- A+
在我们之前的教程中,我们讨论了如何在Ubuntu 18.04 LTS服务器中安装LAMP堆栈。在本教程中,我们将了解如何在Ubuntu 18.04 LTS最小服务器版本中安装Nginx,MariaDB,PHP(LEMP堆栈)。正如我在上一篇教程中提到的,LEMP是L inux,E n gine -x,M ariaDB / M ySQL,P HP / P erl / P ython 的首字母缩写。出于本教程的目的,我将使用以下测试机器:
- 操作系统:Ubuntu 18.04 LTS服务器
- IP地址:192.168.225.22/24
让我们开始吧。
在Ubuntu 18.04 LTS中安装Nginx,MariaDB,PHP(LEMP堆栈)
1.安装Nginx
打开终端,然后运行以下命令安装Nginx webserver:
$ sudo apt install nginx
安装Nginx后,使用命令检查Nginx服务是否正在运行:
$ sudo systemctl status nginx
样本输出:
● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2018-07-07 12:10:05 UTC; 57s ago Docs: man:nginx(8) Process: 1846 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 1833 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Main PID: 1849 (nginx) Tasks: 2 (limit: 2322) CGroup: /system.slice/nginx.service ├─1849 nginx: master process /usr/sbin/nginx -g daemon on; master_process on; └─1851 nginx: worker process Jul 07 12:10:05 ubuntuserver systemd[1]: Starting A high performance web server and a reverse proxy server... Jul 07 12:10:05 ubuntuserver systemd[1]: nginx.service: Failed to parse PID from file /run/nginx.pid: Invalid argument Jul 07 12:10:05 ubuntuserver systemd[1]: Started A high performance web server and a reverse proxy server.
如果您看到如上所示的输出,则Nginx服务已启动。
如果它尚未启动,您可以使用命令启动它:
$ sudo systemctl start nginx
1.1调整防火墙以允许Nginx Web服务器
默认情况下,如果您在Ubuntu 18.04 LTS中启用了UFW防火墙,则无法从远程系统访问Nginx Web浏览器。您必须按照以下步骤通过UFW允许http和https流量。
首先,让我们使用命令查看哪些应用程序已安装配置文件:
$ sudo ufw app list Available applications: Nginx Full Nginx HTTP Nginx HTTPS OpenSSH
如您所见,Nginx和OpenSSH应用程序已安装UFW配置文件。
如果您查看“Nginx Full”配置文件,您将看到它启用了到端口80和443的流量:
$ sudo ufw app info "Nginx Full" Profile: Nginx Full Title: Web Server (Nginx, HTTP + HTTPS) Description: Small, but very powerful and efficient web server Ports: 80,443/tcp
现在,运行以下命令以允许此配置文件的传入HTTP和HTTPS流量:
$ sudo ufw allow in "Nginx Full" Rules updated Rules updated (v6)
如果要允许https流量,但只允许http(80)流量,请运行:
$ sudo ufw app info "Nginx HTTP"
让我们继续并运行Nginx测试页面。
为此,请打开Web浏览器并导航到http://localhost /或http://IP-Address /。
您将看到如下所示的页面。
如果您看到上面的输出,恭喜!Nginx服务器正在运行!
2.安装MariaDB
MariaDB是MySQL数据库服务器的直接替代品。
要安装它,请运行:
$ sudo apt install mariadb-server mariadb-client
Ubuntu官方存储库中的MariaDB版本可能已过时。如果要安装最新的MariaDB,请添加MariaDB官方存储库对于Ubuntu并安装如下所示。
首先,添加MariaDB存储库并导入密钥,如下所示。
$ sudo apt-get install software-properties-common $ sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 $ sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://sgp1.mirrors.digitalocean.com/mariadb/repo/10.3/ubuntu bionic main'
添加存储库后,运行以下命令以安装MariaDB。
$ sudo apt update
$ sudo apt install mariadb-server
使用命令验证MariaDB服务是否正在运行:
$ sudo systemctl status mysql
样本输出:
● mariadb.service - MariaDB database server Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2018-07-07 12:15:13 UTC; 2min 57s ago Main PID: 3428 (mysqld) Status: "Taking your SQL requests now..." Tasks: 27 (limit: 2322) CGroup: /system.slice/mariadb.service └─3428 /usr/sbin/mysqld Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3465]: mysql Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3465]: performance_schema Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3465]: Phase 6/7: Checking and upgrading tables Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3465]: Processing databases Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3465]: information_schema Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3465]: performance_schema Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3465]: Phase 7/7: Running 'FLUSH PRIVILEGES' Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3465]: OK Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3534]: Checking for insecure root accounts. Jul 07 12:15:14 ubuntuserver /etc/mysql/debian-start[3538]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables
Mysql正在运行!
2.1设置数据库管理用户(root)密码
在MariaDB安装期间,它将为管理用户帐户(root)设置密码。
如果您尝试使用命令手动设置密码:
$ mysql_secure_installation
您无法登录设置密码。您将看到如下错误。
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): ERROR 1698 (28000): Access denied for user 'root'@'localhost' Enter current password for root (enter for none):
要解决此问题,请使用以下命令以MySQL数据库管理员身份登录:
$ sudo mysql -u root
登录MySQL提示符后,逐个运行以下命令。
use mysql;
update user set plugin='' where User='root';
flush privileges;
\q
现在,您可以使用命令设置数据库管理密码:
$ mysql_secure_installation
输入密码密码,然后按ENTER键接受默认值。
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): # Press ENTER OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] # Press ENTER New password: # Enter password Re-enter new password: # Re-enter password Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] # Press ENTER ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] # Press ENTER ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] # Press ENTER - Dropping test database... ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist ... Failed! Not critical, keep moving... - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] # Press ENTER ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure.
而已。已设置数据库管理用户帐户的密码。
3.安装PHP
要安装PHP,请运行:
$ sudo apt-get install php-fpm php-mysql
安装PHP之后,我们需要通过简单的更改来保护它。
为此,请编辑php.ini文件:
$ sudo vi /etc/php/7.2/fpm/php.ini
找到以下行:
;cgi.fix_pathinfo=1
取消注释并将其值从1更改 为0(零)。
cgi.fix_pathinfo=0
保存并关闭文件。然后,重新启动PHP-FPM服务以使更改生效。
$ sudo systemctl restart php7.2-fpm
使用命令检查PHP-FPM服务是否正在运行:
$ sudo systemctl status php7.2-fpm
样本输出:
● php7.2-fpm.service - The PHP 7.2 FastCGI Process Manager Loaded: loaded (/lib/systemd/system/php7.2-fpm.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2018-07-07 12:23:46 UTC; 7s ago Docs: man:php-fpm7.2(8) Main PID: 11005 (php-fpm7.2) Status: "Ready to handle connections" Tasks: 3 (limit: 2322) CGroup: /system.slice/php7.2-fpm.service ├─11005 php-fpm: master process (/etc/php/7.2/fpm/php-fpm.conf) ├─11018 php-fpm: pool www └─11019 php-fpm: pool www Jul 07 12:23:46 ubuntuserver systemd[1]: Starting The PHP 7.2 FastCGI Process Manager... Jul 07 12:23:46 ubuntuserver systemd[1]: Started The PHP 7.2 FastCGI Process Manager.
3.1配置Nginx以使用PHP-FPM
我们需要配置Nginx以使用PHP-FPM。
为此,请编辑Nginx的默认vhost(服务器块) /etc /nginx /sites-available /default 文件:
$ sudo vi /etc/nginx/sites-available/default
找到服务器部分,并设置您的Ubuntu服务器的FQDN或IP地址,如下所示。另外,请仔细检查是否添加了 index.php行。所有更改均以粗体字母显示。
[...] server { listen 80 default_server; listen [::]:80 default_server; [...] root /var/www/html; # Add index.php to the list if you are using PHP index index.php index.html index.htm index.nginx-debian.html; server_name 192.168.225.22; [...]
让我们分解上面的行,看看每行的含义。
- 听80; - >听ipv4
- listen [::]:80 default_server; - >听ipv6
- root / var / www / html; - > Nginx文件根目录。
- server_name server.ostechnix.lan; - >我们的Ubuntu服务器的FQDN。
然后,向下滚动一点,找到#location~ \ .php $部分。
取消注释并修改以下行,如下所示。
location ~ \.php$ { include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): fastcgi_pass unix:/run/php/php7.2-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\.ht { deny all; } }
保存并退出该文件。
在〜\ .php $ block 位置修改fastcgi_pass指令时要特别注意。您必须提供正确的名称文件,其中包含实际存储在服务器上/ run / php目录中的内容。要验证它,请运行:
$ ls /run/php/ php7.2-fpm.pid php7.2-fpm.sock
如您所见,该文件的名称是php7.2-fpm.sock,而不是php7.0-fpm.sock,这是位于〜\ .php $指令中的列表。确保在此指令中提到了正确的名称。
使用命令检查Nginx配置文件是否存在任何语法错误:
$ sudo nginx -t
样本输出:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
如果您没有看到任何错误,请重新启动nginx服务以使更改生效。
为此,请运行:
$ sudo systemctl restart nginx
现在,让我们创建一个示例PHP文件,通过浏览器测试PHP配置。
为此,请在Nginx文档根文件夹下创建名为info.php的文件。
$ sudo vi /var/www/html/info.php
添加以下行:
<?php phpinfo(); ?>
保存并退出文件。重新启动nginx服务以使更改生效。
然后,打开Web浏览器并导航到http://IP-address/info.php。
您将看到PHP详细信息。
恭喜!PHP正在工作!!
3.2安装PHP模块
要改进PHP的功能,您可以安装一些额外的PHP模块。
要列出可用的PHP模块,请运行:
$ sudo apt-cache search php- | less
输出:
使用和箭头在结果之间上下移动。要退出结果,请键入q。
要查找任何特定php模块的详细信息,例如php-gd,请运行:
$ sudo apt-cache show php-gd
要安装php模块,请运行:
$ sudo apt-get install php-gd
要安装所有模块(尽管不是必需的),请运行:
$ sudo apt-get install php*
安装任何php模块后别忘了重启Nginx服务。
恭喜!我们已经在Ubuntu 18.04 LTS服务器中成功设置了LEMP堆栈。开始在新的LEMP Web堆栈中部署网站和Web应用程序。
- 安卓客户端下载
- 微信扫一扫
- 微信公众号
- 微信公众号扫一扫