For image download, domain name resolution and time synchronization, please clickAlibaba cloud open source image station
LNMP is the acronym for Linux + nginx + MySQL + PHP, which is relative to lamp (Linux + Apache + MySQL + PHP). It was once popular in the field of virtual host site building. With the development of new programming languages, container technology and micro services, it gradually declined, especially the use of PHP programming language dropped sharply.
WordPress is open source software that allows you to build great websites, blogs, or applications. It has beautiful design and powerful functions, which can help you give full play to what you want. WordPress is both free and priceless.
#System and environment description in this practice
L:Linux https://mirrors.aliyun.com/centos/
N:Nginx https://nginx.org/en/download.html
M:MySQL https://dev.mysql.com/downloads/mysql/
P:PHP http://php.net/downloads.php
Wordpress https://cn.wordpress.org/latest-zh_CN.tar.gz
#Deployment planning:
192.168.250.47:nginx PHP FPM running web services
192.168.250.48: run MySQL database and redis service
1. architecture topology and host description
#Three hosts
11 linux+nginx+php+wordpress (LNP) servers:
Host name: lnp-server-ip47
CentOS 7.9
IP:192.168.250.47
21 mysql+redis servers:
Host name: mysql-redis-ip48
CentOS 8.4
IP:192.168.250.48/24
31 client hosts:
Win10-pc
2. prepare MySQL database
#For CentOS system optimization, you can check previous articles; Modify the host name according to the architecture diagram
[[email protected] ]#hostnamectl set-hostname MySQL-Redis-IP48
[[email protected] ]#exit
#Install MySQL server database using yum
[[email protected] ]#yum info mysql-server
Last metadata expiration check: 19:31:21 ago on Mon 28 Mar 2022 02:34:38 AM CST.
Available Packages
Name : mysql-server
Version : 8.0.26
[[email protected] ]#yum -y install mysql-server
#Start the service and start the auto start
[[email protected] ]#systemctl enable --now mysqld
#Enter database
[[email protected] ]#mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 8.0.26 Source distribution
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
#Create WordPress Library
mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)
#Create database account name and password for WordPress
mysql> create user [email protected]'192.168.250.%' identified by '123456';
Query OK, 0 rows affected (0.01 sec)
#Database authorization
mysql> grant all on wordpress.* to [email protected]'192.168.250.%';
Query OK, 0 rows affected (0.01 sec)
#Log in locally and verify the database
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| wordpress |
+--------------------+
5 rows in set (0.01 sec)
mysql> use wordpress
Database changed
mysql> show tables;
Empty set (0.00 sec)
mysql> quit
Bye
[[email protected] ]#
3. network authentication MySQL service
#Log in to the database server on another machine through the network
#Install database client MySQL package
[[email protected] ]#yum -y install mysql
#Log in to remote database in network mode
[[email protected] ]#mysql -uwordpress -p123456 -h192.168.250.48
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.26 Source distribution
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| wordpress |
+--------------------+
2 rows in set (0.00 sec)
mysql>
4. configure LNP server
Basic tasks: compile, install and deploy PHP to support redis, prepare the configuration and startup service files, and start PHP FPM; Compile and install nginx, prepare configuration and startup service files, and start nginx
4.1 deploy PHP FPM service
#Modify the host name according to the architecture diagram
[[email protected] ]# hostnamectl set-hostname LNP-Server-IP47
[[email protected] ]# exit
#Install the dependent packages required for compiling PHP
[[email protected] ]# yum -y install gcc openssl-devel libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel
#Download php-7.4.28 tar. XZ source package
[[email protected] src]# wget https://www.php.net/distributions/php-7.4.28.tar.xz
[[email protected] src]# ll -h php-7.4.28.tar.xz
-rw-r--r-- 1 root root 10M Feb 15 21:40 php-7.4.28.tar.xz
#Unzip the source package and enter the directory where the source package is located
[[email protected] src]# tar xf php-7.4.28.tar.xz
[[email protected] src]# ll
total 11220
drwxr-xr-x 9 1001 1001 186 Mar 28 17:06 nginx-1.20.2
-rw-r--r-- 1 root root 1062124 Nov 16 22:51 nginx-1.20.2.tar.gz
drwxrwxr-x 16 root root 4096 Feb 15 21:23 php-7.4.28
-rw-r--r-- 1 root root 10418352 Feb 15 21:40 php-7.4.28.tar.xz
#Preparing compilation parameters
[[email protected] src]#cd php-7.4.28/
[[email protected] php-7.4.28]# ./configure --prefix=/apps/php74 --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm -enable-maintainer-zts --disable-fileinfo
....................................
Thank you for using PHP. # You need to see this information to be successful
#View the number of CPUs and enter them as the CPU option of the compilation parameter
[[email protected] nginx-1.20.2]# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 8
On-line CPU(s) list: 0-7
[[email protected]p-server-ip47 php-7.4.28]#
#Compile install
[[email protected] php-7.4.28]# make -j 8 && make install
# Many screen displays are deleted here. You need to see the following success information before proceeding to the next step
Build complete.
Don't forget to run 'make test'.
Installing shared extensions: /apps/php74/lib/php/extensions/no-debug-zts-20190902/
Installing PHP CLI binary: /apps/php74/bin/
Installing PHP CLI man page: /apps/php74/php/man/man1/
Installing PHP FPM binary: /apps/php74/sbin/
Installing PHP FPM defconfig: /apps/php74/etc/
Installing PHP FPM man page: /apps/php74/php/man/man8/
Installing PHP FPM status page: /apps/php74/php/php/fpm/
Installing phpdbg binary: /apps/php74/bin/
Installing phpdbg man page: /apps/php74/php/man/man1/
Installing PHP CGI binary: /apps/php74/bin/
Installing PHP CGI man page: /apps/php74/php/man/man1/
Installing build environment: /apps/php74/lib/php/build/
Installing header files: /apps/php74/include/php/
Installing helper programs: /apps/php74/bin/
program: phpize
program: php-config
Installing man pages: /apps/php74/php/man/man1/
page: phpize.1
page: php-config.1
/usr/local/src/php-7.4.28/build/shtool install -c ext/phar/phar.phar /apps/php74/bin/phar.phar
ln -s -f phar.phar /apps/php74/bin/phar
Installing PDO headers: /apps/php74/include/php/ext/pdo/
##############################################################################
##Prepare PHP configuration file
#Copy from profile template and modify
[[email protected] php-7.4.28]# cp /usr/local/src/php-7.4.28/php.ini-production /etc/php.ini
#Enter the directory defined in the compilation parameters at that time /apps/php74/ and copy from the template to create PHP fpm conf
[[email protected] php-7.4.28]# cd /apps/php74/etc
[[email protected] etc]# cp php-fpm.conf.default php-fpm.conf
#Enter the sub configuration file directory and create www.conf from the template file
[[email protected] etc]# cd php-fpm.d/
[[email protected] php-fpm.d]# cp www.conf.default www.conf
[[email protected] php-fpm.d]#
#Modify www.conf according to the idea of this practice
[[email protected] php-fpm.d]# vim www.conf
;user = nobody
user = www
;group = nobody
group = www
;pm.status_path = /status
pm.status_path = /status
;ping.path = /ping
ping.path = /ping
;access.log = log/$pool.access.log
access.log = log/$pool.access.log
;slowlog = log/$pool.log.slow
slowlog = log/$pool.log.slow
#The modified www.conf file is removed; All file contents of the comment line are for comparison
[[email protected] php-fpm.d]# grep '^[^;]' www.conf
[www]
user = www
group = www
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.status_path = /status
ping.path = /ping
access.log = log/$pool.access.log
slowlog = log/$pool.log.slow
[[email protected] php-fpm.d]#
#Create a WWW user
[[email protected] php-fpm.d]# useradd -r -s /sbin/nologin www
#Create access log file path
[[email protected] php-fpm.d]# mkdir /apps/php74/log
[[email protected] php-fpm.d]#
##############################################################################
##Start and validate PHP FPM service
#Check the configuration file syntax, etc
[[email protected] php-fpm.d]# /apps/php74/sbin/php-fpm -t
[28-Mar-2022 18:05:51] NOTICE: configuration file /apps/php74/etc/php-fpm.conf test is successful
#Prepare to start service file
[[email protected] php-fpm.d]# cp /usr/local/src/php-7.4.28/sapi/fpm/php-fpm.service /usr/lib/systemd/system/
#Start and boot self start PHP FPM
[[email protected] php-fpm.d]# systemctl daemon-reload
[[email protected] php-fpm.d]# systemctl enable --now php-fpm
Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.
#Verify listening port
[[email protected] php-fpm.d]# ss -ltn
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 511 127.0.0.1:9000 *:*
#View and track process information
[[email protected] php-fpm.d]# pstree -p |grep php
|-php-fpm(20700)-+-php-fpm(20701)
| `-php-fpm(20702)
[[email protected] php-fpm.d]# ps -ef |grep php
root 20700 1 0 18:06 ? 00:00:00 php-fpm: master process (/apps/php74/etc/php-fpm.conf)
www 20701 20700 0 18:06 ? 00:00:00 php-fpm: pool www
www 20702 20700 0 18:06 ? 00:00:00 php-fpm: pool www
root 20707 5036 0 18:07 pts/0 00:00:00 grep --color=auto php
[[email protected] php-fpm.d]#
4.2 deploy nginx service
4.2.1 compiling and installing nginx
####Compile and install nginx
#Prepare dependent packages for nginx compilation and installation
[[email protected] ]# yum -y install gcc pcre-devel openssl-devel zlib-devel
#Download nginx 1.20.2 source package general /usr/local/src/ as the source file storage directory
[[email protected] ]# cd /usr/local/src/
[[email protected] src]# wget http://nginx.org/download/nginx-1.20.2.tar.gz
#Unzip the source package
[[email protected] src]# tar xf nginx-1.20.2.tar.gz
[[email protected] src]# ll
total 1040
drwxr-xr-x 8 1001 1001 158 Nov 16 22:44 nginx-1.20.2
-rw-r--r-- 1 root root 1062124 Nov 16 22:51 nginx-1.20.2.tar.gz
[[email protected] src]#
#Enter nginx-1.20.2 directory to prepare compilation parameters
[[email protected] src]# cd nginx-1.20.2
[[email protected] nginx-1.20.2]# ./configure --prefix=/apps/nginx \
> --user=www \
> --group=www \
> --with-http_ssl_module \
> --with-http_v2_module \
> --with-http_realip_module \
> --with-http_stub_status_module \
> --with-http_gzip_static_module \
> --with-pcre \
> --with-stream \
> --with-stream_ssl_module \
> --with-stream_realip_module
[[email protected] nginx-1.20.2]# make -j 8 && make install
##############################################################################
#Prepare the service file and start nginx
[[email protected] nginx-1.20.2]# vim /usr/lib/systemd/system/nginx.service
[[email protected] nginx-1.20.2]# cat /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/apps/nginx/run/nginx.pid
ExecStart=/apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
[Install]
WantedBy=multi-user.target
[[email protected] nginx-1.20.2]#
#Create directory
[[email protected] nginx-1.20.2]# mkdir /apps/nginx/run/
#Modify profile
[[email protected] nginx-1.20.2]# vim /apps/nginx/conf/nginx.conf
#Modify only the following line
pid /apps/nginx/run/nginx.pid;
#Start and start the auto start service
[[email protected] wordpress]# systemctl daemon-reload
[[email protected] wordpress]# systemctl enable --now nginx
[[email protected] wordpress]# ss -tln
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 511 127.0.0.1:9000 *:*
LISTEN 0 511 *:80 *:*
[[email protected] wordpress]#
4.2.2 configure nginx to support fastcgi
##############################################################################
####Configure nginx to support fastcgi
[[email protected] nginx-1.20.2]# vim /apps/nginx/conf/nginx.conf
#Only modify the following contents, other urban default values
worker_processes auto;
pid /apps/nginx/run/nginx.pid;
server {
listen 80;
server_name blog.shone.cn;
location / {
root /data/nginx/wordpress;
index index.php index.html index.htm;
}
location \.php$ {
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ^/(ping|pm_status)$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
}
#Filter out valid configuration lines through the command
[[email protected] nginx-1.20.2]# grep -Ev '#|^$' /apps/nginx/conf/nginx.conf
worker_processes auto;
pid /apps/nginx/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_ name blog. shone. cn; # Specify domain name
location / {
root /data/nginx/wordpress; # Specify data directory
index index. php index. html index. htm; # Specify default home page file
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location \. Php${\m implementation of PHP FPM
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
Location ^/ (ping|pm\u status) ${\php detection status page
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
}
}
}
[[email protected] nginx-1.20.2]#
#Restart nginx for the new configuration file to take effect
[[email protected] php-fpm.d]# systemctl reload nginx
[[email protected] php-fpm.d]# ss -ltn
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 511 127.0.0.1:9000 *:*
LISTEN 0 511 *:80 *:*
[[email protected] php-fpm.d]#
4.2.3 test whether PHP works normally
Prepare test page
[[email protected] php-fpm.d]# mkdir -p /data/nginx/wordpress
[[email protected] php-fpm.d]# vim /data/nginx/wordpress/phpinfo.php
[[email protected] php-fpm.d]# cat /data/nginx/wordpress/phpinfo.php
Test the Ping of PHP
View status page
5. deploy WordPress
5.1 preparing WordPress files
#Download the source file, copy it to the web page directory defined above, and modify the ownership
[[email protected] ]# wget https://cn.wordpress.org/latest-zh_CN.tar.gz
[[email protected] ]# ll
total 19012
-rw-r--r-- 1 root root 19462197 Mar 19 00:00 latest-zh_CN.tar.gz
[[email protected] ]# tar xf latest-zh_CN.tar.gz
[[email protected] ]# ll
total 19016
-rw-r--r-- 1 root root 19462197 Mar 19 00:00 latest-zh_CN.tar.gz
drwxr-xr-x 5 1006 1006 4096 Mar 19 00:00 wordpress
[[email protected] ]# cp -r wordpress/* /data/nginx/wordpress
[[email protected] ]# chown -R www.www /data/nginx/wordpress/
[[email protected] ~]#
5.2 initialize WordPress
#Modify the local hosts file of win10. The path is c:\windows\system32\drivers\etc\hosts. Add a line at the end
192.168.250.47 blog.shone.cn
Enter blog in the browser shone. Cn the cloud initialization wizard appears. Follow the wizard to complete the initialization
Enter in browserhttp://blog.shone.cn
6. optimize WordPress
6.1 allow uploading large files
#Note: by default, only files less than 1m can be uploaded. To upload large files using the PHP program, you need to modify the following configuration. The maximum upload is determined by the minimum value of the following items. If you directly upload files greater than 1m, the following 413 error will occur
[[email protected] wordpress]# vim /apps/nginx/conf/nginx.conf
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
client_ max_ body_ size 100m; # The file size of nginx upload is modified to 100m, which is 1m by default
.........
[[email protected] wordpress]# vim /etc/php.ini
; http://php.net/post-max-size
; post_ max_ Size = 8m \m by default
post_max_size = 30M
; upload_ max_ Filesize = 2m \m by default
upload_max_filesize = 20M
[[email protected] wordpress]# systemctl restart nginx php-fpm
6.2 safety reinforcement
#Turn off version display
[[email protected] wordpress]# grep -Ev '#|^$' /apps/nginx/conf/nginx.conf
worker_processes auto;
pid /apps/nginx/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
client_max_body_size 100m;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name blog.shone.cn;
server_ tokens off; # Security hardening options
location / {
root /data/nginx/wordpress;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location \.php$ {
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_ hide_ header X-Powered-By; # Security hardening options
}
location ^/(ping|pm_status)$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
}
}
}
[[email protected] wordpress]#
#Turn off PHP version exposure
[[email protected] wordpress]# vim /etc/php.ini
; http://php.net/expose-php
; expose_ PHP = on ; the default value is on. You can see the version information on the client
expose_php = Off
6.3 configure PHP to enable opcache acceleration
[[email protected] wordpress]# vim /etc/php.ini
.....................
[opcache]
; Determines if Zend OPCache is enabled
zend_extension=opcache.so
opcache.enable=1
.......................
[[email protected] wordpress]#systemctl restart php-fpm
This article is transferred from:https://blog.51cto.com/shone/5165650