LNMP一键自动化部署
目录
一、原理与理论
LNMP架构核心
脚本设计原理
二、背景及目的
痛点背景:
脚本价值:
三、关键步骤说明
关键步骤解析:
四、常见问题及解决方案
五、总结与心得
脚本获取:
一、原理与理论
-
LNMP架构核心
-
Linux:操作系统基础环境
-
Nginx:高性能Web服务器(处理静态请求)
-
MySQL:关系型数据库(存储动态数据)
-
PHP:服务端脚本语言(动态内容生成)
-
工作流程:
用户请求 → Nginx接收 → PHP处理动态请求 → MySQL读写数据 → 返回结果
-
-
脚本设计原理
-
模块化函数:将各组件安装拆分为独立函数(
nginx_install(),mysql_install()等) -
依赖顺序控制:严格遵循
Nginx → MySQL → PHP的编译安装顺序 -
安全隔离:为服务创建专用系统用户(www/mysql)
-
资源分离:数据库存储独立挂载到
/data/mysql
-
二、背景及目的
-
痛点背景:
-
手动部署LNMP环境步骤繁琐,平均耗时2小时+
-
组件版本兼容性问题频发(如PHP扩展依赖)
-
配置参数易遗漏(如MySQL socket路径)
-
-
脚本价值:
-
✅ 30分钟→5分钟:全自动化编译安装
-
✅ 解决版本兼容:预设验证版本(Nginx 1.9.5+MySQL 5.7.26+PHP 5.6.40)
-
✅ 开箱即用:集成WordPress CMS部署
-
✅ 安全加固:自动关闭SELinux/firewalld(生产环境需调整)
-
三、关键步骤说明
关键步骤解析:
-
前置处理
systemctl stop firewalld # 关闭防火墙
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config # 禁用SELinux- MySQL安全初始化
chown -R mysql:mysql /data/mysql/ # 数据目录权限控制
/usr/local/mysql/bin/mysqld --initialize-insecure # 免密初始化- PHP-FPM优化 PHP-FPM 优化
location ~ \.php$ {fastcgi_pass 127.0.0.1:9000; # PHP处理器监听include fastcgi.conf; # 关键配置文件
}四、常见问题及解决方案
| 问题现象 | 原因分析 | 解决方案 |
|---|---|---|
make: *** No targets specified | 源码包未成功解压 | 检查/usr/src/下文件完整性 |
| MySQL启动失败 | mysql.sock权限不足 | 执行chown -R mysql:mysql /usr/local/mysql/ 香贤 chown -R mysql:mysql /usr/local/mysql/ |
| PHP无法连接MySQL | 未配置socket路径 | 修改php.ini:mysqli.default_socket = /usr/local/mysql/mysql.sock |
| Nginx 403错误 | WordPress目录权限不足 | 运行chmod -R 777 /usr/local/nginx/html |
| 无法外网访问 | 防火墙未关闭 | 确认执行了systemctl disable firewalld确认执行了 systemctl disable firewalld |
五、总结与心得
-
脚本优势
-
版本控制精准:规避了依赖冲突问题
-
资源隔离完善:数据库独立存储+服务专用用户
-
自动化程度高:从环境配置到CMS部署一键完成
-
-
生产环境建议
-
🔐 安全强化:
-
恢复SELinux并配置策略(
setenforce 1) -
改用非root用户运行Nginx(脚本已支持)
-
-
⚙️ 配置优化:
-
Nginx启用
gzip压缩(取消配置文件中#gzip on;注释) -
PHP升级到7.4+(修改脚本中PHP版本路径)
-
-
🔄 运维改进:
-
增加服务监控重启机制(如用
supervisord)
-
-
-
开发心得
“通过此脚本深入理解了LNMP组件的交互依赖关系,特别是PHP-FPM与Nginx的协议通信机制。在MySQL编译中处理
boost依赖的过程,加深了对C/C++项目构建的理解。建议后续增加Let's Encrypt证书自动部署功能以实现HTTPS化。”
脚本获取:
#!/bin/bash
#function:lnmp
##########################################
if[ "$USER" != "root" ]
thenecho "错误:非root用户,权限不足!"exit 0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && echo "关闭selinux"
sleep 5
cflj=/usr/src
zip_file="lnmp.zip"
##############检查文件是否存在##############
if [ -f "$cflj/$zip_file" ]; thencd $cfljunzip lnmp.ziprm -rf $cflj/lnmp.zip
elseecho "请上传文件 $zip_file 到 $cflj"exit 1
fi
######### install nginx #########
function nginx_install(){
nginx_path="$cflj/nginx-1.9.5.tar.gz"
if [ -e "$nginx_path" ]; thencd $cflj;tar -zxf nginx-1.9.5.tar.gzcd nginx-1.9.5/groupadd wwwuseradd -g www www -s /sbin/nologinmkdir -p /var/log/nginxyum install -y gcc gcc-c++ autoconf automake zlib zlib-devel openssl openssl-devel pcre pcre-devel make automake./configure \
--prefix=/usr/local/nginx \
--with-http_dav_module \
--with-http_stub_status_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-pcre \
--with-http_ssl_module \
--with-http_gzip_static_module \
--user=www \
--group=wwwif [ $? -eq 0 ]; thenmake && make installif [ $? -eq 0 ]; thenecho "nginx编译安装完成"elseecho "nginx编译安装失败"exit 1fielseecho"nginx编译安装失败"exit 1fi
elseecho "请上传nginx到/usr/src"exit 0
fi
}
sleep 3######### install mysql #########
function mysql_install(){
###########清理旧版本###########
rpm -qa | grep mariadb &>> /dev/null
rpm -qa | grep mysql &>> /dev/null
rpm -e mariadb-libs --nodeps mariadb-libs &>> /dev/null
yum -y remove mysql* mariadb* &>> /dev/null
##########判断boost文件#############
boost_path="$cflj/boost_1_59_0.tar.bz2"
# 检查文件是否存在
if [ -e "$boost_path" ]; thencd $cflj;groupadd mysql useradd mysql -g mysql -M -s /sbin/nologinmkdir -p /data/mysql/{data,log}chown -R mysql:mysql /data/mysql/tar jxf boost_1_59_0.tar.bz2 -C /root/elseecho "请上传boost到/usr/src"exit 0
fi
##########判断mysql文件#############
mysql_path="$cflj/mysql-5.7.26.tar.gz"
if [ -e "$mysql_path" ]; thencd $cflj;tar xzf mysql-5.7.26.tar.gzcd mysql-5.7.26/yum install -y cmake make gcc gcc-c++ bison ncurses ncurses-devel bzip2cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_DATADIR=/data/mysql/data \
-DSYSCONFDIR=/etc \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_MEMORY_STORAGE_ENGINE=1 \
-DWITH_READLINE=1 \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
-DMYSQL_TCP_PORT=3306 \
-DENABLED_LOCAL_INFILE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DEXTRA_CHARSETS=all \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DDOWNLOAD_BOOST=1 \
-DWITH_BOOST=/root/boost_1_59_0if [ $? -eq 0 ]; thenmake && make installif [ $? -eq 0 ]; thenecho "mysql编译安装完成"elseecho "mysql编译安装失败"exit 1fielseecho"mysql编译安装失败"exit 1fi
sleep 3
#####设置权限#########chown -R mysql:mysql /usr/local/mysql/
#####定义配置文件#####cat >> /etc/my.cnf << EOF[mysqld]
basedir=/usr/local/mysql
datadir=/data/mysql/data
port=3306
socket=/usr/local/mysql/mysql.sock
symbolic-links=0
character-set-server=utf8
log-error=/data/mysql/log/mysqld.log
pid-file=/usr/local/mysql/mysqld.pid
EOFcp /usr/src/mysql-5.7.26/support-files/mysql.server /etc/init.d/mysql.serverchmod +x /etc/init.d/mysql.server/usr/local/mysql/bin/mysqld \
--initialize-insecure \
--user=mysql \
--basedir=/usr/local/mysql \
--datadir=/data/mysql/data /etc/init.d/mysql.server startsleep 2if [ $? -eq 0 ]; thenln -s /usr/local/mysql/bin/* /usr/local/bin/echo "mysq启动成功"elseecho"mysq启动失败"exit 1fielseecho "请上传mysql到/usr/src"exit 0
fi
}
sleep 3######### install phpex #########
function phpex_install(){
libmcrypt_path="$cflj/libmcrypt-2.5.8.tar.gz"
if [ -e "$libmcrypt_path" ]; thencd $cflj;yum -y install zlib* libxml2*tar zxf $cflj/libmcrypt-2.5.8.tar.gzcd libmcrypt-2.5.8/./configureif [ $? -eq 0 ]; thenmake && make installif [ $? -eq 0 ]; thenecho "libmcrypt编译安装完成"elseecho "libmcrypt编译安装失败"exit 1fielseecho"libmcrypt编译安装失败"exit 1fi
elseecho "请上传libmcrypt到/usr/src"exit 0
fi
}######### install php #########
function php_install(){
php_path="$cflj/php-5.6.40.tar.gz"
if [ -e "$php_path" ]; thencd $cflj;tar zxf $cflj/php-5.6.40.tar.gzyum -y install gcc autoconf freetype gd libpng libpng-devel libjpeg libxml2 libxml2-devel zlib curl curl-devel freetype-devel libjpeg-devel bzip2 bzip2-devel openssl openssl-develcd php-5.6.40/./configure --prefix=/usr/local/php5.6 \
--with-mysql=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-mysqli=mysqlnd \
--enable-mbstring \
--with-curl \
--with-gd \
--enable-fpm \
--with-config-file-path \
--with-openssl \
--enable-fpm \
--enable-sockets \
--enable-sysvshm \
--enable-mbstring \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir=/usr \
--enable-xml \
--with-mhash \
--with-mcrypt=/usr/local/libmcrypt \
--with-config-file-path=/usr/local/php5.6/etc \
--with-config-file-scan-dir=/etc/php.d \
--with-bz2 if [ $? -eq 0 ]; thenmake && make installif [ $? -eq 0 ]; thenecho "php编译安装完成"elseecho "php编译安装失败"exit 1 fielseecho"php编译安装失败"exit 1fi
elseecho "请上传php到/usr/src"exit 0
fi
}
sleep 3######### lnmp config #########
function lnmp_config(){
cp /usr/src/php-5.6.40/php.ini-production /usr/local/php5.6/php.ini
cp /usr/local/php5.6/etc/php-fpm.conf.default /usr/local/php5.6/etc/php-fpm.conf
cp /usr/src/php-5.6.40/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm
/etc/init.d/php-fpm start
sleep 3
sed -i '1221s#^mysqli.default_socket =.*#mysqli.default_socket = /usr/local/mysql/mysql.sock#' /usr/local/php5.6/php.ini
sed -i '202s/short_open_tag = Off/short_open_tag = On/' /usr/local/php5.6/php.ini
sed -i '164s/^listen = .*/listen = 0.0.0.0:9000/' /usr/local/php5.6/etc/php-fpm.conf
sed -i '149s/^user = .*/user = www/' /usr/local/php5.6/etc/php-fpm.conf
sed -i '150s/^group = .*/group = www/' /usr/local/php5.6/etc/php-fpm.conf
sed -i '25s/.*/pid = run\/php-fpm.pid/' /usr/local/php5.6/etc/php-fpm.conf
sleep 3
/usr/local/mysql/bin/mysql -u root -e "grant all on *.* to 'wordpress'@'%' identified by 'wordpress@163.com';"
/usr/local/mysql/bin/mysql -u root -e "flush privileges;"
/usr/local/mysql/bin/mysql -u root -e "flush privileges;"
sleep 3
cp /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
mkdir -p /var/log/nginx
cat > /usr/local/nginx/conf/nginx.conf <<EOF
user www;
worker_processes 2;
error_log logs/error.log;
pid logs/nginx.pid;
events {use epoll;worker_connections 1024;
}
http {include mime.types;default_type application/octet-stream;log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" ''\$status \$body_bytes_sent "\$http_referer" ''"\$http_user_agent" "\$http_x_forwarded_for"';access_log logs/access.log main;sendfile on;keepalive_timeout 65;#gzip on;server {listen 80;server_name localhost;charset utf-8;location / {root html;index index.php index.html index.htm;}location ~ \.php$ {root html;fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;include fastcgi.conf;}error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}}
}
EOF#/usr/local/nginx/sbin/nginx -s reload
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
/etc/init.d/mysql.server restart
/etc/init.d/php-fpm restart
#lsof -i :80
#echo $(grep processor /proc/cpuinfo | wc -l)
}######### cms #########
function cms_install(){
cms_path="$cflj/wordpress-6.2.2-zh_CN.zip"
if [ -e "$cms_path" ]; thenIP=$(ip a | grep "inet "|grep "ens33" | awk '{print $2}' | awk -F / '{print $1}')rm -rf /usr/local/nginx/html/*cp /usr/src/wordpress-6.2.2-zh_CN.zip /usr/local/nginx/html && cd /usr/local/nginx/html && unzip wordpress-6.2.2-zh_CN.zipchmod -R 777 /usr/local/nginx/html && mv /usr/local/nginx/html/wordpress/* /usr/local/nginx/html/echo "通过如下地址访问CMS:http://$IP/ 数据库默认用户:wordpress,密码:wordpress@163.com "
elseecho "请上传cms到/usr/src"exit 0
fi
}PS3="请你选择需要安装的服务:"
select i in nginx mysql phpex php config cms all exit
docase $i innginx)nginx_install 1;;mysql)mysql_install 2;;phpex)phpex_install 3;;php)php_install 4;;config)lnmp_config 5;; cms)cms_install 6;; all)nginx_install 1mysql_install 2phpex_install 3php_install 4lnmp_config 5cms_install 6;;exit)echo "退出..."exit
esacdone