标签归档:LNMP

阿里云建站笔记

发表评论

终于建站了!波折重重,赶紧笔记!

1 阿里云购买域名和云服务器ECS,最开始选的共享型small(1G1vCPU),后变更为突发型(2G2vCPU),价格相差10块,后者性能明显好于前者。

2 配置ECS:选择CentOS 8操作系统,CentOS 常用命令见这里。2M固定带宽,选择手工设置密码,服务器选在了国内。

第一次用国内服务器,以前用的都是漂亮国的,国内服务器就涉及到备案,还是挺麻烦的,鉴于已经付了钱,并搭建好了一切环境,不想再折腾,遂决定硬着头皮用下去,也体会一把申请备案的痛感。

3 通过终端连接到后台,首先更新:yum -y update

4 安装服务器:yum -y install nginx

5 查看服务器状态:systemctl status nginx

如果提示 -bash: systemctl: command not found,是因为CentOS 7.0以后才有systemctl命令,6.x只能用 service nginx status

6 设置开机启动并启动nginx服务器:
[~]# systemctl enable nginx
[~]# systemctl start nginx

7 安装mysql:yum search mysql,选择合适的包,直接yum install mysql是不完整的,需要再把mariadb补充上才能正常使用,见这里
正确的命令(centos8):yum -y install mysql-server

8 初始化mysql:
[~]# systemctl status mysqld,查看状态;
[~]# systemctl enable mysqld,开机启动;
[~]# systemctl start mysqld,启动mysql服务;
[~]# sudo mysql_secure_installation,运行mysql_secure_installation脚本,该脚本执行一些与安全性相关的操作并设置MySQL根密码;

9 配置mysql:
[~]# mysql -uroot -p
[mysql]> use mysql;
> update user set host='% where user='root';
> flush privileges;
> exit
[~]# sudo firewall-cmd --add-port=3306/tcp --permanent
[~]# sudo firewall-cmd --reload

! FirewallD服务如果没启动的话要先设置开机并启动firewalld服务

10 修改/etc/my.cnf配置文件,在末尾添加
[mysqld]
skip-name-resolve

11 重启mysql服务:systemctl restart mysqld

12 安装php:yum -y install php*。

13 开机启动php-fpm服务:systemctl enable php-fpmsystemctl start php-fpm

14 修改/etc/nginx/nginx.conf文件:

*For more information on configuration, see:
* Official English Documentation: http://nginx.org/en/docs/
* Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes 2;
worker_cpu_affinity 01 10;
worker_rlimit_nofile 65535;
worker_processes auto;

error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
     worker_connections 65535;
     use epoll;
     multi_accept on;
 }

http {
     log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                       '$status $body_bytes_sent "$http_referer" '
                       '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    server_names_hash_bucket_size 128;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
    client_max_body_size 8m;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    fastcgi_connect_timeout 180;
    fastcgi_send_timeout 500;
    fastcgi_read_timeout 500;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css application/xml;
    gzip_vary on;

include             /etc/nginx/mime.types;
default_type        application/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

    server {
            listen 80;
            server_name localhost;
            root 你的根目录;

            location / {
                  index index.php index.html;
                  proxy_http_version 1.1;
                  proxy_set_header Upgrade $http_upgrade;
                  proxy_set_header Connection "upgrade";
                  try_files $uri $uri/ /index.php?$query_string;
            }
            location ~ \.php$ {
                            if ( $fastcgi_script_name ~ \..*\/.*php ) {return 403;}
                            fastcgi_pass 127.0.0.1:9000;
                            fastcgi_index index.php;
                            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                            include fastcgi_params;
            }
            #rewrite ^(.*)$  https://$host$1 permanent;
    }

    server
    {
            listen 443 ssl default_server;
            ssl_certificate   Cert/你的ssl证书.pem;
            ssl_certificate_key  Cert/你的ssl证书.key;
            rewrite ^(.*)$  https://www.aliyun.com;
    }

    server {

            listen 443;
            server_name www.你的域名;
            ssl on;
            root 你的根目录;
            index index.html index.htm index.php;
            ssl_certificate   Cert/你的ssl证书.pem;
            ssl_certificate_key  Cert/你的ssl证书.key;
            ssl_session_timeout 5m;
            ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_prefer_server_ciphers on;

            location / {
                    root 你的根目录;
                    index index.html index.htm index.php;
                    proxy_http_version 1.1;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection "upgrade";
                    try_files $uri $uri/ /index.php?$query_string;
            }

            location ~ \.php$ {
                            if ( $fastcgi_script_name ~ \..*\/.*php ) {return 403;}
                            fastcgi_pass 127.0.0.1:9000;
                            fastcgi_index index.php;
                            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                            include fastcgi_params;
            }

   }
}

15 检查语法:nginx -t,如果没问题重启nginx:systemctl restart nginx

16 访问域名,获得nginx默认页面或者nginx.conf文件中指定的根目录index文件

参考文章:CentOS 8 安装MySQL 8.0
php-fpm启动成功但是9000端口没被用?
centos出现“FirewallD is not running”怎么办
nginx安装错误:No package nginx available