文章目录

• 一、环境
• 二、服务器初始化
• • 1、设置主机名
  • 2、配置 apt 源
  • 3、关闭防火墙
  • 4、安装基本工具
  • 5、允许 root 远程登录
• 三、安装 MySQL
• • 1、下载源码包
  • 2、编译安装
  • 3、后续配置
  • 4、权限设置
• 四、安装 PHP
• • 1、安装依赖软件
  • 2、创建 www 用户
  • 3、下载源码包
  • 4、编译安装
  • 5、后续配置
• 五、安装 Redis
• • 1、下载源码包
  • 2、编译安装
  • 3、创建配置文件
  • 4、创建启动脚本
• 六、安装 Nginx
• • 1、下载源码包
  • 2、编译配置
  • 3、编译安装
  • 4、后续配置
• 七、配置环境变量

一、环境

软件	版本	安装目录
Ubuntu	20.04.3
Nginx	1.20.2	/data/nginx
MySQL	5.7.35	/data/mysql
Redis	5.0.5	/data/redis
PHP	5.6.40	/data/php
项目目录		/data/www

二、服务器初始化

1、设置主机名

hostnamectl set-hostname test.server

2、配置 apt 源

cat > /etc/apt/sources.list << EOF
deb http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
EOF

更新软件源列表

apt-get update

3、关闭防火墙

ufw disable

4、安装基本工具

apt-get install -y wget vim net-tools bash* build-essential cmake bison libncurses5-dev libssl-dev pkg-config libxml2-devel zlib1g-dev libbz2-dev libcurl4-gnutls-dev libjpeg-dev libpng-dev libgmp-dev libgmp3-dev libmcrypt-dev mcrypt libedit-dev libreadline-dev libxslt-dev libpcre3 libpcre3-dev

source /usr/share/bash-completion/bash_completion

5、允许 root 远程登录

vim /etc/ssh/sshd_config

添加以下配置

PermitRootLogin yes

设置 root 用户密码

sudo passwd

三、安装 MySQL

1、下载源码包

wget https://cdn.mysql.com/archives/mysql-5.7/mysql-boost-5.7.35.tar.gz

解压

tar -zxvf mysql-boost-5.7.35.tar.gz

cd mysql-5.7.35/

2、编译安装

编译配置

cmake . \
-DCMAKE_INSTALL_PREFIX=/data/mysql \
-DSYSCONFDIR=/data/mysql/ \
-DMYSQL_DATADIR=/data/mysql/data \
-DMYSQL_TCP_PORT=3306 \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DWITH_FEDERATED_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DENABLED_LOCAL_INFILE=1 \
-DEXTRA_CHARSETS=all \
-DDEFAULT_CHARSET=utf8mb4 \
-DDEFAULT_COLLATION=utf8mb4_general_ci \
-DWITH_SSL=system \
-DWITH_BOOST=boost

查看CPU线程数

cat /proc/cpuinfo | grep processor | wc -l

根据线程数 设置 -j 的数值，例如：我的 CPU 为 16 线程，就设置为 16，这样可以加快编译速度

make -j 16 && make install

3、后续配置

cd /data/mysql/

mkdir mysql-files

chmod 750 mysql-files/

vim my.cnf

添加以下内容

[mysqld]
port=3306
basedir=/data/mysql
datadir=/data/mysql/data
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysqld.log

创建 mysql 普通用户

useradd -r -s /sbin/nologin mysql

chown -R mysql:mysql /data/mysql/

初始化设置

bin/mysqld --defaults-file=/data/mysql/my.cnf --initialize --user=mysql --basedir=/data/mysql

bin/mysql_ssl_rsa_setup --datadir=/data/mysql/data

创建启动脚本

cp support-files/mysql.server /etc/init.d/mysql

设置开机自启

update-rc.d mysql defaults

启动 MySQL

service mysql start && service mysql status

获取初始密码

grep -r root@localhost: mysqld.log

2021-11-17T14:02:38.114708Z 1 [Note] A temporary password is generated for root@localhost: -dlsNg?aW6mn

4、权限设置

登录 MySQL

mysql -u root -p

运行以下 SQL

set password for root@localhost = password('123456Aa.');

grant all privileges on *.* to 'root'@'%' identified by '123456Aa.';

flush privileges;

四、安装 PHP

1、安装依赖软件

curl

ln -s /usr/include/x86_64-linux-gnu/curl/ /usr/local/include/curl

freetype

cd /usr/local/src

wget http://download.savannah.gnu.org/releases/freetype/freetype-2.8.1.tar.gz

tar zxvf freetype-2.8.1.tar.gz 

cd freetype-2.8.1/

./configure --prefix=/usr/local/freetype

make && make install

低版本的 openssl

cd /usr/local/src/

wget https://www.openssl.org/source/openssl-1.0.2k.tar.gz

tar -zxvf openssl-1.0.2k.tar.gz 

cd openssl-1.0.2k/

./config && make && make install

mv /usr/bin/openssl /usr/bin/openssl/openssl_bak
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

2、创建 www 用户

useradd -r -s /sbin/nologin www

mkdir /data/www

chown -R www:www /data/www

3、下载源码包

wget https://www.php.net/distributions/php-5.6.40.tar.gz

tar -zxvf php-5.6.40.tar.gz

4、编译安装

cd php-5.6.40/

编译配置

./configure \
--prefix=/data/php \
--with-config-file-path=/data/php/etc \
--enable-fpm \
--enable-inline-optimization \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-libxml-dir \
--with-xmlrpc \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-pcre-regex \
--with-sqlite3 \
--with-zlib \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--with-cdb \
--enable-dom \
--enable-exif \
--enable-fileinfo \
--enable-filter \
--with-pcre-dir \
--enable-ftp \
--with-gd \
--with-openssl=/usr/local/ssl \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir \
--with-freetype-dir=/usr/local/freetype \
--enable-gd-native-ttf \
--enable-gd-jis-conv \
--with-gettext \
--with-gmp \
--with-mhash \
--enable-json \
-enable-mbstring \
--enable-mbregex \
--enable-mbregex-backtrack \
--with-libmbfl \
--with-onig \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-zlib-dir \
--with-pdo-sqlite \
--with-readline \
--enable-session \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx \
--with-libxml-dir \
--with-xsl \
--enable-zip \
--enable-mysqlnd-compression-support \
--with-fpm-group=www \
--with-fpm-user=www \
--enable-pcntl \
--with-mysql

多线程编译安装

make -j 16 && make install

5、后续配置

创建 php.ini 配置文件

cp php.ini-production /data/php/etc/php.ini

创建启动脚本

cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm

chmod +x /etc/init.d/php-fpm

设置开机自启

update-rc.d php-fpm defaults

创建 php-fpm.conf 配置文件

cd /data/php/etc/

cp php-fpm.conf.default php-fpm.conf

编辑 php.ini 文件

vim php.ini

更改配置

post_max_size = 64M
upload_max_filesize = 64M
date.timezone = PRC
cgi.fix_pathinfo=1
max_execution_time = 300

编辑 php-fpm 文件

vim php-fpm.conf

追加以下配置

pm.max_children = 100
pm.start_servers = 30
pm.min_spare_servers = 20
pm.max_spare_servers = 100
pm.max_requests = 500

启动 php-fpm 服务

service php-fpm start && service php-fpm status

五、安装 Redis

1、下载源码包

wget http://download.redis.io/releases/redis-5.0.5.tar.gz

tar -zxvf redis-5.0.5.tar.gz

2、编译安装

cd redis-5.0.5/

make && make install PREFIX=/data/redis

3、创建配置文件

mv redis.conf /data/redis/redis.conf

4、创建启动脚本

vim /usr/lib/systemd/system/redis.service

[Unit]
Description=Redis persistent key-value database
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
PIDFile=/data/redis/redis.pid
ExecStart=/data/redis/bin/redis-server /data/redis/redis.conf --supervised systemd
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
LimitNOFILE=655360
PrivateTmp=true
Type=notify
User=root
Group=root

[Install]
WantedBy=multi-user.target

启动服务

systemctl start redis.service && systemctl enable redis.service

六、安装 Nginx

1、下载源码包

wget http://nginx.org/download/nginx-1.20.2.tar.gz

tar -zxvf nginx-1.20.2.tar.gz

2、编译配置

cd nginx-1.20.2/

./configure \
--prefix=/data/nginx \
--with-compat \
--with-file-aio \
--with-threads \
--with-http_addition_module \
--with-http_auth_request_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_realip_module \
--with-http_secure_link_module \
--with-http_slice_module \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_sub_module \
--with-http_v2_module \
--with-mail \
--with-mail_ssl_module \
--with-stream \
--with-stream_realip_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' \
--with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'

3、编译安装

make -j 16 && make install

4、后续配置

配置vim语法高亮

cp -r contrib/vim/* /usr/share/vim/vim81/

nginx.conf 配置文件示例

vim /data/nginx/conf/nginx.conf

user  root;
worker_processes auto;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;

    client_max_body_size    200m;
    client_header_timeout   600s;
    client_body_timeout     600s;


    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 6;
    gzip_types       text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
    gzip_vary on;

    include             /data/nginx_80/conf/mime.types;
    default_type        application/octet-stream;

    include /data/nginx/conf/vhosts/*.conf;
}

代理 php 服务配置

server {
    listen 80;
    server_name api.server.cn;
    rewrite ^(.*) https://$server_name$1 permanent;
}

server {

    listen               443 ssl;
    server_name          api.server.cn;
    ssl_certificate      /data/nginx/ssl/api.server.cn.pem;
    ssl_certificate_key  /data/nginx/ssl/api.server.cn.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers          HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;

    index index.html index.php;
    root /data/www/html/api/web;


    rewrite (\/\.svn|.git\/) /404/;

    if ($http_user_agent ~* yahoo|bingbot) {
        return 403;
    }

    if ($query_string ~* ".*(insert|select|delete|update|count|master|truncate|declare|'|%27|%22|%3C|%3E|;|%20and%20|%20or%20).*"){
        return 404;
    }

    location / {

        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
 
        if ($request_method = 'OPTIONS') {
            return 204;
        }


        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ .*\.(php|php5)?$
    {
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_param ENV 'prod';
        fastcgi_index index.php;
        include fastcgi.conf;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Headers X-Requested-With;
        add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS;

        if ($request_method = 'OPTIONS') {
            return 204;
        }
        expires 30d;
    }

    location ~ .*\.(js|css)?$
    {
        expires 1h;
    }

    #日志
    access_log  off;
}

七、配置环境变量

vim ~/.bashrc

追加以下内容

# MySQL
export PATH=$PATH:/data/mysql/bin

# PHP
export PATH=$PATH:/data/nginx/sbin

# Nginx
export PATH=$PATH:/data/php/sbin

# Redis
export PATH=$PATH:/data/redis/bin