lnmp.html

<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta http-equiv=pragma content=no-cache>
<link href="css/bootstrap.min.css" rel="stylesheet">
<link rel="shortcut icon" href="favicon.ico">
<link rel="bookmark" href="favicon.ico">
<title>网站LNMP环境安装配置笔记</title>
</head>
<body>
<div class="container">
<p><a href="index.html">返回首页</a></p>
<h2 align=center>网站LNMP环境安装配置笔记</h2>
<h3>注：网站系统为CentOS/Rocky/Alma 8/9，使用systemd。</h3>
<p><b>一、准备工作：</b></p>
<p>1、升级系统</p>
<pre>dnf update -y</pre>
<p>2、清理原有安装</p>
<pre>dnf remove php* mariadb* nginx* http* -y</pre>
<p><b>二、服务器安装LNMP</b></p>
<p><b>1、安装编译工具</b></p>
<pre>dnf install gcc cmake gcc-c++ -y</pre>
<p><b>2、安装Nginx</b></p>
<p>安装依赖</p>
<pre>dnf install pcre-devel zlib-devel openssl-devel -y</pre>
<p>建立组和用户并设置不能ssh登录</p>
<pre>useradd -U -r -M -s /bin/false www</pre>
<p>下载</p>
<pre>mkdir -p /data/source
cd /data/source
wget http://nginx.org/download/nginx-1.27.3.tar.gz</pre>
<p>解压</p>
<pre>tar xvf nginx-1.27.3.tar.gz</pre>
<p>编译</p>
<pre>cd nginx-1.27.3
./configure --prefix=/usr/local/nginx --user=www --group=www --pid-path=/run/nginx.pid --lock-path=/run/nginx.lock --http-client-body-temp-path=/tmp/client --http-proxy-temp-path=/tmp/proxy --http-fastcgi-temp-path=/tmp/fastcgi --http-uwsgi-temp-path=/tmp/uwsgi --http-scgi-temp-path=/tmp/scgi --http-log-path=/usr/local/nginx/log/access.log --error-log-path=/usr/local/nginx/log/error.log --with-http_ssl_module --with-http_v2_module --with-http_v3_module --with-http_stub_status_module --with-http_realip_module --with-stream_ssl_module --with-stream_realip_module
make -j5
make install</pre>
<p>配置启动</p>
<pre>cat > /lib/systemd/system/nginx.service << "EOF"
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t -c /usr/local/nginx/conf/nginx.conf
ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ExecStartPost=/bin/sleep 0.1
ExecReload=/bin/kill -HUP $MAINPID
ExecStop=/bin/kill -QUIT $MAINPID

[Install]
WantedBy=multi-user.target
EOF

sed -i "s/\/\$nginx_version//" /usr/local/nginx/conf/fastcgi*
sed -i "s/}/    application\/vnd.android.package-archive apk;\n}/g" /usr/local/nginx/conf/mime.types
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
mkdir /usr/local/nginx/conf/conf.d

cat > /usr/local/nginx/conf/nginx.conf << "EOF"
user  www;
worker_processes  4;
events {
    worker_connections  1024;
    use epoll;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    charset  utf-8;
    sendfile        on;
    client_max_body_size 40m;
    server_tokens off;
    keepalive_timeout  65;
    gzip  on;
    include  conf.d/*.conf;
}
EOF
cat > /usr/local/nginx/conf/conf.d/www.conf << "EOF"
server {
    listen       80;
    server_name  localhost;
    root   /data/www;
    index  index.html index.htm index.php;

    error_page  404              /404.html;
    error_page   500 502 503 504  /50x.html;

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri = 404;
        fastcgi_pass   127.0.0.1:9000;
        include        fastcgi.conf;
    }
}
EOF
mkdir /data/www
ln -sf /usr/local/nginx/sbin/nginx /usr/local/bin/
</pre>
<p>打开防火墙</p>
<pre>firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --reload</pre>
<p><b>3.1、dnf安装PHP</b></p>
<pre>dnf install yum-utils
dnf install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf-config-manager --enable remi-php82
dnf install php-fpm php-opcache php-gd php-pg php-cli php-mbstring php-xml php-pecl-zip php-intl php-ldap php-smbclient php-imap php-exif php-gmp php-redis php-imagick
systemctl enable php-fpm
systemctl start php-fpm</pre>
<p><b>3.2、编译安装PHP</b></p>
<p>安装依赖</p>
<pre>dnf install libxml2-devel systemd-devel gd-devel libcurl-devel openldap-devel libzip-devel -y</pre>
<p>下载</p>
<pre>cd /data/source
wget http://www.php.net/distributions/php-8.4.3.tar.xz</pre>
<p>解压</p>
<pre>tar xvf php-8.4.3.tar.xz</pre>
<p>编译</p>
<pre>cd php-8.4.3
./configure --prefix=/usr/local/php --enable-fpm --with-fpm-systemd --with-pear --with-fpm-user=www --with-fpm-group=www --with-config-file-path=/usr/local/php --with-config-file-scan-dir=/usr/local/php/lib/php/extensions --enable-opcache --enable-mbstring --with-gettext --with-curl --enable-mysqlnd --with-mysqli --with-pdo-mysql --disable-phpdbg --with-zlib --enable-calendar --enable-exif --enable-ftp --enable-soap --enable-bcmath --enable-sockets --with-openssl --enable-pcntl --with-zip --enable-gd --with-webp --with-jpeg --with-xpm --with-freetype
#有ldap参数时：--with-ldap --with-ldap-sasl
#ln -sf /usr/lib64/libldap* /usr/lib/
#ln -sf /usr/lib64/liblber* /usr/lib/
make -j5
make install
ln -sf /usr/local/php/bin/* /usr/local/bin/
ln -sf /usr/local/php/sbin/* /usr/local/bin/
cp sapi/fpm/php-fpm.service /lib/systemd/system/
cp php.ini-production /usr/local/php/php.ini
cp sapi/fpm/www.conf /usr/local/php/etc/php-fpm.d/
cp sapi/fpm/php-fpm.conf /usr/local/php/etc/
sed -i "s/;zend_extension=opcache/zend_extension=opcache/" /usr/local/php/php.ini
sed -i "s/;opcache.enable=0/opcache.enable=1/" /usr/local/php/php.ini
sed -i "s/;opcache.enable=1/opcache.enable=1/" /usr/local/php/php.ini
sed -i "s/;opcache.enable_cli=0/opcache.enable_cli=1/" /usr/local/php/php.ini
sed -i "s/;opcache.file_cache=/opcache.file_cache=\/tmp/" /usr/local/php/php.ini
sed -i "s/max_execution_time = 30/max_execution_time = 60/" /usr/local/php/php.ini
sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 20M/" /usr/local/php/php.ini
sed -i "s/post_max_size = 8M/post_max_size = 20M/" /usr/local/php/php.ini
sed -i "s/;date.timezone =/date.timezone = Asia\/Shanghai/" /usr/local/php/php.ini
sed -i "s/;pcre.jit=1/pcre.jit=0/" /usr/local/php/php.ini
sed -i "s/display_errors = Off/display_errors = On/" /usr/local/php/php.ini
sed -i "s/expose_php = On/expose_php = Off/" /usr/local/php/php.ini
pear update-channels pear.php.net
pear upgrade-all
#php8增加jit参数
echo "opcache.jit=1235" >> /usr/local/php/php.ini
echo "opcache.jit_buffer_size=64M" >> /usr/local/php/php.ini
#查看是否生效
php -i|grep -i jit
</pre>
<p>#编译安装ImageMagick</p>
<pre>
wget https://imagemagick.org/download/ImageMagick-6.9.13-17.tar.xz
tar xvf ImageMagick-6.9.13-17.tar.xz
cd ImageMagick-6.9.13-17
./configure --disable-openmp --disable-hdri --with-quantum-depth=8
make -j5
make install
</pre>
<pre>pecl install memcached redis lzf imagick</pre>
<p><b>4.1、yum安装MariaDB数据库</b></p>
<p>加源</p>
<pre>cat > /etc/yum.repos.d/mariadb.repo << "EOF"
# MariaDB 10.11 RedHatEnterpriseLinux repository list - created 2023-02-22 16:29 UTC
# https://mariadb.org/download/
[mariadb]
name = MariaDB
baseurl = https://mirrors.ustc.edu.cn/mariadb/yum/10.11/rhel9-amd64
gpgkey=https://mirrors.ustc.edu.cn/mariadb/yum/RPM-GPG-KEY-MariaDB
gpgcheck=1
EOF</pre>
<p>安装</p>
<pre>yum install MariaDB-server MariaDB-client</pre>
<p><b>4.2、yum安装Mysql数据库</b></p>
<p>加源</p>
<pre>
rpm -ivh https://repo.mysql.com//mysql84-community-release-el9-1.noarch.rpm
</pre>
<p>安装</p>
<pre>yum install mysql-community-server</pre>
<p>配置</p>
<pre>mysqld --initialize-insecure
chown mysql:mysql /var/lib/mysql -R
systemctl start mysqld
mysqladmin -uroot password "mypass"
</pre>
<p>旧版本php5支持</p>
<pre>echo "character-set-server = utf8mb4" >> /etc/my.cnf.d/mysql-server.cnf
echo "collation-server = utf8mb4_unicode_ci" >> /etc/my.cnf.d/mysql-server.cnf
mysql -uroot -p
#mysql> alter user 'root'@'localhost' identified with mysql_native_password by 'mypass';
#echo "default_authentication_plugin=mysql_native_password" >> /etc/my.cnf.d/mysql-server.cnf
</pre>
<p><b>4.3、编译安装MariaDB数据库</b></p>
<p>创建mysql用户</p>
<pre>useradd -U -r -M -s /bin/false mysql</pre>
<p>安装依赖</p>
<pre>yum install libaio-devel ncurses-devel bison -y</pre>
<p>下载</p>
<pre>wget http://mirrors.ustc.edu.cn/mariadb//mariadb-11.6.2/source/mariadb-11.6.2.tar.gz
</pre>
<p>解压</p>
<pre>tar xvf mariadb-11.6.2.tar.gz</pre>
<p>编译</p>
<pre>cd mariadb-11.6.2
cmake . \
-DCMAKE_INSTALL_PREFIX=/usr/local/mariadb \
-DMYSQL_DATADIR=/usr/local/mariadb/data \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_SYSTEMD=yes \
-DINSTALL_SYSTEMD_UNITDIR=/lib/systemd/system \
-DWITH_SSL=system \
-DCONNECT_WITH_MYSQL=1 \
-DWITH_DEBUG=no \
-DPLUGIN_TOKUDB=NO \
-DWITH_MARIABACKUP=OFF \
-DWITH_LIBARCHIVE=OFF \
-DWITH_UNIT_TESTS=OFF \
-DWITH_UNITTEST=OFF \
-DWITHOUT_CLIENTLIBS=YES \
-DCLIENT_PLUGIN_DIALOG=OFF \
-DCLIENT_PLUGIN_CLIENT_ED25519=OFF \
-DCLIENT_PLUGIN_MYSQL_CLEAR_PASSWORD=STATIC \
-DCLIENT_PLUGIN_CACHING_SHA2_PASSWORD=OFF \
-DWITH_WSREP=OFF \
-DPLUGIN_ROCKSDB=NO \
-DWITH_ROCKSDB_BZIP2=OFF \
-DWITH_ROCKSDB_JEMALLOC=OFF \
-DWITH_ROCKSDB_LZ4=OFF \
-DWITH_ROCKSDB_snappy=OFF \
-DWITH_ROCKSDB_zstd=OFF \
-DINSTALL_SQLBENCHDIR="" \
-DINSTALL_MYSQLTESTDIR=''

-DMAX_INDEXES=128

make -j5
make install
ln -sf /usr/local/mariadb/bin/* /usr/local/bin/
mkdir /usr/local/mariadb/data
chown mysql:mysql /usr/local/mariadb/data -R
sed -i "s/\$MYSQLD_OPTS \$_WSREP_NEW_CLUSTER \$_WSREP_START_POSITION/--defaults-file=\/usr/local\/mariadb\/my.cnf/" /lib/systemd/system/mariadb.service
cat > my.cnf << "EOF"
[client]
port=3306
socket=/tmp/mysql.sock

[mysqld]
port=3306
socket=/tmp/mysql.sock
key_buffer_size=16M
max_allowed_packet=8M

[mysqldump]
quick
EOF
cd /usr/local/mariadb
scripts/mysql_install_db --user=mysql --defaults-file=/usr/local/mariadb/my.cnf --datadir=/usr/local/mariadb/data/
systemctl start mariadb
/usr/local/mariadb/bin/mysqladmin -u root password 'password'
#更新或重新编译后：
#sed -i "s/\$MYSQLD_OPTS \$_WSREP_NEW_CLUSTER \$_WSREP_START_POSITION/--defaults-file=\/usr\/local\/mariadb\/my.cnf/" /lib/systemd/system/mariadb.service
rm -rf /usr/local/mariadb/data/test
systemctl daemon-reload
systemctl restart mariadb
#慢日志
mkdir /usr/local/mariadb/log
chown mysql:mysql /usr/local/mariadb/log -R
#修改my.cnf
[mysqld]
slow_query_log = on
slow_query_log_file = /usr/local/mariadb/log/mysql-slow
long_query_time = 2
#bin日志
log-bin=mysql-bin
expire_logs_days = 3
#最大连接数
max_connections = 1000
</pre>
<p><b>4.4、编译安装Mysql数据库</b></p>
<p>下载</p>
<pre>wget https://cdn.mysql.com//Downloads/MySQL-9.2/mysql-9.2.0.tar.gz
#wget https://cdn.mysql.com//Downloads/MySQL-5.7/mysql-boost-5.7.44.tar.gz</pre>
<p>解压</p>
<pre>tar xvf mysql-9.2.0.tar.gz
#tar xvf mysql-boost-5.7.44.tar.gz</pre>
<p>编译</p>
<pre>cd mysql-9.2.0
#cd mysql-5.7.44
cmake . \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_DATADIR=/usr/local/mysql/data \
-DINSTALL_MYSQLDATADIR=/usr/local/mysql/data \
-DDEFAULT_CHARSET=utf8mb4 \
-DDEFAULT_COLLATION=utf8mb4_general_ci \
-DWITH_SYSTEMD=1 \
-DSYSTEMD_PID_DIR=/tmp \
-DWITH_UNIT_TESTS=OFF \
-DINSTALL_MYSQLTESTDIR= \
-DWITH_SSL=system \
-DFORCE_INSOURCE_BUILD=ON \
-DWITH_ROUTER=off
#mysql-5.7.44去掉：
-DFORCE_INSOURCE_BUILD=ON \
-DWITH_ROUTER=off
增加：
-DWITH_BOOST=boost \
-DWITH_EMBEDDED_SERVER=OFF
make -j5
make install
ln -sf /usr/local/mysql/bin/* /usr/local/bin/
cp scripts/mysqld.service /lib/systemd/system/

cat > /usr/local/mysql/my.cnf << "EOF"
[client]
port=3306
socket=/tmp/mysql.sock

[mysqld]
port=3306
socket=/tmp/mysql.sock
key_buffer_size=16M
max_allowed_packet=8M

log-error=/usr/local/mysql/log/mysqld.log
slow_query_log=1
slow_query_log_file=/usr/local/mysql/log/mysql-slow.log
long_query_time=3
log_output=FILE

[mysqldump]
quick

[mysql]
port=3306
socket=/tmp/mysql.sock
EOF

#创建日志目录
mkdir /usr/local/mysql/log
chown mysql:mysql /usr/local/mysql/log -R

#初始化
mysqld --defaults-file=/usr/local/mysql/my.cnf --initialize-insecure --user=mysql
systemctl start mysqld
mysqladmin -uroot password "新密码"
</pre>
<p><a href="index.html">返回首页</a></p>
<p align="center">&copy; 2016-2025 清风的个人笔记</p>
</div>
</body>
</html>