CentOS 7 yum nginx MySQL PHP 简易环境搭建
用centos自带的yum源来安装nginx,mysql和php,超级方便,省去编译的麻烦,省去自己配置的麻烦,还能节省非常多的时间。
更换yum源
- 我们先把yum源换成国内的阿里云镜像源(当然不换也可以),先备份一下原来的源镜像文件,以免出错后可以恢复:
[root@192 ~]# mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
- 下载新的CentOS-Base.repo 到/etc/yum.repos.d/,版本根据自己的系统版本选择下载:
# CentOS 5:
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-5.repo
# CentOS 6:
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
# CentOS 7:
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
- 更改/etc/yum.repos.d/CentOS-Media.repo使其为不生效:
vi /etc/yum.repos.d/CentOS-Media.repo
enable=0 # 修改enable为0不生效
- 运行yum makecache生成缓存:
yum clean all
yum makecache
yum update
安装Nginx
- 由于yum源中没有我们想要的nginx,那么我们就需要创建一个“/etc/yum.repos.d/nginx.repo”的文件,其实就是新增一个yum源。
[root@192 yum.repos.d]# vi /etc/yum.repos.d/nginx.repo
# 把如下内容复制进去
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
- 然后保存退出,输入 yum list nginx 查看:
[root@192 yum.repos.d]# yum list nginx
已加载插件:fastestmirror
nginx | 2.9 kB 00:00:00
nginx/7/x86_64/primary_db | 18 kB 00:00:04
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
可安装的软件包
nginx.x86_64 1:1.10.2-1.el7.ngx nginx
[root@192 yum.repos.d]# yum list |grep nginx
nginx.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-debug.x86_64 1:1.8.0-1.el7.ngx nginx
nginx-debuginfo.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-module-geoip.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-module-geoip-debuginfo.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-module-image-filter.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-module-image-filter-debuginfo.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-module-njs.x86_64 1:1.10.2.0.0.20160414.1c50334fbea6-2.el7.ngx
nginx
nginx-module-njs-debuginfo.x86_64 1:1.10.2.0.0.20160414.1c50334fbea6-2.el7.ngx
nginx
nginx-module-perl.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-module-perl-debuginfo.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-module-xslt.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-module-xslt-debuginfo.x86_64 1:1.10.2-1.el7.ngx nginx
nginx-nr-agent.noarch 2.0.0-10.el7.ngx nginx
pcp-pmda-nginx.x86_64 3.10.6-2.el7 base
如果执行命令是这样的显示效果,那么我们的nginx的yum源就配置成功啦!
- 然后要安装我们的nginx就直接执行:
yum -y install nginx
这样nginx的最新官网版本就安装好了!
- 启动Nginx
[root@192 yum.repos.d]# nginx #启动nginx
[root@192 yum.repos.d]# curl 127.0.0.1
Welcome to nginx!0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; }
Welcome to nginx!
If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.
For online documentation and support please refer to"http://nginx.org/">nginx.org.
Commercial support is available at"http://nginx.com/">nginx.com.
Thank you forusing nginx.
安装MySQL 5.7版本,官网http://dev.mysql.com/downloads/repo/yum/
- 获取MySql yum源
[root@192 yum.repos.d]# rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
- 查看MySql yum情况
[root@192 yum.repos.d]# yum repolist all | grep mysql
mysql-connectors-community/x86_64 MySQL Connectors Community 启用: 24
mysql-connectors-community-source MySQL Connectors Community - Sourc 禁用
mysql-tools-community/x86_64 MySQL Tools Community 启用: 38
mysql-tools-community-source MySQL Tools Community - Source 禁用
mysql-tools-preview/x86_64 MySQL Tools Preview 禁用
mysql-tools-preview-source MySQL Tools Preview - Source 禁用
mysql55-community/x86_64 MySQL 5.5 Community Server 禁用
mysql55-community-source MySQL 5.5 Community Server - Sourc 禁用
mysql56-community/x86_64 MySQL 5.6 Community Server 禁用
mysql56-community-source MySQL 5.6 Community Server - Sourc 禁用
mysql57-community/x86_64 MySQL 5.7 Community Server 启用: 146
mysql57-community-source MySQL 5.7 Community Server - Sourc 禁用
mysql80-community/x86_64 MySQL 8.0 Community Server 禁用
mysql80-community-source MySQL 8.0 Community Server - Sourc 禁用
可以看到已经有了,并且5.7版本已经启用,如果没有开启,或者你想要选择需要的版本进行安装,修改 /etc/yum.repos.d/mysql-community.repo,选择需要的版本把enable改为1即可,其它的改为0:
[mysql57-community]
name=MySQL 5.7 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.7-commnuty
enable=1 #把需要的版本设置为1
gpgcheck=1
....
修改好后查看可用的安装版本:
[root@192 yum.repos.d]# yum repolist enabled | grep mysql
mysql-connectors-community/x86_64 MySQL Connectors Community 24
mysql-tools-community/x86_64 MySQL Tools Community 38
mysql57-community/x86_64 MySQL 5.7 Community Server 146
- 不用犹豫,开始安装吧!
[root@192 yum.repos.d]# yum -y install mysql-community-server
- 启动MySql:
[root@192 yum.repos.d]# service start mysqld
Redirecting to /bin/systemctl start mysqld.service
- 开机启动设置:
[root@192 yum.repos.d]# systemctl enable mysqld
[root@192 yum.repos.d]# systemctl daemon-reload
- mysql安装完成之后,在/var/log/mysqld.log文件中给root生成了一个默认密码。通过下面的方式找到root默认密码,然后登录mysql进行修改:
[root@192 yum.repos.d]# grep 'temporary password' /var/log/mysqld.log
2016-10-23T14:51:45.705458Z 1 [Note] A temporary password is generated for root@localhost: a&sqr7dou7N_
[root@192 yum.repos.d]# mysql -uroot -p
- 修改root密码:
ALTER USER 'root'@'localhost' IDENTIFIED BY 'NewPassWord!';
注意:mysql5.7默认安装了密码安全检查插件,默认密码检查策略要求密码必须包含:大小写字母、数字和特殊符号,并且长度不能少于8位。否则会提示ERROR 1819 (HY000): Your password does not satisfy the current policy requirements错误,如所示:
ERROR 1819 (HY000):Your password does ont satisfy the the current policy requirements
通过msyql环境变量可以查看密码策略的相关信息:
mysql> show variables like '%password%';
+---------------------------------------+--------+
| Variable_name | Value |
+---------------------------------------+--------+
| default_password_lifetime | 0 |
| disconnect_on_expired_password | ON |
| log_builtin_as_identified_by_password | OFF |
| mysql_native_password_proxy_users | OFF |
| old_passwords | 0 |
| report_password | |
| sha256_password_proxy_users | OFF |
| validate_password_check_user_name | OFF |
| validate_password_dictionary_file | |
| validate_password_length | 8 |
| validate_password_mixed_case_count | 1 |
| validate_password_number_count | 1 |
| validate_password_policy | MEDIUM |
| validate_password_special_char_count | 1 |
+---------------------------------------+--------+
rows in set (0.00 sec)
validate_password_policy:密码策略,默认为MEDIUM策略
validate_password_dictionary_file:密码策略文件,策略为STRONG才需要
validate_password_length:密码最少长度
validate_password_mixed_case_count:大小写字符长度,至少1个
validate_password_number_count :数字至少1个
validate_password_special_char_count:特殊字符至少1个
上述参数是默认策略MEDIUM的密码检查规则。
- 修改密码策略
一、(==已测试不可用==)如果想修改密码策略,在/etc/my.cnf文件添加validate_password_policy配置:
# 选择0(LOW),1(MEDIUM),2(STRONG)其中一种,选择2需要提供密码字典文件
validate_password_policy=0
二、进入mysql命令端:
mysql> set global validate_password_policy=0;
mysql> set global validate_password_length=4;
# 便可以设置密码为:1234
- 配置默认编码为utf8
修改/etc/my.cnf配置文件,在[mysqld]下添加编码配置,如下所示:
[mysqld]
character_set_server=utf8
init_connect='SET NAMES utf8'
重新启动mysql服务使配置生效:
[root@192 yum.repos.d]# systemctl restart mysqld
- 添加远程登录用户
默认只允许root帐户在本地登录,如果要在其它机器上连接mysql,必须修改root允许远程连接,或者添加一个允许远程连接的帐户,为了安全起见,我们添加一个新的帐户:
mysql> grant all privileges on *.* to 'evai'@'%' identified by '@evai2016' WITH GRANT OPTION;
mysql> flush privileges;
运行select host, user from mysql.user 查看下:
mysql> select host,user from mysql.user;
+-----------+-----------+
| host | user |
+-----------+-----------+
| % | evai |
| localhost | mysql.sys |
| localhost | root |
+-----------+-----------+
3 rows in set (0.00 sec)
Yum安装PHP5.5,5.6,7.0
- 检查当前安装的PHP包
[root@192 yum.repos.d]# yum list installed | grep php
# 如果有安装的PHP包,先删除他们:
[root@192 yum.repos.d]# yum remove php.x86_64 php-cli.x86_64 php-common.x86_64 php-gd.x86_64 php-ldap.x86_64 php-mbstring.x86_64 php-mcrypt.x86_64 php-mysql.x86_64 php-pdo.x86_64
- 获取Yum源:
# Centos 5.X:
[root@192 yum.repos.d]# rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm
# CentOs 6.x:
[root@192 yum.repos.d]# rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm
# CentOs 7.X
[root@192 yum.repos.d]# rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
[root@192 yum.repos.d]# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
如果想删除上面安装的包,重新安装:
[root@192 yum.repos.d]# rpm -qa | grep webstatic
rpm -e 上面搜索到的包即可
- 运行yum install
[root@192 yum.repos.d]# yum install php55w.x86_64 php55w-cli.x86_64 php55w-common.x86_64 php55w-gd.x86_64 php55w-ldap.x86_64 php55w-mbstring.x86_64 php55w-mcrypt.x86_64 php55w-mysql.x86_64 php55w-pdo.x86_64
[root@192 yum.repos.d]# yum install php56w.x86_64 php56w-cli.x86_64 php56w-common.x86_64 php56w-gd.x86_64 php56w-ldap.x86_64 php56w-mbstring.x86_64 php56w-mcrypt.x86_64 php56w-mysql.x86_64 php56w-pdo.x86_64
# 注:如果想升级到5.6把上面的55w换成56w就可以了。
[root@192 yum.repos.d]# yum install php70w.x86_64 php70w-cli.x86_64 php70w-common.x86_64 php70w-gd.x86_64 php70w-ldap.x86_64 php70w-mbstring.x86_64 php70w-mcrypt.x86_64 php70w-mysql.x86_64 php70w-pdo.x86_64
- 安装PHP-FPM
[root@192 yum.repos.d]# yum install php55w-fpm
[root@192 yum.repos.d]# yum install php56w-fpm
[root@192 yum.repos.d]# yum install php70w-fpm
# 注:如果想升级到5.6把上面的55w换成56w就可以了。
- 启动php-fpm:
[root@192 yum.repos.d]# systemctl start php-fpm
[root@192 yum.repos.d]# systemctl enable php-fpm
PHP配置文件php.ini路径: /etc/php.ini
php-fpm配置文件php-fpm.conf路径:/etc/php-fpm.conf
安装PHP7
- 获取yum源:
[root@192 yum.repos.d]# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
[root@192 yum.repos.d]# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
- 执行命令安装php7:
[root@192 yum.repos.d]# yum install php70w.x86_64 php70w-cli.x86_64 php70w-common.x86_64 php70w-gd.x86_64 php70w-ldap.x86_64 php70w-mbstring.x86_64 php70w-mcrypt.x86_64 php70w-mysql.x86_64 php70w-pdo.x86_64
- 安装php-fpm:
[root@192 yum.repos.d]# yum install php70w-fpm php70w-opcache
- 启动php-fpm:
[root@192 yum.repos.d]# systemctl start php-fpm
防火墙
开启80端口、3306端口。CentOS 7.0默认使用的是firewall作为防火墙,这里改为iptables防火墙。
- 关闭firewall:
[root@192 yum.repos.d]# systemctl stop firewalld.service
# 停止firewall
[root@192 yum.repos.d]# systemctl disable firewalld.service
# 禁止firewall开机启动
- 安装iptables防火墙:
[root@192 yum.repos.d]# yum install iptables-services
# 安装
[root@192 yum.repos.d]# vi /etc/sysconfig/iptables
# 编辑防火墙配置文件
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
:wq! #保存退出
[root@192 yum.repos.d]# systemctl restart iptables.service
# 最后重启防火墙使配置生效
[root@192 yum.repos.d]# systemctl enable iptables.service
# 设置防火墙开机启动
关闭selinux
# 使配置立即生效
[root@192 yum.repos.d]# setenforce 0
[root@192 yum.repos.d]# vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
:wq! #保存退出
注意:
-
网络配置注意要关闭:IP6,此可能引起不能连网
-
要关闭selinx(tp Runtime不能创建文件由此引起)
网友评论