LNMP deployment instance and HTTPS service implementation
What is LNMP: Linux + nginx + MySQL + (PHP FPM, PHP MySQL)
The web service architecture of Nginx+Mysql+Php on the Linux operating system.
MySQL in CentOS 6, Mariadb in CentOS 7
What's the function: it provides web services and can parse applications of PHP classes;
Next, I will deploy phpMyAdmin with LNMP architecture:
Premise: this operation is conducted on the 172.16.75.1 host;
1. Configure a domain name for the web server: www.james.com
Add a record to the windows/System32/drivers/etc/etc/hosts file under the C disk of the physical machine:
172.16.75.1 www.james.com
2. Deploy LNMP architecture on 172.16.75.1 host:
[root@master ~]# yum install nginx mariadb php-fpm php-mysql
In this case, you may ask questions: what is the function of PHP FPM and PHP MySQL?
Because Nginx only provides web services and cannot parse PHP applications, PHP FPM can
PHP MySQL is used to connect PHP applications and Mariadb;
3. Configuration:
[root@master ~]# vim /etc/nginx/nginx.conf
[root@master ]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successfu
Test the Nginx configuration and start the service:
[root@master ~]# systemctl start nginx
Enable PHP FPM service:
[root@master ~]# systemctl start php-fpm
Create a directory for storing resources, which has been defined in nginx.conf:
[root@master ~]# mkdir -pv /myweb/nginx/
I have put the packages of wordpress and phpMyAdmin in this directory in advance:
First deploy phpMyAdmin (used to manage database) application
Decompression:
[root@master ~]# cd /myweb/nginx/ [root@master nginx]# tar -xf phpMyAdmin-3.5.4-all-languages.tar.gz [root@master nginx]# mv phpMyAdmin-3.5.4-all-languages pma
Create the directory session in / var/lib/php:
The owner is root, the group is apache, and the permission is 770;
[root@master ~]# cd /var/lib/php [root@master php]# mkdir session [root@master php]# chown root:apache session/ [root@master php]# chmod 770 session/
To configure a database management password for the administrator:
[root@master ~]# mysqladmin -p'' password '111111' Enter password:
After completion, the access test is performed on the web side:
phpMyAdmin deployment is complete.
Next, provide the https service for phpMyAdmin:
[root@master ~]# cd /etc/pki/CA/ [root@master CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048) [root@master CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3653 [root@master CA]# touch index.txt [root@master CA]# echo 01 > serial
[root@master ssl]# (umask 077;openssl genrsa -out nginx.key 2048) [root@master ssl]# openssl req -new -key nginx.key -out nginx.csr -days 3653 [root@master ssl]# openssl ca -in nginx.csr -out /etc/pki/CA/certs/nginx.crt -days 3653 Using configuration from /etc/pki/tls/openssl.cnf Check that the request matches the signature Signature ok Certificate Details: Serial Number: 1 (0x1) Validity Not Before: Nov 12 14:15:57 2018 GMT Not After : Nov 12 14:15:57 2028 GMT Subject: countryName = CN stateOrProvinceName = Hebei organizationName = james organizationalUnitName = james.edu commonName = www.james.com X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: 5A:68:D6:47:29:DA:A5:29:98:09:0D:82:02:2D:B1:5D:61:8A:26:EC X509v3 Authority Key Identifier: keyid:32:B2:8D:AC:68:57:FC:BF:8B:F2:CA:68:8B:45:93:D4:7F:A2:25:F3 [root@master ssl]# scp /etc/pki/CA/certs/nginx.crt ./ [root@master ssl]# rm -f nginx.csr
To modify the nginx configuration file:
[root@master ssl]# vim /etc/nginx/nginx.conf
Restart nginx service after checking:
[root@master ssl]# nginx -t [root@master ssl]# nginx -s reload
web end test:
https service implementation.
