Nginx practice case (source code compilation and installation method): build WordPress site with LNMP

Time:2022-6-17

For image download, domain name resolution and time synchronization, please clickAlibaba cloud open source image station

LNMP is the acronym for Linux + nginx + MySQL + PHP, which is relative to lamp (Linux + Apache + MySQL + PHP). It was once popular in the field of virtual host site building. With the development of new programming languages, container technology and micro services, it gradually declined, especially the use of PHP programming language dropped sharply. ​

WordPress is open source software that allows you to build great websites, blogs, or applications. It has beautiful design and powerful functions, which can help you give full play to what you want. WordPress is both free and priceless.

#System and environment description in this practice
L:Linux     https://mirrors.aliyun.com/centos/
N:Nginx     https://nginx.org/en/download.html
M:MySQL     https://dev.mysql.com/downloads/mysql/
P:PHP       http://php.net/downloads.php
Wordpress    https://cn.wordpress.org/latest-zh_CN.tar.gz
#Deployment planning:
192.168.250.47:nginx PHP FPM running web services
192.168.250.48: run MySQL database and redis service

1. architecture topology and host description

file

#Three hosts
11 linux+nginx+php+wordpress (LNP) servers:
Host name: lnp-server-ip47
CentOS 7.9
IP:192.168.250.47


21 mysql+redis servers:
Host name: mysql-redis-ip48
CentOS 8.4
IP:192.168.250.48/24

31 client hosts:
Win10-pc

2. prepare MySQL database

#For CentOS system optimization, you can check previous articles; Modify the host name according to the architecture diagram
[[email protected] ]#hostnamectl set-hostname MySQL-Redis-IP48
[[email protected] ]#exit

#Install MySQL server database using yum
[[email protected] ]#yum info mysql-server
Last metadata expiration check: 19:31:21 ago on Mon 28 Mar 2022 02:34:38 AM CST.
Available Packages
Name         : mysql-server
Version      : 8.0.26
[[email protected] ]#yum -y install mysql-server

#Start the service and start the auto start
[[email protected] ]#systemctl enable --now mysqld

#Enter database
[[email protected] ]#mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 8.0.26 Source distribution

Copyright (c) 2000, 2021, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
#Create WordPress Library
mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)
#Create database account name and password for WordPress
mysql> create user [email protected]'192.168.250.%' identified by '123456';
Query OK, 0 rows affected (0.01 sec)
#Database authorization
mysql> grant all on wordpress.* to [email protected]'192.168.250.%';
Query OK, 0 rows affected (0.01 sec)
#Log in locally and verify the database
mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| sys                |
| wordpress          |
+--------------------+
5 rows in set (0.01 sec)

mysql> use wordpress
Database changed
mysql> show tables;
Empty set (0.00 sec)

mysql> quit
Bye
[[email protected] ]#

3. network authentication MySQL service

#Log in to the database server on another machine through the network
#Install database client MySQL package
[[email protected] ]#yum -y install mysql

#Log in to remote database in network mode
[[email protected] ]#mysql -uwordpress -p123456 -h192.168.250.48
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.26 Source distribution

Copyright (c) 2000, 2021, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| wordpress          |
+--------------------+
2 rows in set (0.00 sec)

mysql>

4. configure LNP server

Basic tasks: compile, install and deploy PHP to support redis, prepare the configuration and startup service files, and start PHP FPM; Compile and install nginx, prepare configuration and startup service files, and start nginx

4.1 deploy PHP FPM service

#Modify the host name according to the architecture diagram
[[email protected] ]# hostnamectl set-hostname LNP-Server-IP47
[[email protected] ]# exit

#Install the dependent packages required for compiling PHP
[[email protected] ]# yum -y install gcc openssl-devel libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel

#Download php-7.4.28 tar. XZ source package
[[email protected] src]# wget https://www.php.net/distributions/php-7.4.28.tar.xz
[[email protected] src]# ll -h php-7.4.28.tar.xz 
-rw-r--r-- 1 root root 10M Feb 15 21:40 php-7.4.28.tar.xz

#Unzip the source package and enter the directory where the source package is located
[[email protected] src]# tar xf php-7.4.28.tar.xz 
[[email protected] src]# ll
total 11220
drwxr-xr-x  9 1001 1001      186 Mar 28 17:06 nginx-1.20.2
-rw-r--r--  1 root root  1062124 Nov 16 22:51 nginx-1.20.2.tar.gz
drwxrwxr-x 16 root root     4096 Feb 15 21:23 php-7.4.28
-rw-r--r--  1 root root 10418352 Feb 15 21:40 php-7.4.28.tar.xz

#Preparing compilation parameters
[[email protected] src]#cd  php-7.4.28/
[[email protected] php-7.4.28]# ./configure --prefix=/apps/php74 --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm -enable-maintainer-zts --disable-fileinfo
....................................
Thank you for using PHP.    #  You need to see this information to be successful

#View the number of CPUs and enter them as the CPU option of the compilation parameter
[[email protected] nginx-1.20.2]# lscpu
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                8
On-line CPU(s) list:   0-7
[[email protected]p-server-ip47 php-7.4.28]# 

#Compile install
[[email protected] php-7.4.28]# make -j 8 && make install

# Many screen displays are deleted here. You need to see the following success information before proceeding to the next step
Build complete.
Don't forget to run 'make test'.

Installing shared extensions:     /apps/php74/lib/php/extensions/no-debug-zts-20190902/
Installing PHP CLI binary:        /apps/php74/bin/
Installing PHP CLI man page:      /apps/php74/php/man/man1/
Installing PHP FPM binary:        /apps/php74/sbin/
Installing PHP FPM defconfig:     /apps/php74/etc/
Installing PHP FPM man page:      /apps/php74/php/man/man8/
Installing PHP FPM status page:   /apps/php74/php/php/fpm/
Installing phpdbg binary:         /apps/php74/bin/
Installing phpdbg man page:       /apps/php74/php/man/man1/
Installing PHP CGI binary:        /apps/php74/bin/
Installing PHP CGI man page:      /apps/php74/php/man/man1/
Installing build environment:     /apps/php74/lib/php/build/
Installing header files:          /apps/php74/include/php/
Installing helper programs:       /apps/php74/bin/
  program: phpize
  program: php-config
Installing man pages:             /apps/php74/php/man/man1/
  page: phpize.1
  page: php-config.1
/usr/local/src/php-7.4.28/build/shtool install -c ext/phar/phar.phar /apps/php74/bin/phar.phar
ln -s -f phar.phar /apps/php74/bin/phar
Installing PDO headers:           /apps/php74/include/php/ext/pdo/

##############################################################################
##Prepare PHP configuration file
#Copy from profile template and modify
[[email protected] php-7.4.28]# cp /usr/local/src/php-7.4.28/php.ini-production /etc/php.ini

#Enter the directory defined in the compilation parameters at that time /apps/php74/ and copy from the template to create PHP fpm conf
[[email protected] php-7.4.28]# cd /apps/php74/etc
[[email protected] etc]# cp php-fpm.conf.default php-fpm.conf

#Enter the sub configuration file directory and create www.conf from the template file  
[[email protected] etc]# cd php-fpm.d/

[[email protected] php-fpm.d]# cp www.conf.default www.conf   
[[email protected] php-fpm.d]# 

#Modify www.conf according to the idea of this practice
[[email protected] php-fpm.d]# vim www.conf
;user = nobody
user = www

;group = nobody
group = www

;pm.status_path = /status
pm.status_path = /status

;ping.path = /ping
ping.path = /ping

;access.log = log/$pool.access.log
access.log = log/$pool.access.log 

;slowlog = log/$pool.log.slow
slowlog = log/$pool.log.slow 

#The modified www.conf file is removed; All file contents of the comment line are for comparison
[[email protected] php-fpm.d]# grep '^[^;]' www.conf
[www]
user = www
group = www
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.status_path = /status
ping.path = /ping
access.log = log/$pool.access.log
slowlog = log/$pool.log.slow  
[[email protected] php-fpm.d]# 

#Create a WWW user
[[email protected] php-fpm.d]# useradd -r -s /sbin/nologin www
#Create access log file path
[[email protected] php-fpm.d]# mkdir /apps/php74/log
[[email protected] php-fpm.d]# 

##############################################################################
##Start and validate PHP FPM service
#Check the configuration file syntax, etc
[[email protected] php-fpm.d]# /apps/php74/sbin/php-fpm -t
[28-Mar-2022 18:05:51] NOTICE: configuration file /apps/php74/etc/php-fpm.conf test is successful
#Prepare to start service file
[[email protected] php-fpm.d]# cp /usr/local/src/php-7.4.28/sapi/fpm/php-fpm.service /usr/lib/systemd/system/

#Start and boot self start PHP FPM
[[email protected] php-fpm.d]# systemctl daemon-reload
[[email protected] php-fpm.d]# systemctl enable --now php-fpm
Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.
#Verify listening port
[[email protected] php-fpm.d]# ss -ltn
State       Recv-Q Send-Q   Local Address:Port         Peer Address:Port   
LISTEN      0      511      127.0.0.1:9000             *:*                  
              
#View and track process information
[[email protected] php-fpm.d]# pstree -p |grep php
           |-php-fpm(20700)-+-php-fpm(20701)
           |                `-php-fpm(20702)
[[email protected] php-fpm.d]# ps -ef |grep php
root     20700     1  0 18:06 ?        00:00:00 php-fpm: master process (/apps/php74/etc/php-fpm.conf)
www      20701 20700  0 18:06 ?        00:00:00 php-fpm: pool www
www      20702 20700  0 18:06 ?        00:00:00 php-fpm: pool www
root     20707  5036  0 18:07 pts/0    00:00:00 grep --color=auto php
[[email protected] php-fpm.d]#

4.2 deploy nginx service

4.2.1 compiling and installing nginx

####Compile and install nginx
#Prepare dependent packages for nginx compilation and installation
[[email protected] ]# yum -y install gcc pcre-devel openssl-devel zlib-devel
#Download nginx 1.20.2 source package general /usr/local/src/ as the source file storage directory
[[email protected] ]# cd /usr/local/src/
[[email protected] src]# wget http://nginx.org/download/nginx-1.20.2.tar.gz
#Unzip the source package
[[email protected] src]# tar xf nginx-1.20.2.tar.gz
[[email protected] src]# ll
total 1040
drwxr-xr-x 8 1001 1001     158 Nov 16 22:44 nginx-1.20.2
-rw-r--r-- 1 root root 1062124 Nov 16 22:51 nginx-1.20.2.tar.gz
[[email protected] src]# 

#Enter nginx-1.20.2 directory to prepare compilation parameters
[[email protected] src]# cd nginx-1.20.2
[[email protected] nginx-1.20.2]# ./configure --prefix=/apps/nginx \
> --user=www \
> --group=www \
> --with-http_ssl_module \
> --with-http_v2_module \
> --with-http_realip_module \
> --with-http_stub_status_module \
> --with-http_gzip_static_module \
> --with-pcre \
> --with-stream \
> --with-stream_ssl_module \
> --with-stream_realip_module

[[email protected] nginx-1.20.2]# make -j 8 && make install

##############################################################################
#Prepare the service file and start nginx
[[email protected] nginx-1.20.2]# vim /usr/lib/systemd/system/nginx.service
[[email protected] nginx-1.20.2]# cat /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target

[Service]
Type=forking
PIDFile=/apps/nginx/run/nginx.pid
ExecStart=/apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID

[Install]
WantedBy=multi-user.target
[[email protected] nginx-1.20.2]#

#Create directory
[[email protected] nginx-1.20.2]# mkdir /apps/nginx/run/

#Modify profile
[[email protected] nginx-1.20.2]# vim /apps/nginx/conf/nginx.conf
#Modify only the following line
pid        /apps/nginx/run/nginx.pid; 

#Start and start the auto start service
[[email protected] wordpress]# systemctl daemon-reload
[[email protected] wordpress]# systemctl enable --now nginx
[[email protected] wordpress]# ss -tln
State       Recv-Q Send-Q    Local Address:Port         Peer Address:Port 
LISTEN      0      511       127.0.0.1:9000             *:*
LISTEN      0      511       *:80                       *:* 
             
[[email protected] wordpress]#

4.2.2 configure nginx to support fastcgi

##############################################################################
####Configure nginx to support fastcgi
[[email protected] nginx-1.20.2]# vim /apps/nginx/conf/nginx.conf
#Only modify the following contents, other urban default values
worker_processes  auto;
pid        /apps/nginx/run/nginx.pid;
    server {
        listen       80;
        server_name  blog.shone.cn;
        location / {
        root /data/nginx/wordpress;
        index index.php index.html index.htm; 
        }

        location  \.php$ {
            root /data/nginx/wordpress;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
        }

        location  ^/(ping|pm_status)$ {
        include fastcgi_params;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
        }

#Filter out valid configuration lines through the command
[[email protected] nginx-1.20.2]# grep -Ev '#|^$' /apps/nginx/conf/nginx.conf
worker_processes  auto;
pid        /apps/nginx/run/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
        listen       80;
        server_ name  blog. shone. cn;    # Specify domain name
        location / {
        root /data/nginx/wordpress;    # Specify data directory
        index index. php index. html index. htm;    #  Specify default home page file
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
        
        location  \. Php${\m implementation of PHP FPM
            root /data/nginx/wordpress;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
        }
        Location ^/ (ping|pm\u status) ${\php detection status page
        include fastcgi_params;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
        }
    }
}
[[email protected] nginx-1.20.2]#

#Restart nginx for the new configuration file to take effect
[[email protected] php-fpm.d]# systemctl reload nginx
[[email protected] php-fpm.d]# ss -ltn
State       Recv-Q Send-Q   Local Address:Port        Peer Address:Port 
LISTEN      0      511      127.0.0.1:9000             *:*  
LISTEN      0      511      *:80                       *:*  
    
[[email protected] php-fpm.d]#

4.2.3 test whether PHP works normally

Prepare test page

[[email protected] php-fpm.d]# mkdir -p /data/nginx/wordpress
[[email protected] php-fpm.d]# vim /data/nginx/wordpress/phpinfo.php
[[email protected] php-fpm.d]# cat /data/nginx/wordpress/phpinfo.php

Test the Ping of PHP

file

View status page

file

5. deploy WordPress

5.1 preparing WordPress files

#Download the source file, copy it to the web page directory defined above, and modify the ownership
[[email protected] ]# wget https://cn.wordpress.org/latest-zh_CN.tar.gz
[[email protected] ]# ll
total 19012
-rw-r--r--  1 root root 19462197 Mar 19 00:00 latest-zh_CN.tar.gz
[[email protected] ]# tar xf latest-zh_CN.tar.gz                       
[[email protected] ]# ll
total 19016
-rw-r--r--  1 root root 19462197 Mar 19 00:00 latest-zh_CN.tar.gz
drwxr-xr-x  5 1006 1006     4096 Mar 19 00:00 wordpress
[[email protected] ]# cp -r wordpress/* /data/nginx/wordpress
[[email protected] ]# chown -R www.www /data/nginx/wordpress/
[[email protected] ~]#

5.2 initialize WordPress

#Modify the local hosts file of win10. The path is c:\windows\system32\drivers\etc\hosts. Add a line at the end
192.168.250.47  blog.shone.cn

Enter blog in the browser shone. Cn the cloud initialization wizard appears. Follow the wizard to complete the initialization

Enter in browserhttp://blog.shone.cn

file

file

file

file

file

file

file

file

6. optimize WordPress

6.1 allow uploading large files

#Note: by default, only files less than 1m can be uploaded. To upload large files using the PHP program, you need to modify the following configuration. The maximum upload is determined by the minimum value of the following items. If you directly upload files greater than 1m, the following 413 error will occur

[[email protected] wordpress]# vim /apps/nginx/conf/nginx.conf
http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    client_ max_ body_ size 100m;       # The file size of nginx upload is modified to 100m, which is 1m by default 
    .........
        



[[email protected] wordpress]# vim /etc/php.ini
; http://php.net/post-max-size
; post_ max_ Size = 8m \m by default
post_max_size = 30M

; upload_ max_ Filesize = 2m \m by default
upload_max_filesize = 20M 



[[email protected] wordpress]# systemctl restart nginx php-fpm

6.2 safety reinforcement

#Turn off version display
[[email protected] wordpress]# grep -Ev '#|^$' /apps/nginx/conf/nginx.conf
worker_processes  auto;
pid        /apps/nginx/run/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    client_max_body_size 100m;
    sendfile        on;
    
    keepalive_timeout  65;
    server {
        listen       80;
        server_name  blog.shone.cn;
        server_ tokens off;                             #  Security hardening options
        location / {
        root /data/nginx/wordpress;
        index index.php index.html index.htm; 
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
        
        location  \.php$ {
            root /data/nginx/wordpress;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
            fastcgi_ hide_ header X-Powered-By;     #  Security hardening options
        }
        location  ^/(ping|pm_status)$ {
        include fastcgi_params;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
        }
    }
}
[[email protected] wordpress]# 


#Turn off PHP version exposure
[[email protected] wordpress]# vim /etc/php.ini
; http://php.net/expose-php
; expose_ PHP = on ; the default value is on. You can see the version information on the client
expose_php = Off

file

6.3 configure PHP to enable opcache acceleration

[[email protected] wordpress]# vim /etc/php.ini
.....................
[opcache]
; Determines if Zend OPCache is enabled
zend_extension=opcache.so 
opcache.enable=1
.......................

[[email protected] wordpress]#systemctl restart php-fpm

This article is transferred from:https://blog.51cto.com/shone/5165650

Recommended Today

Polygon conflict detection based on c\

Previously, I encountered a polygon conflict detection problem in the project. After Baidu, Bing and Google, they found that the existing schemes are either incomplete scene coverage or implemented through third-party class libraries (these third-party class libraries can hardly be decompiled). However, the use of third-party class libraries is prohibited in the project, so they […]