###初始化系统###

#修改hosts文件

echo "172.16.8.32 web32.blufly.com" >> /etc/hosts

#更新yum源(aliyun)

yum -y install wget
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all
yum makecache
/root/init_system_centos7.sh   #init_system_centos7.sh详细见

###更新组件###

yum -y groupinstall 'Development Tools'
yum -y install bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg \
libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 \
glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel \
expat-devel libtool libtool-ltdl-devel openssl openssl-devel openldap openldap-devel \
cmake gmp-devel libicu-devel libxslt-devel

###下载安装包###

cd /opt
wget http://mirrors.sohu.com/nginx/nginx-1.14.0.tar.gz
wget http://mirrors.sohu.com/php/php-7.2.6.tar.bz2
#jemalloc 优化nginx,内存管理
wget https://github.com/jemalloc/jemalloc/releases/download/5.1.0/jemalloc-5.1.0.tar.bz2
#字符转换库libiconv
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.15.tar.gz
#ImageMagick 是一个图象处理软件。它可以编辑、显示包括JPEG、TIFF、PNM、PNG、GIF和Photo CD在内的绝大多数当今最流行的图象格式
wget http://www.imagemagick.org/download/ImageMagick-7.0.7-35.tar.bz2
#PHP的imagick扩展,用Imagick替代php的GD库
wget http://pecl.php.net/get/imagick-3.4.3.tgz
#Suhosin是一个PHP程序的保护系统
wget https://download.suhosin.org/suhosin-0.9.38.tar.gz
#ionCube - PHP的加密/解密工具
wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
#pcre支持nginx伪静态
wget https://ftp.pcre.org/pub/pcre/pcre-8.42.tar.gz

###安装nginx###

/usr/sbin/groupadd www  
/usr/sbin/useradd -g www www -s /sbin/nologin  
mkdir -p /data/www/{blufly,blog}
mkdir -p /data/logs/{blufly,blog}
chown -R www:www /data/www
chown -R www:www /data/logs

#安装jemalloc内存优化工具

tar -jxvf jemalloc-5.1.0.tar.bz2
cd jemalloc-5.1.0
./configure --prefix=/usr/local/jemalloc --libdir=/usr/local/lib
make;make install
echo "/usr/local/lib" > /etc/ld.so.conf.d/local.conf
ldconfig
cd ../
tar -zxvf pcre-8.42.tar.gz
tar -zxvf nginx-1.14.0.tar.gz
cd nginx-1.14.0
./configure --prefix=/usr/local/nginx \
--with-pcre=/opt/pcre-8.42 \
--user=www \
--group=www \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_gzip_static_module \
--with-ld-opt="-ljemalloc" \
--with-http_realip_module
make;make install
cd ../

#添加nginx启动脚本

cat >> /etc/init.d/nginx <<EOF
#! /bin/sh
ulimit -n 65535
# Description: Startup script for nginx
# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/$NAME.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
 
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
 $DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
 kill -INT `cat $PIDFILE` || echo -n "nginx not running"
}
do_reload() {
 kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
} 
case "$1" in
 start)
 echo -n "Starting $DESC: $NAME"
 do_start
 echo "."
 ;;
 stop)
 echo -n "Stopping $DESC: $NAME"
 do_stop
 echo "."
 ;;
 reload|graceful)
 echo -n "Reloading $DESC configuration..."
 do_reload
 echo "."
 ;;
 restart)
 echo -n "Restarting $DESC: $NAME"
 do_stop
 do_start
 echo "."
 ;;
 *)
 echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
 exit 3
 ;;
esac
exit 0
EOF

#添加nginx配置文件

mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
cat >> /usr/local/nginx/conf/nginx.conf <<EOF
user  www www;
worker_processes  8;
error_log  /usr/local/nginx/logs/nginx_error.log  crit; 
pid        /usr/local/nginx/logs/nginx.pid; 
worker_rlimit_nofile 65535; 
events {
    worker_connections  65535;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        off;
    tcp_nopush     on;
    keepalive_timeout  300;
    #nginx跟后端服务器连接超时时间(代理连接超时)
    proxy_connect_timeout 300s; 
    #连接成功后,后端服务器响应时间(代理接收超时)
    proxy_read_timeout 300s; 
    proxy_send_timeout 300s; 
    #设置代理服务器(nginx)保存用户头信息的缓冲区大小
    proxy_buffer_size 64k;
    #proxy_buffers缓冲区,网页平均在32k以下的话,这样设置
    proxy_buffers 4 32k;
    #高负荷下缓冲大小(proxy_buffers*2)
    proxy_busy_buffers_size 64k; 
    #设定缓存文件夹大小,大于这个值,将从upstream服务器传递请求,而不缓冲到磁盘
    proxy_temp_file_write_size 64k; 
    #不允许代理端主动关闭连接
    proxy_ignore_client_abort on;
    proxy_cache_path /data/cache1 levels=1:2 keys_zone=cache_blufly:20m inactive=1d max_size=1g;
    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;
    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_types       text/plain application/x-javascript text/css application/xml;
    gzip_vary on;
    #定义访问日志的写入格式
    log_format  bloglog  '$remote_addr - $remote_user [$time_local] "$request" '              
'$status $body_bytes_sent "$http_referer" '             
'"$http_user_agent" $http_x_forwarded_for';
    #禁止非指定域名访问
    server {
listen 80 default;
server_name  _;
return 500;
    }
    server
    {
listen       80;
server_name  blog.blufly.com;
index index.html index.htm index.php;
root  /data/www/blog;
location ~ .*\.(php|php7)?$
{      
fastcgi_pass  127.0.0.1:9000;
fastcgi_index index.php;
includefastcgi.conf;
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$   
{       
expires      30d;     
}      
location ~ .*\.(js|css)?$     
{       
expires      1h;     
}  
access_log  /data/logs/blog/blog_nginx.log bloglog;
    }
}
EOF

#将nginx添加到启动服务中

chmod 700 /etc/init.d/nginx
/sbin/chkconfig --add nginx
/sbin/chkconfig --level 2345 nginx on

###安装php###

#安装Atomic仓库

wget http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-21.el7.art.noarch.rpm
rpm -ivh atomic-release-1.0-21.el7.art.noarch.rpm
yum -y install php-mcrypt libmcrypt libmcrypt-devel mhash mhash-devel libevent libevent-devel libxml2 \
libxml2-devel bzip2-devel libcurl-devel libjpeg-devel libpng-devel freetype-devel

#安装字符转换库libiconv

cd /opt
tar -zxvf libiconv-1.15.tar.gz
cd libiconv-1.15/
./configure --prefix=/usr/local/libiconv
make;make install
cd ../

#编译安装php

tar -jxvf php-7.2.6.tar.bz2
cd php-7.2.6

#configure会报错:configure: error: Cannot find ldap libraries in /usr/lib.

cp -frp /usr/lib64/libldap* /usr/lib/
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--with-iconv-dir=/usr/local/libiconv \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-libxml-dir \
--with-openssl \
--with-mhash \
--with-pcre-regex \
--with-zlib \
--with-bz2 \
--with-curl \
--with-cdb \
--with-pcre-dir \
--with-gd \
--with-openssl-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir \
--with-freetype-dir \
--with-gettext \
--with-gmp \
--with-mhash \
--with-libmbfl \
--with-onig \
--with-zlib-dir \
--with-readline \
--with-libxml-dir \
--with-xsl \
--with-pear \
--enable-soap \
--enable-bcmath \
--enable-calendar \
--enable-dom \
--enable-exif \
--enable-fileinfo \
--enable-filter \
--enable-ftp \
--enable-json \
--enable-mbstring \
--enable-mbregex \
--enable-mbregex-backtrack \
--enable-pdo \
--enable-session \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx \
--enable-zip \
--enable-mysqlnd-compression-support \
--enable-intl \
--enable-fpm \
--enable-maintainer-zts \
--disable-rpath \
--disable-debug \
--disable-ipv6

#make报错:error while loading shared libraries: libiconv.so.2: cannot open shared object file: No such file or directory

echo "/usr/local/lib" >> /etc/ld.so.conf
/sbin/ldconfig
make 
make install
cd ../
cp php.ini-production /usr/local/php/etc/php.ini
cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf

#设置php-fpm运行用户、组、pid

sed -i 's#user = nobody#user = www#' /usr/local/php/etc/php-fpm.d/www.conf
sed -i 's#group = nobody#group = www#' /usr/local/php/etc/php-fpm.d/www.conf
sed -i 's#;pid = run/php-fpm.pid#pid = run/php-fpm.pid#' /usr/local/php/etc/php-fpm.conf

#设置php-fpm开机启动

cp /opt/php-7.2.6/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm
chkconfig --add php-fpm
chkconfig php-fpm on
cd ../

#使用pthreads PHP扩展,可以使PHP真正地支持多线程

#要安装pthreads PHP扩展,在编辑php时要加参数 --enable-maintainer-zts 

cd /opt
git clone https://github.com/krakjoe/pthreads.git
cd pthreads
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install

#安装mysql扩展

cd /opt/php-7.2.6/ext
git clone https://github.com/php/pecl-database-mysql mysql --recursive
cd mysql
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install

#修改php.ini配置文件

#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20170718" 
#extension = "mysql.so"


#安装memcached扩展

yum -y install libmemcached libmemcached-devel
cd /opt/php-7.2.6/ext
git clone https://github.com/php-memcached-dev/php-memcached memcached
cd memcached/
git checkout php7
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install

#安装memcache扩展

cd /opt/php-7.2.6/ext
git clone https://github.com/websupport-sk/pecl-memcache memcache
cd memcache
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install

#修改php.ini配置文件

#extension = "memcached.so"
#extension = "memcache.so"
cd /opt
tar -jxvf ImageMagick-7.0.7-35.tar.bz2 
cd ImageMagick-7.0.7-35
./configure --prefix=/usr/local/imagemagick
make;make install
cd ../
tar -zxvf imagick-3.4.3.tgz
cd imagick-3.4.3/
export  PKG_CONFIG_PATH=/usr/local/imagemagick/lib/pkgconfig
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-imagick=/usr/local/imagemagick
make;make install
cd ../
tar -zxvf ioncube_loaders_lin_x86-64.tar.gz
cd ioncube
mkdir /usr/local/ioncube
mv ioncube_loader_lin_7.2.so /usr/local/ioncube/
cd ../

#修改php.ini添加php扩展

sed -i 's#; extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20170718/"\nextension = "memcache.so"\nextension = "memcached.so"\nextension = "mysql.so"\nextension = "pthreads.so"\nextension = "imagick.so"\n#' /usr/local/php/etc/php.ini

#要先添加ionCube扩展

cat >> /usr/local/php/etc/php.ini <<EOF
[ionCube Loader]
zend_extension=/usr/local/ioncube/ioncube_loader_lin_7.2.so
EOF

#再添加opcache扩展

cat >> /usr/local/php/etc/php.ini <<EOF
[opcache]
zend_extension=/usr/local/php/lib/php/extensions/no-debug-non-zts-20170718/opcache.so
opcache.enable=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.enable_cli=1
EOF


#查看php已安装扩展

/usr/local/php/bin/php -m

#启动php-fpm、nginx

/etc/init.d/php-fpm start
/etc/init.d/nginx start

#验证jemalloc是否生效,如下 

yum -y install lsof
lsof -n | grep jemalloc

001.PNG

#phpinfo连接数据库测试,如果出现乱码,在用editplus编辑文件的时候另存为utf-8格式

#如果访问php页面出现404,就要查看php-fpm的用户、组是不是www,这个用户主要是网站目录的宿主用户