banner
云野阁

云野阁

闲云野鹤,八方逍遥
HomeArchives关于

LNMP部署

#Linux#Nginx#Mysql#PHP18
AI-generated summary
The document outlines the deployment process of an LNMP (Linux, Nginx, MySQL, PHP) stack on a CentOS Stream 9 system. It details two installation methods: 1. **Yum Installation**: - **Step 1**: Configure security settings by opening port 80 and disabling SELinux. - **Step 2**: Install Nginx and verify the installation. - **Step 3**: Install MySQL, start the service, and secure it by setting a root password, removing anonymous users, and deleting the test database. - **Step 4**: Install PHP and modify the Nginx configuration to support PHP processing. - **Step 5**: Test the setup by accessing a PHP file in the browser. 2. **One-Click Script Installation**: - Use `wget` to download the LNMP installation script for a simpler setup. The document emphasizes the importance of securing the MySQL installation and configuring Nginx to handle PHP requests properly.

基础环境#

系统环境:CentOS Stream 9

软件环境:nginx-1.20.1、mysql-8.0.36(mariaDB)、php-8.0.30

部署过程#

方案一:yum 安装#

步骤一:配置安全策略#

# 开放80端口
firewall-cmd --add-port=80/tcp --permanent
sudo firewall-cmd --reload && sudo firewall-cmd --list-all
# 关闭SELinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config

步骤二:安装 nginx#

yum -y install nginx
# 查看nginx版本
nginx -v

步骤三:安装并配置 mysql#

安装 mysql

yum -y install mysql-server
#查看mysql版本
mysql -V
# 启动并设置开机自启
systemctl start mysqld
systemctl enable mysqld

配置 mysql

(1)查看 root 用户的初始密码

grep 'password' /var/log/mysql/mysqld.log

2024-05-08T09:37:31.765242Z 6 [Warning] [MY-010453] [Server] root@localhost is created with an empty password ! Please consider switching off the —initialize-insecure option.

(2)配置 MySQL 的安全性

mysql_secure_installation

Securing the MySQL server deployment.

Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

设置 MySQL 的新密码

Press y|Y for Yes, any other key for No: y

There are three levels of password validation policy:

LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

设置的密码强度

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0
Please set the password for root here.

New password:

Re-enter new password:

Estimated strength of the password: 50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

删除匿名用户

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.

Normally, root should only be allowed to connect from
‘localhost’. This ensures that someone cannot guess at
the root password from the network.

禁止使用 root 用户远程登录 MySQL

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

By default, MySQL comes with a database named ‘test’ that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.

删除 test 库以及用户对 test 库的访问权限

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y

  • Dropping test database…
    Success.
  • Removing privileges on test database…
    Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

重新加载授权表

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

All done!

步骤四:安装 php#

# 下载php组件
 yum install -y php php-cli php-fpm php-common php-mysqlnd php-gd php-mbstring
# 查看php版本
 php -v

修改 nginx 配置文件以启用 php

# 备份Nginx配置文件
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
# 在Nginx配置文件中修改内容,在server部分添加内容
vi /etc/nginx/nginx.conf
**************************nginx.conf**************************
    server {
        listen       80;
        listen       [::]:80;
        server_name  _;
        root         /data; #网站根目录

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        location / { #添加
            index index.php index.html index.htm;
        }
        location ~ .php$ {
            root /data; #网站根目录
            fastcgi_pass 127.0.0.1:9000; #Nginx通过本机的9000端口将PHP请求转发给PHP-FPM进行处理
            fastcgi_index index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include fastcgi_params; #Nginx调用fastcgi接口处理PHP请求
        }
        error_page 404 /404.html;
        location = /404.html {
        }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        }
    }

**************************nginx.conf**************************

# 启动nginx,并设置开机自启
systemctl start nginx
systemctl enable nginx

配置并验证 php

# 保证 nginx 进程的管理用户和 PHP 服务进程的管理用户保持一致
vi /etc/php-fpm.d/www.conf
user = nginx
group = nginx
# 重启nginx
systemctl restart nginx

# 创建网站根目录
mkdir /data
# 编写测试php界面
echo "<?php echo phpinfo(); ?>" >/data/index.php
# 启动php-fpm,并设置开机自启
systemctl start php-fpm
systemctl enable php-fpm

步骤五:访问测试#

在浏览器中输入http://本机ip/index.php进行访问,如下图所示,表示 LNMP 环境部署成功。

1

方案二:脚本一键安装#

yum install -y wget
# 下载lnmp安装脚本
wget https://soft.lnmp.com/lnmp/lnmp2.1beta.tar.gz
# 解压
tar -vzxf lnmp2.1beta.tar.gz
cd lnmp2.1
# 执行脚本
./install.sh
# 按引导进行安装即可

在浏览器http://本机ip/访问,出现以下界面,即为部署成功。

2

打开 lnmp2.1/conf/nginx.conf 文件,查看其网站根目录为 /home/wwwroot/default,

在其网站根目录 /home/wwwroot/default 中# 编写测试 php 界面,在浏览器中输入http://本机ip/index.php进行访问,结果如方案一中的《步骤五》中的图所示,即为成功。

echo "<?php echo phpinfo(); ?>" >/data/index.php
Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.