1.切换到opt目录
cd /opt
2.检查是否安装screen,没安装第3步,有安装跳过
screen -S lnmp
3.yum命令安装screen
yum install screen -y
4.下载一键安装包,解压,进入解压目录,执行安装
wget http://soft.vpser.net/lnmp/lnmp1.5.tar.gz -cO lnmp1.5.tar.gz && tar zxf lnmp1.5.tar.gz && cd lnmp1.5 && ./install.sh lnmp
5.安装ftp
./pureftpd.sh
6.安装imagemagick
./addons.sh install imagemagick
7.安装redis
./addons.sh install redis
8.重新安装fileinfo
cd src
tar xjf php-5.6.30.tar.bz2 (解压php压缩包)
cd php-5.6.30/ext/ (切换到扩展目录)
cd fileinfo (切换到fileinfo扩展目录)
/usr/local/php/bin/phpize (编译准备)
./configure --with-php-config=/usr/local/php/bin/php-config (编译准备)
make && make install (编译安装)
vim /usr/local/php/etc/php.ini (添加扩展配置)
extension=php_fileinfo.dll
9.修改php配置
vim /usr/local/php/etc/php.ini (修改php配置)
;disable_functions = passthru,exec,system,chroot,chgrp,chown,shell_exec,proc_open,proc_get_status,popen,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server(注释危险方法)
display_error=on(打开报错提示)
10.删除user.ini文件
chattr -i /home/wwwroot/default/.user.ini (解锁文件)
rm .user.ini (删除文件)
11.修改nginx配置文件
vim /usr/local/nginx/conf/fastcgi.conf
#fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root/:/tmp/:/proc/";(注释掉目录权限问题)
12.更新gcc
curl -Lks http://www.hop5.in/yum/el6/hop5.repo > /etc/yum.repos.d/hop5.repo (添加第三方源)
yum install gcc gcc-g++ -y (安装gcc)
gcc --version (查看gcc版本)
13.更新autoconf
rpm -e --nodeps autoconf-2.63 (卸载旧版本autoconf)
cd /opt (切换到opt目录)
wget ftp://ftp.gnu.org/gnu/autoconf/autoconf-2.69.tar.gz (下载autoconf)
tar zxvf autoconf-2.69.tar.gz (解压autoconf)
cd autoconf-2.69 (进入autoconf目录)
./configure --prefix=/usr/ (编译准备)
make && make install (编译安装)
/usr/bin/autoconf -V (查看autoconf版本)
14.修改防火墙
vim /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Sun Oct 13 03:03:56 2019
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2:200]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j DROP
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j DROP
-A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20000:30000 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 9999 -j ACCEPT(增加对应的swoole端口)
#(注意所有规则需要写在下面两个规则上面,否则无效)
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Sun Oct 13 03:03:56 2019
/etc/init.d/iptables restart (重启防火墙)
15.安装mogodb扩展
pecl install mongodb
16.安装mongodb
cd /opt (切换到opt目录)
curl -O https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-3.0.6.tgz (下载mogodb)
tar -zxvf mongodb-linux-x86_64-3.0.6.tgz (解压mogodb)
mv mongodb-linux-x86_64-3.0.6/ /usr/local/mongodb (移动解压文件夹)
vim /etc/profile (添加环境变量)
export PATH=/usr/local/mongodb/bin:$PATH
source /etc/profile (使环境变量生效)
mkdir -p /usr/local/mongodb/data/db (生成mogodb存储目录)
mkdir -p /usr/local/mongodb/logs (生成日志存储目录)
cd /usr/local/mongodb/bin (进入mogodb安装文件夹)
./mongod --fork --dbpath /usr/local/mongodb/data/db/ --logpath=/usr/local/mongodb/logs/mongodb2.log --logappend (后台启动)
./mongo (运行mogodb控制台,测试是否安装成功)
17.安装swoole扩展
pecl install swoole
18.创建虚拟主机
lnmp vhost add
19.申请免费证书
cd /opt (切换到opt目录)
wget https://dl.eff.org/certbot-auto(下载certbot)
sudo mv certbot-auto /usr/local/bin/certbot-auto(创建全局可执行命令)
或
ln -s /opt/certbot-auto /usr/local/bin/certbot-auto
sudo chown root /usr/local/bin/certbot-auto(赋予权限)
sudo chmod 0755 /usr/local/bin/certbot-auto(赋予权限)
sudo /usr/local/bin/certbot-auto --nginx(申请证书和自动配置)
或
sudo /usr/local/bin/certbot-auto certonly --nginx(只申请证书)
20.开启crontab
service crond reload (重读并刷新配置)
service crond start (开启服务)
service crond stop(停止服务)
service crond restart (重启服务)
21.证书自动续签
crontab -e
echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew" | sudo tee -a /etc/crontab > /dev/null (自动续签)
网友评论