本文是以budgetvm的ubuntu系统为例。
为什要使用 nginx?因为 apache 太耗内存了,使用 nginx 可以节约内存。
采用 nginx + php-fpm + mysql 搭建。
删除 apache2
使用putty登录vps,执行如下命令:
输入如下命令关闭 apache2
service apache2 stop如果输入正确,会提示如下信息,表示apache2已经停止
root@241541:~# service apache2 stop * Stopping web server apache2 apache2: Could not reliably determine the server's fully qualified domain name, using 0.3.175.133 for ServerName
... waiting [ OK ]
输入如下命令删除 apache2
apt-get remove apache2 apache2.2-common出现类似如下提示时,输入 Y 并回车。
0 upgraded, 1 newly installed, 7 to remove and 26 not upgraded.
Need to get 5837kB of archives.
After this operation, 14.5MB disk space will be freed.
Do you want to continue [Y/n]?最后会出现如下提示,表示已经删除 apache2
Removing libapache2-mod-php5 ...
Module php5 disabled.
Run '/etc/init.d/apache2 restart' to activate new configuration!
Removing apache2-mpm-prefork ...
* Stopping web server apache2 apache2: Could not reliably determine the server's fully qualified domain name, using 0.3.175.133 for ServerName
... waiting [ OK ]
Removing apache2.2-common ...
Removing apache2-utils ...
Removing apache2.2-bin ...安装 php5-fpm php5-cgi
安装 php5-fpm 执行如下命令:
apt-get install php5-cgi php5-fpm php5-gd php5-mysql php5-curl php5-mcrypt php5-common php-apc出现下面的提示表示安装成功
root@241541:~# apt-get install php5-cgi php5-fpm php5-gd php5-mysql php5-mcrypt php5-common php-apc
Reading package lists... Done
Building dependency tree
Reading state information... Done
php5-cgi is already the newest version.
php5-cgi set to manually installed.
Suggested packages:
php-pear
The following NEW packages will be installed:
libevent-1.4-2 php5-fpm
0 upgraded, 2 newly installed, 0 to remove and 26 not upgraded.
Need to get 3002kB of archives.
After this operation, 7967kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu/ maverick/main libevent-1.4-2 i386 1.4.13-stable-1 [56.2kB]
Get:2 http://archive.ubuntu.com/ubuntu/ maverick-updates/universe php5-fpm i386 5.3.3-1ubuntu9.5 [2946kB]
Fetched 3002kB in 1s (2181kB/s)
Selecting previously deselected package libevent-1.4-2.
(Reading database ... 21902 files and directories currently installed.)
Unpacking libevent-1.4-2 (from .../libevent-1.4-2_1.4.13-stable-1_i386.deb) ...
Selecting previously deselected package php5-fpm.
Unpacking php5-fpm (from .../php5-fpm_5.3.3-1ubuntu9.5_i386.deb) ...
Setting up libevent-1.4-2 (1.4.13-stable-1) ...
Setting up php5-fpm (5.3.3-1ubuntu9.5) ...
update-rc.d: warning: php5-fpm stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (none)
* Starting PHP5 FPM... Aug 13 06:25:50.352643 [WARNING] [pool www] pm.start_servers is not set. It's been set to 20.
[ OK ]
Creating config file /etc/php5/fpm/php.ini with new version
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place安装完毕后,我们调整下 php5-fpm 使其采用 127.0.0.1:9000 进行监听,执行如下命令:
sed -i -e 's/listen =.*$/listen = 127.0.0.1:9000/' `grep -R -l listen /etc/php5/fpm`完毕后,重启下 php5-fpm,执行如下命令重启
service php5-fpm restart出现如下提示,表示重启成功
root@241541:~# service php5-fpm restartphp5-fpm stop/waiting
php5-fpm start/running, process 6899安装 mysql
安装 nginx
使用putty登录vps,执行如下命令:
apt-get install nginx出现如下提示,表示已经安装完毕:
root@241541:~# apt-get install nginxReading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
ufw
The following NEW packages will be installed:
nginx
0 upgraded, 1 newly installed, 0 to remove and 26 not upgraded.
Need to get 341kB of archives.
After this operation, 827kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu/ maverick/universe nginx i386 0.7.67-3ubuntu1 [341kB]
Fetched 341kB in 0s (437kB/s)
Selecting previously deselected package nginx.
(Reading database ... 21918 files and directories currently installed.)
Unpacking nginx (from .../nginx_0.7.67-3ubuntu1_i386.deb) ...
Setting up nginx (0.7.67-3ubuntu1) ...
再执行下面的命令启动nginx服务:
service nginx start结果如下所示,表示nginx顺利启动:
root@241541:~# service nginx startStarting nginx: nginx.
测试站点
由于nginx默认的站点不支持php,所以需要修改默认站点。
编辑文件名为 default.txt ,注意下面的 server_name 修改为你的vps的ip地址,可以写一个IP,也可以都写上,IP和IP之间有空格。
配置文件中的 root 就是站点的目录了,可以更改为你的站点的路径。
server {
listen 80;
server_name 184.82.9.30 184.82.9.31;
index index.html index.htm index.php;
root /var/www/;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
}将 default.txt 文件使用 filezilla 上传到 /etc/nginx/sites-enabled 目录下
使用 putty 登录vps,输入如下命令重启 nginx 服务
service nginx restart重启结果如下所示:
root@241541:~# service nginx restartRestarting nginx: nginx.
安装phpsysinfo
按照前面apache2讲述的安装
安装 php 探针
安装 phpmyadmin
照前面 Apache2 安装 phpmyadmin, 注意第二步不要再按空格选择 apache2 , 直接回车下一步。
如果已经之前已经安装过 phpmyadmin ,不需要删除,继续使用。
安装完毕 phpmyadmin 后, 继续在 putty 里面执行如下命令即可:
cd /var/www
ln -s /usr/share/phpmyadmin .执行情况如下所示:
root@241541:~# cd /var/www
root@241541:/var/www# ln -s /usr/share/phpmyadmin .
root@241541:/var/www#然后就可以在浏览器里面访问 phpmyadmin 了。 访问地址: http://184.82.9.30/phpmyadmin/
配置虚拟站点
以上运行环境均已经安装完毕,下面讲如何配置 nginx 的多域名。
假设前提: 你有一个域名 test.com ,你希望搭建两个站点,第一个站点是 www.test.com 和 test.com 为主页,同时希望提供 bbs.test.com 为论坛。
下面的文档对多个不同的域名也是适用的。
配置域名
参考上面 apache2 的配置域名部分。
上传程序
参考上面 apache2 的上传程序部分。
多域名配置
这里推荐编辑器直接使用记事本,不要使用其他的高级编辑器。
编辑www.test.com的站点配置文件 test.com.txt
server {
listen 80;
server_name www.test.com test.com;
index index.html index.htm index.php;
root /var/www/test/;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
}编辑bbs.test.com的站点配置文件 bbs.test.com.txt
server {
listen 80;
server_name bbs.test.com;
index index.html index.htm index.php;
root /var/www/bbs/;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
}将这两个文件使用 filezilla 上传到 /etc/nginx/sites-enabled/ 目录
Nginx 伪静态
下面是常用的一些伪静态配置,复制出来,插入到站点的配置文件最后一个 } 号之前,如下:
server {
listen 80;
server_name bbs.test.com;
index index.html index.htm index.php;
root /var/www/bbs/;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
#伪静态代码段开始
location / {
...............................
}
#伪静态代码段结束
}Discuz!X 在 Nginx 下的伪静态配置如下:
location / {
rewrite ^([^\.]*)/topic-(.+)\.html$ $1/portal.php?mod=topic&topic=$2 last;
rewrite ^([^\.]*)/article-([0-9]+)-([0-9]+)\.html$ $1/portal.php?mod=view&aid=$2&page=$3 last;
rewrite ^([^\.]*)/forum-(\w+)-([0-9]+)\.html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;
rewrite ^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;
rewrite ^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=group&fid=$2&page=$3 last;
rewrite ^([^\.]*)/space-(username|uid)-(.+)\.html$ $1/home.php?mod=space&$2=$3 last;
rewrite ^([^\.]*)/blog-([0-9]+)-([0-9]+)\.html$ $1/home.php?mod=space&uid=$2&do=blog&id=$3 last;
rewrite ^([^\.]*)/(fid|tid)-([0-9]+)\.html$ $1/index.php?action=$2&value=$3 last;
}将这一段代码加入到上面的站点配置文件中,例如:
server {
listen 80;
server_name bbs.test.com;
index index.html index.htm index.php;
root /var/www/bbs/;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
location / {
rewrite ^([^\.]*)/topic-(.+)\.html$ $1/portal.php?mod=topic&topic=$2 last;
rewrite ^([^\.]*)/article-([0-9]+)-([0-9]+)\.html$ $1/portal.php?mod=view&aid=$2&page=$3 last;
rewrite ^([^\.]*)/forum-(\w+)-([0-9]+)\.html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;
rewrite ^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;
rewrite ^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=group&fid=$2&page=$3 last;
rewrite ^([^\.]*)/space-(username|uid)-(.+)\.html$ $1/home.php?mod=space&$2=$3 last;
rewrite ^([^\.]*)/blog-([0-9]+)-([0-9]+)\.html$ $1/home.php?mod=space&uid=$2&do=blog&id=$3 last;
rewrite ^([^\.]*)/(fid|tid)-([0-9]+)\.html$ $1/index.php?action=$2&value=$3 last;
}
}WordPress 在 Nginx 下的伪静态配置如下:
location / {
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}ECShop 在 Nginx 下的伪静态配置如下:
location / {
if (!-e $request_filename) {
rewrite "^/index\.html" /index.php last;
rewrite "^/category$" /index.php last;
rewrite "^/feed-c([0-9]+)\.xml$" /feed.php?cat=$1 last;
rewrite "^/feed-b([0-9]+)\.xml$" /feed.php?brand=$1 last;
rewrite "^/feed\.xml$" /feed.php last;
rewrite "^/category-([0-9]+)-b([0-9]+)-min([0-9]+)-max([0-9]+)-attr([^-]*)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /category.php?id=$1&brand=$2&price_min=$3&price_max=$4&filter_attr=$5&page=$6&sort=$7&order=$8 last;
rewrite "^/category-([0-9]+)-b([0-9]+)-min([0-9]+)-max([0-9]+)-attr([^-]*)(.*)\.html$" /category.php?id=$1&brand=$2&price_min=$3&price_max=$4&filter_attr=$5 last;
rewrite "^/category-([0-9]+)-b([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /category.php?id=$1&brand=$2&page=$3&sort=$4&order=$5 last;
rewrite "^/category-([0-9]+)-b([0-9]+)-([0-9]+)(.*)\.html$" /category.php?id=$1&brand=$2&page=$3 last;
rewrite "^/category-([0-9]+)-b([0-9]+)(.*)\.html$" /category.php?id=$1&brand=$2 last;
rewrite "^/category-([0-9]+)(.*)\.html$" /category.php?id=$1 last;
rewrite "^/goods-([0-9]+)(.*)\.html" /goods.php?id=$1 last;
rewrite "^/article_cat-([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /article_cat.php?id=$1&page=$2&sort=$3&order=$4 last;
rewrite "^/article_cat-([0-9]+)-([0-9]+)(.*)\.html$" /article_cat.php?id=$1&page=$2 last;
rewrite "^/article_cat-([0-9]+)(.*)\.html$" /article_cat.php?id=$1 last;
rewrite "^/article-([0-9]+)(.*)\.html$" /article.php?id=$1 last;
rewrite "^/brand-([0-9]+)-c([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)\.html" /brand.php?id=$1&cat=$2&page=$3&sort=$4&order=$5 last;
rewrite "^/brand-([0-9]+)-c([0-9]+)-([0-9]+)(.*)\.html" /brand.php?id=$1&cat=$2&page=$3 last;
rewrite "^/brand-([0-9]+)-c([0-9]+)(.*)\.html" /brand.php?id=$1&cat=$2 last;
rewrite "^/brand-([0-9]+)(.*)\.html" /brand.php?id=$1 last;
rewrite "^/tag-(.*)\.html" /search.php?keywords=$1 last;
rewrite "^/snatch-([0-9]+)\.html$" /snatch.php?id=$1 last;
rewrite "^/group_buy-([0-9]+)\.html$" /group_buy.php?act=view&id=$1 last;
rewrite "^/auction-([0-9]+)\.html$" /auction.php?act=view&id=$1 last;
rewrite "^/exchange-id([0-9]+)(.*)\.html$" /exchange.php?id=$1&act=view last;
rewrite "^/exchange-([0-9]+)-min([0-9]+)-max([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /exchange.php?cat_id=$1&integral_min=$2&integral_max=$3&page=$4&sort=$5&order=$6 last;
rewrite "^/exchange-([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /exchange.php?cat_id=$1&page=$2&sort=$3&order=$4 last;
rewrite "^/exchange-([0-9]+)-([0-9]+)(.*)\.html$" /exchange.php?cat_id=$1&page=$2 last;
rewrite "^/exchange-([0-9]+)(.*)\.html$" /exchange.php?cat_id=$1 last;
}
}修改上传文件权限
由于上传的文件的所有者为 root ,Nginx 无法正常写入,所以需要设置上传文件的宿主为 www-data。
使用putty登录vps执行如下命令,设置 /var/www下的所有文件的宿主都是 www-data,这样nginx就可以正常读写:
chown -R www-data:www-data /var/www
service nginx restart
执行结果如下所示:
root@241541:~# chown -R www-data:www-data /var/www
root@195669:~# service nginx restartRestarting nginx: nginx.
安装配置
见 apache2 的安装配置部分
nginx 301 跳转
如果希望将 test.com 跳转到 www.test.com ,如下配置 test.com.txt 上传到 /etc/nginx/sites-enabled/ 目录即可。
server {
listen 80;
server_name test.com;
rewrite ^/(.*) http://www.test.com/$1 permanent;
}当然你也可以去 test.com 的域名那里设置 301 跳转。
nginx 优化
请一定要执行本步骤,不要认为小站,访问的人数少,有时候蜘蛛会按照超过20个以上的并发抓取数据,直接爆掉vps。表现为:可以ping,但网站打不开、数据库连不上或无法ssh。
为了防止Vps被大的访问量爆掉,需要限制并发数,这里#1 VPS 调整为10, #2可以将下面的10修改为20,#3为30,以此类推。
也可以根据指南最后的压力测试来确定最大并发数,确定后,将下面的命令中的 10 改为你确定的并发数即可,其它数值如 5 不要修改。
因为命令中包括了 ` 号,所以请复制命令后到putty直接按鼠标右键粘贴执行:
sed -i -e 's/pm.max_children =.*$/pm.max_children = 10/' `grep -R -l pm.max_children /etc/php5/fpm`
sed -i -e 's/pm.start_servers =.*$/pm.start_servers = 5/' `grep -R -l pm.max_children /etc/php5/fpm`
sed -i -e 's/pm.max_spare_servers =.*$/pm.max_spare_servers = 10/' `grep -R -l pm.max_children /etc/php5/fpm`执行完毕后,重启下 php-fpm 服务:
service php5-fpm restartnginx 限制同一IP的并发数和连接流量
在终端执行下面语句开启nginx并发支持:
echo "limit_conn_zone \$binary_remote_addr zone=one:10m;" > /etc/nginx/conf.d/limitconn.conf然后打开虚拟站点配置文件,如编辑上面例子中的 bbs.test.com 站点配置文件 bbs.test.com.txt,
在 server_name bbs.test.com; 这一行下面插入如下:
limit_conn one 20;
limit_rate 200k;上面的20,标示同一IP的最大并发数为20。200k为连接的最大速度为200k。
注意,这里控制的流量是针对单一连接的,并不是同一IP的最大速度,其最大速度为200k*20=4000k。
最终修改后的结果如下所示:
server {
listen 80;
server_name bbs.test.com;
limit_conn one 20;
limit_rate 200k;
index index.html index.htm index.php;
root /var/www/bbs/;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
}将上面的配置文件重新使用 filezilla 上传到 /etc/nginx/sites-enabled/ 目录,覆盖后,执行以下命令重启 nginx 使配置生效:
service nginx restart查看 nginx 日志
Nginx的日志放在 /var/log/nginx/ 目录下,可以使用 filezilla 下载下来查看。
配置CDN或反向代理
我们需要将 www.test.com 或 test.com 的访问反向代理到 192.168.1.1 地址上。
1 执行如下命令来建立缓存目录和临时目录,这里默认为最大20g的缓存空间,可以根据你的实际情况增加或减小,修改地方为 max_size=20g;
mkdir /var/www/cache
mkdir /var/www/temp
chown -R www-data:www-data /var/www
echo "proxy_cache_path /var/www/cache levels=1:2 keys_zone=cache_one:100m inactive=7d max_size=20g;" > /etc/nginx/conf.d/cdn.conf
echo "proxy_temp_path /var/www/temp;" >> /etc/nginx/conf.d/cdn.conf2 编辑 www.test.com 站点的反向代理配置文件 test.com.txt 如下:
server {
listen 80;
server_name www.test.com test.com;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Server;
proxy_pass http://192.168.1.1;
}
location ~ .*\.(gif|png|jpg|jpeg|swf|zip|gz|tar|bz2|rar|doc|txt|ico|cur)$ {
proxy_cache cache_one;
proxy_cache_valid 30d;
proxy_cache_key $host$uri$is_args$args;
proxy_set_header Host $host;
proxy_pass http://192.168.1.1;
}
location ~ .*\.(css|js)?$ {
proxy_cache cache_one;
proxy_cache_valid 1h;
proxy_cache_key $host$uri$is_args$args;
proxy_set_header Host $host;
proxy_pass http://192.168.1.1;
}
}上面的配置中 “gif|png|jpg|jpeg|swf|zip|gz|tar|bz2|rar|doc|txt|ico|cur” 的后缀缓存设置的为30天,css|js 后缀的为1小时,你可以根据实际需求调整 proxy_cache_valid 30d; 行最后的 30d 为其它的值,如缓存1天为: proxy_cache_valid 1d;
如果不需要缓存,直接设置为如下:
server {
listen 80;
server_name www.test.com test.com;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Server;
proxy_pass http://192.168.1.1;
}
}3 将这个文件使用 filezilla 上传到 /etc/nginx/sites-enabled/ 目录
4 执行下面的重启 nginx 命令,使配置生效。
service nginx restart5 然后就可以去域名管理那里将 www.test.com test.com 的IP设置为VPS的IP即可。
反向代理 Google
由于谷歌需要 https 才可以访问,所以反向代理谷歌需要占用服务器的 https 443 端口。
1 产生 https 证书
apt-get install openssl
cd /etc/nginx/
openssl genrsa -out google.key 1024
openssl req -new -key google.key -out google.csr
openssl x509 -req -days 3650 -in google.csr -signkey google.key -out google.crt2 建立配置文件 google.test.com.txt 这里用 google.test.com 来反向代理 google.com 如下:
server {
listen 80;
server_name google.test.com;
rewrite ^(.*) https://google.test.com$1 permanent;
}
server {
listen 443;
server_name google.test.com;
ssl on;
ssl_certificate /etc/nginx/google.crt;
ssl_certificate_key /etc/nginx/google.key;
location / {
proxy_redirect https://www.google.com.hk/ /;
proxy_cookie_domain google.com.hk google.test.com;
proxy_set_header Host www.google.com.hk;
proxy_pass https://www.google.com.hk;
}
}3 将这个文件使用 filezilla 上传到 /etc/nginx/sites-enabled/ 目录
4 执行下面的重启 nginx 命令,使配置生效。
service nginx restart5 然后就可以去域名管理那里将 google.test.com 的IP设置为VPS的IP即可。
6 完成,可以通过访问 https://google.test.com 来访问google了。
