在安裝服務器時做了相應的筆記,這個方法是親身經驗成功的,隨著版本的不斷更新,也許會有一些地方不同,但是基本原理都是一樣的。
1.安裝CentOS 6 ,可以選擇最小安裝,也可以安裝桌面
2.升級系統
yum update
3.安裝mysql,並設置mysql開機自啟動,同時啟動mysql
yum install mysql
yum install mysql-server
chkconfig --levels 35 mysqld on
service mysqld start
4.配置mysql的root密碼
mysql>; USE mysql;
mysql>; UPDATE user SET Password=PASSWORD('newpassword') WHERE user='root';
mysql>; FLUSH PRIVILEGES;
設置mysql密碼還可以用:mysql_secure_installation 命令
mysql_secure_installation
Enter current password for root (enter for none): ( 回車)
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] (Y)
New password: (123456)
Re-enter new password: (123456)
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
(是否移出數據庫的默認帳戶,如果移出,那麼在終端中直接輸入mysql是會提示連接錯誤的)Y
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
(是否禁止root的遠程登錄)Y
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y
**後來設置是否允許遠程登錄
mysql -u root -p
Enter Password: <your new password>
mysql>GRANT ALL PRIVILEGES ON *.* TO '用戶名'@'%' IDENTIFIED BY '密碼' WITH GRANT OPTION;
完成後就能用mysql-front遠程管理mysql了。
設為開機啟動
chkconfig mysqld on
5.安裝apache,並設置開機啟動
yum install httpd
chkconfig --levels 35 httpd on
service httpd start
這時候可以測試apache是否正常工作
直接浏覽器訪問localhost應該沒問題,但是如果別的機子訪問不了的話,是因為防火牆的關系,配置防火牆
(後面的ssl還會有這個問題的)
6.安裝php
如果安裝php53以下的版本的話,可能會導致項目放在這個環境中不能運行的情況,當時裝的是php5.2結果發
現項目根本運行不起來,找了好久的原因才發現是php版本太低了(在這之前一直是以為json的原因,因為
php5.2沒有json擴展),所以在安裝前一定要看好版本在安裝,否則以後項目出現問題不好找出原因。
yum install php53
yum install php53-mysql php53-gd php53-imap php53-ldap php53-odbc php53-pear php53-xml php53-
xmlrpc
這個時候php就安裝完成拉,寫個腳本測試一下
vi /var/www/html/info.php
輸入
<?php
phpinfo();?>
訪問localhost/info.php即可~
7.安裝phpMyAdmin
首先先給系統安裝epel 和rpmfushion兩個軟件大倉庫
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/6/i386/rpmfusion-free-release-
6-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/6/i386/rpmfusion-
nonfree-release-6-0.1.noarch.rpm
如果是centos 5 的話執行下面
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/5/i386/rpmfusion-free-release-
5-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/5/i386/rpmfusion-
nonfree-release-5-0.1.noarch.rpm
接著安裝起來就很方便拉,~根本不需要去下載就可以獲得最新的版本
yum install phpmyadmin
安裝完成後還需要配置一下訪問權限,使得出了本機外,其他機子也能訪問phpMyAdmin
vi /etc/httpd/conf.d/phpMyAdmin.conf
找到兩個directory的權限設置,Allow from 改成All
<Directory /usr/share/phpMyAdmin/>
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from All
</Directory>
<Directory /usr/share/phpMyAdmin/setup/>
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from All
</Directory>
重啟服務器
service httpd restart
測試localhost/phpMyAdmin
用戶名密碼:root 123456
OK~ LAMP搭建完畢,
8.搭建SSL,讓apache支持https
yum install mod_ssl
其實安裝完這個模塊後,重啟完apache 就可以用https://localhost測試了,因為他創建了默認的證書
在/etc/pki/tls下
當然我們也可以用openssl創建自己的證書
yum install openssl
生成證書文件
創建一個rsa私鑰,文件名為server.key
openssl genrsa -out server.key 1024
Generating RSA private key, 1024 bit long modulus
............++++++
............++++++
e is 65537 (0x10001)
用 server.key 生成證書簽署請求 CSR
openssl req -new -key server.key -out server.csr
Country Name:兩個字母的國家代號
State or Province Name:省份名稱
Locality Name:城市名稱
Organization Name:公司名稱
Organizational Unit Name:部門名稱
Common Name:你的姓名
Email Address:地址
至於 'extra' attributes 不用輸入.直接回車
生成證書CRT文件server.crt。
openssl x509 -days 365 -req -in server.csr -signkey server.key -out server.crt
修改ssl.conf指定我們自己生成的證書
vi /etc/httpd/conf.d/ssl.conf
找到如下位置,修改路徑
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
OK
service httpd restart
yum install vsftpd
2.啟動/重啟/關閉vsftpd服務器
/sbin/service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
OK表示重啟成功了.
啟動和關閉分別把restart改為start/stop即可.
如果是源碼安裝的,到安裝文件夾下找到start.sh和shutdown.sh文件,執行它們就可以了.
根據下面修改
vi /etc/vsftpd/vsftpd.conf
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
local_root=/
vi /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp
#root
vi /etc/vsftpd/user_list
# for users that are denied.
#root
防火牆配置
a.添加.允許訪問端口{80: http}.
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
b.關閉防火牆{不推薦}.
service iptables stop
c.重置加載防火牆
service iptables restart
