httpd主机:192.168.152.140
php-fpm主机:192.168.152.141
mariadb主机:192.168.152.142
yum -y install httpd
vim /etc/httpd/conf.d/vhosts.conf
AddType application/x-httpd-php .php DirectoryIndex index.php index.html <VirtualHost *:80> ServerName www.test.com. DocumentRoot /http/vhosts/test.com ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.152.141:9000/var/www/test.com/$1 #192.168.152.141为php-fpm主机地址 <Directory "/http/vhosts/test.com"> Options none AllowOverride none Require all granted </Directory> </Virtualhost> <VirtualHost *:80> ServerName www.test1.com DocumentRoot /http/vhosts/test1.com ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.152.141:9000/var/www/test1.com/$1 <Directory "/http/vhosts/test1.com"> Options FollowSymLinks AllowOverride none Require all granted </Directory> </Virtualhost>
注释掉/etc/httpd/conf/httpd.conf中的DocumentRoot
mkdir -pv /http/vhosts/test.com
yum -y install php php-fpm php-mysql
vim /etc/php-fpm.d/www.conf
listen = 192.168.152.141:9000 #此ip为监听php-fpm本机的9000端口,如只保留端口号即为监听任意ip的9000端口 listen.allowed_clients = 192.168.152.140 #此ip为允许访问php-fpm的主机,即httpd主机,注释掉表示允许任意主机访问
mkdir -pv /var/www/test.com
vim /var/www/test.com/index.php
<?php phpinfo(); ?>
访问140主机出现php信息页说明httpd和php部署成功
yum -y install mariadb-server
vim /etc/my.cnf
[mysqld] innodb_file_per_table = ON skip_name_resolve = ON
mysql
GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.152.141' IDENTIFIED BY PASSWORD 'passwd' #ip为需要访问mysql的php-fpm的主机地址,即授权php-fpm主机可以访问mariadb
编辑141主机,测试php-mysql连通性
vim /var/www/test.com/index.php
<?php $link = mysql_connect('192.168.152.142','root','12345678'); if($link) echo "Success..."; else echo "Failed...."; mysql_close; ?>
页面出现Success即为成功
yum -y groupinstall "Development Tools" "Server Platform Development"
yum install php-devel
wget xcache-3.2
tar xf xcache-3.2.tar.bz2
cd xcache-3.2.0
phpize #generate configure script to php environment
./configure --enable-xcache --with-php-config=/usr/bin/php-config
make && make install
cp xcache.ini /etc/php.d/
vim /etc/php.d/xcache.ini #makesure xcache.admin.enable_auth = ON;xcache.size = 60M
systemctl restart httpd.service
192.168.152.140
cd /http/vhosts/test.com
wget https://cn.wordpress.org/wordpress-4.5-zh_CN.tar.gz
tar xf wordpress-4.5-zh_CN.tar.gz
cd wordpress/
cp wp-config-sample.php wp-config.php
vim wp-config.php
/** WordPress数据库的名称 */ define('DB_NAME', 'wordpressdb'); /** MySQL数据库用户名 */ define('DB_USER', 'wpuser'); /** MySQL数据库密码 */ define('DB_PASSWORD', '12345678'); /** MySQL主机 */ define('DB_HOST', '127.0.0.1');
192.168.152.141
cd /var/www/test.com
wget https://cn.wordpress.org/wordpress-4.5-zh_CN.tar.gz
tar xf wordpress-4.5-zh_CN.tar.gz
cd wordpress/
cp wp-config-sample.php wp-config.php
vim wp-config.php
/** WordPress数据库的名称 */ define('DB_NAME', 'wordpressdb'); /** MySQL数据库用户名 */ define('DB_USER', 'wpuser'); /** MySQL数据库密码 */ define('DB_PASSWORD', '12345678'); /** MySQL主机 */ define('DB_HOST', '127.0.0.1');
192.168.152.141
yum -y install php-mbstring
cd /var/www/test1.com
wget https://files.phpmyadmin.net/phpMyAdmin/4.4.15.5/phpMyAdmin-4.4.15.5-all-languages.tar.bz2
tar xf phpMyAdmin-4.4.15.5-all-languages.tar.bz2
ln -sv phpMyAdmin-4.4.15.5-all-languages pma
cd phpMyAdmin-4.4.15.5-all-languages/
cp config.sample.inc.php config.inc.php
yum -y install php-mbstring
openssl rand -base64 20
vim config.inc.php
$cfg['blowfish_secret'] = '4Nf696qH4QG/rZM5EOkkSJyXFBs'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
192.168.152.140
cd /http/vhosts/test.com
wget https://files.phpmyadmin.net/phpMyAdmin/4.4.15.5/phpMyAdmin-4.4.15.5-all-languages.tar.bz2
tar xf phpMyAdmin-4.4.15.5-all-languages.tar.bz2
ln -sv phpMyAdmin-4.4.15.5-all-languages pma
cd phpMyAdmin-4.4.15.5-all-languages/
cp config.sample.inc.php config.inc.php
yum -y install php-mbstring
openssl rand -base64 20
vim config.inc.php
$cfg['blowfish_secret'] = '4Nf696qH4QG/rZM5EOkkSJyXFBs'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
为phpmyadmin添加https访问
192.168.152.141作CA
192.168.152.140作SERVER
CA
cd /etc/pki/CA
(umask 077;openssl genrsa -out private/cakey.pem 2048)
openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3655
country name state or province name locality name organization name organization unit name common name email address
touch serial index.txt
echo 01 > serial
SERVER
cd /etc/httpd/
mkdir ssl
(umask 077;openssl genrsa -out httpd.key 1024)
openssl req -new -key httpd.key -out httpd.csr
country name state or province name locality name organization name organization unit name common name email address
把生成的证书签署请求httpd.csr发送到CA端作签署
CA端签署证书
openssl ca -in /任意目录/httpd.csr -out /etc/pki/CA/certs/httpd.crt
把签署完的证书发还到SERVER
在SERVER端
yum -y install mod_ssl #安装支持ssl的模块
vim /etc/httpd/conf.d/ssl.conf #编辑ssl配置文件 编辑前做好备份
<VirtualHost _default_:443> ServerName www.test1.com DocumentRoot /http/vhosts/test1.com ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.152.141:9000/var/www/test1.com/$1 <Directory "/http/vhosts/test1.com"> Options FollowSymLinks AllowOverride none Require all granted </Directory> SSLEngine on SSLCertificateFile /etc/httpd/ssl/httpd.crt SSLCertificateKeyFile /etc/httpd/ssl/httpd.key </VirtualHost>
把/etc/httpd/conf.d/vhosts.conf配置文件中第二个VirtualHost注释掉避免冲突
httpd -t #检查语法错误
systemctl restart httpd.service #重启httpd服务使配置生效
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。