Centos5.5 Nginx 0.8.33 + PHP5.3.1 (fpm) + MySQL5.5.0 (phpmyadmin) - full setup for beginners - 1 part

    Centos5.5 Nginx 0.8.33 + PHP5.3.1 (fpm) + MySQL5.5.0 (phpmyadmin)

    Recently, my friend bought a VPS, and of course he wanted to deploy a full-fledged server, plus considering the initial resources: 768 MB of memory and 2 cores allocated to its container , the server should not be gluttonous and fast, the blog will be spinning on it. I decided to install nginx, and php + php-fpm. I think I will not describe nginx, as well as php + php-fpm reviews can be found on Habr. That's just the whole point of the problem is that he wanted to put everything right, as in a textbook. He looked at the forums, googled the entire Internet, but did not find the right patsian manual. Everywhere only the main points of server settings and installation. It will not work, he said, and came to me. One head is good, but drinking beer in two is better!
    They began to plan what we needed for work.

    ! This post is intended only for beginners, for those who do not have experience in installing and configuring the server. You will understand by the example of what and where and how to install, and then delving into the manuals and armed with a file, do everything specifically for your tasks.
    At a minimum, you need to get started:
    Putty - the.earth.li/~sgtatham/putty/latest/x86/putty.exe - SSH client

    Centos 5.5 - the latter will already be on the server.
    Nginx 0.8.33 - you can choose a senior release or stable.
    PHP 5.3.1 - I think there will be no problems with it.
    MySQL 5.5.0 - the base!
    php-fpm patch
    suhosin-patch
    libevent-1.4.13-stable

    and then all other packages that will be needed to compile and operate the server:
    gcc gcc-c ++ libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-develsrbflf curl -devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers libmcrypt libmcrypt-devel pcre-devel



    we work under root.

    1. to begin, we catch EPEL repo.

    EPEL storage is supported by the Fedora Core team, which contains useful programs. Once this repository is added, you can install all the necessary packages from there, and enable it in the future for general system updates.

    rpm -ihv http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
    rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
    



    Next, check and install the bags:



    yum -y install gcc gcc-c++ libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers libmcrypt libmcrypt-devel pcre-devel
    



    Then again for reliability:



    yum -y update


    Install the correct autoconf-2.13, before deleting the old one



    yum remove autoconf
    cd /usr/local/src
    wget http://ftp.gnu.org/gnu/autoconf/autoconf-2.13.tar.gz
    tar -xzvf autoconf-2.13.tar.gz
    cd autoconf-2.13
    ./configure
    make && make install
    



    Hooray, and now we are pulling all our good:



    cd /usr/local/src
    wget http://nginx.org/download/nginx-0.8.33.tar.gz
    wget http://ru.php.net/get/php-5.3.1.tar.gz/from/ru.php.net/mirror
    wget http://dev.mysql.com/get/Downloads/MySQL-5.5/mysql-5.5.0-m2.tar.gz/from/http://opensource.become.com/mysql/
    wget http://download.suhosin.org/suhosin-patch-5.3.1-0.9.8.patch.gz
    wget http://launchpad.net/php-fpm/master/0.6/+download/php-fpm-0.6~5.3.1.tar.gz
    wget http://www.monkey.org/~provos/libevent-1.4.13-stable.tar.gz
    



    2. Start the installation with MySqL 5.5.0



    cd /usr/local/src
    tar -xzvf mysql-5.5.0-m2.tar.gz
    cd mysql-5.5.0-m2
    ./configure --prefix=/usr/local/mysql --localstatedir=/var/lib/mysql --with-comment=Source --with-server-suffix=-enterprise-gpl --with-mysqld-user=mysql --without-debug --with-big-tables --with-charset=utf8 --with-collation=utf8_general_ci --with-pthread --enable-static --with-client-ldflags=-all-static --with-mysqld-ldflags=-all-static --enable-assembler --without-ndb-debug --enable-local-infile --with-readline --with-plugins=innobase
    make && make install
    



    the installation will take some time, so switch to beer!

    if everything went well, then we will make the user, the base and the config:



    useradd mysql
    cd /usr/local/mysql
    bin/mysql_install_db --user=mysql
    chown -R root:mysql .    # точка самое главное!!!
    chown -R mysql /var/lib/mysql
    chgrp -R mysql .    # и здесь точка в конце!!!
    cp share/mysql/my-medium.cnf /etc/my.cnf
    cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld
    chmod 755 /etc/rc.d/init.d/mysqld
    chkconfig --add mysqld
    echo "/usr/local/mysql/lib" >> /etc/ld.so.conf && ldconfig
    /etc/rc.d/init.d/mysqld start # запускаем двигло
    bin/mysqladmin -u root password "123456" # поменяйте пароль!!!
    service mysqld stop
    



    3. PHP 5.3.1 - put the patch and compile:


    www.hardened-php.net/suhosin/index.html
    do not forget to roll back

    cd /usr/local/src


    tar -xvzf php-5.3.1.tar.gz
    gunzip suhosin-patch-5.3.1-0.9.8.patch.gz
    cd php-5.3.1
    patch -p 1 -i ../suhosin-patch-5.3.1-0.9.8.patch
    ./buildconf --force
    



    to install the patch php-fpm first compile libevent



    cd /usr/local/src
    tar -zxvf "libevent-1.4.13-stable.tar.gz"
    cd "libevent-1.4.13-stable"
    ./configure && make
    make install
    



    then a couple of kid tricks, akhalai-mahalai



    export PHP_VER=5.3.1
    cd /usr/local/src
    tar -zxvf "php-fpm-0.6~$PHP_VER.tar.gz"
    "php-fpm-0.6-$PHP_VER/generate-fpm-patch"
    cd "php-$PHP_VER"
    patch -p1 < ../fpm.patch
    ./buildconf --force
    



    and go to the installation of the patched and improved pkhp



    cd /usr/local/src/php-5.3.1
    mkdir fpm-build && cd fpm-build
    ../configure --prefix=/usr/local/webserver/php --with-pear=/usr/share/php --with-zlib-dir --with-bz2 --with-libxml-dir=/usr --enable-gd-native-ttf --enable-gd-jis-conv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-ttf=shared,/usr --enable-mbstring --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-config-file-path=/etc --with-iconv --enable-static --enable-zend-multibyte --enable-inline-optimization --enable-sockets --enable-soap --with-openssl --with-gettext --enable-sysvsem --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --with-mcrypt --with-curl --with-curlwrappers --enable-mbregex --enable-bcmath --enable-shmop --enable-suhosin --with-fpm --with-libevent=shared,/usr/local/lib
    make && make install
    cp php.ini.default /etc/php.ini
    echo "/usr/local/webserver/php/lib" >> /etc/ld.so.conf && ldconfig
    



    everything is installed? then with php finished.

    3.a. create a group and user with folders for the web:



    /usr/sbin/groupadd www -g 48
    /usr/sbin/useradd -u 48 -g www www
    mkdir -p /website/htdocs/blog
    chmod +w /website/htdocs/blog
    chown -R www:www /website/htdocs/blog
    mkdir -p /website/htdocs/www
    chmod +w /website/htdocs/www
    chown -R www:www /website/htdocs/www
    



    configure php-fpm:



    mkdir /usr/local/webserver/php/logs
    cp /usr/local/src/php-fpm-0.6-5.3.1/conf/php-fpm.conf.in /usr/local/webserver/php/etc/php-fpm.conf
    vi /usr/local/webserver/php/etc/php-fpm.conf
    



    and the config file itself:



    
    	All relative paths in this config are relative to php's install prefix
    	
    Pid file /usr/local/webserver/php/logs/php-fpm.pid Error log file /usr/local/webserver/php/logs/php-fpm.log Log level notice When this amount of php processes exited with SIGSEGV or SIGBUS ... 10 ... in a less than this interval of time, a graceful restart will be initiated. Useful to work around accidental curruptions in accelerator's shared memory. 1m Time limit on waiting child's reaction on signals from master 5s Set to 'no' to debug fpm yes
    Name of pool. Used in logs and stats. default Address to accept fastcgi requests on. Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket' 127.0.0.1:9000 Set listen(2) backlog -1 Set permissions for unix socket, if one used. In Linux read/write permissions must be set in order to allow connections from web server. Many BSD-derrived systems allow connections regardless of permissions. 0666 Additional php.ini defines, specific to this pool of workers. These settings overwrite the values previously defined in the php.ini. /usr/sbin/sendmail -t -i -->1 /var/log/php-error.log --> true --> Unix user of processes www Unix group of processes www Process manager settings Sets style of controling worker process count. Valid values are 'static' and 'apache-like' static Sets the limit on the number of simultaneous requests that will be served. Equivalent to Apache MaxClients directive. Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi Used with any pm_style. 128 Settings group for 'apache-like' pm style Sets the number of server processes created on startup. Used only when 'apache-like' pm_style is selected 20 Sets the desired minimum number of idle server processes. Used only when 'apache-like' pm_style is selected 5 Sets the desired maximum number of idle server processes. Used only when 'apache-like' pm_style is selected 35 The timeout (in seconds) for serving a single request after which the worker process will be terminated Should be used when 'max_execution_time' ini option does not stop script execution for some reason '0s' means 'off' 0s The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file '0s' means 'off' 0s The log file for slow requests logs/slow.log Set open file desc rlimit 51200 Set max core size rlimit 0 Chroot to this directory at the start, absolute path Chdir to this directory at the start, absolute path Redirect workers' stdout and stderr into main error log. If not set, they will be redirected to /dev/null, according to FastCGI specs yes How much requests each process should execute before respawn. Useful to work around memory leaks in 3rd party libraries. For endless request processing please specify 0 Equivalent to PHP_FCGI_MAX_REQUESTS 10240 Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect. Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+) Makes sense only with AF_INET listening socket. 127.0.0.1 Pass environment variables like LD_LIBRARY_PATH All $VARIABLEs are taken from current environment $HOSTNAME/usr/local/bin:/usr/bin:/bin/tmp/tmp/tmp$OSTYPE$MACHTYPE2




    4. Nginx !!! Before starting the installation, make changes to the files before compilation.



    cd /usr/local/src
    tar zxvf nginx-0.8.33.tar.gz
    cd nginx-0.8.33
    



    vi nginx-0.8.33/src/core/nginx.h
    находим строки
    #define NGINX_VERSION      "0.8.33"
    #define NGINX_VER          "nginx/" NGINX_VERSION
    меняем на чтото левое только текст - вставить свое название
    #define NGINX_VERSION      "10.50.0"
    #define NGINX_VER          "вставить свое название/" NGINX_VERSION
    



    vi nginx-0.8.33/src/http/ngx_http_header_filter_module.c
    находим строки
    static char ngx_http_server_string[] = "Server: nginx" CRLF;
    меняем на чтото левое только текст - вставить свое название
    static char ngx_http_server_string[] = "Server: вставить свое название" CRLF;
    



    vi nginx-0.8.33/src/http/ngx_http_special_response.c
    находим строки
    static u_char ngx_http_error_full_tail[] =
    "
    " NGINX_VER "
    " CRLF "" CRLF "" CRLF ; static u_char ngx_http_error_tail[] = "
    nginx
    " CRLF "" CRLF "" CRLF ; меняем на чтото левое только текст - вставить свое название static u_char ngx_http_error_full_tail[] = "
    "NGINX_VER"
    " CRLF "
    http://www.вставить свое название.com
    " CRLF "" CRLF "" CRLF ; static u_char ngx_http_error_tail[] = "
    вставить свое название
    " CRLF "" CRLF "" CRLF ;



    Install Nginx with the settings:



        ./configure \
         "--user=www" \
         "--group=www" \
         "--prefix=/usr/local/nginx/" \
         "--with-http_stub_status_module" \
         "--with-http_ssl_module" \
    make
    make install
    



    We create the necessary directories



    mkdir -p /website/logs
    chmod +w /website/logs
    chown -R www:www /website/logs
    



    Create a new config



    rm -f /usr/local/webserver/nginx/conf/nginx.conf
    vi /usr/local/webserver/nginx/conf/nginx.conf
    



    insert the config



        user  www www;
    worker_processes 8;
    error_log /website/logs/nginx_error.log crit;
    pid /usr/local/webserver/nginx/nginx.pid;
    #Specifies the value for maximum file descriptors that can be opened by this process.
    worker_rlimit_nofile 65535;
    events
    {
      use epoll;
      worker_connections 65535;
    }
    http
    {
      include       mime.types;
      default_type  application/octet-stream;
      #charset  gb2312;
      server_names_hash_bucket_size 128;
      client_header_buffer_size 32k;
      large_client_header_buffers 4 32k;
      client_max_body_size 8m;
      sendfile on;
      tcp_nopush     on;
      keepalive_timeout 60;
      tcp_nodelay on;
      fastcgi_connect_timeout 300;
      fastcgi_send_timeout 300;
      fastcgi_read_timeout 300;
      fastcgi_buffer_size 64k;
      fastcgi_buffers 4 64k;
      fastcgi_busy_buffers_size 128k;
      fastcgi_temp_file_write_size 128k;
      gzip on;
      gzip_min_length  1k;
      gzip_buffers     4 16k;
      gzip_http_version 1.0;
      gzip_comp_level 2;
      gzip_types  text/plain application/x-javascript text/css application/xml;
      gzip_vary on;
      #limit_zone  crawler  $binary_remote_addr  10m;
      server
      {
        listen       80;
        server_name  site.ru www.site.ru;
        index index.html index.htm index.php;
        root  /website/htdocs/www;
        #limit_conn   crawler  20;    
        location ~ .*\.(php|php5)?$
        {      
          #fastcgi_pass  unix:/tmp/php-cgi.sock;
          fastcgi_pass  127.0.0.1:9000;
          fastcgi_index index.php;
          include fcgi.conf;
        }
        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
          expires      30d;
        }
        location ~ .*\.(js|css)?$
        {
          expires      1h;
        }    
     }
    }
    



    4.a. in the folder / usr / local / webserver / nginx / conf / create a new config file fcgi.conf



    fastcgi_param GATEWAY_INTERFACE CGI/1.1;
    fastcgi_param SERVER_SOFTWARE nginx;
    fastcgi_param QUERY_STRING $query_string;
    fastcgi_param REQUEST_METHOD $request_method;
    fastcgi_param CONTENT_TYPE $content_type;
    fastcgi_param CONTENT_LENGTH $content_length;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param REQUEST_URI $request_uri;
    fastcgi_param DOCUMENT_URI $document_uri;
    fastcgi_param DOCUMENT_ROOT $document_root;
    fastcgi_param SERVER_PROTOCOL $server_protocol;
    fastcgi_param REMOTE_ADDR $remote_addr;
    fastcgi_param REMOTE_PORT $remote_port;
    fastcgi_param SERVER_ADDR $server_addr;
    fastcgi_param SERVER_PORT $server_port;
    fastcgi_param SERVER_NAME $server_name;
    # PHP only, required if PHP was built with --enable-force-cgi-redirect
    fastcgi_param REDIRECT_STATUS 200;
    



    5. Autostart in the file /etc/rc.local add



    ulimit -SHn 65535
    /usr/local/webserver/php/bin/php-fpm start
    /usr/local/webserver/nginx/sbin/nginx
    



    EVERYTHING IS CONFIGURED AND READY TO WORK !!!



    6. phpMyAdmin - set the admin panel for the database and at the same time check how the server works:



    cd /usr/local/src
    wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.3.3/phpMyAdmin-3.3.3-english.tar.gz/download
    tar xzvf phpMyAdmin-3.3.3-english.tar.gz
    mv phpMyAdmin-3.3.3-english /website/htdocs/www/phpmyadmin
    cd /website/htdocs/www/phpmyadmin
    mkdir config
    chmod o+rw config
    cp config.sample.inc.php config/config.inc.php
    chmod o+w config/config.inc.php
    



    go to configure your site.ru / phpmyadmin / setup /


    all set up, installed. logged in to your site.ru / phpmyadmin



    after sweeping tracks



    mv config/config.inc.php .
    chmod 744 config.inc.php
    rm -rf config
    



    This is what an approximate but complete server setup looks like.
    At your request, configure all the configs and add and recompile everything as you need.
    The basic idea is already more or less clear to you.

    The next publication will be about how to make nginx.initd for quick start | stop | restart | force-reload control Nginx itself

    Thank you. Good luck.

    Also popular now: