因项目需要,要将php升级到7,于是将之前的LANMP进行全面升级,centos7.5+nginx1.14+apache2.4.33+php7.2


###初始化系统###

#更新yum源(aliyun)

yum -y install wget
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all
yum makecache
/root/init_system_centos7.sh   #init_system_centos7.sh详细见之前博文

#修改hosts文件

echo "192.168.5.32 web32.blufly.com" >> /etc/hosts
echo "192.168.5.33 web33.blufly.com" >> /etc/hosts

###更新组件###

yum -y groupinstall 'Development Tools'
yum -y install bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg \
libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 \
glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel \
expat-devel libtool libtool-ltdl-devel openssl openssl-devel openldap openldap-devel \
cmake gmp-devel libicu-devel libxslt-devel


###下载安装包###

cd /opt
wget http://mirrors.sohu.com/nginx/nginx-1.14.0.tar.gz
wget http://mirrors.sohu.com/apache/httpd-2.4.33.tar.bz2
wget http://mirrors.sohu.com/php/php-7.2.6.tar.bz2
wget https://mirrors.shuosc.org/apache/apr/apr-1.6.3.tar.bz2
wget https://mirrors.shuosc.org/apache/apr/apr-util-1.6.1.tar.bz2
#jemalloc 优化nginx,内存管理
wget https://github.com/jemalloc/jemalloc/releases/download/5.1.0/jemalloc-5.1.0.tar.bz2
#字符转换库libiconv
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.15.tar.gz
#ImageMagick 是一个图象处理软件。它可以编辑、显示包括JPEG、TIFF、PNM、PNG、GIF和Photo CD在内的绝大多数当今最流行的图象格式
wget http://www.imagemagick.org/download/ImageMagick-7.0.7-35.tar.bz2
#PHP的imagick扩展,用Imagick替代php的GD库
wget http://pecl.php.net/get/imagick-3.4.3.tgz
#Suhosin是一个PHP程序的保护系统
wget https://download.suhosin.org/suhosin-0.9.38.tar.gz
#ionCube - PHP的加密/解密工具
wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
#pcre支持nginx伪静态
wget https://ftp.pcre.org/pub/pcre/pcre-8.42.tar.gz


###------------  安装apache  -------------###

/usr/sbin/groupadd www  
/usr/sbin/useradd -g www www -s /sbin/nologin  
mkdir -p /data/www/{blufly,blog}
mkdir -p /data/logs/{blufly,blog}
chown -R www:www /data/www
chown -R www:www /data/logs 
cd /opt
tar -zxvf pcre-8.42.tar.gz 
cd pcre-8.42 
./configure --prefix=/usr/local/pcre  
make;make install  
cd ../

#安装apr

tar -jvxf apr-1.6.3.tar.bz2
cd apr-1.6.3
./configure --prefix=/usr/local/apr
make;make install

#安装Apr出现的问题rm: cannot remove `libtoolT': No such file or directory

#在configure里面把RM='$RM'改为RM='$RM  -f'

cd /opt
tar -jvxf apr-util-1.6.1.tar.bz2
cd apr-util-1.6.1
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/
make;make install
cd /opt
tar -jxvf httpd-2.4.33.tar.bz2 
cd  httpd-2.4.33

#隐藏apache版本信息

sed -i 's/#define AP_SERVER_BASEPRODUCT "Apache"/#define AP_SERVER_BASEPRODUCT "Microsoft-IIS 5.0"/' include/ap_release.h
sed -i 's/#define PLATFORM "Unix"/#define PLATFORM "win32"/' os/unix/os.h
./configure --prefix=/usr/local/apache \
--enable-deflate \
--enable-headers \
--enable-mime-magic \
--enable-proxy \
--enable-ssl \
--enable-so \
--enable-rewrite \
--enable-suexec \
--with-suexec-bin=/usr/sbin/suexec \
--with-suexec-caller=www \
--with-pcre=/usr/local/pcre/bin/pcre-config \
--with-mpm=prefork \
--with-ssl=/usr \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/
make;make install

#配置自启动文件

cd ../
cp /usr/local/apache/bin/apachectl /etc/init.d/httpd
sed -i '/#!\/bin\/sh/a\# chkconfig: - 85 15\n# description: web server\n# processname: httpd\n# pidfile: /usr/local/apache/logs/httpd.pid\n# config: /usr/local/apache/conf/httpd.conf' /etc/init.d/httpd

#httpd.conf优化

mv /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.bak

#配置mpm_prefork_module

mv /usr/local/apache/conf/extra/httpd-mpm.conf /usr/local/apache/conf/extra/httpd-mpm.conf.bak
cat >>  /usr/local/apache/conf/extra/httpd-mpm.conf < 
    ServerLimit   10000  
    StartServers  5  
    MinSpareServers  5  
    MaxSpareServers  10  
    MaxRequestWorkers  10000  
    MaxConnectionsPerChild 10000  
 
EOF

#配置虚拟主机apache虚拟主机

mv /usr/local/apache/conf/extra/httpd-vhosts.conf /usr/local/apache/conf/extra/httpd-vhosts.conf.bak
cat >>  /usr/local/apache/conf/extra/httpd-vhosts.conf <
    ServerAdmin admin@blufly.com
    DocumentRoot "/data/www/blufly"

    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted

    ServerName www.blufly.com
    ServerAlias blufly.com
    ErrorLog "logs/bufly-error_log"
    CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/blufly/%y_%m_%d.access_log 86400" common

EOF

#设置apache自启动

cd ../
chmod 700 /etc/init.d/httpd
/etc/init.d/httpd start
#nginx启动脚本中已有启动apache的命令
#/sbin/chkconfig --add httpd
#/sbin/chkconfig --level 2345 httpd on


###--------------  安装php  ----------------###

#安装Atomic仓库

wget http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-21.el7.art.noarch.rpm
rpm -ivh atomic-release-1.0-21.el7.art.noarch.rpm
yum -y install php-mcrypt libmcrypt libmcrypt-devel mhash mhash-devel libevent libevent-devel libxml2 \
libxml2-devel bzip2-devel libcurl-devel libjpeg-devel libpng-devel freetype-devel

#安装字符转换库libiconv

cd /opt
tar -zxvf libiconv-1.15.tar.gz
cd libiconv-1.15/
./configure --prefix=/usr/local/libiconv

#make时如果报错:./stdio.h:1010:1: 错误:‘gets’未声明

cd srclib/
sed -i -e '/gets is a security/d' ./stdio.in.h
cd ../
make;make install
cd ../

#编译安装php

tar -jxvf php-7.2.6.tar.bz2
cd php-7.2.6

#configure会报错:configure: error: Cannot find ldap libraries in /usr/lib.

cp -frp /usr/lib64/libldap* /usr/lib/
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--with-apxs2=/usr/local/apache/bin/apxs \
--with-iconv-dir=/usr/local/libiconv \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-libxml-dir \
--with-openssl \
--with-mhash \
--with-pcre-regex \
--with-zlib \
--with-bz2 \
--with-curl \
--with-cdb \
--with-pcre-dir \
--with-gd \
--with-openssl-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir \
--with-freetype-dir \
--with-gettext \
--with-gmp \
--with-mhash \
--with-libmbfl \
--with-onig \
--with-zlib-dir \
--with-readline \
--with-libxml-dir \
--with-xsl \
--with-pear \
--enable-soap \
--enable-bcmath \
--enable-calendar \
--enable-dom \
--enable-exif \
--enable-fileinfo \
--enable-filter \
--enable-ftp \
--enable-json \
--enable-mbstring \
--enable-mbregex \
--enable-mbregex-backtrack \
--enable-pdo \
--enable-session \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx \
--enable-zip \
--enable-mysqlnd-compression-support \
--enable-intl \
--enable-maintainer-zts \
--disable-rpath \
--disable-debug \
--disable-ipv6

#make报错:error while loading shared libraries: libiconv.so.2: cannot open shared object file: No such file or directory

echo "/usr/local/lib" >> /etc/ld.so.conf
/sbin/ldconfig
make 
#如有报 undefined reference to `libiconv_open'
#就用make ZEND_EXTRA_LIBS='-liconv'来进行编译
make install
cd ../
cp php.ini-production /usr/local/php/etc/php.ini

############

#如果编译过程中遇到下列信息:PEAR package PHP_Archive not installed: generated phar will require PHP's phar extension be enabled

#cd /opt
#wget  http://pear.php.net/go-pear.phar 
#/usr/local/php/bin/php go-pear.phar

############

cd ../


#使用pthreads PHP扩展,可以使PHP真正地支持多线程

#要安装pthreads PHP扩展,在编辑php时要加参数 --enable-maintainer-zts 

cd /opt
git clone https://github.com/krakjoe/pthreads.git
cd pthreads
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install


#安装mysql扩展

cd /opt/php-7.2.6/ext
git clone https://github.com/php/pecl-database-mysql mysql --recursive
cd mysql
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install


#修改php.ini配置文件

#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20170718" 
#extension = "mysql.so"


#安装memcached扩展

yum -y install libmemcached libmemcached-devel
cd /opt/php-7.2.6/ext
git clone https://github.com/php-memcached-dev/php-memcached memcached
cd memcached/
git checkout php7
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install

#安装memcache扩展

cd /opt/php-7.2.6/ext
git clone https://github.com/websupport-sk/pecl-memcache memcache
cd memcache
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install

#修改php.ini配置文件

#extension = "memcached.so"
#extension = "memcache.so"
cd /opt
tar -jxvf ImageMagick-7.0.7-35.tar.bz2 
cd ImageMagick-7.0.7-35
./configure --prefix=/usr/local/imagemagick
make;make install
cd ../
tar -zxvf imagick-3.4.3.tgz
cd imagick-3.4.3/
export  PKG_CONFIG_PATH=/usr/local/imagemagick/lib/pkgconfig
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-imagick=/usr/local/imagemagick
make;make install
cd ../
tar -zxvf ioncube_loaders_lin_x86-64.tar.gz
cd ioncube
mkdir /usr/local/ioncube
mv ioncube_loader_lin_7.2.so /usr/local/ioncube/
cd ../

#修改php.ini添加php扩展

sed -i 's#; extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20170718/"\nextension = "memcache.so"\nextension = "memcached.so"\nextension = "mysql.so"\nextension = "pthreads.so"\nextension = "imagick.so"\n#' /usr/local/php/etc/php.ini

#要先添加ionCube扩展

cat >> /usr/local/php/etc/php.ini < 
  

#再添加opcache扩展

cat >> /usr/local/php/etc/php.ini < 
  

#查看php已安装扩展

/usr/local/php/bin/php -m
[PHP Modules]
bcmath
bz2
calendar
Core
ctype
curl
date
dba
dom
exif
fileinfo
filter
ftp
gd
gettext
gmp
hash
iconv
imagick
intl
ionCube Loader
json
libxml
mbstring
memcache
memcached
mysql
mysqli
mysqlnd
openssl
pcre
PDO
pdo_mysql
pdo_sqlite
Phar
posix
readline
Reflection
session
shmop
SimpleXML
soap
sockets
SPL
sqlite3
standard
sysvmsg
sysvsem
sysvshm
tokenizer
wddx
xml
xmlreader
xmlwriter
xsl
Zend OPcache
zip
zlib
[Zend Modules]
Zend OPcache
the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured)

###----------   安装nginx ----------###

#安装jemalloc内存优化工具

tar -jxvf jemalloc-5.1.0.tar.bz2
cd jemalloc-5.1.0
./configure --prefix=/usr/local/jemalloc --libdir=/usr/local/lib
make;make install
echo "/usr/local/lib" > /etc/ld.so.conf.d/local.conf
ldconfig
cd ../
tar -zxvf nginx-1.14.0.tar.gz
cd nginx-1.14.0
./configure --prefix=/usr/local/nginx \
--with-pcre=/opt/pcre-8.42 \
--user=www \
--group=www \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_gzip_static_module \
--with-ld-opt="-ljemalloc" \
--with-http_realip_module
make;make install
cd ../

#添加nginx启动脚本

cat >> /etc/init.d/nginx <&2
 exit 3
 ;;
esac
exit 0
EOF

#添加nginx配置文件

mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
cat >> /usr/local/nginx/conf/nginx.conf < 
  

#将nginx添加到启动服务中

chmod 700 /etc/init.d/nginx
/etc/init.d/nginx start
/sbin/chkconfig --add nginx
/sbin/chkconfig --level 2345 nginx on

#验证jemalloc是否生效,如下 

[root@web32 ~]# yum -y install lsof
[root@web32 ~]# lsof -n | grep jemalloc
nginx       989         root  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2
nginx      1357          www  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2
nginx      1358          www  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2
nginx      1390          www  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2
nginx      1391          www  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2
nginx      1488          www  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2
nginx      1498          www  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2
nginx      1505          www  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2
nginx      1522          www  mem       REG              253,0   4042712   70365103 /usr/local/lib/libjemalloc.so.2

#每天定时切割Nginx日志

cat >> /usr/local/nginx/sbin/cut_nginx_log.sh < 
  
chmod +x /usr/local/nginx/sbin/cut_nginx_log.sh

#添加计划任务,每天凌晨00:00切割nginx访问日志

crontab -e
00 00 * * * /bin/bash  /usr/local/nginx/sbin/cut_nginx_log.sh

#让后端apache获取访客真实的IP,Apache-2.4配置mod_remoteip

LoadModule remoteip_module modules/mod_remoteip.so

RemoteIPHeader X-Real-IP
RemoteIPInternalProxy 127.0.0.1

#后面我们需要修改accesslog的配置,将%h改成%a,以保证我们在日志里面也能看到客户端的正确IP


    LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%a %l %u %t \"%r\" %>s %b" common


#删除7天以前的日志

cat /root/del_log.sh
#!/bin/sh
find /data/logs/ -mtime +7 -type f -exec rm -rf {} \;
chmod +x /root/del_log.sh

#添加计划任务,每天凌晨00:00清理日志

crontab -e
00 00 * * * /bin/bash  /root/del_log.sh