企业网站建设的好处,过年做哪个网站致富,四平市城乡建设局网站,wordpress 是免费的吗1.准备工作
安装前我们需要设置防护墙#xff0c;开放端口#xff0c;更新yum源 # 1.防火墙
systemctl status firewalld 看到active(running)就意味着防火墙打开了
systemctl stop firewalld 看到inactive(dead)就意味着防火墙关闭了
systemctl start fire…1.准备工作
安装前我们需要设置防护墙开放端口更新yum源 # 1.防火墙
systemctl status firewalld 看到active(running)就意味着防火墙打开了
systemctl stop firewalld 看到inactive(dead)就意味着防火墙关闭了
systemctl start firewalld 打开防火墙
systemctl disable firewalld 重启后防火墙还是处于关闭的状态
systemctl enable firewalld 重启不会恢复到原来的状态
systemctl restart firewalld.service 重启防火墙# 2.防火墙端口开放与关闭
firewall-cmd --zonepublic --add-port80/tcp --permanent
firewall-cmd --zonepublic --add-port443/tcp --permanent
firewall-cmd --zonepublic --add-port22/tcp --permanent
firewall-cmd --zonepublic --add-port21/tcp --permanent
firewall-cmd --zonepublic --add-port53/udp --permanent
firewall-cmd --zonepublic --remove-port80/tcp --permanent
firewall-cmd --zonepublic --remove-port443/tcp --permanent
firewall-cmd --zonepublic --remove-port22/tcp --permanent
firewall-cmd --zonepublic --remove-port21/tcp --permanent
firewall-cmd --zonepublic --remove-port53/udp --permanent
firewall-cmd --zonepublic --add-port4400-4600/udp --permanent
firewall-cmd --zonepublic --add-port4400-4600/tcp --permanentnetstat -ntlp //查看当前所有tcp端口·
netstat -ntulp |grep 80 //查看所有80端口使用情况·
netstat -an | grep 3306 //查看所有3306端口使用情况·
查看一台服务器上面哪些服务及端口
netstat -lanp
查看一个服务有几个端口。比如要查看mysqld
ps -ef |grep mysqld
查看某一端口的连接数量,比如3306端口
netstat -pnt |grep :3306 |wc
查看某一端口的连接客户端IP 比如3306端口
netstat -anp |grep 3306
netstat -an 查看网络端口
# 3.更新yum源 常用安装依赖
yum install epel-release -y
yum update
yum install -y gcc gcc-c pcre pcre-devel openssl openssl-devel zlib zlib-devel
yum -y install ncurses-devel
yum -y install wget vim pcre pcre-devel openssl openssl-devel libicu-devel gcc gcc-c autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel ncurses ncurses-devel curl curl-devel krb5-devel libidn libidn-devel openldap openldap-devel nss_ldap jemalloc-devel cmake boost-devel bison automake libevent libevent-devel gd gd-devel libtool* libmcrypt libmcrypt-devel mcrypt mhash libxslt libxslt-devel readline readline-devel gmp gmp-devel libcurl libcurl-devel openjpeg-devel
yum install -y libaio
yum install vim
yum install gcc-c
2.安装Nginx
2.1 Nginx编译安装
tar -zxvf nginx-1.12.2.tar.gz
cd nginx-1.12.2
./configure --userwww --groupwww --prefix/usr/local/nginx/ --with-http_v2_module --with-http_ssl_module --with-http_sub_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-http_realip_module
make
make install
2.2 启动Nginx
cd /usr/local/nginx/sbin
./nginx #启动
./nginx -s reload #重启nginx
./nginx -s stop #停止nginx
./nginx -t #验证配置文件是否正确/usr/local/nginx/sbin/nginx -s reload
2.3 测试是否安装成功 修改家目录 nginx.conf
location / { root /home/www/;index index.html index.htm;}
ps -ef|grep nginx #测试是否允许
curl localhost #Linux下本地测试
2.4 解析php
重点是创建php-cgi.sock存放目录 不解析时查看是否存在
mkdir /var/run/www/
chown -R www:www /var/run/www
/usr/local/php/sbin/php-fpm配置文件修改:nginx.conf
location ~ \.php$ {root /home/www/; #与原有的一致fastcgi_pass unix:/var/run/www/php-cgi.sock;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;
}
2.5 配置站点
在安装目录的配置文件目录中新建vhost文件夹在vhost目录中新建多个站点配置文件站点配置文件内容
server {listen 80; # 监听端口server_name www.siteA.com siteA.com; # 站点域名root /home/user/www/blog; # 站点根目录index index.html index.htm index.php; # 默认导航页location / {# WordPress固定链接URL重写if (!-e $request_filename) {rewrite (.*) /index.php;}}# PHP配置location ~ \.php$ {fastcgi_pass unix:/var/run/php5-fpm.sock;fastcgi_index index.php;include fastcgi_params;}
} 在nginx.conf 引入多站点配置文件
include /etc/nginx/vhost/*.conf;
2.6 配置SSL证书
server {listen 443;server_name localhost; # localhost修改为您证书绑定的域名。ssl on; #设置为on启用SSL功能。root html;index index.html index.htm;ssl_certificate cert/domain name.pem; #将domain name.pem替换成您证书的文件名。ssl_certificate_key cert/domain name.key; #将domain name.key替换成您证书的密钥文件名。ssl_session_timeout 5m;ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #使用此加密套件。ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #使用该协议进行配置。ssl_prefer_server_ciphers on; location / {root html; #站点目录。index index.html index.htm; }
}
2.6 设置自动跳转HTTPS
server {listen 80;server_name localhost; rewrite ^(.*)$ https://$host$1 permanent;location / {index index.html index.htm;}
}
2.7 开机启动
创建开机启动文件
cd /lib/systemd/system
vi nginx.service 脚本内容
[Unit]
Descriptionnginx
Afternetwork.target[Service]
Typeforking
ExecStart/usr/local/nginx/sbin/nginx
ExecReload/usr/local/nginx/sbin/nginx -s reload
ExecStop/usr/local/nginx/sbin/nginx -s quit
PrivateTmptrue[Install]
WantedBymulti-user.target
2.8 操作命令
# 设置开机启动
systemctl enable nginx.service# 停止开机自启动
systemctl disable nginx.service# 其它命令
systemctl start nginx.service
systemctl status nginx.service
systemctl restart nginx.service
systemctl stop nginx.service
3.安装php
3.1 创建运行用户
groupadd www
useradd -g www www
3.2 建立软连接
cp -frp /usr/lib64/libldap* /usr/lib/
ln -s /usr/local/lib/libiconv.so.2 /usr/lib64/
3.3 编译安装php
tar -zxvf php-7.2.4.tar.gz
cd php-7.2.4
./configure --prefix/usr/local/php \
--with-config-file-path/usr/local/php/etc \
--enable-fpm \
--with-fpm-userwww \
--with-fpm-groupwww \
--enable-mysqlnd \
--with-mysqlimysqlnd \
--with-pdo-mysqlmysqlnd \
--enable-mysqlnd-compression-support \
--with-iconv-dir \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir \
--enable-xml \
--disable-rpath \
--enable-bcmath \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--with-curl \
--enable-mbregex \
--enable-mbstring \
--enable-intl \
--with-libmbfl \
--enable-ftp \
--with-gd \
--with-openssl \
--with-mhash \
--enable-pcntl \
--enable-sockets \
--with-xmlrpc \
--enable-zip \
--enable-soap \
--with-gettext \
--disable-fileinfo \
--enable-opcache \
--with-pear \
--enable-maintainer-zts \
--with-ldapshared \
--without-gdbm \
--with-apxs2/usr/local/apache/bin/apxs\make -j4
如果编译出现错误使用这个编辑命令代替make ZEND_EXTRA_LIBS-liconv
不要 make test 害死人等时间太长
make install
3.4 配置php配置文件
cp php.ini-development /usr/local/php/etc/php.inicp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.confcp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf3.5 配置php.ini
expose_php Off
short_open_tag ON
max_execution_time 300
max_input_time 300
memory_limit 128M
post_max_size 32M
date.timezone Asia/Shanghaiextension /usr/local/php/lib/php/extensions/no-debug-zts-20160303/ldap.so[opcache]
zend_extension/usr/local/php/lib/php/extensions/no-debug-zts-20160303/opcache.so
opcache.memory_consumption128
opcache.interned_strings_buffer8
opcache.max_accelerated_files4000
opcache.revalidate_freq60
opcache.fast_shutdown1
opcache.enable_cli1disable_functionspassthru,exec,system,chroot,chgrp,chown,shell_exec,proc_open,proc_get_status,popen,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru3.6 配置www.conf
取消以下注释并修改优化其参数
listen /var/run/www/php-cgi.sock
listen.owner www
listen.group www
listen.mode 0660
listen.allowed_clients 127.0.0.1
pm dynamic
listen.backlog -1
pm.max_children 180
pm.start_servers 50
pm.min_spare_servers 50
pm.max_spare_servers 180
request_terminate_timeout 120
request_slowlog_timeout 50
slowlog var/log/slow.log
3.7 运行php-fpm
创建php-cgi.sock存放目录
mkdir /var/run/www/
chown -R www:www /var/run/www
# 配置php-fpm.conf
取下以下注释并填写完整路径
pid /usr/local/php/var/run/php-fpm.pid
# 运行php-fpm
/usr/local/php/sbin/php-fpm
3.8 开机启动
vim /etc/systemd/system/php-fpm.service
内容
[Unit]
DescriptionThe PHP FastCGI Process Manager
Aftersyslog.target network.target
[Service]
Typesimple
PIDFile/usr/local/php/var/run/php-fpm.pid
ExecStart/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf
ExecReload/bin/kill -USR2 $MAINPID
ExecStop/bin/kill -SIGINT $MAINPID
[Install]
WantedBymulti-user.target#启动php-fpm
systemctl start php-fpm.service#添加到开机启动
systemctl enable php-fpm.service#添加一个软链接 重要
ln -s /usr/local/php/bin/php /usr/local/bin/php# 10.启动与关闭
systemctl enable php-fpm.service #开机运行服务
systemctl disable php-fpm.service #取消开机运行
systemctl start php-fpm.service #启动服务
systemctl restart php-fpm.service #重启服务
3.9 Php 加入环境变量
将 /usr/local/php/bin 加到后面,用:隔开
vi /root/.bash_profile
PATH$PATH:$HOME/bin:/usr/local/mysql/bin:/usr/lcoal/php/bin重启服务
source /root/.bash_profile
4.安装Composer
4.1 安装composer
cd /usr/local/src
curl -sS https://getcomposer.org/installer | php
mv composer.phar /usr/local/bin/composer4.2 Composer 使用权限
chmod -R 777 /usr/local/bin/composer
4.3 切换国内镜像
composer config -g repo.packagist composer https://packagist.phpcomposer.comcomposer config -g repo.packagist composer https://mirrors.aliyun.com/composer/5.安装Git
可以使用yum安装十分简单。
# yum命令安装与卸载
yum install -y git
yum remove git 在工作中推荐编译安装
5.1 安装依赖包
yum install -y wget
yum install -y gcc-c
yum install -y zlib-devel perl-ExtUtils-MakeMaker
5.2 编译安装
# 下载最新git
cd /usr/local/src
wget https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.9.0.tar.gz# 编译安装git
tar -zxvf git-2.9.0.tar.gz
cd git-2.9.0
./configure --prefix/usr/local/git
make
make install
5.3 环境变量
# 添加环境变量
# 将 /usr/local/git/bin 加到后面,用:隔开
vim /root/.bash_profile
PATH$PATH:$HOME/bin:/usr/local/git/bin
# 重启
source /root/.bash_profile
5.4 配置git用户
# 查看git版本
git --version# 创建git用户
groupadd git
useradd git -g git
passwd git #设置密码 参数是用户名
su - git //切换git用户
5.5 配置证书
客户端安装git,设置key
git config --global user.name dddd
git config --global user.email qqqq.com
ssh-keygen -t rsa -C your_email
该命令会产生两个文件: id_rsa对应私钥id_rsa.pub对应公钥。将id_rsa.pub中的内容写到服务器的authorized_keys文件中。如果有多个客户端那么在authorized_keys文件中一行保存一个客户端的公钥
服务器端: 创建authorized_keys文件 cd /home/git
mkdir .ssh
chmod 700 .ssh
touch .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
cd /home
chown -R git:git git
服务器端配置RSA
进入 /etc/ssh 目录编辑 sshd_config打开以下三个配置的注释
RSAAuthentication yes 最新版centos7.4无需配置、没有的不配置
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
#保存并重启 sshd 服务
service sshd restart
将客户端公钥导入服务器端
ssh git192.168.136.00 cat .ssh/authorized_keys ~/.ssh/id_rsa.pub# 将git设置为默认路径不然后面克隆时会报错
ln -s /usr/local/git/bin/git-upload-pack /usr/bin/git-upload-pack
ln -s /usr/local/git/bin/git-receive-pack /usr/bin/git-receive-pack5.6 服务端初始化Git仓库
#进入home目录
cd /home
#创建gitdemo目录
mkdir gitdemo
# 利用 chown 将指定文件的拥有者改为指定的用户或组
# 把仓库所属用户改为git
chown git:git gitdemo/
cd gitdemo
#现有仓库导出为裸仓库——即一个不包含当前工作目录的仓库
git init --bar demo.git
#把仓库所属用户改为git
#-R : 处理指定目录以及其子目录下的所有文件
#将目录下的所有文件与子目录的拥有者皆设为git群体的使用者 git :
chown -R git:git demo.git
#以后每创建一个新的仓库.都需要执行上面的命令修改仓库所属用户为git# 克隆仓库
git clone git192.168.**.**:/home/gitdemo/demo.git
5.7 禁止git用户 Shell登录
vim /etc/passwd
git:x:502:502::/home/git:/usr/local/git/bin/git-shell 6.安装Redis
# 安装依赖包
yum install gcc-c
6.1 编译安装
# redis安装
wget http://download.redis.io/releases/redis-5.0.7.tar.gz
tar xzf redis-5.0.7.tar.gz
cd redis-5.0.7
make
make install PREFIX/usr/local/redis
make install PREFIX/www/server/redis6
注意make install 加上需要安装的redis目录地址
6.2 配置与启动
# 拷贝配置文件
cp -r redis.conf /usr/local/redis/bin/
# 开启服务端
./redis-server redis.conf# 客户端连接redis
cd /usr/local/redis/
./redis-cli -h 127.0.0.1 -p 63796.3 环境变量
# 打开bash_profile配置
vim ~/.bash_profile
# 文件中添加:
export REDIS_HOME/usr/local/redis
export PATH$PATH:$REDIS_HOME/bin
# 重启
source ~/.bash_profile
6.4 设置后台运行
vim redis.conf
daemonize no修改为daemonize yes即可重启redis
ps -ef|grep redis
kill -9 20940
./redis-server redis.conf
6.5 开机启动
# 创建文件
vim /etc/init.d/redis# 编辑内容添加:
*******************************************************************
#!/bin/bash
#chkconfig: 22345 10 90
#description: Start and Stop redisREDISPORT6379
EXEC/usr/local/redis/bin/redis-server
CLIEXEC/usr/local/redis/bin/redis-cliPIDFILE/var/run/redis.pid
CONF/usr/local/redis/bin/redis.confcase $1 instart)if [ -f $PIDFILE ];thenecho $PIDFILE exists,process is already running or crashedelseecho Starting Redis server...$EXEC $CONFfi;;stop)if [ ! -f $PIDFILE ];thenecho $PIDFILE does not exist,process is not runningelsePID$(cat $PIDFILE)echo Stopping...$CLIEXEC -p $REDISPORT shutdownwhile [ -x /proc/${PID} ]doecho Waiting for Redis to shutdown...sleep 1doneecho Redis stoppedfi;;restart)$0 stopsleep 3$0 start;;*)echo Please use start or stop or restart as first argument;;
esac
**************************************************************************************# 权限及开机启动
chmod x /etc/init.d/redis
#chkconfig --add redis
#chkconfig redis on
#chkconfig --list //查看所有注册的脚本文件7.安装Apache
这里介绍下Apache的安装不过最好使用Nginx
7.1 准备工作
# 安装apr
tar -zxvf apr-1.6.3.tar.gz
cd apr-1.6.3
./configure --prefix/usr/local/apr
make
make install 注意:
cannot remove libtoolT: No such file or directory
直接打开configure把 $RM “$cfgfile” 那行删除掉重新再运行 ./configure 就可以了# 安装 Apr-util
tar -zxvf apr-util-1.6.1.tar.gz
cd apr-util-1.6.1
./configure --prefix/usr/local/apr-util --with-apr/usr/local/apr
make
make install# 安装pcre
tar -zxvf pcre-8.39.tar.gz
cd pcre-8.39
./configure --prefix/usr/local/pcrel
make
make install7.2 安装apache
tar -zxvf httpd-2.4.34.tar.gz
cd httpd-2.4.34
./configure \
--prefix/usr/local/apache \
--enable-ssl \
--enable-rewrite \
--with-apr/usr/local/apr \
--with-apr-util/usr/local/apr-util
make
make install
7.3 配置
#配置ServerName 进入httpd.conf配置文件
ServerName localhost:80#修改家目录 进入httpd.conf配置文件
DocumentRoot /home/www
Directory /home/www
7.4 开机启动
将自己安装目录下的apachect1复制到该目录下并改为httpd
cp /usr/local/apache/bin/apachect1 /etc/init.d/httpd
注复制时注意安装目录
编辑 vi /etc/init.d/httpd 在 #!/bin/sh 下添加这两句
#chkconfig:345 85 15
#description:Start and stop the Apache HTTP Server添加启动
chkconfig --add httpd
启动:
chkconfig httpd on
查看是否成功
chkconfig --list httpd
7.5 启动与关闭常用操作
启动:
/usr/local/apache/bin/apachectl start
重启:
/usr/local/apache/bin/apachectl restart
停止:
/usr/local/apache/bin/apachectl stop
不中断:
/usr/local/apache/bin/apachectl graceful
7.6 Apache解析php
首先http.conf中配置
LoadModule php7_module modules/libphp7.so 开启注释其次在配置文件httpd.conf的IfModule mime_module/IfModule块里增加一行
AddType application/x-httpd-php .php
ServerName 127.0.0.1:80然后搜索IfModule dir_module下面这一块添加上index.php
IfModule dir_moduleDirectoryIndex index.html index.php
/IfModule重启apache
7.7 Apache 禁止目录浏览
打开apache配置文件httpd.conf
找到Options Indexes
Directory /Options IndexesAllowOverride NoneOrder allow,denyAllow from all
/Directory
修改
Options Indexes 修改为Options None
Options Indexes FollowSymLinks修改为Options None
7.8 Apache配置SSL
# 1.检查是否安装OpenSSL
# 查看是否安装
openssl version # 编译安装 https://www.cnblogs.com/rxbook/p/9367725.html
# yum安装 OpenSSLyum install openssl yum install openssl-devel
# 在线升级
yum -y update openssl# 2.配置证书上传目录在Apache安装目录中新建cert目录并将下载的Apache证书、 证书链文件和秘钥文件拷贝到cert目录中。如果需要安装多个证书需在Apache的cert目录中新建对应数量的cert目录用于存放不同的证书(每个域名证书对应一个文件夹存放) 如果申请证书时选择了手动创建CSR文件请将手动生成创建的秘钥文件拷贝到cert目录中并命名为domain name.key。# 3.修改httpd.conf配置文件
# 3.1 httpd.conf配置参数 mod_ssl.so
#LoadModule ssl_module modules/mod_ssl.so
删除行首的配置语句注释符号“#”加载mod_ssl.so模块启用SSL服务Apache默认是不启用该模块的。如果找不到该配置请重新编译mod_ssl模块。# 3.2 引入httpd-ssl.conf
#Include conf/extra/httpd-ssl.conf #删除行首的配置语句注释符号“#”。# 4.修改httpd-ssl.conf配置文件
# 4.1打开httpd-ssl.conf文件 注释掉默认示例参数
# 4.2 具体配置参数VirtualHost *:443 ServerName www.xx.com。 DocumentRoot /data/www/xxx/public SSLEngine on SSLProtocol all -SSLv2 -SSLv3SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:MEDIUM SSLHonorCipherOrder onSSLCertificateFile cert/domain name1_public.crt SSLCertificateKeyFile cert/domain name1.key SSLCertificateChainFile cert/domain name1_chain.crt
/VirtualHost
# 4.3根据情况可设置多个保存 httpd-ssl.conf 文件并退出# 5.配置httpd-vhosts.conf中站点
# 80与443端口同时存在
VirtualHost *:443ServerAdmin webmasterdummy-host2.example.comDocumentRoot /home/www/demo/public/ServerName m.ljy.vipServerAlias localhostSSLEngine onSSLCertificateFile /usr/local/apache/cert/3087344_m.ljy.vip_public.crt SSLCertificateKeyFile /usr/local/apache/cert/3087344_m.ljy.vip.key SSLCertificateChainFile /usr/local/apache/cert/3087344_m.ljy.vip_chain.crtErrorLog /usr/local/apache/logs/error_logCustomLog /usr/local/apache/logs/access_log common
/VirtualHost# 设置Apache http自动跳转https
# 在 httpd-vhosts.conf 文件中的VirtualHost *:80 /VirtualHost中间添加以下重定向代码
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [L,R] 8.安装mysql
请参考
Linux编译安装Mysql笔记_linux 源码编译安装mysql csdn-CSDN博客 9.最后
明天国庆节祝大家节日快乐
感谢大家请大家多多支持
