1. LNMP 环境
-- 本文档将搭建基于 LNMP 环境的 discuz 论坛, dedecms 企业网站
1.1 基础环境
- 配置环境:
角色: IP 主机名 操作系统 软件版本
LNMP 192.168.10.13 node10013 CentOS7
- 基础配置 参考博客
https://www.jianshu.com/p/3177c99f1075
1.2 Nginx 软件
-
安装
yum -y install epel-release
yum -y install nginx
配置nginx
1.3 MySQL 安装
-
准备安装目录
mkdir /opt/{app,src}
-
下载
wget -O /opt/src/mysql-5.7.tar.gz https://mirrors.tuna.tsinghua.edu.cn/mysql/downloads/MySQL-5.7/mysql-5.7.23-linux-glibc2.12-x86_64.tar.gz
tar -zxf /opt/src/mysql-5.7.tar.gz -C /opt/app
mv /opt/app/mysql-5.7.23-linux-glibc2.12-x86_64/ /opt/app/mysql57
-
准备配置文件
vim /etc/my.cnf
[mysqld]
user = mysql
bind_address = 127.0.0.1
port = 3306
basedir = /opt/app/mysql57/
datadir = /opt/app/mysql57/data/data
tmpdir = /opt/app/mysql57/data/tmp
socket = /opt/app/mysql57/data/logs/mysql.sock
pid-file = /opt/app/mysql57/data/logs/mysqld.pid
log_error = /opt/app/mysql57/data/logs/error_mysqld.log
character_set_server = utf8
## InnoDB
innodb_file_per_table = ON
innodb_file_format_check = ON
innodb_data_file_path = ibdata1:100M:autoextend
innodb_temp_file_path = ../tmp/ibtmp1:12M:autoextend
innodb_log_group_home_dir = /opt/app/mysql57/data/redolog/
innodb_undo_directory = /opt/app/mysql57/data/undolog/
log_bin = /opt/app/mysql57/data/binlog/mysql_bin
relay_log = /opt/app/mysql57/data/relaylog/relay_log
[client]
socket = /opt/app/mysql57/data/logs/mysql.sock
- 初始化MySQL
# 创建 MySQL 用户和用户组
groupadd -r mysql
useradd -M -g mysql -r -d /dev/null -s /sbin/nologin mysql
# 创建mysql 的 data 目录, 并赋权限
mkdir -p /opt/app/mysql57/data/{binlog,data,logs,redolog,tmp,undolog}
chown -R mysql:mysql /opt/app/mysql57/data/
ln -s /opt/app/mysql57/data/logs/mysql.sock /tmp/mysql.sock
# 初始化 mysql
./bin/mysqld --initialize
- 启动MySQL
/opt/app/mysql57/bin/mysqld_safe --defaults-file=/etc/my.cnf
1.4 安装 PHP
-
下载
wget -O /opt/src/php-5.6.tar.gz http://101.96.10.63/cn2.php.net/distributions/php-5.6.40.tar.gz
-
安装依赖程序
yum -y install libxml2-devel openssl-devel curl-devel libjpeg-devel freetype-devel gmp-devel libmcrypt-devel
源码编译安装 PHP
./configure --prefix=/opt/app/php56 --with-config-file-path=/opt/app/php56/etc --disable-ipv6 --enable-bcmath --enable-dba --enable-ftp --enable-mbstring --enable-sockets --enable-exif --enable-pcntl --enable-soap --enable-zip --with-curl --with-iconv --with-gettext --with-gd --with-gmp --with-freetype-dir --with-jpeg-dir --with-png-dir --with-mcrypt --with-mhash --with-openssl --with-tidy --with-zlib --with-mysqli=mysqlnd --with-mysql=/opt/app/mysql57/ --with-pdo-mysql=mysqlnd --enable-fpm
- 准备 php-fpm 启动程序
cp sapi/fpm/init.d.php-fpm /opt/app/php56/sbin/
chmod +x /opt/app/php56/sbin/init.d.php-fpm
- 准备配置文件
php.ini
...
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE
display_errors = Off
display_startup_errors = Off
log_errors = On
error_log = /opt/app/php56/var/log/php_errors.log
...
+ `php-fpm.conf`
;;;;;;;;;;;;;;;;;;;;;
; FPM Configuration ;
;;;;;;;;;;;;;;;;;;;;;
;; the global prefix /opt/app/php56/
include=etc/php-fpm.d/*.conf
[global]
pid = run/php-fpm.pid
error_log = log/php-fpm.error.log
log_level = notice
emergency_restart_threshold = 60
emergency_restart_interval = 60s
process_control_timeout = 10s
;process.max = 0
;daemonize = yes
rlimit_files = 65000
;rlimit_core = 0
events.mechanism = poll
[web]
user = nginx
group = nginx
;listen = 127.0.0.1:9000
listen = var/run/php_$pool.socket
listen.backlog = 4096
listen.mode = 0666
pm = dynamic
pm.max_children = 300
pm.start_servers = 20
pm.min_spare_servers = 10
pm.max_spare_servers = 20
pm.max_requests = 4000
pm.status_path = /phpstatus
access.format = %t %l - "%m %r%Q%q" - %s %f %{mili}d %{kilo}M %C%%
slowlog = var/log/php.slow.$pool.log
request_slowlog_timeout = 2
request_terminate_timeout = 60
rlimit_files = 10240
catch_workers_output = yes
1.5 安装 Jdk 和 tomcat
-
下载jdk
- 官网:
https://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
- 下载:
wget -O /opt/src/jdk-8u201-linux-x64.tar.gz https://download.oracle.com/otn-pub/java/jdk/8u201-b09/42970487e3af4f5aa5bca3f542482c60/jdk-8u201-linux-x64.tar.gz?AuthParam=1548039137_19e70267ff71b8421fa06c56911e8639
- 官网:
-
如果程序需要JDBC, 可以下载
- 官网
https://dev.mysql.com/downloads/file/?id=480287
- 官网
-
下载 tomcat
wget -O /opt/src/apache-tomcat-9.0.14.tar.gz http://mirrors.shu.edu.cn/apache/tomcat/tomcat-9/v9.0.14/bin/apache-tomcat-9.0.14.tar.gz
解压缩并安装配置
tar zxf jdk-8u131-linux-x64.tar.gz
cp -r jdk1.8.0_131/ /opt/app/jdk1.8
cat <<-EOF >> /etc/profile
export JAVA_HOME=/opt/app/jdk1.8
export CLASSPATH=${JAVA_HOME}/lib
export JRE_HOME=${JAVA_HOME}/jre
export PATH=${JAVA_HOME}/bin:$PATH
EOF
source /etc/profile
- 解压缩并安装
tar zxf /opt/src/apache-tomcat-9.0.14.tar.gz
cp -r /opt/src/apache-tomcat-9.0.14 /opt/app/tomcat
ln -s /opt/app/tomcat/*.sh /opt/bin
catalina.sh start
2. 安装 安装discuz
2.1 准备discuz
- 下载discuz
wget -O /opt/src/Discuz_X2.5_PHP7.0_SC_UTF8.zip http://download.comsenz.com/DiscuzX/2.5/Discuz_X2.5_PHP7.0_SC_UTF8.zip
- 解压并安装
unzip -d /opt/src/discuz /opt/src/Discuz_X2.5_PHP7.0_SC_UTF8.zip
cp /opt/src/discuz/upload /opt/www/
mkdir -p /opt/log/nginx
- MySQL 创建数据库及用户
MySQL [(none)] > CREATE DATABASE ultrax;
MySQL [(none)] > GRANT ALL ON `ultrax`.* TO 'ultraxUser'@'localhost' IDENTIFIED BY 'ultraxPassword';
MySQL [(none)] > FLUSH PRIVILEGES;
-
编辑 discuz 配置文件
cp /opt/www/discuz/config/config_global_default.php /opt/www/discuz/config/config_global.php
cp /opt/www/discuz/config/config_ucenter_default.php /opt/www/discuz/config/config_ucenter.php
设置权限
chown nginx:nginx /opt/www/discuz/data/ /opt/www/discuz/config/ /opt/www/discuz/uc_client/data/ /opt/www/discuz/uc_server/data/
2.2 编辑 nginx
- 编辑配置文件
vim /etc/nginx/conf.d/server.conf
server {
listen 80;
server_name discuz.top;
root /opt/www/discuz;
index index.php;
# 配置静态文件不记录日志, 以及过期时间
location ~ .*\.(gif|jpeg|png|bmp|swf)$ {
expires 3d;
access_log off;
## 配置防盗链
valid_referers none blocked discuz.top www.discuz.top;
if ($invalid_referer) {
return 403;
}
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /opt/www/discuz/$fastcgi_script_name;
fastcgi_pass unix:/opt/app/php56/var/run/php_discuz.socket;
fastcgi_index index.php;
}
access_log /opt/log/nginx/discuz_access.log;
error_log /opt/log/nginx/discuz_error.log;
}
-
启动
systemctl start nginx
-
初始化站点
- windows 修改host 文件
192.168.10.13 discuz.top
192.168.10.13 dedecms.top
- 访问
http://discuz.top/install
- 初始化
3. 安装 dedecms
3.1 下载并安装
-
下载 dedecms
wget -O /opt/src/DedeCMS-V5.7-UTF8-SP2.tar.gz http://updatenew.dedecms.com/base-v57/package/DedeCMS-V5.7-UTF8-SP2.tar.gz
解压缩并安装
tar zxf /opt/src/DedeCMS-V5.7-UTF8-SP2.tar.gz
cp -r /opt/src/DedeCMS-V5.7-UTF8-SP2/uploads/ /opt/www/dedecms
chown -R nginx:nginx /opt/www/dedecms/
3.2 配置服务
- 配置nginx
...
# dedecms
server {
listen 80;
server_name dedecms.top;
root /opt/www/dedecms;
index index.php;
# 配置静态文件不记录日志, 以及过期时间
location ~ .*\.(gif|jpeg|png|bmp|swf)$ {
expires 3d;
access_log off;
# 配置防盗链
valid_referers none blocked dedecms.top www.dedecms.top;
if ($invalid_referer) {
return 403;
}
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /opt/www/dedecms/$fastcgi_script_name;
fastcgi_pass unix:/opt/app/php56/var/run/php_web.socket;
fastcgi_index index.php;
}
access_log /opt/log/nginx/dedecms_access.log;
error_log /opt/log/nginx/dedecms_error.log;
}
...
- 配置数据库
MySQL [(none)] > GRANT ALL ON `dedecms`.* to 'dedecmsUser'@'localhost' IDENTIFIED BY 'dedecmsPassword';
MySQL [(none)] > FLUSH PRIVILEGES;
3.3 启动与初始化
-
重启服务
systemctl restart nginx
init.d.php-fpm restart
-
初始化站点
- 访问
http://dedecms.top/install
- 访问
4. 安装zrlog
4.1 下载与安装
wget -O /opt/src/zrlog-2.1.0-3617b2e-release.war http://dl.zrlog.com/release/zrlog-2.1.0-3617b2e-release.war?attname=ROOT.war&ref=index
4.2 配置 zrlog
- 拷贝文件
mkdir /opt/app/tomcat/myapps
cp /opt/src/ROOT.war /opt/app/tomcat/myapps/
- 修改配置文件
vim /opt/app/tomcat/conf/server.xml
- 修改
<Host> </Host>
段的配置
...
<Host name="localhost" appBase="myapps" unpackWARs="true" autoDeploy="true">
...
- 配置数据库信息
MySQL [(none)] > CREATE DATABASE zrlog;
MySQL [(none)] > GRANT ALL ON zrlog.* to 'zrlogUser'@127.0.0.1 IDENTIFIED BY 'zrlogPassword';
MySQL [(none)] > FLUSH PRIVILEGES;
4.3 启动 初始化zrlog
- 启动 tomcat
catalina.sh stop ; catalina.sh start
- 访问
http://192.168.10.13:8080/
5. 自动切割日志
5.1 nginx 的日志切割
- 日志每日切割, 保留30天
- 使用 logrotate 工具
- 编辑配置文件
/etc/logrotate.d/nginx
- 编辑配置文件
/opt/log/nginx/*log {
create 0644 nginx nginx
daily
rotate 30
missingok
notifempty
compress
sharedscripts
postrotate
/bin/kill -USR1 `cat /var/run/nginx.pid 2>/dev/null` 2> /dev/null || true
endscript
}
5.2 php 日志切割
前面配置php 时, 已设置了 php的 error log, 以及 php-fpm errorlog 和 slow log 记录在
/opt/app/php56/var/log/
中.编辑 logrotate 配置文件
/opt/app/php56/var/log/*log {
daily
rotate 30
missingok
notifempty
compress
sharedscripts
postrotate
kill -USR1 `cat /opt/app/php56/var/run/php-fpm.pid 2> /dev/null` 2> /dev/null || true
endscript
}
5.3 写入crontab
- 写入 crontab 中 定时运行
cat <<-EOF >> /var/spool/cron/root
01 0 * * * /usr/sbin/logrotate -f /etc/logrotate.d/nginx
01 0 * * * /usr/sbin/logrotate -f /etc/logrotate.d/php
EOF
5.6 站点后台二次认证
- 安装 httpd-tools 工具组(需要 htpasswd 工具)
yum -y install httpd-tools
- 生成认证用户
[root@node10013 nginx]# htpasswd -c /etc/nginx/passwd.db fangfc
New password:
Re-type new password:
Adding password for user fangfc
[root@node10013 nginx]#
- 配置nginx 配置文件
- 配置 admin.php 页面的用户认证,
- 需要注意的是
location ~ admin\.php${}
需要在location ~ \.php$ {}
段落其那面, - 并且
location ~ admin\.php${}
段落内需要设置 php代理地址
- 需要注意的是
## discuz
server {
listen 80;
server_name discuz.top;
root /opt/www/discuz;
index index.php;
...
location ~ admin\.php$ {
auth_basic "User Authorize";
auth_basic_user_file /etc/nginx/passwd.db;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /opt/www/discuz/$fastcgi_script_name;
fastcgi_pass unix:/opt/app/php56/var/run/php_discuz.socket;
fastcgi_index index.php;
}
location ~ \.php$ {....}
....
}
# dedecms
server {
listen 80;
server_name dedecms.top;
root /opt/www/dedecms;
...
location /dede {
auth_basic "User Authorize";
auth_basic_user_file /etc/nginx/passwd.db;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /opt/www/dedecms/$fastcgi_script_name;
fastcgi_pass unix:/opt/app/php56/var/run/php_web.socket;
fastcgi_index index.php;
}
location ~ \.php$ { ... }
...
}
END