CentOS6 yum方式安装lnmp

本文打造易于复制粘贴的lnmp安装方法。

相比较其他编译安装的教程，本文解除了软件版本锁定，理论上，永远安装的是最新稳定版且支持软件升级。

编译教程在写作时往往使用当时的最新稳定版软件，但是稍过时日，新的漏洞出来，很快会将读者带入危险，因为软件已经过时了。严重不建议新手使用编译方法安装lnmp。

环境CentOS 6.5 x64

安装第三方软件源(epel、nginx、remi)

rpm -ivh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

yum一键安装lnmp

yum install nginx mysql mysql-server php-fpm php-mysql php-cli php-gd  php-xml  php-mbstring php-mcrypt  php-zendopcache --enablerepo=epel,nginx,remi

php参数配置

sed -i '/expose_php/{s/On/Off/g}' /etc/php.ini
sed -i '/display_errors/{s/On/Off/g}' /etc/php.ini
sed -i '/php_errors.log/{s/;//g}' /etc/php.ini
sed -i '/file_uploads/{s/On/Off/g}' /etc/php.ini
sed -i '/allow_url_fopen/{s/On/Off/g}' /etc/php.ini
sed -i '/allow_url_include/{s/On/Off/g}' /etc/php.ini
sed -i '/;date.timezone/{s/;//g;s/=/= Asia\/Shanghai/g}' /etc/php.ini
sed -i '/cgi.fix_pathinfo\=/{s/;//g;s/1/0/g}' /etc/php.ini
sed -i '/memory_limit/{s/128/64/g}' /etc/php.ini
sed -i '/safe_mode/{s/Off/On/g}' /etc/php.ini

php-fpm配置

sed -i 's/apache/nginx/g' /etc/php-fpm.d/www.conf
sed -i '/request_terminate_timeout/{s/;//g;s/0/30/g}' /etc/php-fpm.d/www.conf

内核优化

echo "net.ipv6.conf.all.disable_ipv6 = 1"       >> /etc/sysctl.conf
echo "vm.swappiness = 25"           >> /etc/sysctl.conf
echo "net.ipv4.route.max_size = 524288 "        >> /etc/sysctl.conf
echo "net.core.somaxconn = 10240"           >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_syn_backlog = 204800"    >> /etc/sysctl.conf
echo "net.core.netdev_max_backlog =  204800"    >> /etc/sysctl.conf
echo "net.ipv4.ip_local_port_range = 1024   65535"   >> /etc/sysctl.conf

echo "ulimit -SHn 65535" >> /etc/profile
cat >> /etc/security/limits.conf < 
  

 
  

 
  
nginx基本优化
 
  
sed -i '/worker_processes/{s/1/4/g}' /etc/nginx/nginx.conf
sed -i '/worker_processes/a\ worker_rlimit_nofile 65535;' /etc/nginx/nginx.conf
sed -i '/worker_connections/{s/1024/10240/g}' /etc/nginx/nginx.conf
sed -i '/sendfile/a\ server_tokens off;' /etc/nginx/nginx.conf
sed -i '/version/{s/\/\$nginx_version//g}' /etc/nginx/fastcgi_params
sed -i '/events/a\    use epoll;' /etc/nginx/nginx.conf
 
  
 
  

 
  
nginx的fpm基本配置，找到FASTCGI选项，去掉注释，修改下面这样
 
  
 
  
location ~ \.php$ {
    root  /var/www/html;
    fastcgi_pass  127.0.0.1:9000;
    #fastcgi_pass  unix:/tmp/php-fpm.sock;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include  fastcgi_params;
}
 
  

 
  

 
  
nginx页面设置
 
  
 
  
mkdir -p /var/www/html
sed -i 's#/usr/share/nginx/html#/var/www/html#g' /etc/nginx/conf.d/default.conf
sed -i 's/index.html/& index.php/' /etc/nginx/nginx.conf
echo "" >/var/www/html/index.php
 
  

 
  
mysql配置
 
  
有条件的话，给mysql单独分个区作为datadir
 
  
[mysqld]
 
  
datadir=/data
 
  
其他参数可以参考/usr/share/mysql下的示例文件
 
  

 
  
mysql基本加固，（设置密码，限制访问等）
 
  
 
  
mysql_secure_installation
 
  

 
  
iptables防火墙，需要根据自己设置，下面仅仅是个示例
 
  
cat >/root/firewall.sh < 
  

 
  

 
  
启动服务
 
  
chkconfig nginx on
chkconfig php-fpm on
chkconfig mysqld on
/etc/init.d/php-fpm start
/etc/init.d/mysqld start
/etc/init.d/nginx start
 
  

 
  
通过浏览器访问系统IP应该就已经能够看到php信息了。
 
  

 
  
--last update 2014-1-1