Centos7安装WEB基础服务
概述
适用:新的服务器部署基础服务
功能: 安装mariadb、php、nginx
服务器: centos 7
安装基础工具
一、安装上传与下载工具lrzsz
[root@wkjhost ~]# yum install -y lrzsz
二、安装 yum 工具包:
[root@wkjhost ~]# yum install yum-utils
三、安装EPEL(Extra Packages for Enterprise Linux)软件包
[root@wkjhost ~]# yum install epel-release
四、安装remi(包含最新版本 PHP 和 MySQL 包的 Linux 源)
[root@wkjhost ~]# yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
五、安装源之后需要更新
[root@wkjhost ~]# yum update
六、安装git工具
[root@wkjhost ~]# yum install git
安装WEB需要的工具
一、mariadb安装:
1、安装mariadb
[root@wkjhost ~]# yum install mariadb-server
2、自启动mariadb:
[root@wkjhost ~]# systemctl enable mariadb
3、配置mariadb默认字符集(修改配置之前需要停止服务,删除/var/lib/mysql下面日志文件)
1) 修改/etc/my.cnf(在[mysqld]标签下添加)
init_connect='SET collation_connection = utf8_general_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_general_ci
skip-character-set-client-handshake
max_allowed_packet=512M
innodb_log_file_size=256M2) 修改/etc/my.cnf.d/client.cnf(在[client]标签下添加)
default-character-set=utf8
3) 修改/etc/my.cnf.d/mysql-clients.cnf(在[mysql]标签下添加)
default-character-set=utf8
4) 重启数据库,并验证字符集是否设置成功
[root@wkjhost ~]# systemctl start mariadb
[root@wkjhost ~]# mysql -uroot -p
MariaDB [(none)]> show variables like "%character%";show variables like "%collation%";
4). 设置数据密码(初始密码为空:直接回车就可以)
[root@wkjhost ~]# mysql_secure_installation
二、安装PHP72
1、启动remi-php72
[root@wkjhost ~]# yum-config-manager --enable remi-php72
2、安装 PHP7.2
[root@wkjhost ~]# yum install php72
3、安装 php-fpm 和一些其他模块
[root@wkjhost ~]# yum install php72-php-fpm php72-php-gd php72-php-json php72-php-mbstring php72-php-mysqlnd php72-php-xml php72-php-xmlrpc php72-php-opcache php72-php-zip
4、设置php-fpm自启动
[root@wkjhost ~]# systemctl enable php72-php-fpm.service
三、安装nginx
1、创建nginx的yum源
[root@wkjhost ~]# vi /etc/yum.repos.d/nginx.repo
[nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key
2、启动nginx的yum源
[root@wkjhost ~]# yum-config-manager --enable nginx-mainline
3、安装nginx(nginx脚本:/usr/sbin/nginx,配置文件: /etc/nginx)
[root@wkjhost ~]# yum install nginx
4、nginx自启动
[root@wkjhost ~]# systemctl enable nginx
5、nginx配置为php服务器,代理服务器
1) 配置PHP服务器
server { listen 443 ssl; server_name www.kjwoo.cn kjwoo.cn; root /var/www/typecho; index index.php index.html index.htm; access_log /var/www/logs/www.kjwoo.cn-access.log main; error_log /var/www/logs/www.kjwoo.cn-error.log; ssl_certificate /etc/nginx/ssl/www.kjwoo.cn/me.crt; ssl_certificate_key /etc/nginx/ssl/www.kjwoo.cn/me.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|ico|svg)$ { valid_referers none blocked *.kjwoo.cn server_names ~\.google\. ~\.baidu\. ~\.hcs427\.; if ($invalid_referer){ return 301 $http_referer; } expires 7d; access_log off; } location ~ .*\.(js|css|css\.map) { expires 12h; access_log off; } location / { if (!-e $request_filename) { rewrite ^/(.*)$ /index.php?s=$1 last; break; } try_files $uri $uri/ index.php /index.php?$QUERY_STRING; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_read_timeout 600; include fastcgi_params; } } server { listen 80; server_name www.kjwoo.cn; add_header Strict-Transport-Security max-age=15768000; return 301 https://$server_name$request_uri; } server { listen 80; server_name kjwoo.cn; add_header Strict-Transport-Security max-age=15768000; return 301 https://www.$server_name$request_uri; }2) 配置代理服务器
server { listen 443 ssl; server_name git.kjwoo.cn; ssl_certificate /etc/nginx/ssl/git.ky.kjwoo.cn/me.crt; ssl_certificate_key /etc/nginx/ssl/git.kjwoo.cn/me.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { proxy_connect_timeout 1; proxy_send_timeout 300; proxy_read_timeout 300; proxy_buffer_size 1M; proxy_buffers 8 1M; proxy_busy_buffers_size 1M; proxy_temp_file_write_size 1M; client_max_body_size 100m; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:3000; } } server { listen 80; server_name git.kjwoo.cn; rewrite ^(.*)$ https://$host$1 permanent; }3) 配置方向代理服务器
server { listen 443 ssl; server_name git.kjwoo.cn; ssl_certificate /etc/nginx/ssl/git.ky.kjwoo.cn/me.crt; ssl_certificate_key /etc/nginx/ssl/git.kjwoo.cn/me.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { proxy_connect_timeout 1; proxy_send_timeout 300; proxy_read_timeout 300; proxy_buffer_size 1M; proxy_buffers 8 1M; proxy_busy_buffers_size 1M; proxy_temp_file_write_size 1M; client_max_body_size 100m; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://127.0.0.1:3000; } } server { listen 80; server_name git.kjwoo.cn; rewrite ^(.*)$ https://$host$1 permanent; }
三、问题解决
1、applydeltarpm问题
[root@wkjhost ~]# yum provides */applydeltarpm
[root@wkjhost ~]# yum install deltarpm -y