shell,Linux,security,nginx,network,http,web

编译安装OpenResty+PHP环境

编译安装openresty

  • 准备相关软件包
wget https://openresty.org/download/openresty-1.15.8.1.tar.gz
git clone https://github.com/madler/zlib.git
wget https://launchpad.net/drizzle/7.2/7.2.4/+download/drizzle-7.2.4-alpha.tar.gz
wget https://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gz
wget https://www.php.net/distributions/php-7.3.6.tar.bz2
  • 解决依赖关系
 yum install -y gcc gcc-c++ perl-devel perl-ExtUtils-Embed openssl-devel postgresql-devel libxml2-devel libxslt-devel gd-devel GeoIP-devel pcre pcre-devel
  • 如果启用了--with-http_drizzle_module参数,则需要如下配置
tar xzvf drizzle7-2011.07.21.tar.gz
cd drizzle7-2011.07.21/
./configure --without-server
make libdrizzle-1.0
make install-libdrizzle-1.0
  • 创建openresty运行用户
groupadd -r nginx
useradd nginx -g nginx -r -s /sbin/nologin
  • 编译前配置
./configure \
--user=nginx \
--group=nginx \
--with-http_iconv_module \
--with-http_drizzle_module \
--with-http_postgres_module \
--with-threads \
--with-file-aio \
--with-http_realip_module \
--with-http_addition_module \
--with-http_auth_request_module \
--with-http_xslt_module \
--with-http_image_filter_module \
--with-http_geoip_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_gzip_static_module \
--with-http_auth_request_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_perl_module \
--with-http_ssl_module \
--with-zlib=/app/software/zlib \
--with-pcre=/app/software/pcre-8.43
  • 编译安装
gmake && gmake install
  • 为openresty提供启动脚本
vim /etc/init.d/nginx

#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig:   - 85 15
# description:  Nginx is an HTTP(S) server, HTTP(S) reverse \
#               proxy and IMAP/POP3 proxy server
# processname: nginx
# config:      /usr/local/openresty/nginx/conf/nginx.conf
# pidfile:     /usr/local/openresty/nginx/logs/nginx.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0

nginx="/usr/local/openresty/nginx/sbin/nginx"
prog=$(basename $nginx)

NGINX_CONF_FILE="/usr/local/openresty/nginx/conf/nginx.conf"

[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx

lockfile=/var/lock/subsys/nginx

make_dirs() {
   # make required directories
   user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
   if [ -z "`grep $user /etc/passwd`" ]; then
       useradd -M -s /bin/nologin $user
   fi
   options=`$nginx -V 2>&1 | grep 'configure arguments:'`
   for opt in $options; do
       if [ `echo $opt | grep '.*-temp-path'` ]; then
           value=`echo $opt | cut -d "=" -f 2`
           if [ ! -d "$value" ]; then
               # echo "creating" $value
               mkdir -p $value && chown -R $user $value
           fi
       fi
   done
}

start() {
    [ -x $nginx ] || exit 5
    [ -f $NGINX_CONF_FILE ] || exit 6
    make_dirs
    echo -n $"Starting $prog: "
    daemon $nginx -c $NGINX_CONF_FILE
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}

stop() {
    echo -n $"Stopping $prog: "
    killproc $prog -QUIT
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}

restart() {
    configtest || return $?
    stop
    sleep 3
    start
}

reload() {
    configtest || return $?
    echo -n $"Reloading $prog: "
    killproc $nginx -HUP
    RETVAL=$?
    echo
}

force_reload() {
    restart
}

configtest() {
  $nginx -t -c $NGINX_CONF_FILE
}

rh_status() {
    status $prog
}

rh_status_q() {
    rh_status >/dev/null 2>&1
}

case "$1" in
    start)
        rh_status_q && exit 0
        $1
        ;;
    stop)
        rh_status_q || exit 0
        $1
        ;;
    restart|configtest)
        $1
        ;;
    reload)
        rh_status_q || exit 7
        $1
        ;;
    force-reload)
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
            ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
        exit 2
esac

chmod +x /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on

### 编译安装php

  • 解决依赖关系
yum install -y libxml2-devel bzip2-devel libcurl-devel gd-devel gmp-devel libmcrypt-devel
  • 预编译
./configure --prefix=/usr/local/php73 \
--with-fpm-user=nginx \
--with-fpm-group=nginx \
--with-config-file-path=/usr/local/php73/conf \
--enable-mysqlnd \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-openssl \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-mcrypt \
--with-mhash \
--with-gmp \
--with-curl \
--with-bz2 \
--with-libxml-dir \
--with-xmlrpc \
--with-zlib-dir \
--with-gd \
--with-pcre-dir \
--enable-soap \
--with-gettext
--with-config-file-scan-dir=/usr/local/php73/php.d \
--enable-mbstring \
--enable-xml \
--enable-fpm \
--enable-sockets \
--enable-exif \
--enable-mbstring \
--enable-bcmath \
--enable-maintainer-zts \
--disable-fileinfo
--enable-ftp \
--enable-zip \
--enable-gd-native-ttf \
--enable-inline-optimization
  • 编译安装
make && make install
  • 准备PHP配置文件以及服务脚本
cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/php-fpm.service
cp php.ini-production /usr/local/php73/etc/php.ini
cp /usr/local/php73/etc/php-fpm.conf.default /usr/local/php73/etc/php-fpm.conf
cp /usr/local/php73/etc/php-fpm.d/www.conf.default /usr/local/php73/etc/php-fpm.d/www.conf
sed -i 's@user = nobody@user = nginx@' /usr/local/php73/etc/php-fpm.d/www.conf
sed -i 's@group = nobody@group = nginx@' /usr/local/php73/etc/php-fpm.d/www.conf
sed -i 's@;listen.mode = 0660@listen.mode = 0666@' /usr/local/php73/etc/php-fpm.d/www.conf
sed -i 's@listen = 127.0.0.1:9000@listen = /var/run/php-fpm.sock@' /usr/local/php73/etc/php-fpm.d/www.conf
  • 启动php-fpm
systemctl start php-fpm
systemctl enable php-fpm

配置openresty支持php

  • 修改nginx配置文件,启用php支持
vim /usr/local/openresty/nginx/conf/nginx.conf

 #启用下述配置
 location ~ \.php$ {
    root           html;
    fastcgi_pass   127.0.0.1:9000;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include        fastcgi.conf;
}
微信扫一扫,向我赞赏

微信扫一扫,向我赞赏

微信扫一扫,向我赞赏

支付宝扫一扫,向我赞赏

回复

This is just a placeholder img.