操作系统 | CentOS Linux release 7.6.1810 (Core)
[root@localhost ~# cat /etc/redhat-release CentOS Linux release 7.6.1810 (Core)
#!/bin/bash #下载全部软件包bash_shell脚本 #vi/sh Download_LNMP.sh echo ' http://nginx.org/download/nginx-1.16.1.tar.gz https://www.php.net/distributions/php-7.3.10.tar.gz https://cmake.org/files/v3.15/cmake-3.15.4.tar.gz https://dl.bintray.com/boostorg/release/1.71.0/source/boost_1_71_0.tar.gz https://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.27-linux-glibc2.12-x86_64.tar.gz ftp://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gz https://www.openssl.org/source/openssl-1.1.1d.tar.gz https://www.zlib.net/zlib-1.2.11.tar.gz http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz http://www.tortall.net/projects/yasm/releases/yasm-1.3.0.tar.gz ftp://ftp.free.org/mirrors/rsync.frugalware.org/frugalware-1.9/source/xlib/t1lib/t1lib-5.1.2.tar.gz https://github.com/libgd/libgd/releases/download/gd-2.2.5/libgd-2.2.5.tar.gz https://codeload.github.com/webmproject/libvpx/tar.gz/v1.8.1/libvpx-1.8.1.tar.gz http://download.osgeo.org/libtiff/tiff-4.0.10.tar.gz ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng16/libpng-1.6.37.tar.gz https://download.savannah.gnu.org/releases/freetype/freetype-2.10.0.tar.gz http://www.ijg.org/files/jpegsrc.v9c.tar.gz '|sed '/^$/d' > Download_LNMP.txt while read url_list do wget "$url_list" -b -c -nc -P /usr/local/src -o /dev/null done < Download_LNMP.txt ps -ef | grep wget
更新时间同步
[root@localhost ~]# sudo yum install ntp ntpupdate -y [root@localhost ~]# sudo systemctl start ntpd [root@localhost ~]# timedatectl set-timezone "Asia/Shanghai" [root@localhost ~]# systemctl enable ntpd [root@localhost ~]# ntpdate cn.pool.ntp.org [root@localhost ~]# sudo systemctl restart ntpd [root@localhost ~]# ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime [root@localhost ~]# clock --systohc [root@localhost ~]# hwclock -w [root@localhost ~]# date '+%Y/%m/%d %T %Z' 2019/09/27 00:21:06 CST
安装编译工具及库文件
yum install -y --exclude=kernel*,centos-release*,httpd,nginx,php,mysql,mairadb,python-psutil,python2-psutil,cacti,git,svn yum-fastestmirror redhat-lsb compat* logrotate lsof net-tools lrzsz cmake wget gcc gcc-c++ make zlib-devel readline-devel automake ncurses-devel epel-release bash-completion sysstat mlocate kernel kernel-headers kernel-devel iptables-services apr* autoconf bison bzip2 bzip2* bzip2-devel cpp curl curl-devel fontconfig fontconfig-devel freetype* freetype-devel gd gettext gettext-libs gettext-devel gettext-common-devel glibc glibc-devel glibc-headers keyutils keyutils-libs-devel krb5-devel libcom_err-devel libpng-devel libjpeg* libsepol-devel libselinux-devel libstdc++-devel libtool libtool* libgomp libxml2 libxml2-devel libXpm* libxml* libXaw-devel libXmu-devel libtiff libtiff* mpfr ncurses* ntp ntpdate* openssl-devel patch pcre-devel php-common php-gd policycoreutils telnet t1lib t1lib* nasm nasm* libwebp libwebp-devel libjpeg-devel db4-devel libXpm-devel libc-client-devel openldap-devel mysql-devel libicu-devel libcurl libcurl-devel libzip cpan tcp_wrappers psmisc tree cyrus-sasl-md5 vim chrony rsync xinetd crontabs iptables-utils git dos2unix boost-devel boost-doc libxslt libxslt-devel libdb4* qpid* gnutls boost-system avahi-libs boost-thread dwz dyninst emacs-filesystem fipscheck fipscheck-lib gdb libdwarf libedit libgfortran unzip zip trousers pakchois nettle neon m4 mokutil libproxy libstdc++-devel libquadmath libquadmath-devel libmpc libmodman libgnome-keyring subversion-libs systemtap-devel systemtap-runtime openssh openssh-clients systemtap-client perl perl-Carp perl-Data-Dumper perl-Encode perl-Error perl-Exporter perl-File-Path perl-File-Temp perl-Filter perl-Getopt-Long perl-Git perl-HTTP-Tiny perl-PathTools perl-Pod-Escapes perl-Pod-Perldoc perl-Pod-Simple perl-Pod-Usage perl-Scalar-List-Utils perl-Socket perl-Storable perl-TermReadKey perl-Test-Harness perl-Text-ParseWords perl-Thread-Queue perl-Time-HiRes perl-Time-Local perl-XML-Parser perl-constant perl-libs perl-macros perl-parent perl-podlators perl-srpm-macros perl-threads perl-threads-shared screen tcpdump nc mtr nmap tcl policycoreutils-python policycoreutils-python.x86_64 httpd libjpeg gd php-mysql php-mbstring php-process php-snmp php-ldap php-xml net-snmp net-snmp-utils rrdtool rrdtool-devel rrdtool-php help2man net-snmp-devel binutils libffi-devel libtasn1-devel p11-kit-devel dh-autoreconf expat-devel perl-devel asciidoc xmlto docbook2X --skip-broken && yum clean all && sudo ln -s /usr/bin/db2x_docbook2texi /usr/bin/docbook2x-texi
关闭防火墙命令
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@localhost ~]# firewall-cmd --state
not running
禁用selinux启动|运行的脚本 | 通用不添加多余项的原selinux配置文件
#!/bin/bash #<---selinux-disabled shell script---> sed -i '7,12s/^/#&/g;7,12s/##/#/g;13cSELINUX=disabled' /etc/selinux/config setenforce 0 selinux_config=`getenforce` disabled=`echo Disabled` if [ $disabled == $selinux_config ] then echo "your selinux is `getenforce`." else echo "your selinux is `getenforce`,please running command'reboot' or 'init 6'and 'cat /etc/selinux/config' configuration bash file!" fi exit 0
[root@localhost ~]# sh dis.selinux.sh your selinux is Permissive,please running command'reboot' or 'init 6'and 'cat /etc/selinux/config' configuration bash file!
[root@localhost ~]# getenforce
Permissive
注:需要重启系统才能生效
selinux原配置文件
[root@localhost ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
selinux禁用配置文件(运行多次selinux脚本都不会影响)
[root@localhost ~]# cat -n /etc/selinux/config 1 2 # This file controls the state of SELinux on the system. 3 # SELINUX= can take one of these three values: 4 # enforcing - SELinux security policy is enforced. 5 # permissive - SELinux prints warnings instead of enforcing. 6 # disabled - No SELinux policy is loaded. 7 #SELINUX=enforcing 8 # SELINUXTYPE= can take one of three two values: 9 # targeted - Targeted processes are protected, 10 # minimum - Modification of targeted policy. Only selected processes are protected. 11 # mls - Multi Level Security protection. 12 #SELINUXTYPE=targeted 13 SELINUX=disabled 14
reboot | init 6 重启后Disabled
[root@localhost ~]# getenforce
Disabled
再次dia.selinux.sh脚本测试和显示结果
[root@localhost ~]# sh dis.selinux.sh setenforce: SELinux is disabled your selinux is Disabled. [root@localhost ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. #SELINUX=enforcing # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. #SELINUXTYPE=targeted SELINUX=disabled [root@localhost ~]#
安装Nginx
1.添加Nginx yum储存库,创建nginx.repo文件
touch /etc/yum.repos.d/nginx.repo
[nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=0 enabled=1
下面我们利用脚本创建nginx.repo
注:$ 需要变成$定义字符串
#!/bin/bash tee << EOF /etc/yum.repos.d/nginx.repo >/dev/null 2>&1 [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=0 enabled=1 EOF
测试运行
[root@localhost ~]# sh nginx-yum.repo.sh [root@localhost ~]# cat /etc/yum.repos.d/nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=0 enabled=1
2.使用源文件编译
下载URL_https
https://nginx.org/download/
nginx-1.16.1.tar.gz 13-Aug-2019 17:01 1032630 https://nginx.org/download/nginx-1.16.1.tar.gz
使用wget工具下载nginx-1.16.1.tar.gz(没有安装wget请使用yum安装: yum -y install wget)指定下载文件路径/usr/local/src
wget -P /usr/local/src https://nginx.org/download/nginx-1.16.1.tar.gz
解压nginx-1.16.1.tar.gz进入nginx-1.16.1文件夹
tar zxvf nginx-1.16.1.tar.gz;cd /usr/local/nginx-1.16.1
检查编译安装(没有定义)
./configure
检查配置环境| + OpenSSL library is not used | openssl 没有使用
Configuration summary + using system PCRE library + OpenSSL library is not used + using system zlib library nginx path prefix: "/usr/local/nginx" nginx binary file: "/usr/local/nginx/sbin/nginx" nginx modules path: "/usr/local/nginx/modules" nginx configuration prefix: "/usr/local/nginx/conf" nginx configuration file: "/usr/local/nginx/conf/nginx.conf" nginx pid file: "/usr/local/nginx/logs/nginx.pid" nginx error log file: "/usr/local/nginx/logs/error.log" nginx http access log file: "/usr/local/nginx/logs/access.log" nginx http client request body temporary files: "client_body_temp" nginx http proxy temporary files: "proxy_temp" nginx http fastcgi temporary files: "fastcgi_temp" nginx http uwsgi temporary files: "uwsgi_temp" nginx http scgi temporary files: "scgi_temp"
下载openssl安装
wget -P /usr/local/src https://www.openssl.org/source/openssl-1.1.1c.tar.gz
解压openssl-1.1.1c.tar.gz进入文件夹
tar zxvf openssl-1.1.1c.tar.gz;cd /usr/local/src/openssl-1.1.1c/
检查和配置安装编译
./config --prefix=/usr/local/openssl make && make install echo "export PATH=$PATH:/usr/local/openssl/bin" >> /etc/profile source /etc/profile ./configure --with-openssl=/usr/local/src/openssl-1.1.1c
Configuration summary + using system PCRE library + using OpenSSL library: /usr/local/src/openssl-1.1.1c + using system zlib library nginx path prefix: "/usr/local/nginx" nginx binary file: "/usr/local/nginx/sbin/nginx" nginx modules path: "/usr/local/nginx/modules" nginx configuration prefix: "/usr/local/nginx/conf" nginx configuration file: "/usr/local/nginx/conf/nginx.conf" nginx pid file: "/usr/local/nginx/logs/nginx.pid" nginx error log file: "/usr/local/nginx/logs/error.log" nginx http access log file: "/usr/local/nginx/logs/access.log" nginx http client request body temporary files: "client_body_temp" nginx http proxy temporary files: "proxy_temp" nginx http fastcgi temporary files: "fastcgi_temp" nginx http uwsgi temporary files: "uwsgi_temp" nginx http scgi temporary files: "scgi_temp"
已经使用 | + using OpenSSL library: /usr/local/src/openssl-1.1.1c
nginx安装编译
[root@localhost nginx-1.16.1]# make && make install ... ... ... make[1]: Leaving directory `/usr/local/src/nginx-1.16.1' [root@localhost nginx-1.16.1]#
启动nginx
[root@localhost ~]# /usr/local/nginx/sbin/nginx [root@localhost ~]# ps -ef|grep nginx root 11578 1 0 09:57 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx nobody 11579 11578 0 09:57 ? 00:00:00 nginx: worker process root 11581 1026 0 09:57 pts/0 00:00:00 grep --color=auto nginx
为了方便加载nginx启动|停止|重启
参考脚本来源nginx官网:https://www.nginx.com/resources/wiki/start/topics/examples/redhatnginxinit/
使用https://www.osyunwei.com/archives/10046.html脚本
创建/etc/rc.d/init.d/nginx脚本 | 运行 sh nginx-init.d.sh
#!/bin/sh #sh nginx-init.d.sh echo '#!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse # proxy and IMAP/POP3 proxy server # processname: nginx # config: /etc/nginx/nginx.conf # config: /usr/local/nginx/conf/nginx.conf # pidfile: /usr/local/nginx/logs/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/local/nginx/sbin/nginx" prog=$(basename $nginx) NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf" [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx lockfile=/var/lock/subsys/nginx make_dirs() { # make required directories user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=([^ ]*).*/1/g' -` if [ -z "`grep $user /etc/passwd`" ]; then useradd -M -s /bin/nologin $user fi options=`$nginx -V 2>&1 | grep 'configure arguments:'` for opt in $options; do if [ `echo $opt | grep '.*-temp-path'` ]; then value=`echo $opt | cut -d "=" -f 2` if [ ! -d "$value" ]; then # echo "creating" $value mkdir -p $value && chown -R $user $value fi fi done } start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 make_dirs echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { #configtest || return $? stop sleep 1 start } reload() { #configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac' > /etc/rc.d/init.d/nginx chmod 775 /etc/rc.d/init.d/nginx chkconfig nginx on
测试正常:启动 | 停止 | 重启
[root@localhost ~]# /etc/rc.d/init.d/nginx start Starting nginx (via systemctl): [ OK ] [root@localhost ~]# ps -ef|grep nginx root 12955 1 0 12:46 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 12957 12955 0 12:46 ? 00:00:00 nginx: worker process root 12959 1026 0 12:46 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# /etc/rc.d/init.d/nginx stop Stopping nginx (via systemctl): [ OK ] [root@localhost ~]# ps -ef|grep nginx root 12986 1026 0 12:46 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# /etc/rc.d/init.d/nginx restart Restarting nginx (via systemctl): [ OK ] [root@localhost ~]# ps -ef|grep nginx root 13018 1 0 12:46 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 13020 13018 0 12:46 ? 00:00:00 nginx: worker process root 13022 1026 0 12:46 pts/0 00:00:00 grep --color=auto nginx
[root@localhost ~]# service nginx start Starting nginx (via systemctl): [ OK ] [root@localhost ~]# ps -ef|grep nginx root 13246 1 0 12:48 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 13248 13246 0 12:48 ? 00:00:00 nginx: worker process root 13250 1026 0 12:48 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# service nginx stop Stopping nginx (via systemctl): [ OK ] [root@localhost ~]# ps -ef|grep nginx root 13284 1026 0 12:48 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# service nginx restart Restarting nginx (via systemctl): [ OK ] [root@localhost ~]# ps -ef|grep nginx root 13323 1 0 12:48 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 13325 13323 0 12:48 ? 00:00:00 nginx: worker process root 13327 1026 0 12:48 pts/0 00:00:00 grep --color=auto nginx
[root@localhost ~]# systemctl start nginx [root@localhost ~]# ps -ef|grep nginx root 13436 1 0 12:50 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 13438 13436 0 12:50 ? 00:00:00 nginx: worker process root 13440 1026 0 12:50 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# systemctl stop nginx [root@localhost ~]# ps -ef|grep nginx root 13461 1026 0 12:50 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# systemctl restart nginx [root@localhost ~]# ps -ef|grep nginx root 13487 1 0 12:50 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 13489 13487 0 12:50 ? 00:00:00 nginx: worker process root 13491 1026 0 12:50 pts/0 00:00:00 grep --color=auto nginx
使用 ip a 查看服务器 IP 在浏览器输入 ip 回车
安装MySQL
参考链接(Mysql的安全配置向导命令mysql_secure_installation):https://www.cnblogs.com/diantong/p/10966305.html
[root@localhost ~]# cd /usr/local/src [root@localhost src]# boost_1_59_0.tar.gz cmake-3.7.2 jpegsrc.v9b.tar.gz libvpx-1.3.0.tar.gz mysql-5.7.16.tar.gz nginx-1.17.3.tar.gz pcre-8.43.tar.gz zabbix-4.0.11.tar.gz chkrootkit cmake-3.7.2.tar.gz libgd-2.1.1.tar.gz libxml2-2.9.9.tar.gz nginx-1.16.0.tar.gz openssl-1.1.0e.tar.gz php-7.3.8.tar.gz zlib-1.2.11.tar.gz chkrootkit.tar.gz freetype-2.7.1.tar.gz libmcrypt-2.5.8.tar.gz libzip-1.5.2.tar.gz nginx-1.16.1 openssl-1.1.1c tiff-4.0.7.tar.gz cmake-3.15.2.tar.gz httpd-2.4.41.tar.bz2 libpng-1.6.36.tar.xz mysql-5.7.16 nginx-1.16.1.tar.gz openssl-1.1.1c.tar.gz yasm-1.3.0.tar.gz [root@localhost src]# tar zxvf cmake-3.7.2.tar.gz;cd cmake-3.7.2/ [root@localhost cmake-3.7.2]# ./configure [root@localhost cmake-3.7.2]# make && make install [root@localhost cmake-3.7.2]# cd /usr/local/src [root@localhost src]# mkdir -p /usr/local/boost [root@localhost src]# cp boost_1_59_0.tar.gz /usr/local/boost [root@localhost src]# groupadd mysql [root@localhost src]# useradd -g mysql mysql -s /bin/false [root@localhost src]# mkdir -p /data/mysql [root@localhost src]# chown -R mysql:mysql /data/mysql [root@localhost src]# mkdir -p /usr/local/mysql [root@localhost src]# tar zxvf mysql-5.7.16.tar.gz;cd mysql-5.7.16/ [root@localhost mysql-5.7.16]# cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DWITH_INNOBASE_STORAGE_ENGINE=1 -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_EMBEDDED_SERVER=OFF -DWITH_BOOST=/usr/local/boost [root@localhost mysql-5.7.16]# make && make install [root@localhost mysql-5.7.16]# cat /etc/my.cnf # For advice on how to change settings please see # http://dev.mysql.com/doc/refman/5.7/en/server-configuration-defaults.html [mysqld] # # Remove leading # and set to the amount of RAM for the most important data # cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%. # innodb_buffer_pool_size = 128M # # Remove leading # to turn on a very important data integrity option: logging # changes to the binary log between backups. # log_bin # # Remove leading # to set options mainly useful for reporting servers. # The server defaults are faster for transactions and fast SELECTs. # Adjust sizes as needed, experiment to find the optimal values. # join_buffer_size = 128M # sort_buffer_size = 2M # read_rnd_buffer_size = 2M datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0 log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid
[root@localhost mysql-5.7.16]# rm -rf /etc/my.cnf [root@localhost mysql-5.7.16]# cd /usr/local/mysql [root@localhost mysql]# ./bin/mysqld --user=mysql --initialize --basedir=/usr/local/mysql --datadir=/data/mysql 2019-09-23T18:43:24.083528Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details). 2019-09-23T18:43:24.472600Z 0 [Warning] InnoDB: New log files created, LSN=45790 2019-09-23T18:43:24.514430Z 0 [Warning] InnoDB: Creating foreign key constraint system tables. 2019-09-23T18:43:24.569619Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 0639d87e-de32-11e9-bfc6-000c29f23dbf. 2019-09-23T18:43:24.570411Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened. 2019-09-23T18:43:24.571049Z 1 [Note] A temporary password is generated for root@localhost: IwPabGfsM5*s [root@localhost mysql]# cp /usr/local/mysql/support-files/my-default.cnf /usr/local/mysql/my.cnf [root@localhost mysql]# ln -s /usr/local/mysql/my.cnf /etc/my.cnf [root@localhost mysql]# cp /usr/local/mysql/support-files/mysql.server /etc/rc.d/init.d/mysqld [root@localhost mysql]# chmod 755 /etc/init.d/mysqld [root@localhost mysql]# chkconfig mysqld on [root@localhost mysql]# systemctl enable mysqld.service [root@localhost mysql]# sed -i "46s/basedir=/basedir=/usr/local/mysql/g;47s/datadir=/datadir=/data/mysql/g;63s/mysqld_pid_file_path=/mysqld_pid_file_path=/var/run/mysqld/mysqld.pid/g" /etc/rc.d/init.d/mysqld [root@localhost mysql]# service mysqld start [root@localhost mysql]# echo 'export PATH=$PATH:/usr/local/mysql/bin' >> /etc/profile [root@localhost mysql]# source /etc/profile [root@localhost mysql]# ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql [root@localhost mysql]# ln -s /usr/local/mysql/include/mysql /usr/include/mysql [root@localhost mysql]# mkdir -p /var/lib/mysql [root@localhost mysql]# ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock [root@localhost mysql]# mysql_secure_installation Securing the MySQL server deployment. Enter password for user root: //输入root密码 The 'validate_password' plugin is installed on the server. The subsequent steps will run with the existing configuration of the plugin. Using existing password for root. Estimated strength of the password: 0 Change the password for root ? ((Press y|Y for Yes, any other key for No) : No //是否更改root密码,如果输入y会要求设置新的密码 ... skipping. By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : y //是否删除匿名用户,建议y删除 Success. Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y //是否禁止root远程登录,建议y禁止 Success. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y //是否删除test数据库,y删除 - Dropping test database... Success. - Removing privileges on test database... Success. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y //是否重新加载权限表,y重新加载 Success. All done!
mysql 进程处理
下面是正常启动mysql服务
[root@localhost ~]# service mysqld start Starting MySQL. [ OK ] [root@localhost ~]# pgrep -l mysql 1206 mysqld_safe 1315 mysqld [root@localhost ~]# ps -aux | grep -i mysql root 1206 0.0 0.1 11816 1624 pts/0 S 07:10 0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/data/mysql/localhost.localdomain.pid mysql 1315 0.7 17.1 1114292 171172 pts/0 Sl 07:10 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/data/mysql/localhost.localdomain.pid root 1354 0.0 0.1 112712 1000 pts/0 R+ 07:11 0:00 grep --color=auto -i mysql [root@localhost ~]# service mysqld stop Shutting down MySQL.. [ OK ] [root@localhost ~]# service mysqld start Starting MySQL. [ OK ] [root@localhost ~]# ps -aux | grep -i mysql root 1399 0.0 0.1 11816 1628 pts/0 S 07:12 0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/data/mysql/localhost.localdomain.pid mysql 1508 2.8 17.4 1114292 174064 pts/0 Sl 07:12 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/data/mysql/localhost.localdomain.pid root 1543 0.0 0.1 112712 1000 pts/0 R+ 07:12 0:00 grep --color=auto -i mysql [root@localhost ~]# pgrep -l mysql 1399 mysqld_safe 1508 mysqld [root@localhost ~]# kill -9 1399 [root@localhost ~]# pgrep -l mysql 1508 mysqld [root@localhost ~]# kill -9 1508 [root@localhost ~]# pgrep -l mysql [root@localhost ~]# service mysqld restart MySQL server process #1508 is not running! [FAILED] Starting MySQL. [ OK ] [root@localhost ~]# pgrep -l mysql 1581 mysqld_safe 1692 mysqld
MySQL 不能重启 | 停止 | kill -9 pid 杀不死 mysqld进程。
使用killall mysqld 或 pkill mysql 杀死全部mysqld进程或批量 ps -ef|grep mysql|awk '{print $2}'|xargs kill -9
[root@localhost ~]# service mysqld start Starting MySQL..The server quit without updating PID file ([FAILED]sql/localhost.localdomain.pid). //关于mysqld.pid没有找到,原因:/etc/rc.d/init.d/mysqld配置文件没有配置mysqld_pid_file_path=的路径文件 [root@localhost ~]# find /|grep mysqld.pid /run/mysqld/mysqld.pid [root@localhost ~]# cat /var/run/mysqld/mysqld.pid 879 [root@localhost ~]# cat /run/mysqld/mysqld.pid 879 [root@localhost ~]# ps -ef | grep -i mysql mysql 879 1 0 07:47 ? 00:00:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid root 1280 1054 0 07:51 pts/0 00:00:00 grep --color=auto -i mysql [root@localhost ~]# pgrep -l mysql 880 mysqld [root@localhost ~]# pkill mysql [root@localhost ~]# pgrep -l mysql [root@localhost ~]# ps -aux | grep -i mysql root 1264 0.0 0.1 112712 1000 pts/0 R+ 07:39 0:00 grep --color=auto -i mysql [root@localhost ~]# ps -aux | grep -i mysql mysql 878 0.6 17.3 1119788 173328 ? Sl 07:40 0:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid root 1071 0.0 0.1 112712 1000 pts/0 R+ 07:40 0:00 grep --color=auto -i mysql [root@localhost ~]# service mysqld start Starting MySQL..The server quit without updating PID file ([FAILED]sql/localhost.localdomain.pid). [root@localhost ~]# ps -ef | grep -i mysql mysql 878 1 0 07:40 ? 00:00:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid root 1244 1047 0 07:41 pts/0 00:00:00 grep --color=auto -i mysql [root@localhost ~]# ps -aux | grep -i mysql mysql 878 0.2 17.5 1119788 175588 ? Sl 07:40 0:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid root 1246 0.0 0.1 112712 1000 pts/0 R+ 07:41 0:00 grep --color=auto -i mysql [root@localhost ~]# kill -9 878 [root@localhost ~]# pgrep mysql 1267 [root@localhost ~]# ps -aux | grep -i mysql mysql 1267 1.2 17.0 1119788 170420 ? Sl 07:41 0:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid root 1298 0.0 0.1 112712 1000 pts/0 R+ 07:42 0:00 grep --color=auto -i mysql [root@localhost ~]# ps -ef | grep -i mysql mysql 1267 1 1 07:41 ? 00:00:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid root 1300 1047 0 07:42 pts/0 00:00:00 grep --color=auto -i mysql [root@localhost ~]# killall mysql mysql: no process found [root@localhost ~]# killall mysqld [root@localhost ~]# pgrep mysql [root@localhost ~]# ps -aux | grep -i mysql root 1305 0.0 0.1 112712 1000 pts/0 R+ 07:43 0:00 grep --color=auto -i mysql [root@localhost ~]# ps -ef | grep -i mysql root 1307 1047 0 07:43 pts/0 00:00:00 grep --color=auto -i mysql
msyql正常测试
[root@localhost ~]# service mysqld start Starting MySQL. [ OK ] [root@localhost ~]# pgrep -l mysql 1496 mysqld_safe 1605 mysqld [root@localhost ~]# pgrep -la mysql 1496 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/var/run/mysqld/mysqld.pid 1605 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/var/run/mysqld/mysqld.pid [root@localhost ~]# ps -aux | grep -i mysql root 1496 0.0 0.1 11816 1624 pts/0 S 08:10 0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/var/run/mysqld/mysqld.pid mysql 1605 0.5 17.4 1114292 174888 pts/0 Sl 08:10 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/var/run/mysqld/mysqld.pid root 1642 0.0 0.1 112712 1000 pts/0 R+ 08:10 0:00 grep --color=auto -i mysql [root@localhost ~]# ps -ef | grep -i mysql root 1496 1 0 08:10 pts/0 00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/var/run/mysqld/mysqld.pid mysql 1605 1496 0 08:10 pts/0 00:00:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/var/run/mysqld/mysqld.pid root 1644 1055 0 08:11 pts/0 00:00:00 grep --color=auto -i mysql [root@localhost ~]# service mysqld status MySQL running (1605) [ OK ] [root@localhost ~]# service mysqld stop Shutting down MySQL. [ OK ] [root@localhost ~]# service mysqld restart MySQL server PID file could not be found! [FAILED] Starting MySQL. [ OK ] [root@localhost ~]# service mysqld status MySQL running (1822) [ OK ] [root@localhost ~]# pgrep -la mysql 1713 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/var/run/mysqld/mysqld.pid 1822 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/var/run/mysqld/mysqld.pid
安装PHP
nginx access.log ip 数量统计
[root@localhost ~]# find /|grep access.log /usr/local/nginx/logs/access.log [root@localhost ~]# cd /usr/local/nginx/logs/ [root@localhost logs]# ls -lrt //时间升序 total 12 -rw-r--r-- 1 root root 1017 Sep 23 16:24 access.log -rw-r--r-- 1 root root 2145 Sep 23 16:24 error.log -rw-r--r-- 1 root root 4 Sep 24 05:50 nginx.pid [root@localhost logs]# ls -lt //时间降序 total 12 -rw-r--r-- 1 root root 4 Sep 24 05:50 nginx.pid -rw-r--r-- 1 root root 2145 Sep 23 16:24 error.log -rw-r--r-- 1 root root 1017 Sep 23 16:24 access.log [root@localhost logs]# sort access.log 192.168.1.1 - - [23/Sep/2019:12:56:52 -0400] "GET /favicon.ico HTTP/1.1" 404 555 "http://192.168.1.3/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 192.168.1.1 - - [23/Sep/2019:12:56:52 -0400] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 192.168.1.1 - - [23/Sep/2019:13:02:03 -0400] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 192.168.1.1 - - [23/Sep/2019:13:11:12 -0400] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Colibri/1.14.0 Chrome/76.0.3809.110 Electron/6.0.2 Safari/537.36" 192.168.1.1 - - [23/Sep/2019:16:24:37 -0400] "GET / HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" [root@localhost logs]# awk '{print $1}' access.log | sort -n | uniq | wc -l //IP统计,$1对应第一列 1
测试
test php
echo -e '<?php
phpinfo();
?>' > /usr/local/nginx/html/index.php
chown www.www /usr/local/nginx/html/ -R
chmod 700 /usr/local/nginx/html/ -R
Module ngx_http_rewrite_module //nginx模组模块官网介绍> http://nginx.org/en/docs/http/ngx_http_rewrite_module.html
Module ngx_http_rewrite_module //nginx模组模块 rewrite
即 ngx_http_rewrite_module 模块用于使用 PCRE 正则表达式更改请求 URI ,返回重定向并有条件地选择配置.
#################################################################################################
这个 break, if, return, rewrite, 和 set 指令按以下顺序处理:
在 server 级别指定的该模块的指令 按顺序执行;
反复:
一个 location 是基于请求 URI 搜索;
在找到的位置内指定的该模块的指令按顺序执行;
如果一个请求 URI 已经重写(rewritten),则重复循环,但不超过 10 次.
#################################################################################################
Directives(指令)
(句法)Syntax: break;
(默认)Default: —
(内容)Context: server, location, if
停止处理当前 ngx_http_rewrite_module 指令集.
如果在 location 内指定了伪指令,则 在此位置继续进行请求的进一步处理.
Examples(例如):
if ($slow) {
limit_rate 10k;
break;
}
#################################################################################################
(句法)Syntax: if (condition) { ... }
(默认)Default: —
(内容)Context: server, location
指定的 condition 被评估.如果为true,则执行括号内指定的该模块指令,并在指令内为请求分配配置 if,
if指令中的配置是从先前的配置级别继承的.
条件可以是以下任意一种:
1.变量名;如果变量的值为空字符串或 “0” ,则为 false ;否则为 false .
--在1.0.1版之前,任何以 “0” 开头的字符串都被视为错误值.
2.使用 “=” 和 “!=” 运算符将变量与字符串进行比较;
3.使用 “~” (区分大小写的匹配)和 “~*” (区分大小写的匹配)运算符将变量与正则表达式进行匹配.正则表达式可以包含捕获,
这些捕获可用于以后在$1.. $9变量中重用.负运算符 “!~” 和 “!~*” 也可用.如果正则表达式包含 “}” 或 “;” 字符,
则整个表达式应用单引号或双引号引起来.
4.使用 “-f” 和 “!-f” 运算符检查文件是否存在;
5.使用 “-d” 和 “!-d” 运算符检查目录是否存在;
6.使用 “-e” 和 “!-e” 运算符检查文件,目录或符号链接是否存在;
7.使用 “-x” 和 “!-x” 运算符检查可执行文件.
Examples(例如):
if ($http_user_agent ~ MSIE) {
rewrite ^(.*)$ /msie/$1 break;
}
if ($http_cookie ~* "id=([^;]+)(?:;|$)") {
set $id $1;
}
if ($request_method = POST) {
return 405;
}
if ($slow) {
limit_rate 10k;
}
if ($invalid_referer) {
return 403;
}
所述的值 $invalid_referer 嵌入变量由设置 valid_referers 指令.
#################################################################################################
(句法)Syntax: return code [text];
return code URL;
return URL;
(默认)Default: —
(内容)Context: server, location, if
停止处理并将指定的返回code给客户端.非标准代码444关闭连接而不发送响应头.
从版本 0.8.42 开始,可以指定重定向 URL (对于代码301、302、303、307和308)或响应正文 text (对于其他代码).
响应正文文本和重定向 URL 可以包含变量.在特殊情况下,可以将重定向URL指定为该服务器本地的URI,在这种情况下,
将根据请求方案( $scheme )以及 server_name_in_redirect 和 port_in_redirect 指令来形成完整的重定向 URL .
另外,一个 URL 可以将带有代码 302 的临时重定向的指定为唯一参数.
这样的参数应以 “http://” ,“https://” 或 “$scheme” 字符串开头.
一个 URL 可以包含变量.
版本 0.7.51 之前只能返回以下代码:204、400、402-406、408、410、411、413、416和500-504.
直到版本 1.1.16 和 1.0.13 才将代码 307 视为重定向.
直到版本 1.13.0 才将代码 308 视为重定向.
另请参见 error_page 指令> http://nginx.org/en/docs/http/ngx_http_core_module.html#error_page
#################################################################################################
(句法)Syntax: rewrite regex replacement [flag];
(默认)Default: —
(内容)Context: server, location,if
如果指定的正则表达式与请求 URI 匹配,则URI将按照replacement字符串中的指定进行更改.
该 rewrite 指令在其在配置文件中出现的顺序顺序地执行.可以使用标志终止指令的进一步处理.
如果替换字符串以 “http://” , “https://” 或 “$scheme” 开头,则处理将停止并将重定向返回给客户端.
可选 flag 参数可以是以下之一:
last
停止处理当前ngx_http_rewrite_module指令集, 并开始搜索与更改后的URI相匹配的新位置;
break
ngx_http_rewrite_module与break指令一样, 停止处理当前的指令集 ;
redirect
返回带有 302 代码的临时重定向;如果替换字符串不是以 “http://” , “https://” 或 “$scheme” 开头,则使用
permanent
返回带有 301 代码的永久重定向.
完整的重定向URL是根据请求方案($scheme)以及 server_name_in_redirect 和 port_in_redirect 指令形成的.
Examples(例如):
server {
...
rewrite ^(/download/.*)/media/(.*)..*$ $1/mp3/$2.mp3 last;
rewrite ^(/download/.*)/audio/(.*)..*$ $1/mp3/$2.ra last;
return 403;
...
}
但是,如果将这些指令放在 “/download/” 位置,last 则应将标记替换为 break ,否则 nginx 将执行 10 个循环并返回 500 错误:
location /download/ {
rewrite ^(/download/.*)/media/(.*)..*$ $1/mp3/$2.mp3 break;
rewrite ^(/download/.*)/audio/(.*)..*$ $1/mp3/$2.ra break;
return 403;
}
如果 replacement 字符串包含新的请求参数,则先前的请求参数将附加在它们之后.
如果不希望这样,请在替换字符串的末尾添加问号,避免附加它们,例如:
rewrite ^/users/(.*)$ /show?user=$1? last;
如果正则表达式包含 “}” 或 “;” 字符,则整个表达式应用单引号或双引号引起来.
#################################################################################################
(句法)Syntax: rewrite_log on | off;
(默认)Default: rewrite_log off;
(内容)Context: http, server, location, if
在级别上 启用或禁用将 ngx_http_rewrite_module 模块指令处理结果记录到 error_log 中 notice .
error_log> http://nginx.org/en/docs/ngx_core_module.html#error_log
#################################################################################################
(句法)Syntax: set $variable value;
(默认)Default: -
(内容)Context: server, location, if
value 为指定的 设置 variable .该 value 可以包含文本,变量,他们的组合.
#################################################################################################
(句法)Syntax: uninitialized_variable_warn on | off;
(默认)Default: uninitialized_variable_warn on;
(内容)Context: http, server, location, if
控制是否记录有关未初始化变量的警告.
#################################################################################################
内部实施
该 ngx_http_rewrite_module 模块指令是在配置阶段编译成被请求处理过程中解释内部指示.解释器是一个简单的虚拟堆栈机.
Example(例如),指令
location /download/ {
if ($forbidden) {
return 403;
}
if ($slow) {
limit_rate 10k;
}
rewrite ^/(download/.*)/media/(.*)..*$ /$1/mp3/$2.mp3 break;
}
将被翻译成以下说明:
variable $forbidden
check against zero
return 403
end of code
variable $slow
check against zero
match of regular expression
copy "/"
copy $1
copy "/mp3/"
copy $2
copy ".mp3"
end of regular expression
end of code
请注意, 上面的 limit_rate 指令没有任何 指令,因为它与 ngx_http_rewrite_module 模块无关 .为if块创建一个单独的配置.
如果条件成立,则为该请求分配一个 limit_rate 等于10k的配置.
指令
rewrite ^/(download/.*)/media/(.*)..*$ /$1/mp3/$2.mp3 break;
如果正则表达式中的第一个斜杠放在括号内,则可以通过一条指令将其减小:
rewrite ^(/download/.*)/media/(.*)..*$ $1/mp3/$2.mp3 break;
相应的指令将如下所示:
match of regular expression
copy $1
copy "/mp3/"
copy $2
copy ".mp3"
end of regular expression
end of code
-------------------------------------------------------------------------------------------------
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-------------------------------------------------------------------------------------------------
关于 server 介绍> http://nginx.org/en/docs/http/ngx_http_core_module.html#server
句法: server_name name ...;
默认: server_name "";
内容: server
#################################################################################################
设置虚拟服务器的名称,例如:
server {
server_name example.com www.example.com; //设置虚拟服务器的名称:example.com www.example.com
}
名字将成为主服务器名称.
#################################################################################################
服务器名称可以包含一个星号(“*”)以替换名称的第一部分或最后一部分:
server {
server_name example.com *.example.com www.example.*;
}
这样的名称称为通配符名称.
#################################################################################################
上面提到的前两个名称可以合并为一个:
server {
server_name .example.com;
}
#################################################################################################
也可以在服务器名称中使用正则表达式,在名称前加上波浪号 (“~”):
server {
server_name www.example.com ~^wwwd+.example.com$;
}
#################################################################################################
正则表达式可以包含捕获(0.7.40),这些捕获以后可以在其他指令中使用:
server {
server_name ~^(www.)?(.+)$;
location / {
root /sites/$2;
}
}
server {
server_name _;
location / {
root /sites/default;
}
}
#################################################################################################
正则表达式中的命名捕获会创建变量(0.8.25),以后可在其他指令中使用该变量:
server {
server_name ~^(www.)?(?<domain>.+)$;
location / {
root /sites/$domain;
}
}
server {
server_name _;
location / {
root /sites/default;
}
}
如果指令的参数设置为“$hostname” (0.9.4),则插入机器的主机名.
#################################################################################################
也可以指定一个空服务器名称(0.7.11):
server {
server_name www.example.com "";
}
它允许该服务器处理给定 address:port 对的不带 “Host” 头域的请求,而不是默认服务器.这是默认设置.
Before 0.8.48, the machine’s hostname was used by default. //在0.8.48之前,默认情况下使用计算机的主机名.
在按名称搜索虚拟服务器的过程中,如果名称与多个指定的变体匹配(例如,通配符名称和正则表达式均匹配),
则将按照以下优先级顺序选择第一个匹配的变体:
1.确切的名字
2.以星号开头的最长通配符名称,例如 “*.example.com”
3.最长的通配符名称以星号结尾,例如 “mail.*”
4.第一个匹配的正则表达式(按在配置文件中出现的顺序)
服务器名称的详细说明在单独的 Server names 文档中提供.
-------------------------------------------------------------------------------------------------
完整例子> http://www.nginx.cn/doc/example/fullexample.html
两个虚拟主机(纯静态-html支持)-两个虚拟主机,提供静态文件
http {
: server {
: listen 80;
: server_name www.domain1.com;
: access_log logs/domain1.access.log main;
: location / {
: index index.html;
: root /var/www/domain1.com/htdocs;
: }
: }
: server {
: listen 80;
: server_name www.domain2.com;
: access_log logs/domain2.access.log main;
: location / {
: index index.html;
: root /var/www/domain2.com/htdocs;
: }
: }
}
虚拟主机标准配置(简化)-默认的Catchall虚拟主机
http {
: server {
: listen 80 default;
: server_name _ *;
: access_log logs/default.access.log main;
: location / {
: index index.html;
: root /var/www/default/htdocs;
: }
: }
}
在父文件夹中建立子文件夹以指向子域名-父文件夹中的通配符子域
这是一个添加子域名(或当DNS已指向服务器时添加一个新域名)的简单方法。需要注意的是,我已经将FCGI配置进该文件了。
可以直接将FCGI配置信息注释掉,然后将其内部文件变成index.html。
这个简单的方法比起为每一个域名建立一个vhost.conf配置文件称为,只需要在现有的配置文件中增加如下内容:
这只是保持DNS记录指向服务器时自动添加新子域或自动添加新域的一种简单方法。请注意,我也在这里包括了FCGI。如果您只想提供静态文件,
请删除FCGI配置并将默认文档更改为index.html。与其为每个域创建一个新的vhost.conf文件,不如创建以下其中一个:
server {
: # Replace this port with the right one for your requirements
: # 根据你的需求改变此端口
: listen 80; #could also be 1.2.3.4:80 也可以是1.2.3.4:80的形式
: # Multiple hostnames seperated by spaces. Replace these as well.
: # 多个主机名可以用空格隔开,当然这个信息也是需要按照你的需求而改变的。
: server_name star.yourdomain.com *.yourdomain.com www.*.yourdomain.com;
: #Alternately: _ *
: #或者可以使用:_ * (具体内容参见本维基其他页面)
: root /PATH/TO/WEBROOT/$host;
: error_page 404 http://yourdomain.com/errors/404.html;
: access_log logs/star.yourdomain.com.access.log;
: location / {
: root /PATH/TO/WEBROOT/$host/;
: index index.php;
: }
: # serve static files directly
: # 直接支持静态文件 (从配置上看来不是直接支持啊)
: location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|html)$ {
: access_log off;
: expires 30d;
: }
: location ~ .php$ {
: # By all means use a different server for the fcgi processes if you need to
: # 如果需要,你可以为不同的FCGI进程设置不同的服务信息
: fastcgi_pass 127.0.0.1:YOURFCGIPORTHERE;
: fastcgi_index index.php;
: fastcgi_param SCRIPT_FILENAME /PATH/TO/WEBROOT/$host/$fastcgi_script_name;
: fastcgi_param QUERY_STRING $query_string;
: fastcgi_param REQUEST_METHOD $request_method;
: fastcgi_param CONTENT_TYPE $content_type;
: fastcgi_param CONTENT_LENGTH $content_length;
: fastcgi_intercept_errors on;
: }
: location ~ /.ht {
: deny all;
: }
: }
官方例子> shihttp://nginx.org/ru/docs/example.html
#!nginx
: # 使用的用户和组
: user www www;
: # 指定工作衍生进程数
: worker_processes 2;
: # 指定 pid 存放的路径
: pid /var/run/nginx.pid;
: # [ debug | info | notice | warn | error | crit ]
: # 可以在下方直接使用 [ debug | info | notice | warn | error | crit ] 参数
: error_log /var/log/nginx.error_log info;
: events {
: # 允许的连接数
: connections 2000;
: # use [ kqueue | rtsig | epoll | /dev/poll | select | poll ] ;
: # 具体内容查看 http://wiki.codemongers.com/事件模型
: use kqueue;
: }
: http {
: include conf/mime.types;
: default_type application/octet-stream;
: log_format main '$remote_addr - $remote_user [$time_local] '
: '"$request" $status $bytes_sent '
: '"$http_referer" "$http_user_agent" '
: '"$gzip_ratio"';
: log_format download '$remote_addr - $remote_user [$time_local] '
: '"$request" $status $bytes_sent '
: '"$http_referer" "$http_user_agent" '
: '"$http_range" "$sent_http_content_range"';
: client_header_timeout 3m;
: client_body_timeout 3m;
: send_timeout 3m;
: client_header_buffer_size 1k;
: large_client_header_buffers 4 4k;
: gzip on;
: gzip_min_length 1100;
: gzip_buffers 4 8k;
: gzip_types text/plain;
: output_buffers 1 32k;
: postpone_output 1460;
: sendfile on;
: tcp_nopush on;
: tcp_nodelay on;
: send_lowat 12000;
: keepalive_timeout 75 20;
: #lingering_time 30;
: #lingering_timeout 10;
: #reset_timedout_connection on;
: server {
: listen one.example.com;
: server_name one.example.com www.one.example.com;
: access_log /var/log/nginx.access_log main;
: location / {
: proxy_pass http://127.0.0.1/;
: proxy_redirect off;
: proxy_set_header Host $host;
: proxy_set_header X-Real-IP $remote_addr;
: #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
: client_max_body_size 10m;
: client_body_buffer_size 128k;
: client_body_temp_path /var/nginx/client_body_temp;
: proxy_connect_timeout 90;
: proxy_send_timeout 90;
: proxy_read_timeout 90;
: proxy_send_lowat 12000;
: proxy_buffer_size 4k;
: proxy_buffers 4 32k;
: proxy_busy_buffers_size 64k;
: proxy_temp_file_write_size 64k;
: proxy_temp_path /var/nginx/proxy_temp;
: charset koi8-r;
: }
: error_page 404 /404.html;
: location /404.html {
: root /spool/www;
: charset on;
: source_charset koi8-r;
: }
: location /old_stuff/ {
: rewrite ^/old_stuff/(.*)$ /new_stuff/$1 permanent;
: }
: location /download/ {
: valid_referers none blocked server_names *.example.com;
: if ($invalid_referer) {
: #rewrite ^/ http://www.example.com/;
: return 403;
: }
: #rewrite_log on;
: # rewrite /download/*/mp3/*.any_ext to /download/*/mp3/*.mp3
: rewrite ^/(download/.*)/mp3/(.*)..*$
: /$1/mp3/$2.mp3 break;
: root /spool/www;
: #autoindex on;
: access_log /var/log/nginx-download.access_log download;
: }
: location ~* ^.+.(jpg|jpeg|gif)$ {
: root /spool/www;
: access_log off;
: expires 30d;
: }
: }
: }
#!bin/bash echo '#!/bin/bash #chkconfig:35 85 15 nginx=/usr/local/nginx/sbin/nginx case "$1" in start) echo "Starting nginx daemon..." $nginx && echo "Success" ;; stop) echo "Stopping nginx daemon..." $nginx -s stop && echo "Success" ;; reload) echo "Reloading nginx daemon..." $nginx -s reload && echo "Success" ;; restart) echo "Restarting nginx daemon..." $nginx -s quit $nginx && echo "Success" ;; reopen) echo "Reopening nginx daemon..." $nginx -s reopen && echo "Success" ;; *) echo "Please useing nginx {start|stop|retart|reload|reopen}" exit2 ;; esac' > /etc/init.d/nginx chmod 755 /etc/init.d/nginx chkconfig --add nginx chkconfig --level 123456 nginx on //0-6运行级别可用
------------------------------------------------------------------------------------------------------------------------------------------ #[root@localhost init.d]# stat -c %a network #755 # [root@localhost ~]# service nginx stop # Stopping nginx daemon... # Success # [root@localhost ~]# pgrep -l nginx # [root@localhost ~]# service nginx start # Unit nginx.service could not be found. # Starting nginx daemon... # Success # [root@localhost ~]# pgrep -l nginx # 8002 nginx # 8003 nginx # [root@localhost ~]# service nginx restart # Resatrting nginx daemon... # Success # [root@localhost ~]# pgrep -l nginx # 8016 nginx # 8017 nginx # [root@localhost ~]# service nginx reload # Reloading nginx daemon... # Success # [root@localhost ~]# pgrep -l nginx # 8016 nginx # 8029 nginx # [root@localhost ~]# service nginx reopen # Reopening nginx daemon... # Success # [root@localhost ~]# pgrep -l nginx # 8016 nginx # 8029 nginx # [root@localhost ~]# chkconfig --list # # Note: This output shows SysV services only and does not include native # systemd services. SysV configuration data might be overridden by native # systemd configuration. # # If you want to list systemd services use 'systemctl list-unit-files'. # To see services enabled on particular target use # 'systemctl list-dependencies [target]'. # # netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off # network 0:off 1:off 2:on 3:on 4:on 5:on 6:off # nginx 0:off 1:off 2:on 3:on 4:on 5:on 6:off # [root@localhost ~]# chkconfig --list nginx # # Note: This output shows SysV services only and does not include native # systemd services. SysV configuration data might be overridden by native # systemd configuration. # # If you want to list systemd services use 'systemctl list-unit-files'. # To see services enabled on particular target use # 'systemctl list-dependencies [target]'. # # nginx 0:on 1:on 2:on 3:on 4:on 5:on 6:on #nginx启动脚本和service服务脚本