之前在Linode上一直用LNMP的一键安装包,这次改用阿里云,试下通过源安装LEMP环境,记录下安装过程。(VPS安全设置记录)
创建screen会话,执行
1 | screen -S lemp |
如果screen命令不存在,执行
1 | apt-get install screen |
如果网络掉线,重新连接,执行
1 | screen -r lemp |
修改源文件
在原有源的基础上加入新的源
1 | vi /etc/apt/sources.list |
在文件底部加入如下内容:
1 2 | deb http://packages.dotdeb.org squeeze all deb-src http://packages.dotdeb.org squeeze all |
增加新加源的证书
1 2 | wget http://www.dotdeb.org/dotdeb.gpg cat dotdeb.gpg | apt-key add - |
删除不用组件
1 | apt-get --purge -y remove apache2-* bind9-* xinetd samba-* |
更新源数据
1 2 | apt-get update apt-get upgrade |
安装Nginx
1 | apt-get install nginx |
配置Nginx
1 2 3 4 5 6 7 8 | mkdir -p /etc/nginx/vhost mkdir -p /home/www/default mkdir -p /home/log rm -fr /etc/nginx/conf.d rm -fr /etc/nginx/sites-available rm -fr /etc/nginx/sites-enabled rm -f /etc/nginx/nginx.conf |
vi /etc/nginx/nginx.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 | user www-data; worker_processes 1; error_log /home/log/nginx.log crit; pid /var/run/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 51200; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 50m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 256k; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; #limit_zone crawler $binary_remote_addr 10m; #log format log_format access '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" $http_x_forwarded_for'; include vhost/*.conf; } |
vi /etc/nginx/fcgi.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; |
vi /etc/nginx/vhost/default.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | server { listen 80; server_name _; rewrite ^(.*) http://koryi.com permanent; } server { listen 80; server_name 198.23.243.205; index index.html index.htm index.php; root /home/www/default; location ~ .*\.(php|php5)?$ { try_files $uri = 404; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fcgi.conf; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } #error_page 404 /404.html; #error_page 500 502 503 504 /50x.html; #location = /50x.html { # root /var/www/nginx-default; #} access_log /home/log/default.log access; } |
启动Nginx
1 | /etc/init.d/nginx start |
测试HTML
vi /home/www/default/index.html
1 2 3 4 5 6 7 8 9 | <!DOCTYPE HTML> <html> <head> <title>Domain Sale</title> </head> <body> <iframe width="100%" height="660" scrolling="no" frameborder="0" src="http://yun.koryi.com/html/index.html"></iframe> </body> </html> |
安装PHP
1 | apt-get install php5-cli php5-cgi php5-mcrypt php5-curl php5-gd build-essential wget psmisc spawn-fcgi |
设置PHP.INI
1 2 3 4 5 6 7 8 | sed -i 's#output_buffering = Off#output_buffering = On#' /etc/php5/cgi/php.ini sed -i 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php5/cgi/php.ini sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 50M/g' /etc/php5/cgi/php.ini sed -i 's/;date.timezone =/date.timezone = PRC/g' /etc/php5/cgi/php.ini sed -i 's/short_open_tag = Off/short_open_tag = On/g' /etc/php5/cgi/php.ini sed -i 's/; cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php5/cgi/php.ini sed -i 's/; cgi.fix_pathinfo=0/cgi.fix_pathinfo=0/g' /etc/php5/cgi/php.ini sed -i 's/max_execution_time = 30/max_execution_time = 300/g' /etc/php5/cgi/php.ini |
启动PHP
1 | /usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -C 6 -u www-data -g www-data -f /usr/bin/php5-cgi |
测试PHP
vi /home/www/default/p.php
1 | <?php phpinfo(); ?> |
安装MySQL
1 | apt-get install mysql-server php5-mysql |
安全设置
1 | mysql_secure_installation |
如果要重设密码,执行
1 | dpkg-reconfigure mysql-server-5.0 |
重启PHP
1 2 | killall -9 php5-cgi /usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -C 6 -u www-data -g www-data -f /usr/bin/php5-cgi |
安装phpmyadmin
1 | apt-get install phpmyadmin |
注意会提示你选择Apache或者lighttpd服务器,我们用的是Nginx,所以这里按Esc退出选择,然后会提示你输入一次mysql数据库密码,两次phpmyadmin密码
安装完成后,phpmyadmin所有代码文件都默认位于/usr/share/phpmyadmin路径下,假设我们的Web主路径位于/home/www/default/phpmyadmin下,接下来做个链接就可以了:
1 | ln -s /usr/share/phpmyadmin /home/www/default/phpmyadmin |