ubuntu+Nginx+php-fpm+Mysql+Redis+ssl

安装LNMP环境

首先,墙裂推荐一套工具:WinSCP+Putty,管理文件方便很多。Mac版用Coda

基础环境

apt-get update
apt-get install nginx mysql-server php     * 注意 期间会要求输入MySQL的root密码

配置Nginx支持PHP

vi /etc/nginx/sites-available/default
......
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
    incloude snippets/fastcgi-php.conf;
#
#    # With php7.0-cgi alone;
#    fastcgi_pass 127.0.0.1:9000;
#    # With php7.2-fpm;
    fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
......

vi /etc/php/7.2/fpm/php-fpm.conf
...........
listen = /run/php/php7.2-fpm.sock

重启Nginx

nginx -s stop
nginx

这里有可能出现找不到pid的情况,可能是因为阿里云服务器自动启动了apache,只要把它关掉就行

netstat -ap | grep http
kill xxxxx(apache的pid)

关闭Apache2自启动,需要找到etc/rc0.d ~ rcx.d/目录下所有 S01apache2文件

update-rc.d apache2 stop 80 0 1 2 3 4 5 6
或一个个删除
sudo mv S01apache2  K01apache2

测试PHP

vi /var/www/html/info.php
<?php phpinfo();?>

修改 short_open_tag

vi /etc/php/7.2/fpm/php.ini
找到 short_open_tag = Off
改为 short_open_tag = On

安装curl扩展

apt-get install php7.2-curl libcurl4 libcurl4-dev php-curl
apt-get install php-mbstring

安装redis

安装和配置redis

apt-get install redis-server
apt-get install git php-dev
git clone -b php7-ipv6 https://github.com/phpredis/phpredis.git   * 注意 -b php7-ipv6为可选参数
cd phpredis/
phpize
./configure
make
make install

启动和测试Redis

redis-server /etc/redis/redis.conf
redis-cli>Ping

Pong

配置权限

>config set masterauth   123456>config set requirepass   123456>config rewrite

(error) NOAUTH Authentication required.>auth 123456>config rewrite

ok

配置php-redis

vi /etc/php/7.2/fpm/conf.d/redis.ini   * 注意 并无此文件 直接创建
extension=redis.so

配置mysqli

apt-get install php-mysqli
vi /etc/php/7.0/fpm/php.ini  * 在文件最后添加
extension="mysqli.so"

重启fpm

/etc/init.d/php7.0-fpm restart

启动MySQL

service mysql start
mysql -u root -p    * 注意 期间会要求验证之前输入的MySQL root密码>SET NAMES utf8;

Query OK, 0 rows affected (0.00 sec)

如果此时发现Mysql密码并未设置(按回车直接可进)则可以执行以下动作

>use mysql;>update user set authentication_string=password('新密码') where user='root';

修改mysql配置文件允许远程登陆

/etc/mysql/mysql.conf.d/mysqld.cnf

# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address        = 127.0.0.1        #注释掉这一行就可以远程登录了

HTTPS支持

把证书保存到 /etc/nginx/cert/

vi /etc/nginx/sites-available/default

在最后添加配置

server {
    # SSL configuration

    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;

    #ssl on;
    ssl_certificate   cert/你的pem文件名.pem;
    ssl_certificate_key  cert/你的key文件名.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.html index.htm index.php;

    server_name 你的域名;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

}

HTTPS支持

简单方案

自定义方案

把证书保存到 /etc/nginx/cert/

vi /etc/nginx/sites-available/default

在最后添加配置

server {
    # SSL configuration

    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;

    #ssl on;
    ssl_certificate   cert/你的pem文件名.pem;
    ssl_certificate_key  cert/你的key文件名.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.html index.htm index.php;

    server_name 你的域名;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

}