Debian 源安装 NGINX+PHP+MYSQL

之前在Linode上一直用LNMP的一键安装包,这次改用阿里云,试下通过源安装LEMP环境,记录下安装过程。(VPS安全设置记录)

创建screen会话,执行

1
screen -S lemp

如果screen命令不存在,执行

1
apt-get install screen

如果网络掉线,重新连接,执行

1
screen -r lemp

修改源文件
在原有源的基础上加入新的源

1
vi /etc/apt/sources.list

在文件底部加入如下内容:

1
2
deb http://packages.dotdeb.org squeeze all
deb-src http://packages.dotdeb.org squeeze all

增加新加源的证书

1
2
wget http://www.dotdeb.org/dotdeb.gpg
cat dotdeb.gpg | apt-key add -

删除不用组件

1
apt-get --purge -y remove apache2-* bind9-* xinetd samba-*

更新源数据

1
2
apt-get update
apt-get upgrade

安装Nginx

1
apt-get install nginx

配置Nginx

1
2
3
4
5
6
7
8
mkdir -p /etc/nginx/vhost
mkdir -p /home/www/default
mkdir -p /home/log

rm -fr /etc/nginx/conf.d
rm -fr /etc/nginx/sites-available
rm -fr /etc/nginx/sites-enabled
rm -f /etc/nginx/nginx.conf

vi /etc/nginx/nginx.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
user www-data;
worker_processes  1;

error_log  /home/log/nginx.log crit;
pid        /var/run/nginx.pid;

worker_rlimit_nofile 51200;

events {
    use epoll;
    worker_connections 51200;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    server_names_hash_bucket_size 128;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
    client_max_body_size 50m;

    sendfile on;
    tcp_nopush     on;

    keepalive_timeout 60;

    tcp_nodelay on;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 256k;

    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_types       text/plain application/x-javascript text/css application/xml;
    gzip_vary on;

    #limit_zone  crawler  $binary_remote_addr  10m;

    #log format
    log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '
       '$status $body_bytes_sent "$http_referer" '
       '"$http_user_agent" $http_x_forwarded_for';

    include vhost/*.conf;
}

vi /etc/nginx/fcgi.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

vi /etc/nginx/vhost/default.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
server {
    listen       80;
    server_name _;
    rewrite ^(.*) http://koryi.com permanent;
}

server {
    listen   80;
    server_name  198.23.243.205;
    index  index.html index.htm index.php;
    root   /home/www/default;

    location ~ .*\.(php|php5)?$ {
        try_files $uri = 404;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index index.php;
        include fcgi.conf;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
        expires      30d;
    }

    location ~ .*\.(js|css)?$ {
        expires      12h;
    }

    #error_page  404  /404.html;

    #error_page   500 502 503 504  /50x.html;
    #location = /50x.html {
    #    root   /var/www/nginx-default;
    #}

    access_log  /home/log/default.log access;
}

启动Nginx

1
/etc/init.d/nginx start

测试HTML
vi /home/www/default/index.html

1
2
3
4
5
6
7
8
9
<!DOCTYPE HTML>
<html>
<head>
<title>Domain Sale</title>
</head>
<body>
<iframe width="100%" height="660" scrolling="no" frameborder="0" src="http://yun.koryi.com/html/index.html"></iframe>
</body>
</html>

安装PHP

1
apt-get install php5-cli php5-cgi php5-mcrypt php5-curl php5-gd build-essential wget psmisc spawn-fcgi

设置PHP.INI

1
2
3
4
5
6
7
8
sed -i 's#output_buffering = Off#output_buffering = On#' /etc/php5/cgi/php.ini
sed -i 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php5/cgi/php.ini
sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 50M/g' /etc/php5/cgi/php.ini
sed -i 's/;date.timezone =/date.timezone = PRC/g' /etc/php5/cgi/php.ini
sed -i 's/short_open_tag = Off/short_open_tag = On/g' /etc/php5/cgi/php.ini
sed -i 's/; cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php5/cgi/php.ini
sed -i 's/; cgi.fix_pathinfo=0/cgi.fix_pathinfo=0/g' /etc/php5/cgi/php.ini
sed -i 's/max_execution_time = 30/max_execution_time = 300/g' /etc/php5/cgi/php.ini

启动PHP

1
/usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -C 6 -u www-data -g www-data -f /usr/bin/php5-cgi

测试PHP
vi /home/www/default/p.php

1
<?php phpinfo(); ?>

安装MySQL

1
apt-get install mysql-server php5-mysql

安全设置

1
mysql_secure_installation

如果要重设密码,执行

1
dpkg-reconfigure mysql-server-5.0

重启PHP

1
2
killall -9 php5-cgi
/usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -C 6 -u www-data -g www-data -f /usr/bin/php5-cgi

安装phpmyadmin

1
apt-get install phpmyadmin

注意会提示你选择Apache或者lighttpd服务器,我们用的是Nginx,所以这里按Esc退出选择,然后会提示你输入一次mysql数据库密码,两次phpmyadmin密码

安装完成后,phpmyadmin所有代码文件都默认位于/usr/share/phpmyadmin路径下,假设我们的Web主路径位于/home/www/default/phpmyadmin下,接下来做个链接就可以了:

1
ln -s /usr/share/phpmyadmin /home/www/default/phpmyadmin