phpredis-5.3.3]# vim /etc/php.ini
extension=redis.so #文件最后一行添加此行,路径可省略
[root@www phpredis-5.3.3]#
[root@www phpredis-5.3.3]# systemctl restart php-fpm
#windows网页访问http://www.magedu.org/test.php验证redis模块价值成功
#在10.0.0.162上安装和配置 redis 服务
[root@localhost ~]# yum install -y redis
[root@localhost ~]# vim /etc/redis.conf
bind 0.0.0.0
requirepass 123456
[root@localhost ~]#systemctl enable --now redis
[root@localhost ~]#ss -tnlp
#在10.0.0.152主机配置php的session保存在redis服务
[root@localhost ~]#vim /etc/php.ini
[Session]
; Handler used to store/retrieve data.
; http://php.net/session.save-handler
session.save_handler = redis
session.save_path = "tcp://10.0.0.162:6379?auth=123456"
[root@localhost ~]#systemctl restart php-fpm
#验证
[root@www phpredis-5.3.3]# curl localhost/test.php|grep -i 'session.save_handler'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0<tr><td class="e">session.save_handler</td><td class="v">redis</td><td class="v">redis</td></tr>
100 71733 0 71733 0 0 9305k 0 --:--:-- --:--:-- --:--:-- 9.7M
#10.0.0.152准备 php实现 session 的测试页面
[root@www phpredis-5.3.3]# cat /data/nginx/wordpress/session.php
<?php
session_start();
//redis用session_id作为key 并且是以string的形式存储
$redisKey = 'PHPREDIS_SESSION:' . session_id();
// SESSION 赋值测试
$_SESSION['message'] = "Hello, I'm in redis";
$_SESSION['arr'] = [1, 2, 3, 4, 5, 6];
echo $_SESSION["message"] , "<br/>";
echo "Redis key = " . $redisKey . "<br/>";
echo "以下是从Redis获取的数据", "<br/>";
// 取数据'
$redis = new Redis();
$redis->connect('10.0.0.162', 6379);
$redis->auth('123456');
echo $redis->get($redisKey);
?>
#网页访问http://www.magedu.org/session.php
[root@localhost ~]# redis-cli -h 10.0.0.162 -a 123456
10.0.0.162:6379> keys *
(empty list or set)
10.0.0.162:6379> keys *
1) "PHPREDIS_SESSION:mgmr764old1jghlgqf6q5om8hj"
10.0.0.162:6379> get PHPREDIS_SESSION:mgmr764old1jghlgqf6q5om8hj
"message|s:19:\"Hello, I'm in redis\";arr|a:6:{i:0;i:1;i:1;i:2;i:2;i:3;i:3;i:4;i:4;i:5;i:5;i:6;}"
10.0.0.162:6379>