====== ubuntu+Nginx+php-fpm+Mysql+Redis+ssl ======

===== 安装LNMP环境 =====

首先，墙裂推荐一套工具：[[https://winscp.net/eng/docs/lang:chs|WinSCP]]+[[https://www.putty.org/|Putty]]，管理文件方便很多。Mac版用[[http://soft.macx.cn/2647.htm|Coda]]。

==== 基础环境 ====
<code>

apt-get update
apt-get install nginx mysql-server php     * 注意 期间会要求输入MySQL的root密码

</code>

==== 配置Nginx支持PHP ====

<code>
vi /etc/nginx/sites-available/default
......
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
    incloude snippets/fastcgi-php.conf;
#
#    # With php7.0-cgi alone;
#    fastcgi_pass 127.0.0.1:9000;
#    # With php7.2-fpm;
    fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
......

vi /etc/php/7.2/fpm/php-fpm.conf
...........
listen = /run/php/php7.2-fpm.sock

</code>

==== 重启Nginx ====

<code>
nginx -s stop
nginx

</code>

这里有可能出现找不到pid的情况，可能是因为阿里云服务器自动启动了apache，只要把它关掉就行

<code>
netstat -ap | grep http
kill xxxxx(apache的pid)

</code>

关闭Apache2自启动，需要找到etc/rc0.d ~ rcx.d/目录下所有 S01apache2文件

或直接卸载Apache2
<code>

update-rc.d apache2 stop 80 0 1 2 3 4 5 6
或一个个删除
sudo mv S01apache2  K01apache2

sudo apt-get remove apache2

</code>

==== 测试PHP ====

<code>
vi /var/www/html/info.php
<?php phpinfo();?>

</code>

修改 short_open_tag

<code>
vi /etc/php/7.2/fpm/php.ini
找到 short_open_tag = Off
改为 short_open_tag = On

</code>

修改上传文件设置

<code>
php.ini
upload_max_filesize = 128M
post_max_size = 128M
memory_limit = 256M

nginx.conf
client_max_body_size 100M;

</code>
需重启php和nginx

安装curl扩展

<code>
apt-get install php7.2-curl libcurl4 libcurl4-dev php-curl
apt-get install php-mbstring

</code>

===== 安装redis =====

==== 安装和配置redis ====

<code>
apt-get install redis-server
apt-get install git php-dev
git clone -b php7-ipv6 https://github.com/phpredis/phpredis.git   * 注意 -b php7-ipv6为可选参数
cd phpredis/
phpize
./configure
make
make install

</code>

==== 启动和测试Redis ====

<code>
redis-server /etc/redis/redis.conf
redis-cli>Ping

Pong

</code>

配置权限

<code>>config set masterauth   123456
>config set requirepass   123456
>config rewrite

(error) NOAUTH Authentication required.
>auth 123456
>config rewrite

ok

</code>

==== 配置php-redis ====

<code>
vi /etc/php/7.2/fpm/conf.d/redis.ini   * 注意 并无此文件 直接创建
extension=redis.so

</code>

==== 配置mysqli ====

<code>
apt-get install php-mysqli
vi /etc/php/7.0/fpm/php.ini  * 在文件最后添加
extension="mysqli.so"

</code>

==== 重启fpm ====

<code>
/etc/init.d/php7.0-fpm restart

</code>

===== 启动MySQL =====

<code>
service mysql start
mysql -u root -p    * 注意 期间会要求验证之前输入的MySQL root密码>SET NAMES utf8;

Query OK, 0 rows affected (0.00 sec)

</code>

如果此时发现Mysql密码并未设置（按回车直接可进）则可以执行以下动作

<code>>use mysql;>update user set authentication_string=password('新密码') where user='root';

</code>

==== 修改mysql配置文件允许远程登陆 ====

<code>
/etc/mysql/mysql.conf.d/mysqld.cnf

# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address        = 127.0.0.1        #注释掉这一行就可以远程登录了

</code>

===== HTTPS支持 =====

把证书保存到 /etc/nginx/cert/

<code>
vi /etc/nginx/sites-available/default

在最后添加配置

server {
    # SSL configuration

    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;

    #ssl on;
    ssl_certificate   cert/你的pem文件名.pem;
    ssl_certificate_key  cert/你的key文件名.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.html index.htm index.php;

    server_name 你的域名;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

}

</code>

===== HTTPS支持 =====
=== 简单方案 ===
[[给nginx挂上免费的ssl|Ubuntu+Nginx+免费SSL]]

=== 自定义方案 ===
把证书保存到 /etc/nginx/cert/

<code>
vi /etc/nginx/sites-available/default

在最后添加配置

server {
    # SSL configuration

    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;

    #ssl on;
    ssl_certificate   cert/你的pem文件名.pem;
    ssl_certificate_key  cert/你的key文件名.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.html index.htm index.php;

    server_name 你的域名;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

}

</code>