超哥超哥 学习手册

配置一个nginx+php-fpm的web服务器

文章目录

[隐藏]

  • 一、基本信息
  • 二、软件安装配置
    • 1、NGINX+OPENSSL安装
    • 2、PHP-FPM安装
  • 三、基于以上配置PHP网站
  • 四、启动服务
一、基本信息
  • 系统(L):CentOS 6.9 #下载地址:http://mirrors.sohu.com
  • Web服务器(N):NGINX 1.14.0 #下载地址:http://nginx.org/en/download.html
  • 数据库服务器(M):MySQL 5.6.40 #下载地址:https://dev.mysql.com/downloads/mysql
  • PHP-FPM服务器(P):php-5.6.8.tar.gz #下载地址:http://mirrors.sohu.com/php/
  • OPENSSL:openssl-1.0.2o.tar.gz #下载地址:https://www.openssl.org/source/

指定服务安装的通用位置

mkdir /usr/local/services  SERVICE_PATH=/usr/local/services

创建服务运行的账户

useradd -r -M -s /sbin/nologin www

安装所需依赖包

yum -y install pcre pcre-devel   gperftools gcc zlib-devel   libxml2 libxml2-devel   bzip2 bzip2-devel   curl curl-devel   libjpeg-devel libjpeg   libpng-devel libpng   freetype freetype-devel   libmcrypt libmcrypt-devel   openssl-devel
二、软件安装配置

1、NGINX+OPENSSL安装

下载解压NGINX+OPENSSL

NGINX_URL="http://nginx.org/download/nginx-1.14.0.tar.gz"  OPENSSL_URL="https://www.openssl.org/source/openssl-1.1.0h.tar.gz"    wget -P ${SERVICE_PATH} ${NGINX_URL} && tar -zxvf ${SERVICE_PATH}/nginx*.tar.gz -C ${SERVICE_PATH}  wget -P ${SERVICE_PATH} ${OPENSSL_URL} && tar -zxvf ${SERVICE_PATH}/openssl*.gz -C ${SERVICE_PATH}

编译安装NGINX

cd ${SERVICE_PATH}/nginx-*;./configure   --prefix=${SERVICE_PATH}/nginx   --user=www --group=www   --with-http_stub_status_module   --with-http_ssl_module   --with-http_flv_module   --with-pcre   --with-http_gzip_static_module   --with-openssl=${SERVICE_PATH}/openssl*   --with-http_realip_module   --with-google_perftools_module   --without-select_module   --without-mail_pop3_module   --without-mail_imap_module   --without-mail_smtp_module   --without-poll_module   --without-http_autoindex_module   --without-http_geo_module   --without-http_uwsgi_module   --without-http_scgi_module   --without-http_memcached_module   --with-cc-opt='-O2' && cd ${SERVICE_PATH}/nginx-*;make && make install

NGINX+OPENSSL安装完成后的清理与其他配置

ln -sv ${SERVICE_PATH}/nginx /usr/local/  rm -rf ${SERVICE_PATH}/nginx/conf/*.default  cd ${SERVICE_PATH} ; rm -rf nginx*.tar.gz openssl*.tar.gz

写入主配置文件nginx.conf(配置已优化)

cat << EOF >/usr/local/nginx/conf/nginx.conf  user www;  worker_processes WORKERNUMBER;  worker_cpu_affinity auto;  worker_rlimit_nofile 655350;    error_log /var/log/nginx_error.log;  pid /tmp/nginx.pid;    google_perftools_profiles /tmp/tcmalloc;    events {  use epoll;  worker_connections 655350;  multi_accept on;  }    http {  charset utf-8;  include mime.types;  default_type text/html;    log_format main '"$remote_addr" - [$time_local] "$request" '  '$status $body_bytes_sent "$http_referer" '  '"$http_user_agent" '  '"$sent_http_server_name $upstream_response_time" '  '$request_time '  '$args';      sendfile on;  tcp_nopush on;  tcp_nodelay on;  keepalive_timeout 120;  client_body_buffer_size 512k;  client_header_buffer_size 64k;  large_client_header_buffers 4 32k;  client_max_body_size 300M;  client_header_timeout 15s;  client_body_timeout 50s;  open_file_cache max=102400 inactive=20s;  open_file_cache_valid 30s;  open_file_cache_min_uses 1;  server_names_hash_max_size 2048;  server_names_hash_bucket_size 256;  server_tokens off;  gzip on;  gzip_proxied any;  gzip_min_length 1024;  gzip_buffers 4 8k;  gzip_comp_level 9;  gzip_disable "MSIE [1-6].";  gzip_types application/json test/html text/plain text/css application/font-woff application/pdf application/octet-stream application/x-javascript application/javascript application/xml text/javascript;  fastcgi_cache_path /dev/shm/ levels=1:2 keys_zone=fastcgicache:512m inactive=10m max_size=3g;  fastcgi_cache_lock on;  fastcgi_ignore_headers Cache-Control Expires Set-Cookie;  fastcgi_send_timeout 300;  fastcgi_connect_timeout 300;  fastcgi_read_timeout 300;  fastcgi_buffer_size 256k;  fastcgi_buffers 4 128k;  fastcgi_busy_buffers_size 256k;  fastcgi_temp_file_write_size 256k;      include vhost/*.conf;  }  EOF

NGINX worker进程数配置,指定为逻辑CPU数量的2倍

THREAD=`expr $(grep process /proc/cpuinfo |wc -l) * 2`  sed -i s"/WORKERNUMBER/$THREAD/" ${SERVICE_PATH}/nginx/conf/nginx.conf

2、PHP-FPM安装

下载并解压PHP-FPM软件

FPM_URL="http://mirrors.sohu.com/php/php-5.6.8.tar.gz"  wget -P ${SERVICE_PATH} ${FPM_URL} && tar -zxvf ${SERVICE_PATH}/php*.tar.gz -C ${SERVICE_PATH}

编译安装PHP-FPM

cd ${SERVICE_PATH}/php-*;./configure   --prefix=${SERVICE_PATH}/php   --with-gd   --with-mcrypt   --with-mysql=mysqlnd   --with-mysqli=mysqlnd   --with-pdo-mysql=mysqlnd   --enable-maintainer-zts   --enable-ftp   --enable-zip   --with-bz2   -with-iconv-dir   --with-freetype-dir   --with-jpeg-dir   --with-png-dir   --with-config-file-path=${SERVICE_PATH}/php   --enable-mbstring   --enable-fpm   --with-fpm-user=www   --with-fpm-group=www   --disable-debug   --enable-opcache   --enable-soap   --with-zlib   --with-libxml-dir=/usr   --enable-xml   --disable-rpath   --enable-bcmath   --enable-shmop   --enable-sysvsem   --enable-inline-optimization   --with-curl   --enable-mbregex   --enable-gd-native-ttf   --with-openssl   --with-mhash   --enable-pcntl   --enable-sockets   --with-xmlrpc   --with-pear   --with-gettext   --disable-fileinfo && cd ${SERVICE_PATH}/php-*;make && make install

若FPM程序有插件需求,如mongo或redis连接插件,则可通过pecl安装php相关插件

${SERVICE_PATH}/php/bin/pecl install mongo || exit    ${SERVICE_PATH}/php/bin/pecl install redis || exit

安装完成后的配置清理

ln -sv ${SERVICE_PATH}/php /usr/local/

php.ini配置文件写入(配置已优化)

cat << EOF >${SERVICE_PATH}/php/php.ini  [PHP]  engine = On  short_open_tag = Off  asp_tags = Off  precision = 14  output_buffering = 4096  zlib.output_compression = Off  implicit_flush = Off  unserialize_callback_func =  serialize_precision = 17  disable_functions = shell_exec,phpinfo,exec  disable_classes =  zend.enable_gc = On  expose_php = Off  max_execution_time = 60  max_input_time = 60  memory_limit = 128M  error_reporting = E_WARING & ERROR  display_errors = Off  display_startup_errors = Off  log_errors = On  log_errors_max_len = 2048  ignore_repeated_errors = Off  ignore_repeated_source = Off  report_memleaks = On  track_errors = Off  html_errors = Off  error_log = /var/log/php_errors.log  variables_order = "GPCS"  request_order = "GP"  register_argc_argv = Off  auto_globals_jit = On  post_max_size = 8M  auto_prepend_file =  auto_append_file =  default_mimetype = "text/html"  default_charset = "UTF-8"  doc_root =  user_dir =  enable_dl = Off  cgi.fix_pathinfo=0  file_uploads = On  upload_max_filesize = 2M  max_file_uploads = 20  allow_url_fopen = Off  allow_url_include = Off  default_socket_timeout = 60  [CLI Server]  cli_server.color = On  [Date]  [filter]  [iconv]  [intl]  [sqlite]  [sqlite3]  [Pcre]  [Pdo]  [Pdo_mysql]  pdo_mysql.cache_size = 2000  pdo_mysql.default_socket=  [Phar]  [mail function]  SMTP = localhost  smtp_port = 25  mail.add_x_header = On  [SQL]  sql.safe_mode = Off  [ODBC]  odbc.allow_persistent = On  odbc.check_persistent = On  odbc.max_persistent = -1  odbc.max_links = -1  odbc.defaultlrl = 4096  odbc.defaultbinmode = 1  [Interbase]  ibase.allow_persistent = 1  ibase.max_persistent = -1  ibase.max_links = -1  ibase.timestampformat = "%Y-%m-%d %H:%M:%S"  ibase.dateformat = "%Y-%m-%d"  ibase.timeformat = "%H:%M:%S"  [MySQL]  mysql.allow_local_infile = On  mysql.allow_persistent = On  mysql.cache_size = 2000  mysql.max_persistent = -1  mysql.max_links = -1  mysql.default_port =  mysql.default_socket =  mysql.default_host =  mysql.default_user =  mysql.default_password =  mysql.connect_timeout = 60  mysql.trace_mode = Off  [MySQLi]  mysqli.max_persistent = -1  mysqli.allow_persistent = On  mysqli.max_links = -1  mysqli.cache_size = 2000  mysqli.default_port = 3306  mysqli.default_socket =  mysqli.default_host =  mysqli.default_user =  mysqli.default_pw =  mysqli.reconnect = Off  [mysqlnd]  mysqlnd.collect_statistics = On  mysqlnd.collect_memory_statistics = Off  [OCI8]  [PostgreSQL]  pgsql.allow_persistent = On  pgsql.auto_reset_persistent = Off  pgsql.max_persistent = -1  pgsql.max_links = -1  pgsql.ignore_notice = 0  pgsql.log_notice = 0  [Sybase-CT]  sybct.allow_persistent = On  sybct.max_persistent = -1  sybct.max_links = -1  sybct.min_server_severity = 10  sybct.min_client_severity = 10  [bcmath]  bcmath.scale = 0  [browscap]  [Session]  session.save_handler = files  session.save_path = "/tmp"  session.use_strict_mode = 0  session.use_cookies = 1  session.use_only_cookies = 1  session.name = PHPSESSID  session.auto_start = 0  session.cookie_lifetime = 0  session.cookie_path = /  session.cookie_domain =  session.cookie_httponly =  session.serialize_handler = php  session.gc_probability = 1  session.gc_divisor = 1000  session.gc_maxlifetime = 1440  session.referer_check =  session.cache_limiter = nocache  session.cache_expire = 180  session.use_trans_sid = 0  session.hash_function = 0  session.hash_bits_per_character = 5  url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"  [MSSQL]  mssql.allow_persistent = On  mssql.max_persistent = -1  mssql.max_links = -1  mssql.min_error_severity = 10  mssql.min_message_severity = 10  mssql.compatibility_mode = Off  mssql.secure_connection = Off  [Assertion]  [COM]  [mbstring]  [gd]  gd.jpeg_ignore_warning = 0  [exif]  [Tidy]  tidy.clean_output = Off  [soap]  soap.wsdl_cache_enabled=1  soap.wsdl_cache_dir="/tmp"  soap.wsdl_cache_ttl=86400  soap.wsdl_cache_limit = 5  [sysvshm]  [ldap]  ldap.max_links = -1  [mcrypt]  [dba]  [opcache]  opcache.enable=1  opcache.enable_cli=0  opcache.memory_consumption=128  opcache.interned_strings_buffer=8  opcache.max_accelerated_files=4000  opcache.validate_timestamps=1  opcache.revalidate_freq=30  opcache.fast_shutdown=1  opcache.enable_file_override=1  [curl]  [openssl]  extension_dir='${SERVICE_PATH}/php/lib/php/extensions/'  ;extension=mongo.so  ;extension=redis.so  EOF

php-fpm.conf配置文件写入(配置已优化)

cat << EOF >${SERVICE_PATH}/php/etc/php-fpm.conf  [global]  error_log = /var/log/php-fpm-error.log  log_level = warning  process_control_timeout = 10  rlimit_files = 655350  events.mechanism = epoll  [www]  user = www  group = www  listen = /dev/shm/php-fpm.sock  listen.backlog = 2048  listen.owner = www  listen.group = www  listen.mode = 0660  pm = dynamic  pm.max_children = 200  pm.start_servers = 105  pm.min_spare_servers = 10  pm.max_spare_servers = 200  pm.process_idle_timeout = 10s;  pm.max_requests = 1000  pm.status_path = /fpmstatus  ping.path = /ping  ping.response = pong  slowlog = /var/log/php-slow-$pool.log  request_slowlog_timeout = 10  request_terminate_timeout = 0  rlimit_files = 655350  security.limit_extensions = .php  EOF
三、基于以上配置PHP网站
mkdir /usr/local/nginx/conf/vhost  
cat << EOF > /usr/local/nginx/conf/vhost/erbiao.ex.com.conf  server  {  listen 80 backlog=1024;  server_name erbiao.ex.com;  index index.php index.html ;  root /www/web/;  access_log off;  add_header Server-Name WEBerbiaoEX;    location ~ .php {  fastcgi_pass unix:/dev/shm/php-fpm.sock;  fastcgi_index index.php;  include fastcgi.conf;  set $real_script_name $fastcgi_script_name;  if ($fastcgi_script_name ~ "^(.+?.php)(/.+)$") {  set $real_script_name $1;  set $path_info $2;  }  fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;  fastcgi_param SCRIPT_NAME $real_script_name;  fastcgi_param PATH_INFO $fastcgi_path_info;      location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$  {  expires 30d;  }    location ~ .*.(js|css)?$  {  expires 12h;  }    }    }  EOF

若在同一服务器运行nginx和php-fpm,并发量不超过1000,选择unix socket,如此可避免一些检查操作(路由等),因此更快,更轻。若是高并发业务,则选择使用更可靠的tcp socket,以负载均衡、内核优化等运维手段维持效率

四、启动服务

启动nginx和php-fpm

/usr/local/nginx/sbin/nginx  /usr/local/php-fpm/sbin/php-fpm

命令其他选项

nginx  ├── -s选项,向主进程发送信号  |   ├── reload参数,重新加载配置文件  |   ├── stop参数,快速停止nginx  |   ├── reopen参数,重新打开日志文件  |   ├── quit参数,Nginx在退出前完成已经接受的连接请求  ├── -t选项,检查配置文件是否正确  ├── -c选项,用于指定特定的配置文件并启动nginx  ├── -V选项(大写),显示nginx编译选项与版本信息    php-fpm  ├── -t选项,检查配置文件是否正确  ├── -m选项,显示所有已安装模块  ├── -i选项,显示PHP详细信息  ├── -v选项,显示版本信息

原文出处:cnblogs -> https://www.cnblogs.com/erbiao/p/9237851.html

本站所发布的一切资源仅限用于学习和研究目的;不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负。本站信息来自网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑中彻底删除上述内容。如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。如果侵犯你的利益,请发送邮箱到 [email protected],我们会很快的为您处理。

超哥 钻石

分享到:

相关推荐