前传:
1、CentOS 7.3.1611系统安装配置图解教程
2、CentOS服务器初始化设置
准备篇
一、防火墙配置
CentOS 7.x默认使用的是firewall作为防火墙,这里改为iptables防火墙。
1、关闭firewall:
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
2、安装iptables防火墙
yum install iptables-services #安装
vi /etc/sysconfig/iptables #编辑防火墙配置文件
# sample configuration for iptables service
# you can edit this manually or use system-config-firewall
# please do not ask us to add additional ports/services to this default configuration
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
:wq! #保存退出
systemctl restart iptables.service #最后重启防火墙使配置生效
systemctl enable iptables.service #设置防火墙开机启动
/usr/libexec/iptables/iptables.init restart #重启防火墙
二、关闭SELINUX
vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
:wq! #保存退出
setenforce 0 #使配置立即生效
三 、系统约定
软件源代码包存放位置:/usr/local/src
源码包编译安装位置:/usr/local/软件名字
四、下载软件包
1、下载nginx
-1.10.3.tar.gz
2、下载MySQL
https://cdn.mysql.com/archives/mysql-5.7/mysql-5.7.16.tar.gz
3、下载php
-7.1.3.tar.gz
-7.0.17.tar.gz
-5.6.30.tar.gz
-5.5.38.tar.gz
-5.4.45.tar.gz
-5.3.29.tar.gz
-5.2.17.tar.gz
-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz
4、下载cmake(MySQL编译工具)
https://cmake.org/files/v3.7/cmake-3.7.2.tar.gz
5、下载pcre (支持nginx伪静态)
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.gz
6、下载openssl(nginx扩展)
https://www.openssl.org/source/openssl-1.1.0e.tar.gz
7、下载zlib(nginx扩展)
-1.2.11.tar.gz
8、下载libmcrypt(php扩展)
https://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
9、下载yasm(php扩展)
-1.3.0.tar.gz
10、t1lib(php扩展)
-5.1.2.tar.gz
11、下载gd库安装包
https://github.com/libgd/libgd/releases/download/gd-2.1.1/libgd-2.1.1.tar.gz
12、libvpx(gd库需要)
https://codeload.github.com/webmproject/libvpx/tar.gz/v1.3.0
13、tiff(gd库需要)
-4.0.7.tar.gz
14、libpng(gd库需要)
ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng16/libpng-1.6.28.tar.gz
15、freetype(gd库需要)
-2.7.1.tar.gz
16、jpegsrc(gd库需要)
17、Boost(编译mysql需要)
https://ufpr.dl.sourceforge.net/project/boost/boost/1.59.0/boost_1_59_0.tar.gz
以上软件包上传到/usr/local/src目录
五、安装编译工具及库文件(使用yum命令安装)
yum install -y apr* autoconf automake bison bzip2 bzip2* cloog-ppl compat* cpp curl curl-devel fontconfig fontconfig-devel freetype freetype* freetype-devel gcc gcc-c++ gtk+-devel gd gettext gettext-devel glibc kernel kernel-headers keyutils keyutils-libs-devel krb5-devel libcom_err-devel libpng libpng-devel libjpeg* libsepol-devel libselinux-devel libstdc++-devel libtool* libgomp libxml2 libxml2-devel libXpm* libxml* libXaw-devel libXmu-devel libtiff libtiff* make mpfr ncurses* ntp openssl openssl-devel patch pcre-devel perl php-common php-gd policycoreutils telnet t1lib t1lib* nasm nasm* wget zlib-devel
安装篇
以下是用putty工具远程登录到服务器,在命令行下面操作的
一、安装MySQL
1、安装cmake
cd /usr/local/src
tar zxvf cmake-3.7.2.tar.gz
cd cmake-3.7.2
./configure
make
make install
2、安装MySQL
cd /usr/local/src
mkdir -p /usr/local/boost
cp boost_1_59_0.tar.gz /usr/local/boost
groupadd mysql #添加mysql组
useradd -g mysql mysql -s /bin/false #创建用户mysql并加入到mysql组,不允许mysql用户直接登录系统
mkdir -p /data/mysql #创建MySQL数据库存放目录
chown -R mysql:mysql /data/mysql #设置MySQL数据库存放目录权限
mkdir -p /usr/local/mysql #创建MySQL安装目录
cd /usr/local/src #进入软件包存放目录
tar zxvf mysql-5.7.16.tar.gz #解压
cd mysql-5.7.16 #进入目录
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DWITH_INNOBASE_STORAGE_ENGINE=1 -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_EMBEDDED_SERVER=OFF -DWITH_BOOST=/usr/local/boost
注意:可以使用-DDOWNLOAD_BOOST=1 -DWITH_BOOST=/usr/local/boost参数在线安装boost软件包,需要服务器联网,容易下载失败。
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DMYSQL_UNIX_ADDR=/tmp/mysql.sock -DMYSQL_USER=mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DENABLED_LOCAL_INFILE=ON -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_FEDERATED_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITHOUT_EXAMPLE_STORAGE_ENGINE=1 -DWITH_EMBEDDED_SERVER=OFF -DDOWNLOAD_BOOST=1 -DWITH_BOOST=/usr/local/boost
make #编译
make install #安装
编译出错, 重新编译前要删除编译失败的文件,重新编译时,需要清除旧的对象文件和缓存信息。
make clean
rm -f CMakeCache.txt
rm -rf /etc/my.cnf #删除系统默认的配置文件(如果默认没有就不用删除)
cd /usr/local/mysql #进入MySQL安装目录
./bin/mysqld --user=mysql --initialize --basedir=/usr/local/mysql --datadir=/data/mysql #生成mysql系统数据库
--initialize表示默认生成密码, --initialize-insecure 表示不生成密码, 密码为空。
看到这一行[Note] A temporary password is generated for root@localhost: i>X18*=Rav=7
cp /usr/local/mysql/support-files/my-default.cnf /usr/local/mysql/my.cnf
ln -s /usr/local/mysql/my.cnf /etc/my.cnf #添加到/etc目录的软连接
cp /usr/local/mysql/support-files/mysql.server /etc/rc.d/init.d/mysqld #把Mysql加入系统启动
chmod 755 /etc/init.d/mysqld #增加执行权限
chkconfig mysqld on #加入开机启动
vi /etc/rc.d/init.d/mysqld #编辑
basedir=/usr/local/mysql #MySQL程序安装路径
datadir=/data/mysql #MySQl数据库存放目录
:wq! #保存退出
service mysqld start #启动
vi /etc/profile #把mysql服务加入系统环境变量:在最后添加下面这一行
export PATH=$PATH:/usr/local/mysql/bin
:wq! #保存退出
source /etc/profile #使配置立刻生效
下面这两行把myslq的库文件链接到系统默认的位置,这样你在编译类似PHP等软件时可以不用指定mysql的库文件地址。
ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln -s /usr/local/mysql/include/mysql /usr/include/mysql
mkdir /var/lib/mysql #创建目录
ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock #添加软链接
mysql_secure_installation #修改Mysql密码,输入之前生成的密CSJlm3DyTG.d回车,根据提示操作。
Press y|Y for Yes, any other key for No: y #是否安装密码安全插件?选择y
There are three levels of password validation policy: #有以下几种密码强度选择
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0 #选择0,只要8位数字即可,选1要有大写,小写,特殊字符等
UNINSTALL PLUGIN validate_password ; #卸载密码强度插件
use mysql;
update mysql.user set authentication_string=password('123456') where user='root' ; #登录mysql控制台修改
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password AS '123456'; #修改密码
二、安装Nginx
1、安装pcre
cd /usr/local/src
mkdir /usr/local/pcre
tar zxvf pcre-8.40.tar.gz
cd pcre-8.40
./configure --prefix=/usr/local/pcre
make
make install
2、安装openssl
cd /usr/local/src
mkdir /usr/local/openssl
tar zxvf openssl-1.1.0e.tar.gz
cd openssl-1.1.0e
./config --prefix=/usr/local/openssl
make
make install
vi /etc/profile
export PATH=$PATH:/usr/local/openssl/bin
:wq!
source /etc/profile
3、安装zlib
cd /usr/local/src
mkdir /usr/local/zlib
tar zxvf zlib-1.2.11.tar.gz
cd zlib-1.2.11
./configure --prefix=/usr/local/zlib
make
make install
4、安装Nginx
groupadd www
useradd -g www www -s /bin/false
cd /usr/local/src
tar zxvf nginx-1.10.3.tar.gz
cd nginx-1.10.3
./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-openssl=/usr/local/src/openssl-1.1.0e --with-zlib=/usr/local/src/zlib-1.2.11 --with-pcre=/usr/local/src/pcre-8.40
注意:--with-openssl=/usr/local/src/openssl-1.1.0e --with-zlib=/usr/local/src/zlib-1.2.11 --with-pcre=/usr/local/src/pcre-8.40指向的是源码包解压的路径,而不是安装的路径,否则会报错
make
make install
/usr/local/nginx/sbin/nginx #启动Nginx
设置nginx开机启动
vi /etc/rc.d/init.d/nginx #编辑启动文件添加下面内容
############################################################
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /usr/local/nginx/conf/nginx.conf
# pidfile: /usr/local/nginx/logs/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/local/nginx/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
if [ -z "`grep $user /etc/passwd`" ]; then
useradd -M -s /bin/nologin $user
fi
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ]
