June 1, 2010 at 12:38Centos5.5 Nginx 0.8.33 + PHP5.3.1 (fpm) + MySQL5.5.0 (phpmyadmin) - full setup for beginners - 1 part
Centos5.5 Nginx 0.8.33 + PHP5.3.1 (fpm) + MySQL5.5.0 (phpmyadmin)
Recently, my friend bought a VPS, and of course he wanted to deploy a full-fledged server, plus considering the initial resources: 768 MB of memory and 2 cores allocated to its container , the server should not be gluttonous and fast, the blog will be spinning on it. I decided to install nginx, and php + php-fpm. I think I will not describe nginx, as well as php + php-fpm reviews can be found on Habr. That's just the whole point of the problem is that he wanted to put everything right, as in a textbook. He looked at the forums, googled the entire Internet, but did not find the right patsian manual. Everywhere only the main points of server settings and installation. It will not work, he said, and came to me. One head is good, but drinking beer in two is better!
They began to plan what we needed for work.
! This post is intended only for beginners, for those who do not have experience in installing and configuring the server. You will understand by the example of what and where and how to install, and then delving into the manuals and armed with a file, do everything specifically for your tasks.
At a minimum, you need to get started:
Putty - the.earth.li/~sgtatham/putty/latest/x86/putty.exe - SSH client
Centos 5.5 - the latter will already be on the server.
Nginx 0.8.33 - you can choose a senior release or stable.
PHP 5.3.1 - I think there will be no problems with it.
MySQL 5.5.0 - the base!
php-fpm patch
suhosin-patch
libevent-1.4.13-stable
and then all other packages that will be needed to compile and operate the server:
gcc gcc-c ++ libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-develsrbflf curl -devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers libmcrypt libmcrypt-devel pcre-devel
we work under root.
the installation will take some time, so switch to beer!
www.hardened-php.net/suhosin/index.html
do not forget to roll back
everything is installed? then with php finished.
This is what an approximate but complete server setup looks like.
At your request, configure all the configs and add and recompile everything as you need.
The basic idea is already more or less clear to you.
The next publication will be about how to make nginx.initd for quick start | stop | restart | force-reload control Nginx itself
Thank you. Good luck.
Recently, my friend bought a VPS, and of course he wanted to deploy a full-fledged server, plus considering the initial resources: 768 MB of memory and 2 cores allocated to its container , the server should not be gluttonous and fast, the blog will be spinning on it. I decided to install nginx, and php + php-fpm. I think I will not describe nginx, as well as php + php-fpm reviews can be found on Habr. That's just the whole point of the problem is that he wanted to put everything right, as in a textbook. He looked at the forums, googled the entire Internet, but did not find the right patsian manual. Everywhere only the main points of server settings and installation. It will not work, he said, and came to me. One head is good, but drinking beer in two is better!
They began to plan what we needed for work.
! This post is intended only for beginners, for those who do not have experience in installing and configuring the server. You will understand by the example of what and where and how to install, and then delving into the manuals and armed with a file, do everything specifically for your tasks.
At a minimum, you need to get started:
Putty - the.earth.li/~sgtatham/putty/latest/x86/putty.exe - SSH client
Centos 5.5 - the latter will already be on the server.
Nginx 0.8.33 - you can choose a senior release or stable.
PHP 5.3.1 - I think there will be no problems with it.
MySQL 5.5.0 - the base!
php-fpm patch
suhosin-patch
libevent-1.4.13-stable
and then all other packages that will be needed to compile and operate the server:
gcc gcc-c ++ libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-develsrbflf curl -devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers libmcrypt libmcrypt-devel pcre-devel
we work under root.
1. to begin, we catch EPEL repo.
EPEL storage is supported by the Fedora Core team, which contains useful programs. Once this repository is added, you can install all the necessary packages from there, and enable it in the future for general system updates.rpm -ihv http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
Next, check and install the bags:
yum -y install gcc gcc-c++ libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers libmcrypt libmcrypt-devel pcre-devel
Then again for reliability:
yum -y update
Install the correct autoconf-2.13, before deleting the old one
yum remove autoconf
cd /usr/local/src
wget http://ftp.gnu.org/gnu/autoconf/autoconf-2.13.tar.gz
tar -xzvf autoconf-2.13.tar.gz
cd autoconf-2.13
./configure
make && make install
Hooray, and now we are pulling all our good:
cd /usr/local/src
wget http://nginx.org/download/nginx-0.8.33.tar.gz
wget http://ru.php.net/get/php-5.3.1.tar.gz/from/ru.php.net/mirror
wget http://dev.mysql.com/get/Downloads/MySQL-5.5/mysql-5.5.0-m2.tar.gz/from/http://opensource.become.com/mysql/
wget http://download.suhosin.org/suhosin-patch-5.3.1-0.9.8.patch.gz
wget http://launchpad.net/php-fpm/master/0.6/+download/php-fpm-0.6~5.3.1.tar.gz
wget http://www.monkey.org/~provos/libevent-1.4.13-stable.tar.gz
2. Start the installation with MySqL 5.5.0
cd /usr/local/src
tar -xzvf mysql-5.5.0-m2.tar.gz
cd mysql-5.5.0-m2
./configure --prefix=/usr/local/mysql --localstatedir=/var/lib/mysql --with-comment=Source --with-server-suffix=-enterprise-gpl --with-mysqld-user=mysql --without-debug --with-big-tables --with-charset=utf8 --with-collation=utf8_general_ci --with-pthread --enable-static --with-client-ldflags=-all-static --with-mysqld-ldflags=-all-static --enable-assembler --without-ndb-debug --enable-local-infile --with-readline --with-plugins=innobase
make && make install
the installation will take some time, so switch to beer!
if everything went well, then we will make the user, the base and the config:
useradd mysql
cd /usr/local/mysql
bin/mysql_install_db --user=mysql
chown -R root:mysql . # точка самое главное!!!
chown -R mysql /var/lib/mysql
chgrp -R mysql . # и здесь точка в конце!!!
cp share/mysql/my-medium.cnf /etc/my.cnf
cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld
chmod 755 /etc/rc.d/init.d/mysqld
chkconfig --add mysqld
echo "/usr/local/mysql/lib" >> /etc/ld.so.conf && ldconfig
/etc/rc.d/init.d/mysqld start # запускаем двигло
bin/mysqladmin -u root password "123456" # поменяйте пароль!!!
service mysqld stop
3. PHP 5.3.1 - put the patch and compile:
www.hardened-php.net/suhosin/index.html
do not forget to roll back
cd /usr/local/src
tar -xvzf php-5.3.1.tar.gz
gunzip suhosin-patch-5.3.1-0.9.8.patch.gz
cd php-5.3.1
patch -p 1 -i ../suhosin-patch-5.3.1-0.9.8.patch
./buildconf --force
to install the patch php-fpm first compile libevent
cd /usr/local/src
tar -zxvf "libevent-1.4.13-stable.tar.gz"
cd "libevent-1.4.13-stable"
./configure && make
make install
then a couple of kid tricks, akhalai-mahalai
export PHP_VER=5.3.1
cd /usr/local/src
tar -zxvf "php-fpm-0.6~$PHP_VER.tar.gz"
"php-fpm-0.6-$PHP_VER/generate-fpm-patch"
cd "php-$PHP_VER"
patch -p1 < ../fpm.patch
./buildconf --force
and go to the installation of the patched and improved pkhp
cd /usr/local/src/php-5.3.1
mkdir fpm-build && cd fpm-build
../configure --prefix=/usr/local/webserver/php --with-pear=/usr/share/php --with-zlib-dir --with-bz2 --with-libxml-dir=/usr --enable-gd-native-ttf --enable-gd-jis-conv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-ttf=shared,/usr --enable-mbstring --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-config-file-path=/etc --with-iconv --enable-static --enable-zend-multibyte --enable-inline-optimization --enable-sockets --enable-soap --with-openssl --with-gettext --enable-sysvsem --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --with-mcrypt --with-curl --with-curlwrappers --enable-mbregex --enable-bcmath --enable-shmop --enable-suhosin --with-fpm --with-libevent=shared,/usr/local/lib
make && make install
cp php.ini.default /etc/php.ini
echo "/usr/local/webserver/php/lib" >> /etc/ld.so.conf && ldconfig
everything is installed? then with php finished.
3.a. create a group and user with folders for the web:
/usr/sbin/groupadd www -g 48
/usr/sbin/useradd -u 48 -g www www
mkdir -p /website/htdocs/blog
chmod +w /website/htdocs/blog
chown -R www:www /website/htdocs/blog
mkdir -p /website/htdocs/www
chmod +w /website/htdocs/www
chown -R www:www /website/htdocs/www
configure php-fpm:
mkdir /usr/local/webserver/php/logs
cp /usr/local/src/php-fpm-0.6-5.3.1/conf/php-fpm.conf.in /usr/local/webserver/php/etc/php-fpm.conf
vi /usr/local/webserver/php/etc/php-fpm.conf
and the config file itself:
All relative paths in this config are relative to php's install prefix
Pid file
/usr/local/webserver/php/logs/php-fpm.pid
Error log file
/usr/local/webserver/php/logs/php-fpm.log
Log level
notice
When this amount of php processes exited with SIGSEGV or SIGBUS ...
10
... in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.
1m
Time limit on waiting child's reaction on signals from master
5s
Set to 'no' to debug fpm
yes
Name of pool. Used in logs and stats.
default
Address to accept fastcgi requests on.
Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
127.0.0.1:9000
Set listen(2) backlog
-1
Set permissions for unix socket, if one used.
In Linux read/write permissions must be set in order to allow connections from web server.
Many BSD-derrived systems allow connections regardless of permissions.
0666
Additional php.ini defines, specific to this pool of workers.
These settings overwrite the values previously defined in the php.ini.
/usr/sbin/sendmail -t -i -->1
/var/log/php-error.log -->
true -->
Unix user of processes
www
Unix group of processes
www
Process manager settings
Sets style of controling worker process count.
Valid values are 'static' and 'apache-like'
static
Sets the limit on the number of simultaneous requests that will be served.
Equivalent to Apache MaxClients directive.
Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
Used with any pm_style.
128
Settings group for 'apache-like' pm style
Sets the number of server processes created on startup.
Used only when 'apache-like' pm_style is selected
20
Sets the desired minimum number of idle server processes.
Used only when 'apache-like' pm_style is selected
5
Sets the desired maximum number of idle server processes.
Used only when 'apache-like' pm_style is selected
35
The timeout (in seconds) for serving a single request after which the worker process will be terminated
Should be used when 'max_execution_time' ini option does not stop script execution for some reason
'0s' means 'off'
0s
The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
'0s' means 'off'
0s
The log file for slow requests
logs/slow.log
Set open file desc rlimit
51200
Set max core size rlimit
0
Chroot to this directory at the start, absolute path
yes
How much requests each process should execute before respawn.
Useful to work around memory leaks in 3rd party libraries.
For endless request processing please specify 0
Equivalent to PHP_FCGI_MAX_REQUESTS
10240
Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
Makes sense only with AF_INET listening socket.
127.0.0.1
Pass environment variables like LD_LIBRARY_PATH
All $VARIABLEs are taken from current environment
$HOSTNAME /usr/local/bin:/usr/bin:/bin /tmp /tmp /tmp $OSTYPE $MACHTYPE 2
4. Nginx !!! Before starting the installation, make changes to the files before compilation.
cd /usr/local/src
tar zxvf nginx-0.8.33.tar.gz
cd nginx-0.8.33
vi nginx-0.8.33/src/core/nginx.h
находим строки
#define NGINX_VERSION "0.8.33"
#define NGINX_VER "nginx/" NGINX_VERSION
меняем на чтото левое только текст - вставить свое название
#define NGINX_VERSION "10.50.0"
#define NGINX_VER "вставить свое название/" NGINX_VERSION
vi nginx-0.8.33/src/http/ngx_http_header_filter_module.c
находим строки
static char ngx_http_server_string[] = "Server: nginx" CRLF;
меняем на чтото левое только текст - вставить свое название
static char ngx_http_server_string[] = "Server: вставить свое название" CRLF;
vi nginx-0.8.33/src/http/ngx_http_special_response.c
находим строки
static u_char ngx_http_error_full_tail[] =
"
" NGINX_VER " " CRLF
"" CRLF
"" CRLF
;
static u_char ngx_http_error_tail[] =
"
nginx " CRLF
"" CRLF
"" CRLF
;
меняем на чтото левое только текст - вставить свое название
static u_char ngx_http_error_full_tail[] =
"
"NGINX_VER" " CRLF
"
http://www.вставить свое название.com " CRLF
"" CRLF
"" CRLF
;
static u_char ngx_http_error_tail[] =
"
вставить свое название " CRLF
"" CRLF
"" CRLF
;
Install Nginx with the settings:
./configure \
"--user=www" \
"--group=www" \
"--prefix=/usr/local/nginx/" \
"--with-http_stub_status_module" \
"--with-http_ssl_module" \
make
make install
We create the necessary directories
mkdir -p /website/logs
chmod +w /website/logs
chown -R www:www /website/logs
Create a new config
rm -f /usr/local/webserver/nginx/conf/nginx.conf
vi /usr/local/webserver/nginx/conf/nginx.conf
insert the config
user www www;
worker_processes 8;
error_log /website/logs/nginx_error.log crit;
pid /usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
server
{
listen 80;
server_name site.ru www.site.ru;
index index.html index.htm index.php;
root /website/htdocs/www;
#limit_conn crawler 20;
location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
}
}
4.a. in the folder / usr / local / webserver / nginx / conf / create a new config file fcgi.conf
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
5. Autostart in the file /etc/rc.local add
ulimit -SHn 65535
/usr/local/webserver/php/bin/php-fpm start
/usr/local/webserver/nginx/sbin/nginx
EVERYTHING IS CONFIGURED AND READY TO WORK !!!
6. phpMyAdmin - set the admin panel for the database and at the same time check how the server works:
cd /usr/local/src
wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.3.3/phpMyAdmin-3.3.3-english.tar.gz/download
tar xzvf phpMyAdmin-3.3.3-english.tar.gz
mv phpMyAdmin-3.3.3-english /website/htdocs/www/phpmyadmin
cd /website/htdocs/www/phpmyadmin
mkdir config
chmod o+rw config
cp config.sample.inc.php config/config.inc.php
chmod o+w config/config.inc.php
go to configure your site.ru / phpmyadmin / setup /
all set up, installed. logged in to your site.ru / phpmyadmin
after sweeping tracks
mv config/config.inc.php .
chmod 744 config.inc.php
rm -rf config
This is what an approximate but complete server setup looks like.
At your request, configure all the configs and add and recompile everything as you need.
The basic idea is already more or less clear to you.
The next publication will be about how to make nginx.initd for quick start | stop | restart | force-reload control Nginx itself
Thank you. Good luck.