本地CentOS服务器搭建(上)

无一日敢懈怠，无一事敢马虎 —— 易中天

HTTP服务器

安装vim

[root@localhost ~]# yum install vim –y

安装httpd和httpd-manual包

[root@localhost ~]# yum install httpd httpd-manual

写配置文件

[root@localhost ~]# cd /etc/httpd/conf.d/
[root@localhost conf.d]# cat default.conf 
<VirtualHost _default_:80>
        ServerName server.local.com
        DocumentRoot /var/www/html
</VirtualHost>
<Directory /var/www/html>
        Require all granted
</Directory>

启动服务，添加防火墙规则

[root@localhost conf.d]# systemctl start httpd
[root@localhost conf.d]# systemctl enable httpd
[root@localhost conf.d]# firewall-cmd --list-all-zones
[root@localhost conf.d]# firewall-cmd --permanent --add-service=http --zone=public
success
[root@localhost conf.d]# firewall-cmd --reload
success

随便写一个index.html测试一下

[root@localhost conf.d]# cd /var/www/html
[root@localhost html]# cat index.html 
hello

打开浏览器

image.png

现在用server.local.com访问不了
进入C:\Windows\System32\drivers\etc修改下hosts
在最后加上

192.168.182.138 server.local.com

image.png

配置虚拟主机

[root@localhost www]# cd /etc/httpd/conf.d
[root@localhost conf.d]# vim virtual.conf 
<VirtualHost *:80>
        ServerName vhost.example.com
        DocumentRoot /var/www/vhost
</VirtualHost>
<Directory /var/www/vhost>
        Require all granted
</Directory>
~
~
~
~
"virtual.conf" 7L, 154C written                               
[root@localhost conf.d]# mkdir /var/www/vhost
[root@localhost conf.d]# cd /var/www/vhost/
[root@localhost vhost]# touch index.html
[root@localhost vhost]# echo "This is vhost." > index.html
[root@localhost vhost]# systemctl restart httpd
[root@localhost vhost]# vim /etc/hosts
[root@localhost vhost]# tail -n 1 /etc/hosts
192.168.182.138 vhost.example.com

进入C:\Windows\System32\drivers\etc修改下hosts

192.168.182.138 server.local.com
192.168.182.138 vhost.example.com

访问http://vhost.example.com/

image.png

修改主机名

[root@vhost ~]# hostnamectl set-hostname server
[root@vhost ~]# logout

[root@server ~]#

安装FTP

[root@server ~]# yum install vsftpd –y
[root@server ~]# vim /etc/vsftpd/vsftpd.conf
…
…
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
# When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access
anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
…
…
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#
# This directive enables listening on IPv6 sockets. By default, listening
# on the IPv6 "any" address (::) will accept connections from both IPv6
# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
# sockets. If you want that (perhaps because you want to listen on specific
# addresses) then you must run two copies of vsftpd with two configuration
# files.
# Make sure, that one of the listen options is commented !!
listen_ipv6=NO

pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
"/etc/vsftpd/vsftpd.conf" 127L, 5030C written
[root@server ~]# chmod 777 /var/ftp/pub/
[root@server ~]# getsebool -a |grep ftp
ftpd_anon_write --> off
ftpd_connect_all_unreserved --> off
ftpd_connect_db --> off
ftpd_full_access --> off
ftpd_use_cifs --> off
ftpd_use_fusefs --> off
ftpd_use_nfs --> off
ftpd_use_passive_mode --> off
httpd_can_connect_ftp --> off
httpd_enable_ftp_server --> off
tftp_anon_write --> off
tftp_home_dir --> off
[root@server ~]# setsebool -P ftpd_full_access on
[root@server ~]# setsebool -P tftp_home_dir on
[root@server ~]# systemctl start vsftpd
[root@server ~]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
[root@server ~]# firewall-cmd --permanent --add-service=ftp --zone=public
success
[root@server ~]# firewall-cmd --permanent --add-port=21/tcp --zone=public
success
[root@server ~]# firewall-cmd --reload
success
[root@server ~]#

image.png

新建用户ftpuser实现下载

[root@server ~]# useradd -s /sbin/nologin -d /var/ftp/www ftpuser
[root@server ~]# passwd ftpuser
Changing password for user ftpuser.
New password: 
BAD PASSWORD: The password is shorter than 8 characters
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@server ~]#

image.png

现在有两个目录了，pub可以直接进，但www需要用户名和密码才能进
格式为ftp://username:password@xxx.xxx.xxx.xxx:port

[root@server ftp]# ls -R
.:
pub  www

./pub:

./www:
jdk-8u111-linux-x64.tar.gz
[root@server ftp]#

image.png

用ftpuser给pub和www上传的文件就都能下载了

Tomcat

Tomcat下载

[root@server ~]# cd /var/ftp/pub/
[root@server pub]# ll
total 185980
-rw-r--r--. 1 ftpuser ftpuser   8997403 Jan 22 15:17 apache-tomcat-7.0.82.tar.gz
-rw-r--r--. 1 ftpuser ftpuser 181442359 Jan 22 11:51 jdk-8u111-linux-x64.tar.gz
[root@server pub]# tar -zxvf apache-tomcat-7.0.82.tar.gz -C /opt/
[root@server pub]# tar -zxvf jdk-8u111-linux-x64.tar.gz -C /opt/
[root@server pub]# cd /opt/
[root@server opt]# ll
total 0
drwxr-xr-x. 9 root root 160 Jan 22 15:18 apache-tomcat-7.0.82
drwxr-xr-x. 8   10  143 255 Sep 23  2016 jdk1.8.0_111
[root@server opt]# mv jdk1.8.0_111/ jdk1.8
[root@server opt]# mv apache-tomcat-7.0.82/ tomcat7.0
[root@server opt]# ll
total 0
drwxr-xr-x. 8   10  143 255 Sep 23  2016 jdk1.8
drwxr-xr-x. 9 root root 160 Jan 22 15:18 tomcat7.0
[root@server opt]#
[root@server pub]# cd /opt/
[root@server opt]# ll
total 0
drwxr-xr-x. 9 root root 160 Jan 22 15:18 apache-tomcat-7.0.82
drwxr-xr-x. 8   10  143 255 Sep 23  2016 jdk1.8.0_111
[root@server opt]# mv jdk1.8.0_111/ jdk1.8
[root@server opt]# mv apache-tomcat-7.0.82/ tomcat7.0
[root@server opt]# ll
total 0
drwxr-xr-x. 8   10  143 255 Sep 23  2016 jdk1.8
drwxr-xr-x. 9 root root 160 Jan 22 15:18 tomcat7.0
[root@server opt]# cd jdk1.8/
[root@server jdk1.8]# pwd
/opt/jdk1.8
[root@server jdk1.8]# cd ../tomcat7.0/
[root@server tomcat7.0]# pwd
/opt/tomcat7.0
[root@server tomcat7.0]# vim /etc/profile
##########################
# jdk1.8
export JAVA_HOME=/opt/jdk1.8
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=.:$CLASSPATH:$JAVA_HOME/lib:$JRE_HOME/lib
export PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
"/etc/profile" 83L, 1998C written                           
[root@server tomcat7.0]# source /etc/profile
[root@server tomcat7.0]# java -version
java version "1.8.0_111"
Java(TM) SE Runtime Environment (build 1.8.0_111-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.111-b14, mixed mode)
[root@server tomcat7.0]#
[root@server tomcat7.0]# cd bin/
[root@server bin]# firewall-cmd --permanent --add-port=8080/tcp --zone=public
success
[root@server bin]# firewall-cmd --reload
success
[root@server bin]# ./startup.sh 
Using CATALINA_BASE:   /opt/tomcat7.0
Using CATALINA_HOME:   /opt/tomcat7.0
Using CATALINA_TMPDIR: /opt/tomcat7.0/temp
Using JRE_HOME:        /opt/jdk1.8/jre
Using CLASSPATH:       /opt/tomcat7.0/bin/bootstrap.jar:/opt/tomcat7.0/bin/tomcat-juli.jar
Tomcat started.
[root@server bin]#

浏览器访问

每次开机后的启动和关闭

[root@server ~]# cd /opt/tomcat7.0/bin/
[root@server bin]# ./startup.sh 
Using CATALINA_BASE:   /opt/tomcat7.0
Using CATALINA_HOME:   /opt/tomcat7.0
Using CATALINA_TMPDIR: /opt/tomcat7.0/temp
Using JRE_HOME:        /opt/jdk1.8/jre
Using CLASSPATH:       /opt/tomcat7.0/bin/bootstrap.jar:/opt/tomcat7.0/bin/tomcat-juli.jar
Tomcat started.
[root@server bin]# ./shutdown.sh 
Using CATALINA_BASE:   /opt/tomcat7.0
Using CATALINA_HOME:   /opt/tomcat7.0
Using CATALINA_TMPDIR: /opt/tomcat7.0/temp
Using JRE_HOME:        /opt/jdk1.8/jre
Using CLASSPATH:       /opt/tomcat7.0/bin/bootstrap.jar:/opt/tomcat7.0/bin/tomcat-juli.jar

开机启动

[root@server ~]# chmod +x /etc/rc.d/rc.local 
[root@server ~]# vim /etc/rc.d/rc.local
touch /var/lock/subsys/local

export JAVA_HOME=/opt/jdk1.8
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=.:$CLASSPATH:$JAVA_HOME/lib:$JRE_HOME/lib
export PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
/opt/tomcat7.0/bin/startup.sh

MySQL安装

MySQL5.7下载

[root@server ~]# cd /var/ftp/www/; ll
total 28
-rw-r--r--. 1 ftpuser ftpuser 25680 Jan 23 20:07 mysql57-community-release-el7-11.noarch.rpm
[root@server www]# yum localinstall mysql57-community-release-el7-11.noarch.rpm –y
[root@server www]# yum repolist enabled |grep mysql
mysql-connectors-community/x86_64       MySQL Connectors Community           42
mysql-tools-community/x86_64            MySQL Tools Community                55
mysql57-community/x86_64                MySQL 5.7 Community Server          247
[root@server www]# vim /etc/yum.repos.d/mysql-community.repo
[mysql57-community]
name=MySQL 5.7 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.7-community/el/7/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
[root@server www]# yum install mysql-community-server –y
[root@server www]# systemctl start mysqld
[root@server www]# systemctl enable mysqld
[root@server www]# grep 'temporary password' /var/log/mysqld.log
2018-01-23T12:15:18.783223Z 1 [Note] A temporary password is generated for root@localhost: Cl4Vnz+Nawrb
[root@server www]# mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.21

Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'MySQLKey95!';
Query OK, 0 rows affected (0.00 sec)

mysql> show variables like '%password%';
+---------------------------------------+--------+
| Variable_name                         | Value  |
+---------------------------------------+--------+
| default_password_lifetime             | 0      |
| disconnect_on_expired_password        | ON     |
| log_builtin_as_identified_by_password | OFF    |
| mysql_native_password_proxy_users     | OFF    |
| old_passwords                         | 0      |
| report_password                       |        |
| sha256_password_proxy_users           | OFF    |
| validate_password_check_user_name     | OFF    |
| validate_password_dictionary_file     |        |
| validate_password_length              | 8      |
| validate_password_mixed_case_count    | 1      |
| validate_password_number_count        | 1      |
| validate_password_policy              | MEDIUM |
| validate_password_special_char_count  | 1      |
+---------------------------------------+--------+
14 rows in set (0.01 sec)

mysql> show variables like '%character%';
+--------------------------+----------------------------+
| Variable_name            | Value                      |
+--------------------------+----------------------------+
| character_set_client     | utf8                       |
| character_set_connection | utf8                       |
| character_set_database   | latin1                     |
| character_set_filesystem | binary                     |
| character_set_results    | utf8                       |
| character_set_server     | latin1                     |
| character_set_system     | utf8                       |
| character_sets_dir       | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.00 sec)

mysql> exit
Bye 
[root@server www]# vim /etc/my.cnf
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

# custom
character_set_server=utf8
init_connect='SET NAMES utf8'

# policy        check
# 0 or LOW      Length
# 1 or MEDIUM   Length; numeric, lowercase/uppercase, and special characters
# 2 or STRONG   Length; numeric, lowercase/uppercase, and special characters; dictionary file
# 0(LOW), 1(MEDIUM), 2(STRONG)
# validate_password_policy=0
# validate_password = off
~
"/etc/my.cnf" 39L, 1329C written

添加远程登陆用户wangzc

[root@server www]# mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.21 MySQL Community Server (GPL)

Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> GRANT ALL PRIVILEGES ON *.* TO 'wangzc'@'%' IDENTIFIED BY 'MySQLKey95!' WITH GRANT OPTION;
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> exit
Bye
[root@server www]# firewall-cmd --permanent --add-service=mysql --zone=public
success
[root@server www]# firewall-cmd --reload
success

Windows上

mysql –h 192.168.182.138 –u wangzc –p

image.png

PHP7.1安装

yum源安装，不推荐

[root@server ~]# rpm -qa |grep php
[root@server ~]# rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Retrieving https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
warning: /var/tmp/rpm-tmp.yrdW2a: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:epel-release-7-11                ################################# [100%]
[root@server ~]# rpm -Uvh http://mirror.webtatic.com/yum/el7/webtatic-release.rpm
Retrieving http://mirror.webtatic.com/yum/el7/webtatic-release.rpm
warning: /var/tmp/rpm-tmp.uvIjq4: Header V4 RSA/SHA1 Signature, key ID 62e74ca5: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:webtatic-release-7-3             ################################# [100%]
[root@server ~]# yum list --enablerepo=webtatic |grep php
[root@server ~]# yum search php71w
[root@server ~]# yum install php71w –y              # 基础
[root@server ~]# yum install php71w-fpm –y          # nginx连接使用
[root@server ~]# yum install php71w-mbstring –y      # 宽字节
[root@server ~]# yum install php71w-mysqlnd –y      # mysql相关
[root@server ~]# yum install php71w-pecl-redis –y     # redis扩展
[root@server ~]# yum install php71w-mcrypt –y       # 加密使用
[root@server ~]# yum install php71w-opcache –y      # 性能加速 php5.5 以上使用
[root@server ~]# systemctl restart httpd
[root@server ~]# cd /var/www/html/
[root@server html]# ll
total 4
-rw-r--r--. 1 root root 6 Jan 18 21:07 index.html
[root@server html]# rm -f index.html 
[root@server html]# ll
total 0
[root@server html]# touch index.php
[root@server html]# vim index.php 
<?php
  phpinfo();
?>
~
~
~
"index.php" 3L, 22C written                                             
[root@server html]#

image.png

源码编译安装
PHP7.1.13下载

[root@server ~]# cd /var/ftp/www/;ll
total 29140
-rw-r--r--. 1 ftpuser ftpuser    25680 Jan 23 20:07 mysql57-community-release-el7-11.noarch.rpm
-rw-r--r--. 1 ftpuser ftpuser 19424349 Jan 23 20:32 php-7.1.13.tar.gz
-rw-r--r--. 1 ftpuser ftpuser 10382444 Jan 23 20:32 phpMyAdmin-4.7.7-all-languages.tar.gz
[root@server www]#
[root@server www]# tar -zxvf php-7.1.13.tar.gz -C /opt/
[root@server www]# cd /opt/php-7.1.13/
[root@server php-7.1.13]# yum install gcc –y
[root@server php-7.1.13]# yum install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel –y
[root@server php-7.1.13]# yum install epel-release –y
[root@server php-7.1.13]# yum install libmcrypt-devel –y
[root@server php-7.1.13]# yum install httpd-devel -y
[root@server php-7.1.13]# ./configure --prefix=/usr/local/php --with-config-file-path=/etc --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-libxml-dir --with-xmlrpc --with-apxs2=/usr/bin/apxs --enable-pcntl --with-openssl --with-mcrypt --with-mhash --with-pcre-regex --with-sqlite3 --with-zlib --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --with-cdb --enable-dom --enable-exif --enable-fileinfo --enable-filter --with-pcre-dir --enable-ftp --with-gd --with-openssl-dir --with-jpeg-dir --with-png-dir --with-zlib-dir --with-freetype-dir --enable-gd-native-ttf --enable-gd-jis-conv --with-gettext --with-gmp --with-mhash --enable-json --enable-mbstring --enable-mbregex --enable-mbregex-backtrack --with-libmbfl --with-onig --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-zlib-dir --with-pdo-sqlite --with-readline --enable-session --enable-shmop --enable-simplexml --enable-sockets --enable-sysvmsg --enable-sysvsem --enable-sysvshm --enable-wddx --with-libxml-dir --with-xsl --enable-zip --enable-mysqlnd-compression-support --with-pear --enable-opcache
[root@server php-7.1.13]# make && make install
[root@server php-7.1.13]# vim /etc/profile
# PHP7.1
export PATH=$PATH:/usr/local/php/bin
"/etc/profile" 86L, 2045C written                                       
[root@server php-7.1.13]# source /etc/profile
[root@server php-7.1.13]# php -v
PHP 7.1.13 (cli) (built: Jan 23 2018 21:15:09) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.1.0, Copyright (c) 1998-2017 Zend Technologies
[root@server php-7.1.13]# cp php.ini-production /etc/php.ini

以下操作需要安装nginx

[root@server php-7.1.13]# cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
[root@server php-7.1.13]# cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf
[root@server php-7.1.13]# cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/
[root@server php-7.1.13]# systemctl start php-fpm # 需要用户nginx
[root@server php-7.1.13]# systemctl enable php-fpm

Apache能解析PHP

[root@server ~]# vim /etc/httpd/conf/httpd.conf
…
…
#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
    DirectoryIndex index.html index.htm index.php
</IfModule>
…
…
    #AddEncoding x-compress .Z
    #AddEncoding x-gzip .gz .tgz
    #
    # If the AddEncoding directives above are commented-out, then you
    # probably should define those extensions to indicate media types:
    #
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType application/x-httpd-php .php
[root@server ~]# cd /var/www/html/
[root@server html]# ll
total 4
-rw-r--r--. 1 root root 6 Jan 18 21:07 index.html
[root@server html]# rm -f index.html 
[root@server html]# touch index.php
[root@server html]# cat index.php 
<?php
  phpinfo();
?>
[root@server html]# systemctl restart httpd
[root@server html]#

image.png

phpMyAdmin

phpMyAdmin4.7.7下载

[root@server html]# cd /var/ftp/www/
[root@server www]# ll
total 29140
-rw-r--r--. 1 ftpuser ftpuser    25680 Jan 23 20:07 mysql57-community-release-el7-11.noarch.rpm
-rw-r--r--. 1 ftpuser ftpuser 19424349 Jan 23 20:58 php-7.1.13.tar.gz
-rw-r--r--. 1 ftpuser ftpuser 10382444 Jan 23 20:58 phpMyAdmin-4.7.7-all-languages.tar.gz
[root@server www]# tar -zxvf phpMyAdmin-4.7.7-all-languages.tar.gz -C /var/www/html/
[root@server www]# cd /var/www/html/
[root@server html]# ll
total 12
-rw-r--r--.  1 root root   22 Jan 23 21:50 index.php
drwxr-xr-x. 12 root root 4096 Dec 23 21:50 phpMyAdmin-4.7.7-all-languages
[root@server html]# mv phpMyAdmin-4.7.7-all-languages/ phpmyadmin
[root@server ~]# cd /var/www/html/phpmyadmin/
[root@server phpmyadmin]# cd libraries/
[root@server libraries]# vim config.default.php
…
…
/**
 * MySQL hostname or IP address
 *
 * @global string $cfg['Servers'][$i]['host']
 */
$cfg['Servers'][$i]['host'] = '127.0.0.1';
…
…
$cfg['blowfish_secret'] = 'I3W26a3ng9ZC1wi235ll43be5Ad36mi66ted09!';
…
…
[root@server ~]# setsebool -P httpd_can_network_connect_db on

image.png

静态IP

image.png

[root@server ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.182.138
GATEWAY=192.168.182.2
[root@server ~]# reboot