CentOS 6 + Nginx + PHP + MySQL 5.5

Konfiguracja dotyczy serwera ovh.pl VPS Classic 3

Proces typowej instalacji maszyny dla systemu Agility.B2B

Uwaga!!! Serwer należy również trochę pozabezpieczań … więc samo wklejenie komend da Ci podstawę działającego serwera.

# MYSQL

rpm −Uvh http://mirror.webtatic.com/yum/el6/latest.rpm
yum install mysql.`uname −i` yum−plugin−replace
yum install mysql mysql−server
chkconfig −−level 2345 mysqld on; service mysqld start
mysql −u root
delete from mysql.user where not (host="localhost" and user="root");
FLUSH PRIVILEGES;
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('TWOJE HASŁO');
update mysql.user set user="TWÓJ USER" where user="root";
FLUSH PRIVILEGES;
DELETE FROM mysql.user WHERE User = '';
FLUSH PRIVILEGES;

TWÓJ USER@localhost :: TWOJE HASŁO

GRANT ALL PRIVILEGES ON *.* TO 'TWÓJ USER ROOT2'@'localhost' IDENTIFIED BY 'TWOJE HASŁO ROOT2' WITH GRANT OPTION;

TWÓJ USER ROOT2@localhost :: TWOJE HASŁO ROOT2

GRANT ALL PRIVILEGES ON *.* TO 'www_all'@'%' IDENTIFIED BY 'TWÓJ PASS WWW_ALL' WITH GRANT OPTION;

USER % - USER KTÓRY MOŻE WYCHODZIĆ NA ŚWIAT, JAK NIE POTRZEBUJESZ TO NIE RÓB TEGO KROKU!!!!

exit;
sudo service mysqld restart
sudo service mysqld stop
yum replace mysql −−replace−with mysql55w
sudo service mysqld start
mysql_upgrade −u TWÓJ USER −p −−force
DROP DATABASE `test`;

ZAKOŃCZENIE INSTALACJI MYSQL’A. NIE MAMY ŻADNEJ BAZY DANYCH. PRZECHODZIMY DO KONFIGURACJI MY.CNF

sudo service mysqld stop
vi /etc/my.cnf
10 dd

 

# PLIK KONFIGURACJI

# Configuration name akces_vps

[mysql]

# CLIENT #
port = 3306
socket = /var/lib/mysql/mysql.sock

[mysqld]

# GENERAL #
user = mysql
default−storage−engine = InnoDB
socket = /var/lib/mysql/mysql.sock
pid−file = /var/lib/mysql/mysql.pid

# MyISAM #

key−buffer−size = 32M
myisam−recover = FORCE,BACKUP

# SAFETY #

max−allowed−packet = 16M
max−connect−errors = 1000000

# DATA STORAGE #

datadir = /var/lib/mysql/

# BINARY LOGGING #

log−bin = /var/lib/mysql/mysql−bin
expire−logs−days = 14
sync−binlog = 1

# CACHES AND LIMITS #

tmp−table−size = 32M
max−heap−table−size = 32M
query−cache−type = 0
query−cache−size = 0
max−connections = 500
thread−cache−size = 150
open−files−limit = 65535
table−definition−cache = 4096
table−open−cache = 128

# INNODB #

innodb−flush−method = O_DIRECT
innodb−log−files−in−group = 2
innodb−log−file−size = 2024M
innodb−flush−log−at−trx−commit = 1
innodb−file−per−table = 1
innodb−buffer−pool−size = 2G

# LOGGING #

log−error = /var/lib/mysql/mysql−error.log
log−queries−not−using−indexes = 1
slow−query−log = 1
slow−query−log−file = /var/lib/mysql/mysql−slow.log

[ESC]
:wq

rm −f −r /var/lib/mysql/ib_logfile0
rm −f −r /var/lib/mysql/ib_logfile1
sudo service mysqld start

UWAGA, SERWER MYSQL BĘDZIE DŁUGO WSTAWAŁ BO ROZPOCZYNA TWORZENIE PLIKÓW ib_logfile0 oraz ib_logfile1 po 2GB każdy. MOŻE WALNĄĆ BŁĘDEM „NIEUDANE” – czekamy 3-4 min i jeszcze raz komenda ‚sudo service mysqld start’

# PHP

rpm −Uvh http://mirror.webtatic.com/yum/el6/latest.rpm

yum install php55w php55w−opcache php55w−odbc php55w−pecl−memcache php55w−soap php55w−xml php55w−mssql php55w−mysql php55w−gd php55w−common php55w−cli php55w−fpm php55w−mbstring php55w−devel php55w−mcrypt php55w−xml

service php−fpm start

# NGIN-X

sudo su −c 'rpm −Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel−release−6−8.noarch.rpm'
sudo yum install nginx
sudo service nginx start
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup
service nginx reload
vi /etc/nginx/nginx.conf

include /etc/nginx/sites−enabled/*;

[ESC]
:wq
mkdir /usr/share/nginx/html/logs/
touch /usr/share/nginx/html/logs/access.log
touch /usr/share/nginx/html/logs/error.log
chown −R apache:apache /usr/share/nginx/html/
chown −R nginx:nginx /usr/share/nginx/
mkdir /etc/nginx/sites−enabled/
mkdir /etc/nginx/sites−available/
mkdir /etc/nginx/ssl/

WKLEJ SWÓJ CERTYFIKAT DO TEGO FOLDERU

touch /etc/yum.repos.d/nginx.repo
vi /etc/yum.repos.d/nginx.repo

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1


touch /etc/nginx/sites−available/agakc
vi /etc/nginx/sites−<code lang="bash[lines−notools]">available/agakc

server {

listen TWÓJ IP:443 ssl spdy;
server_name agakc TWÓJ IP;

ssl on;
ssl_certificate /etc/nginx/ssl/b2b.crt;
ssl_certificate_key /etc/nginx/ssl/b2b.key;
ssl_session_timeout 5m;

ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

ssl_prefer_server_ciphers on;

access_log /usr/share/nginx/html/logs/access.log;
error_log /usr/share/nginx/html/logs/error.log;
root /usr/share/nginx/html/Agility.B2B/public;

location / {

client_max_body_size 128M;
client_body_buffer_size 128k;
location /imagebrowser {
break;

}

location /tmp {

break;

}

location / {

try_files $uri $uri/ /index.php$is_args$args;

}

index index.html index.htm index.php;

}

location ~ \.php$ {

include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/Agility.B2B/public/$fastcgi_script_name;

}

}

[ESC]
:wq

touch /etc/nginx/sites−available/agakc_http
vi /etc/nginx/sites−<code lang="bash[lines−notools]">available/agakc_http

server {

listen TWÓJ IP:80;
server_name agakc_http TWÓJ IP;

access_log /usr/share/nginx/html/logs/access.log;
error_log /usr/share/nginx/html/logs/error.log;
root /usr/share/nginx/html/Agility.B2B/public;

location / {

client_max_body_size 128M;
client_body_buffer_size 128k;
location /imagebrowser {
break;

}

location /tmp {

break;

}

location / {

try_files $uri $uri/ /index.php$is_args$args;

}

index index.html index.htm index.php;

}

location ~ \.php$ {

include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/Agility.B2B/public/$fastcgi_script_name;

}

}

[ESC]
:wq

ln −s /etc/nginx/sites−available/agakc /etc/nginx/sites−enable/agakc

ln −s /etc/nginx/sites−available/agakc_http /etc/nginx/sites−enable_http/agakc
service nginx reload
sudo service nginx restart

 

# GIT

yum install git

 

GENERUJE SOBIE KLUCZ DO PRIV REPO. HOW TO: http://kasztelan.me/centos-6-4-github-ssh-key-2/

cd /usr/share/nginx/html
git clone {URL REPO}
chkconfig −−add nginx
chkconfig −−levels 235 nginx on
chkconfig −−add php−fpm
chkconfig −−levels 235 php−fpm on
chkconfig −−add mysqld
chkconfig −−levels 235 mysqld on

 

Kasztelan Paweł

Programista samouk, zakochany w ZF i Laravel, szerzący opinię że PHP + JS + HTML + CSS to są języki w których może zostać stworzona aplikacja równie dobra, a nawet lepsza od twardego klienta.