Linux basic learning LNMP environment construction

Posted by fris on Wed, 01 Jan 2020 18:38:35 +0100

LNMP environment building

LNMP dynamic website deployment architecture is a dynamic website system solution composed of Linux+Nginx+Mysql+PHP components, which is free, efficient, extensible and low resource consumption

LNMP dynamic website architecture

yum install -y apr* autoconf automake bison bzip2 bzip2* compat* cpp curl curl-devel fontconfig fontconfig-devel freetype freetype* freetype-devel gcc gcc-c++ gd gettext gettext-devel glibc kernel kernel-headers keyutils keyutils-libs-devel krb5-devel libcom_err-devel libpng libpng-devel libjpeg* libsepol-devel libselinux-devel libstdc++-devel libtool* libgomp libxml2 libxml2-devel libXpm* libtiff libtiff* make mpfr ncurses* ntp openssl openssl-devel patch pcre-devel perl php-common php-gd policycoreutils telnet t1lib t1lib* nasm nasm* wget zlib-devel

 cd /usr/local/src

 wget https://www.linuxprobe.com/Software/cmake-2.8.11.2.tar.gz
 wget https://www.linuxprobe.com/Software/Discuz_X3.2_SC_GBK.zip
 wget https://www.linuxprobe.com/Software/freetype-2.5.3.tar.gz
 wget https://www.linuxprobe.com/Software/jpegsrc.v9a.tar.gz
 wget https://www.linuxprobe.com/Software/libgd-2.1.0.tar.gz
 wget https://www.linuxprobe.com/Software/libmcrypt-2.5.8.tar.gz
 wget https://www.linuxprobe.com/Software/libpng-1.6.12.tar.gz
 wget https://www.linuxprobe.com/Software/libvpx-v1.3.0.tar.bz2
 wget https://www.linuxprobe.com/Software/mysql-5.6.19.tar.gz
 wget https://www.linuxprobe.com/Software/nginx-1.6.0.tar.gz
 wget https://www.linuxprobe.com/Software/openssl-1.0.1h.tar.gz
 wget https://www.linuxprobe.com/Software/php-5.5.14.tar.gz
 wget https://www.linuxprobe.com/Software/pcre-8.35.tar.gz
 wget https://www.linuxprobe.com/Software/t1lib-5.1.2.tar.gz
 wget https://www.linuxprobe.com/Software/tiff-4.0.3.tar.gz
 wget https://www.linuxprobe.com/Software/yasm-1.2.0.tar.gz
 wget https://www.linuxprobe.com/Software/zlib-1.2.8.tar.gz
[root@mail src]# ls
cmake-2.8.11.2          libgd-2.1.0.tar.gz      nginx-1.6.0.tar.gz     tiff-4.0.3.tar.gz
cmake-2.8.11.2.tar.gz   libmcrypt-2.5.8.tar.gz  openssl-1.0.1h.tar.gz  yasm-1.2.0.tar.gz
Discuz_X3.2_SC_GBK.zip  libpng-1.6.12.tar.gz    pcre-8.35.tar.gz       zlib-1.2.8.tar.gz
freetype-2.5.3.tar.gz   libvpx-v1.3.0.tar.bz2   php-5.5.14.tar.gz
jpegsrc.v9a.tar.gz      mysql-5.6.19.tar.gz     t1lib-5.1.2.tar.gz

[root@mail cmake-2.8.11.2]# tar -xzvf cmake-2.8.11.2.tar.gz 
[root@mail cmake-2.8.11.2]# cd cmake-2.8.11.2/
[root@mail cmake-2.8.11.2]# ./configure 
[root@mail cmake-2.8.11.2]# make && make install
[root@mail cmake-2.8.11.2]# echo $?
0

Configure MySQL service

parameter explain
-DCMAKE_INSTALL_PREFIX Parameter is used to define the save directory of the database service program
-DMYSQL_DATADIR Parameter is used to define the directory of the real database file
-DSYSCONFDIR Parameter to define the saving directory of MySQL database configuration file
–user Parameter specifies the corresponding account name of MySQL service
–basedir Parameter specifies the directory where MySQL service programs are saved
–datadir Parameter to specify the file saving directory of MySQL real database
[root@mail src]# tar -xzvf mysql-5.6.19.tar.gz 
[root@mail src]# cd mysql-5.6.19/
[root@mail mysql-5.6.19]# 
[root@mail mysql-5.6.19]# useradd mysql -s /sbin/nologin -M 
[root@mail mysql-5.6.19]# mkdir -p /usr/local/mysql/var
[root@mail mysql-5.6.19]# chown -Rf mysql:mysql /usr/local/mysql

[root@mail mysql-5.6.19]# cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/var -DSYSCONFDIR=/etc
[root@mail mysql-5.6.19]# make && make install
[root@mail mysql-5.6.19]# echo $?
0

[root@mail mysql-5.6.19]# rm -rf /etc/my.cnf

[root@mail mysql-5.6.19]# cd /usr/local/mysql/
[root@mail mysql]# ./scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var

[root@mail mysql]# ln -s my.cnf /etc/my.cnf
[root@mail mysql]# cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld

[root@mail mysql]# vim /etc/rc.d/init.d/mysqld
 46 basedir=/usr/local/mysql
 47 datadir=/usr/local/mysql/var

[root@mail mysql]# service mysqld start
Starting MySQL............ SUCCESS! 
[root@mail mysql]# chkconfig mysqld on

[root@mail mysql]# vim /etc/profile
 74 export PATH=$PATH:/usr/local/mysql/bin
[root@mail mysql]# source /etc/profile

[root@mail mysql]# mkdir /var/lib/mysql
[root@mail mysql]# ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
[root@mail mysql]# ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock
[root@mail mysql]# ln -s /usr/local/mysql/include/mysql
/usr/include/mysql

MySQL database initialization

[root@mail mysql]# mysql_secure_installation 



NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): //Direct carriage return
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] Y(Must be root Administrator sets password for database)
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y(Delete anonymous users)
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y(prohibit root Administrators log in remotely)
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y(delete test Database and remove access to it)
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y(Refresh authorization table,Let the initialized settings take effect immediately)
 ... Success!




All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!


Cleaning up...

Configure Nginx service

//Package pcre for providing Perl compatible regular expression library

[root@mail src]# tar -xzvf pcre-8.35.tar.gz 
[root@mail src]# cd pcre-8.35/
[root@mail pcre-8.35]# ./configure --prefix=/usr/local/pcre
[root@mail pcre-8.35]# make && make install
//The openssl package is used to provide the program file of the website encryption certificate service

[root@mail src]# tar -xzvf openssl-1.0.1h.tar.gz 
[root@mail nginx-1.6.0]# cd openssl-1.0.1h/
[root@mail openssl-1.0.1h]# ./config --prefix=/usr/local/openssl
[root@mail openssl-1.0.1h]# make && make install

[root@mail openssl-1.0.1h]# vim /etc/profile
export PATH=$PATH:/usr/local/mysql/bin:/usr/local/openssl/bin
[root@mail openssl-1.0.1h]# source /etc/profile
//zlib package function library files used to provide compression function

[root@mail src]# tar xzvf zlib-1.2.8.tar.gz 
[root@mail src]# cd zlib-1.2.8/
[root@mail zlib-1.2.8]# ./configure --prefix=/usr/local/zlib
[root@mail zlib-1.2.8]# make && make install
[root@mail src]# useradd www -s /sbin/nologin -M


[root@mail src]# tar -xzvf nginx-1.6.0.tar.gz 
[root@mail src]# cd nginx-1.6.0/
[root@mail nginx-1.6.0]# ./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-openssl=/usr/local/src/openssl-1.0.1h --with-zlib=/usr/local/src/zlib-1.2.8 --with-pcre=/usr/local/src/pcre-8.35
[root@mail nginx-1.6.0]# make && make install

[root@mail nginx-1.6.0]# vim /etc/rc.d/init.d/nginx

nginx startup script file

#!/bin/bash
# nginx - this script starts and stops the nginx daemon
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /usr/local/nginx/conf/nginx.conf
# pidfile: /usr/local/nginx/logs/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/local/nginx/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
        if [ -z "`grep $user /etc/passwd`" ]; then
                useradd -M -s /bin/nologin $user
        fi
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
        if [ `echo $opt | grep '.*-temp-path'` ]; then
                value=`echo $opt | cut -d "=" -f 2`
                if [ ! -d "$value" ]; then
                        # echo "creating" $value
                        mkdir -p $value && chown -R $user $value
                fi
        fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
#configtest || return $?
stop
sleep 1
start
}
reload() {
#configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
        rh_status_q && exit 0
        $1
        ;;
stop)
        rh_status_q || exit 0
        $1
        ;;
restart|configtest)
$1
;;
reload)
        rh_status_q || exit 7
        $1
        ;;
force-reload)
        force_reload
        ;;
status)
        rh_status
        ;;
condrestart|try-restart)
        rh_status_q || exit 0
        ;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac

Start Nginx service


[root@mail nginx-1.6.0]# chmod 755 /etc/rc.d/init.d/nginx 

[root@mail nginx-1.6.0]# /etc/rc.d/init.d/nginx restart
Restarting nginx (via systemctl):                          [  Determine  ]
[root@mail nginx-1.6.0]# chkconfig nginx on

Configure PHP services

//yasm source package is a common open source assembler

[root@mail src]# tar -zxvf yasm-1.2.0.tar.gz 
[root@mail src]# cd yasm-1.2.0/
[root@mail yasm-1.2.0]# ./configure
[root@mail yasm-1.2.0]# make && make install
//libmcrypt source package: an extended library for encryption algorithm

[root@mail src]# tar -xzvf libmcrypt-2.5.8.tar.gz 
[root@mail src]# cd libmcrypt-2.5.8/
[root@mail libmcrypt-2.5.8]# ./configure 
[root@mail libmcrypt-2.5.8]# make && make install
//libvpx source package for video encoder services
[root@mail src]# tar -xjvf libvpx-v1.3.0.tar.bz2
[root@mail src]# cd libvpx-v1.3.0/
[root@mail libvpx-v1.3.0]# ./configure --prefix=/usr/local/libvpx --enable-shared --enable-vp9
[root@mail libvpx-v1.3.0]# make && make install 
//tiff source package is a service program used to provide label image file format

[root@mail src]# tar -xzvf tiff-4.0.3.tar.gz 
[root@mail src]# cd tiff-4.0.3/
[root@mail tiff-4.0.3]# ./configure --prefix=/usr/local/tiff --enable-shared
[root@mail tiff-4.0.3]# make && make install 
//libpng source package used to provide png image format support function library service program

[root@mail src]# tar zxvf libpng-1.6.12.tar.gz 
[root@mail src]# cd libpng-1.6.12/
[root@mail libpng-1.6.12]# ./configure --prefix=/usr/local/libpng --enable-shared
[root@mail libpng-1.6.12]# make && make install
//freetype source package is used to provide a service program for font support engine

[root@mail src]# tar -xzvf freetype-2.5.3.tar.gz 
[root@mail src]# cd freetype-2.5.3/
[root@mail freetype-2.5.3]# ./configure --prefix=/usr/local/freetype -enable-shared
[root@mail freetype-2.5.3]# make && make install 
//jpeg source package is used to provide the service program of jpeg image format support function library

[root@mail src]# tar -zxvf jpegsrc.v9a.tar.gz 
[root@mail src]# cd jpeg-9a/
[root@mail jpeg-9a]# ./configure --prefix=/usr/local/jpeg --enable-shared
[root@mail jpeg-9a]# make && make install
//libgd source package is used to provide a service program for graphics processing

[root@mail src]# tar -xzvf libgd-2.1.0.tar.gz 
[root@mail src]# cd libgd-2.1.0/
[root@mail libgd-2.1.0]# ./configure --prefix=/usr/local/libgd --enable-shared --with-jpeg=/usr/local/jpeg --with-png=/usr/local/libpng --with-freetype=/usr/local/freetype --with-fontconfig=/usr/local/freetype --with-xpm=/usr/ --with-tiff=/usr/local/tiff --with-vpx=/usr/local/libvpx
[root@mail libgd-2.1.0]# make && make install
//t1lib source package is used to provide the service program of image generation function library
//Compile t1lib-5.1.2When make Error requires installation latex

//Online solution not verified
yum -y install texlive-latex
yum -y install texlive-metapost
yum -y install texlive-collection-fontsrecommended 

[root@mail src]# tar zxvf t1lib-5.1.2.tar.gz 
[root@mail src]# cd t1lib-5.1.2/
[root@mail t1lib-5.1.2]# ./configure --prefix=/usr/local/t1lib --enable-shared

Configure finished!
        Do:  'make'               to compile the t1lib-package.
        Do:  'make without_doc'   to compile if you do not have LaTeX.
        Do:  'make install'       to install the t1lib-package.

[root@mail t1lib-5.1.2]# make without_doc && make install

[root@mail t1lib-5.1.2]# ln -s /usr/lib64/libltdl.so /usr/lib/libltdl.so
[root@mail t1lib-5.1.2]# cp -frp /usr/lib64/libXpm.so* /usr/lib/
[root@mail src]# tar -zxvf php-5.5.14.tar.gz 
[root@mail src]# cd php-5.5.14/
[root@mail php-5.5.14]# export LD_LIBRARY_PATH=/usr/local/libgd/lib
[root@mail php-5.5.14]# ./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-mysql-sock=/tmp/mysql.sock --with-pdo-mysql=/usr/local/mysql --with-gd --with-png-dir=/usr/local/libpng --with-jpeg-dir=/usr/local/jpeg --with-freetype-dir=/usr/local/freetype --with-xpm-dir=/usr/ --with-vpx-dir=/usr/local/libvpx/ --with-zlib-dir=/usr/local/zlib --with-t1lib=/usr/local/t1lib --with-iconv --enable-libxml --enable-xml --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-opcache --enable-mbregex --enable-fpm --enable-mbstring --enable-ftp --enable-gd-native-ttf --with-openssl --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --enable-session --with-mcrypt --with-curl --enable-ctype

[root@mail php-5.5.14]# make && make install

After the php source package is installed, you need to delete the current default configuration file, and then copy the corresponding configuration file from the php service program directory

[root@mail php-5.5.14]# rm -rf /etc/php.ini
[root@mail php-5.5.14]# cp php.ini-production /usr/local/php/etc/php.ini
[root@mail php-5.5.14]# ln -s /usr/local/php/etc/php.ini /etc/php.ini
[root@mail php-5.5.14]# cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
[root@mail php-5.5.14]# ln -s /usr/local/php/etc/php-fpm.conf /etc/php-fpm.conf
[root@mail php-5.5.14]# vim /usr/local/php/etc/php-fpm.conf
 25 pid = run/php-fpm.pid

148 user = nobody
149 group = nobody

//modify
148 user = www
149 group = www

[root@mail php-5.5.14]# cp sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm
[root@mail php-5.5.14]# chmod 755 /etc/rc.d/init.d/php-fpm
[root@mail php-5.5.14]# chkconfig php-fpm on
[root@mail php-5.5.14]# vim /usr/local/php/etc/php.ini
disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restor e,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,g etservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,po six_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_ getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_ setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
[root@mail php-5.5.14]# vim /usr/local/nginx/conf/nginx.conf
  2 user  www www;

 43         location / {
 44             root   html;
 45             index  index.html index.htm index.php;
 46         }


 65         # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
 66         #   
 67         location ~ .*\.php(\/.*)*$ {
 68             root           html;
 69             fastcgi_pass   127.0.0.1:9000;  
 70             fastcgi_index  index.php;
 71             fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
 72             include        fastcgi_params;
 73         }


[root@mail php-5.5.14]# systemctl restart nginx
[root@mail php-5.5.14]# systemctl restart php-fpm

At this point, the configuration of LNMP dynamic website environment architecture is completed

Building Discuz! Forum

[root@mail src]# unzip Discuz_X3.2_SC_GBK.zip 
[root@mail src]# rm -rf /usr/local/nginx/html/{index.html,50x.html}*
[root@mail src]# mv upload/* /usr/local/nginx/html/
[root@mail src]# chown -Rf www:www /usr/local/nginx/html
[root@mail src]# chmod -Rf 755 /usr/local/nginx/html

Topics: MySQL PHP Nginx OpenSSL