标签:lnmp搭建 web
作为 Web 服务器:相比 Apache,Nginx 使用更少的资源,支持更多的并发连接,体现更高的效率。
作为负载均衡服务器:Nginx 既可以在内部直接支持Rails和PHP,也可以支持作为 HTTP代理服务器对外进行服务。Nginx 用C编写,不论是系统资源开销还是CPU使用效率都比Perlbal要好的多。
作为邮件代理服务器:Nginx同时也是一个非常优秀的邮件代理服务器(最早开发这个产品的目的之一也是作为邮件代理服务器),Last/fm 描述了成功并且美妙的使用经验。
Nginx安装非常的简单,配置文件非常简洁(还能够支持perl语法)。Nginx支持平滑加载新的配置,还能够在不间断服务的情况下进行软件版本的升级。
建立一个软件包目录存放
mkdir -p /usr/local/src/
清理已经安装包
rpm -e httpd rpm -e mysql rpm -e php yum -y remove httpd yum -y remove mysql yum -y remove php #搜索apache包 rpm -qa http* #强制卸载apache包 rpm -e --nodeps 查询出来的文件名 #检查是否卸载干净 rpm -qa|grep http*
selinux可能会致使编译安装失败,我们先禁用它。永久禁用,需要重启生效
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g‘ /etc/selinux/config
临时禁用,不需要重启 setenforce 0
安装必备工具
yum -y install make gcc gcc-c++ gcc-g77 flex bison file libtool libtool-libs autoconf kernel-devel libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glib2 glib2-devel bzip2 bzip2-devel libevent libevent-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel gettext gettext-devel ncurses-devel gmp-devel pspell-devel unzip libcap lsof
按照标准需要给mysql创建所属用户和用户组
创建群组 groupadd mysql 创建一个用户,不允许登陆和不创主目录 useradd -s /sbin/nologin -g mysql -M mysql 检查创建用户 tail -1 /etc/passwd
centos最小化安装后,会有mysql的库因此先卸载!
检查安装与否 rpm -qa|grep mysql 强制卸载 rpm -e mysql-libs-5.1.73-3.el6_5.x86_64 --nodeps
MySQL从5.5版本开始,通过./configure进行编译配置方式已经被取消,取而代之的是cmake工具。 因此,我们首先要在系统中源码编译安装cmake工具。
wget http://www.cmake.org/files/v2.8/cmake-2.8.12.2.tar.gz tar zxvf cmake-2.8.12.2.tar.gz cd cmake-2.8.12.2 ./configure make && make install
使用cmake来编译安装mysql5.6.17
wget http://dev.mysql.com/get/Downloads/MySQL-5.6/mysql-5.6.17.tar.gz tar zxvf mysql-5.6.17.tar.gz cd mysql-5.6.17 cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data -DSYSCONFDIR=/etc -DWITH_MYISAM_STORAGE_ENGINE=1 -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_MEMORY_STORAGE_ENGINE=1 -DWITH_READLINE=1 -DMYSQL_UNIX_ADDR=/var/lib/mysql/mysql.sock -DMYSQL_TCP_PORT=3306 -DENABLED_LOCAL_INFILE=1 -DWITH_PARTITION_STORAGE_ENGINE=1 -DEXTRA_CHARSETS=all -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DMYSQL_USER=mysql -DWITH_DEBUG=0 -DWITH_SSL=system make && make install
修改/usr/local/mysql权限
chmod +w /usr/local/mysql chown -R mysql:mysql /usr/local/mysql
关于my.cnf配置文件:
在启动MySQL服务时,会按照一定次序搜索my.cnf,先在/etc目录下找,找不到则会搜索”$basedir/my.cnf” 就是安装目录下 /usr/local/mysql/my.cnf,这是新版MySQL的配置文件的默认位置! 注意:在CentOS 6.x版操作系统的最小安装完成后,在/etc目录下会存在一个my.cnf,需要将此文件更名为其他的名字。 如:/etc/my.cnf.bak,否则,该文件会干扰源码安装的MySQL的正确配置,造成无法启动。 由于我们已经卸载了最小安装完成后的mysq库所以,就没必要操作了。
进入support-files目录
cd support-files/ 如果还有my.cnf请备份 mv /etc/my.cnf /etc/my.cnf.bak 如果愿意也可以复制配置文件到etc下 cp my-default.cnf /etc/my.cnf
执行初始化配置脚本,创建系统自带的数据库和表,注意配置文件的路径
/usr/local/mysql/scripts/mysql_install_db --defaults-file=/etc/my.cnf --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --user=mysql
拷贝mysql安装目录下support-files服务脚本到init.d目录
#拷贝脚本 cp support-files/mysql.server /etc/init.d/mysqld #赋予权限 chmod +x /etc/init.d/mysqld
设置开机启动
chkconfig mysqld on 启动MySQL service mysqld start 或者 /etc/init.d/mysql start
MySQL5.6.x启动成功后,root默认没有密码,我们需要设置root密码。 设置之前,我们需要先设置PATH,要不,不能直接调用mysql
修改/etc/profile文件 vi /etc/profile 在文件末尾添加 PATH=/usr/local/mysql/bin:$PATH export PATH
让配置立即生效
source /etc/profile
登陆测试,默认是没有密码,直接回车就可进入
mysql -uroot -p
设置mysql密码
/usr/local/mysql/bin/mysqladmin -uroot -p password ‘你的密码‘
登陆进命令行模式
mysql -uroot -p
查看用户
select user,host from mysql.user;
删除不必要的用户
drop user ""@localhost; drop user ""@c65mini.localdomain; drop user root@c65mini.localdomain; drop user root@‘::1‘;
赋予账号远程访问的权限
GRANT ALL PRIVILEGES ON *.* TO ‘root‘@‘127.0.0.1‘ IDENTIFIED BY ‘你的密码‘ WITH GRANT OPTION; GRANT ALL PRIVILEGES ON *.* TO ‘root‘@‘localhost‘ IDENTIFIED BY ‘你的密码‘ WITH GRANT OPTION; GRANT ALL PRIVILEGES ON *.* TO ‘root‘@‘c65mini.localdomain‘ IDENTIFIED BY ‘你的密码‘ WITH GRANT OPTION;
关于删除MySQL的默认root用户参考:http://blog.chinaunix.net/uid-16844903-id-3377690.html
其它一些信息查询: 检查mysql版本
mysql -uroot -p"密码" -e "select version();"
验证mysql安装路径
ls -ld /usr/local/mysql/
安装PHP5.5.12
这里我安装的是php7.1
安装依赖关系
libiconv库为需要做转换的应用提供了一个iconv()的函数,以实现一个字符编码到另一个字符编码的转换。 错误提示:configure: error: Please reinstall the iconv library.
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz tar zxvf libiconv-1.14.tar.gz cd libiconv-1.14 ./configure --prefix=/usr/local/libiconv make && make install cd ..
libmcrypt是加密算法扩展库。 错误提示:configure: error: Cannot find imap library (libc-client.a). Please check your c-client installation.
wget http://iweb.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz tar zxvf libmcrypt-2.5.8.tar.gz cd libmcrypt-2.5.8 ./configure make && make install cd ..
Mhash是基于离散数学原理的不可逆向的php加密方式扩展库,其在默认情况下不开启。 mhash的可以用于创建校验数值,消息摘要,消息认证码,以及无需原文的关键信息保存 错误提示:configure: error: “You need at least libmhash 0.8.15 to compile this program. http://mhash.sf.net/”
wget http://hivelocity.dl.sourceforge.net/project/mhash/mhash/0.9.9.9/mhash-0.9.9.9.tar.bz2 tar jxvf mhash-0.9.9.9.tar.bz2 cd mhash-0.9.9.9 ./configure make && make install cd ..
mcrypt 是 php 里面重要的加密支持扩展库,Mcrypt扩展库可以实现加密解密功能,就是既能将明文加密,也可以密文还原。
wget http://iweb.dl.sourceforge.net/project/mcrypt/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz tar zxvf mcrypt-2.6.8.tar.gz cd mcrypt-2.6.8 ./configure make && make install cd ..
编译mcrypt可能会报错:configure: error: *** libmcrypt was not found
vi /etc/ld.so.conf 最后一行添加 /usr/local/lib/ 载入 ldconfig
编译mcrypt可能会报错:/bin/rm: cannot remove `libtoolT‘: No such file or directory
修改 configure 文件,把RM=‘$RM‘改为RM=‘$RM -f‘ 这里的$RM后面一定有一个空格。 如果后面没有空格,直接连接减号,就依然会报错。
正式开始编译php!
我安装的是php7.1
wget http://mirrors.sohu.com/php/php-7.1.1.tar.gz tar zxvf php-7.1.1.tar.gz cd php-7.1.1 ./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-iconv-dir --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-magic-quotes --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-mbstring --with-mcrypt --enable-ftp --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --disable-fileinfo --enable-maintainer-zts make && make install
修改fpm配置php-fpm.conf.default文件名称
mv /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
复制php.ini配置文件
cp php.ini-production /usr/local/php/etc/php.ini
复制php-fpm启动脚本到init.d
cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
赋予执行权限
chmod +x /etc/init.d/php-fpm
添加为启动项
chkconfig --add php-fpm
设置开机启动
chkconfig php-fpm on
按照标准,给php-fpm创建一个指定的用户和组
创建群组 groupadd www 创建一个用户,不允许登陆和不创主目录 useradd -s /sbin/nologin -g www -M www
立即启动php-fpm
service php-fpm start #或者 /etc/init.d/php-fpm start
回到/usr/local/src/目录
nginx所需的依赖关系,一般我们都需要先装pcre, zlib,前者为了重写rewrite,后者为了gzip压缩。如果系统已经yum 安装了这些库也没关系,无需卸载。直接编译安装最新的就可以了。为了一次性完成编译,先准备编译下面的依赖关系!
1.安装PCRE库
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.35.tar.gz tar -zxvf pcre-8.35.tar.gz cd pcre-8.35 ./configure make && make install
2.安装zlib库
wget http://zlib.net/zlib-1.2.8.tar.gz tar -zxvf zlib-1.2.8.tar.gz cd zlib-1.2.8 ./configure make && make install
3.安装ssl
自由选择是否需要编译 wget http://www.openssl.org/source/openssl-1.0.1g.tar.gz tar -zxvf openssl-1.0.1g.tar.gz
4.安装ngx_pagespeed库 ngx_pagespeed 是一个 Nginx 的扩展模块,可以加速你的网站,减少页面加载时间,它会自动将一些提升web性能的实践应用到网页和相关的资源(CSS、JS和图片)上,无需你修改内容和流程。
按照Google的说法,ngx_pagespeed模块已经被一些客户用于生产环境之中了,包括CDN提供商MaxCDN,按照它的报告该模块使得“页面平均加载时间降低了1.57秒、跳出率降低了1%并且退出百分比下降了2.5%”。WordPress主机服务商ZippyKid说,在使用NGINX的PageSpeed之后,“页面大小降低了75%并且页面的渲染时间提高了50%”。
wget https://github.com/pagespeed/ngx_pagespeed/archive/v1.8.31.2-beta.zip unzip v1.8.31.2-beta.zip cd ngx_pagespeed-1.8.31.2-beta/ wget https://dl.google.com/dl/page-speed/psol/1.8.31.2.tar.gz tar -xzvf 1.8.31.2.tar.gz
5、使用google-perftools提供的TCMalloc工具优化nginx和mysql
TCMalloc (google-perftools) 是用于优化C++写的多线程应用,比glibc 2.3的malloc快。这个模块可以用来让MySQL在高并发下内存占用更加稳定.
TCMalloc是google-perftools的其中一个工具,用于优化内存分配的效率和速度,帮助在高并发的情况下很好的控制内存的使用。
在mysql 和nginx 性能优化方案中,大多数教程都是使用google-perftools提供的TCMalloc工具,TCMalloc在内存的分配上效率和速度要比malloc高得多。
错误提示:configure: error: No frame pointers and no libunwind. The compilation will fail 是因为你没安装libunwind库就开始编译gperftools了,因此必须先libunwind
wget http://download.savannah.gnu.org/releases/libunwind/libunwind-1.1.tar.gz tar zxvf libunwind-1.1.tar.gz cd libunwind-1.1 CFLAGS=-fPIC ./configure make CFLAGS=-fPIC make CFLAGS=-fPIC install
按照官方的说明,必然选择最新版本。
wget https://googledrive.com/host/0B6NtGsLhIcf7MWxMMF9JdTN3UVk/gperftools-2.2.tar.gz tar zxvf gperftools-2.2.tar.gz cd gperftools-2.2 ./configure make && make install
准备工作完成,现在开始安装nginx!,这里添加了前面准备的库关系,注意路径!
wget http://nginx.org/download/nginx-1.7.0.tar.gz tar zxvf nginx-1.7.0.tar.gz cd nginx-1.7.0 ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre=/usr/local/src/pcre-8.35 --with-zlib=/usr/local/src/zlib-1.2.8 --with-openssl=/usr/local/src/openssl-1.0.1g --add-module=/usr/local/src/ngx_pagespeed-1.8.31.2-beta --with-google_perftools_module cd ..
这里我遇到了问题,openssl-1.0.1g有问题,升高版本之后没问题了,安装的是openssl-1.0.1u
wget https://www.openssl.org/source/old/1.0.1/openssl-1.0.1u.tar.gz
6、修改nginx.conf 配置文件
在server块里面 开启 ngx_pagespeed 模块
pagespeed on; pagespeed FileCachePath /var/ngx_pagespeed_cache; location ~ ".pagespeed.([a-z].)?[a-z]{2}.[^.]{10}.[^.]+" { add_header "" ""; } location ~ "^/ngx_pagespeed_static/" { } location ~ "^/ngx_pagespeed_beacon$" { } location /ngx_pagespeed_statistics { allow 127.0.0.1; deny all; } location /ngx_pagespeed_global_statistics { allow 127.0.0.1; deny all; } location /ngx_pagespeed_message { allow 127.0.0.1; deny all; } location /pagespeed_console { allow 127.0.0.1; deny all; }
开启 google_perftools 调优支持
我这里没有开启 调优,因为消耗CPU厉害
#先在tmp创建tcmalloc mkdir /tmp/tcmalloc #赋予权限 chmod 0777 /tmp/tcmalloc/ #一般我们在pid下面添加 google_perftools_profiles /tmp/tcmalloc; #必须是重启,及时载入配置不会生效,nginx启动重启脚本下面有。 service nginx restart
验证tcmalloc运行状态,这是仅开启了一个worker_processes的效果
[root@bin2aliyun ~]# lsof -n|grep tcmalloc nginx 24471 www 16w REG 202,1 0 821485 /tmp/tcmalloc/.24471
使用TCMalloc (google-perftools) 可以用来让MySQL在高并发下内存占用更加稳定。
在mysqld_safe脚本文件开始加入 vi /usr/local/mysql/bin/mysqld_safe LD_PRELOAD="/usr/local/lib/libtcmalloc.so" service mysql restart
使用xcache优化php性能。
wget http://xcache.lighttpd.net/pub/Releases/3.1.0/xcache-3.1.0.tar.gz tar zxvf xcache-3.1.0.tar.gz cd xcache-3.1.0 /usr/local/php/bin/phpize ./configure --enable-xcache --with-php-config=/usr/local/php/bin/php-config make && make install 复制xcache查看器到网站目录 cp htdocs/ /home/wwwroot/htdocs/xcache -rf cat >>/usr/local/php/etc/php.ini<<EOF [xcache-common] ;注意路径 extension = /usr/local/php/lib/php/extensions/no-debug-zts-20121212/xcache.so [xcache.admin] xcache.admin.enable_auth = on xcache.admin.user = "admin" xcache.admin.pass = "e10adc3949ba59abbe56e057f20f883e" ;运行: echo -n "password" |md5sum |awk ‘{print $1}‘ 计算出MD5加密过的密码 ;替换xcache.admin.pass=的值 [xcache] xcache.shm_scheme = "mmap" xcache.size = 64M xcache.count = 1 xcache.slots = 8K xcache.ttl = 3600 xcache.gc_interval = 60 xcache.var_size = 16M xcache.var_count = 1 xcache.var_slots = 8K xcache.var_ttl = 3600 xcache.var_maxttl = 0 xcache.var_gc_interval = 300 xcache.readonly_protection = Off xcache.mmap_path = "/dev/zero" xcache.coredump_directory = "/tmp/phpcore" xcache.coredump_type = 0 xcache.disable_on_crash = Off xcache.experimental = Off xcache.cacher = On xcache.stat = On xcache.optimizer = Off [xcache.coverager] xcache.coverager = Off xcache.coverager_autostart = On xcache.coveragedump_directory = "/tmp/pcov" EOF
安装phpmyadmin
wget http://iweb.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/4.2.2/phpMyAdmin-4.2.2-all-languages.tar.gz tar zxvf phpMyAdmin-4.2.2-all-languages.tar.gz mv phpMyAdmin-4.2.2-all-languages phpmyadmin cd phpMyAdmin mkdir config chmod o+rw config mv config/config.inc.php config.inc.php chmod o-rw config.inc.php rm -rf config
nginx 重启,启动,载入脚本
vi /etc/init.d/nginx #!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse # proxy and IMAP/POP3 proxy server # processname: nginx # config: /etc/nginx/nginx.conf # config: /etc/sysconfig/nginx # pidfile: /var/run/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/local/nginx/sbin/nginx" prog=$(basename $nginx) sysconfig="/etc/sysconfig/$prog" lockfile="/var/lock/subsys/nginx" pidfile="/usr/local/nginx/logs/nginx.pid" NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf" [ -f $sysconfig ] && . $sysconfig start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc -p $pidfile $prog retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { configtest_q || return 6 stop start } reload() { configtest_q || return 6 echo -n $"Reloading $prog: " killproc -p $pidfile $prog -HUP echo } configtest() { $nginx -t -c $NGINX_CONF_FILE } configtest_q() { $nginx -t -q -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } # Upgrade the binary with no downtime. upgrade() { local oldbin_pidfile="${pidfile}.oldbin" configtest_q || return 6 echo -n $"Upgrading $prog: " killproc -p $pidfile $prog -USR2 retval=$? sleep 1 if [[ -f ${oldbin_pidfile} && -f ${pidfile} ]]; then killproc -p $oldbin_pidfile $prog -QUIT success $"$prog online upgrade" echo return 0 else failure $"$prog online upgrade" echo return 1 fi } # Tell nginx to reopen logs reopen_logs() { configtest_q || return 6 echo -n $"Reopening $prog logs: " killproc -p $pidfile $prog -USR1 retval=$? echo return $retval } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest|reopen_logs) $1 ;; force-reload|upgrade) rh_status_q || exit 7 upgrade ;; reload) rh_status_q || exit 7 $1 ;; status|status_q) rh_$1 ;; condrestart|try-restart) rh_status_q || exit 7 restart ;; *) echo $"Usage: $0 {start|stop|reload|configtest|status|force-reload|upgrade|restart|reopen_logs}" exit 2 esac
注意需要赋予执行的权限:chmod +x /etc/init.d/nginx
经过优化的nginx.conf配置文件
user www www; worker_processes 1; error_log /home/wwwlogs/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; google_perftools_profiles /tmp/tcmalloc; #Specifies the value for maximum file descriptors that can be opened by this process. worker_rlimit_nofile 51200; events { use epoll; worker_connections 51200; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 50m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 256k; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; gzip_proxied expired no-cache no-store private auth; gzip_disable "MSIE [1-6]\."; #limit_zone crawler $binary_remote_addr 10m; server_tokens off; #log format log_format access ‘$remote_addr - $remote_user [$time_local] "$request" ‘ ‘$status $body_bytes_sent "$http_referer" ‘ ‘"$http_user_agent" $http_x_forwarded_for‘; server { listen 80; server_name www.cnhzz.com; index index.html index.htm index.php; root /home/wwwroot/htdocs; location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location /status { stub_status on; access_log off; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } access_log /home/wwwlogs/access.log access; } include vhost/*.conf; }
根据需要为虚拟主机增加了ngx_pagespeed google_perftools
log_format www.cnhzz.com ‘$remote_addr - $remote_user [$time_local] "$request" ‘ ‘$status $body_bytes_sent "$http_referer" ‘ ‘"$http_user_agent" $http_x_forwarded_for‘; server { listen 80; server_name www.cnhzz.com cnhzz.com; if ($host != ‘www.cnhzz.com‘ ) { rewrite ^/(.*)$ http://www.cnhzz.com/$1 permanent; } index index.php index.html index.htm; root /home/wwwroot/www.cnhzz.com; pagespeed on; pagespeed FileCachePath /var/ngx_pagespeed_cache; log_format www.cnhzz.com ‘$remote_addr - $remote_user [$time_local] "$request" ‘ ‘$status $body_bytes_sent "$http_referer" ‘ ‘"$http_user_agent" $http_x_forwarded_for‘; server { listen 80; server_name www.cnhzz.com cnhzz.com; if ($host != ‘www.cnhzz.com‘ ) { rewrite ^/(.*)$ http://www.cnhzz.com/$1 permanent; } index index.php index.html index.htm; root /home/wwwroot/www.cnhzz.com; pagespeed on; pagespeed FileCachePath /var/ngx_pagespeed_cache; location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" { add_header "" ""; } location ~ "^/ngx_pagespeed_static/" { } location ~ "^/ngx_pagespeed_beacon$" { } location /ngx_pagespeed_statistics { allow 127.0.0.1; deny all; } location /ngx_pagespeed_global_statistics { allow 127.0.0.1; deny all; } location /ngx_pagespeed_message { allow 127.0.0.1; deny all; } location /pagespeed_console { allow 127.0.0.1; deny all; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } access_log /home/wwwlogs/www.cnhzz.com.log www.cnhzz.com; }
php-fpm优化,注意一个fpm进程大约20M,我这个机器是小内存的云主机,因此开启2个就可以。大内存的话,根据情况换算。
vi php-fpm.conf pm = dynamic pm.max_children = 20 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 6 request_terminate_timeout = 100
nginx配置站点是注意factcgi配置路径是否正确
标签:lnmp搭建 web
原文地址:http://ample.blog.51cto.com/3936501/1895801