昨天安装好了php、nginx和squid,今天配置mysql和nginx,使nginx兼容Yii框架,并上传网站,将网站调试和配置好。
查询账号信息:添加可远程登录的新管理员账号:删除匿名账户:
1, 首先配置下php的时区
# vi /etc/php.ini
date.timezone = "Asia/Chongqing"
# service php-fpm restart
若没有配置时区,php页面可能会出现如下错误:
date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Asia/Chongqing' for 'CST/8.0/no DST' instead
2,配置mysql数据库
默认情况下mysql只有root用户,并只可以本地登录,昨天已经修改了root的密码。
我们将创建一个新用户,并且为管理员级别,且可以远程登录,这样我们就可以使用mysql administrator tool进行远程管理,mysql远程管理端口是3306,在下一步将配置防火墙允许3306端口。
先用root登录mysql,查询账号信息:
# mysql -uroot -p
Enter password: ******
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.1.67 Source distribution
Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
Your MySQL connection id is 5
Server version: 5.1.67 Source distribution
Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> select host, user,password from user;
+--------------+------+-------------------------------------------+
| host | user | password |
+--------------+------+-------------------------------------------+
| localhost | root | *3DC3333qE11EEF04038E306BC8779D651 |
| 127.0.0.1 | root | |
| localhost | | |
+--------------+------+-------------------------------------------+
3 rows in set (0.00 sec)
| host | user | password |
+--------------+------+-------------------------------------------+
| localhost | root | *3DC3333qE11EEF04038E306BC8779D651 |
| 127.0.0.1 | root | |
| localhost | | |
+--------------+------+-------------------------------------------+
3 rows in set (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON *.* TO testroot@"%" IDENTIFIED BY 'password' WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)
查询当前账号信息:
mysql> select host, user,password from user;
+--------------+-------+-------------------------------------------+
| host | user | password |
+--------------+-------+-------------------------------------------+
| localhost | root | *3DC8AE44442111DE11EEF04038E306BC8779D651 |
| 127.0.0.1 | root | |
| localhost | | |
| % | testroot | *3DC8AE08411DE11EEF04038E306BC8779D651 |
+--------------+-------+-------------------------------------------+
4 rows in set (0.00 sec)
| host | user | password |
+--------------+-------+-------------------------------------------+
| localhost | root | *3DC8AE44442111DE11EEF04038E306BC8779D651 |
| 127.0.0.1 | root | |
| localhost | | |
| % | testroot | *3DC8AE08411DE11EEF04038E306BC8779D651 |
+--------------+-------+-------------------------------------------+
4 rows in set (0.00 sec)
mysql> delete from user where user='';
3, 配置防火墙,允许远程登录mysql管理
# iptables -I INPUT -p tcp --dport 3306 -j ACCEPT
或者
# vim /etc/sysconfig/iptables
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
这样,就可以使用mysql管理工具使用testroot账号远程登录进行管理了。
4,导入网站数据库,创建网站数据库用户
使用mysql管理工具将数据库备份还原到该服务器数据库中;
为网站创建普通账号testweb,只允许本地登录,赋予该账号对网站数据库的读写更新等权限。
这样网站就可以使用该账号连接数据库了。
5,上传网站源代码和Yii框架
Yii框架位于网站根目录下yii目录:
/var/www/html/yii
网站目录位于根目录下的testweb目录下:
/var/www/html/testweb
配置网站数据库信息。
5,配置nginx支持Yii框架
由于网站使用了Yii框架,需要nginx实现rewrite的功能。
nginx配置如下:
/etc/nginx/nginx.conf
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 50000;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
gzip on;
include /etc/nginx/conf.d/*.conf;
}
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 50000;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
gzip on;
include /etc/nginx/conf.d/*.conf;
}
/etc/nginx/conf.d/default.conf
server {
listen 8080;
server_name localhost;
charset utf-8;
access_log /var/log/nginx/log/host.access.log main;
location / {
root /var/www/html;
index index.html index.htm default.htm default.html index.php default.php;
add_header Content-Type "text/html; charset=UTF-8";
add_header Content-Encoding "gzip";
}
# Disable logging for favicon
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location ~* \.(jpg|jpeg|png|gif|css|js|swf|mp3|avi|flv|xml|zip|rar)$ {
expires 7d;
gzip on;
gzip_types text/plain application/x-javascript text/css application/xml;
root /var/www/html;
}
location ~ /.svn/* {
deny all;
access_log off;
log_not_found off;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /var/www/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include fastcgi_params;
}
# yii configuration
include conf.d/yii.common.conf.internal;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
listen 8080;
server_name localhost;
charset utf-8;
access_log /var/log/nginx/log/host.access.log main;
location / {
root /var/www/html;
index index.html index.htm default.htm default.html index.php default.php;
add_header Content-Type "text/html; charset=UTF-8";
add_header Content-Encoding "gzip";
}
# Disable logging for favicon
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location ~* \.(jpg|jpeg|png|gif|css|js|swf|mp3|avi|flv|xml|zip|rar)$ {
expires 7d;
gzip on;
gzip_types text/plain application/x-javascript text/css application/xml;
root /var/www/html;
}
location ~ /.svn/* {
deny all;
access_log off;
log_not_found off;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /var/www/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include fastcgi_params;
}
# yii configuration
include conf.d/yii.common.conf.internal;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
/etc/nginx/conf.d/yii.common.conf.internal
# BEGIN yiiframework.conf
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(yii|protected|framework|nbproject) {
deny all;
access_log off;
log_not_found off;
}
# Block access to theme-folder views directories
location ~ /themes/\w+/views {
deny all;
access_log off;
log_not_found off;
}
# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location /testweb {
index index.php;
try_files $uri $uri/ /testweb/index.php?$args;
}
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(yii|protected|framework|nbproject) {
deny all;
access_log off;
log_not_found off;
}
# Block access to theme-folder views directories
location ~ /themes/\w+/views {
deny all;
access_log off;
log_not_found off;
}
# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location /testweb {
index index.php;
try_files $uri $uri/ /testweb/index.php?$args;
}
重启nginx:
# service nginx restart
Stopping nginx: [ OK ]
Starting nginx: [ OK ]
浏览器中输入网址:http://192.168.1.18/testweb/ 即可访问到网站内容,请求首先经过squid,再转发到nginx,然后经过php解析器。
至此,网站初步配置基本完成,剩下调优和细化的工作了。
