本次使用 centos 7.4、Nginx、MySQL、PHP 7.1 搭建 LNMP 环境,安装 Magento 2.2 。 在实践过程中,发现 Magento 官方文档有微小错误,所以本文可做参考佐证。 Magento 官方文档 nginx
1 2 yum -y install epel-release yum -y install nginx
安装完成后,启动 ng 设置他开机启动
1 2 systemctl start nginx systemctl enable nginx
centos 中 ng 的配置文件一般在 /etc/nginx/nginx.conf 打开后查看下:
1 2 yum install -y http://dl.iuscommunity.org/pub/ius/stable/CentOS/7/x86_64/ius-release-1.0-14.ius.centos7.noarch.rpm yum -y update
安装 php 扩展
1 yum -y install php71u php71u-pdo php71u-mysqlnd php71u-opcache php71u-xml php71u-mcrypt php71u-gd php71u-devel php71u-mysql php71u-intl php71u-mbstring php71u-bcmath php71u-json php71u-iconv php71u-soap
安装 php-fpm
1 yum -y install php71u-fpm
怎么查看内存多大
1 grep MemTotal /proc/meminfo
打开 /etc/php.ini 去掉 cgi.fix_pathinfo 前 ; 并修改值为 0 并且修改以下行:
1 2 3 memory_limit = 2G max_execution_time = 1800 zlib.output_compression = On
注释下列行:
1 ;session.save_path = "/var/lib/php/session"
保存文件。
打开 /etc/php-fpm.d/www.conf 修改以下行的值
1 2 3 4 5 6 user = nginx group = nginx listen = /run/php-fpm/www.sock listen.owner = nginx listen.group = nginx listen.mode = 0660
注释以下行:
1 2 3 4 5 env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp
注意: php_value[session.save_handler] = files php_value[session.save_path] = /var/lib/php/fpm/session 所以更改权限
1 chown -R nginx:nginx /var/lib/php/fpm/
如果不存在则创建:
1 chown -R nginx:nginx /run/php-fpm/
1 2 systemctl start php-fpm systemctl enable php-fpm
验证下:
1 netstat -pl grep www.sock
下面测试 php 是否能正常访问 配置文件: /etc/nginx/nginx.conf 修改其中的 location / 添加:
1 2 3 4 5 6 7 8 location / { location ~ .php$ { include fastcgi_params; fastcgi_pass unix:/run/php-fpm/www.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_script_name; } }
如果不增加该规则,则 php 文件不会被解析而是被下载。 在 /usr/share/nginx/html 下增加 php.php 文件看是否可以访问
访问结果是 502 temporarily unavailable 查看错误日志:cat /var/log/nginx/error.log 错误是: connect() to unix:/run/php-fpm/php-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 117.80.222.3,.... 发现实际上 php-fpm 的实际路径和名称是 /run/php-fpm/www.sock 所以重新回到上面的配置进行更改:
重启 nginx 和 php-fpm
1 2 systemctl restart nginx systemctl restart php-fpm
1 2 3 4 yum localinstall https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm yum install mysql-community-server systemctl start mysqld systemctl enable mysqld
获得临时密码:
1 grep 'temporary' /var/log/mysqld.log
重新设置密码和进行安全设置
1 mysql_secure_installation
1 2 3 4 mysql -u root -p create database dbname; GRANT ALL ON dbname.* TO user@localhost IDENTIFIED BY 'userpw'; FLUSH PRIVILEGES;
安装 composer
1 curl -sS https://getcomposer.org/installer sudo php -- --install-dir=/usr/bin --filename=composer
下载 Magento
1 composer create-project --repository-url=https://repo.magento.com/ magento/project-community-edition <installation directory name>
然后输入帐密开始下载 然后全部给成 nginx 用户和组 给文件权限
1 find var generated vendor pub/static pub/media app/etc -type f -exec chmod g+w {} \; && find var generated vendor pub/static pub/media app/etc -type d -exec chmod g+ws {} \; && chown -R :nginx . && chmod u+x bin/magento
重新修改下 ng 的配置 /etc/nginx/nginx.conf 使其包含网站目录下的配置文件。 新建一个 /usr/share/nginx/html/magento/nginx.conf 配置文件(/usr/share/nginx/html/magento/ 是网站的根目录) 内容如下,仅供参考:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 upstream fastcgi_backend { server unix:/run/php-fpm/www.sock; } server { listen 80; server_name localhost; set $MAGE_ROOT /usr/share/nginx/html/magento; #set $MAGE_MODE developer; root $MAGE_ROOT/pub; index index.php; autoindex off; charset UTF-8; error_page 404 403 = /errors/404.php; #add_header "X-UA-Compatible" "IE=Edge"; location ~* ^/setup($/) { root $MAGE_ROOT; location ~ ^/setup/index.php { ### This fixes the problem: fastcgi_split_path_info ^(.+?\.php)(/.*)$; ################################ fastcgi_pass fastcgi_backend; fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off"; fastcgi_param PHP_VALUE "memory_limit=768M \n max_execution_time=600"; fastcgi_read_timeout 600s; fastcgi_connect_timeout 600s; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ~ ^/setup/(?!pub/). { deny all; } location ~ ^/setup/pub/ { add_header X-Frame-Options "SAMEORIGIN"; } } # PHP entry point for update application location ~* ^/update($/) { root $MAGE_ROOT; location ~ ^/update/index.php { fastcgi_split_path_info ^(/update/index.php)(/.+)$; fastcgi_pass fastcgi_backend; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; include fastcgi_params; } # Deny everything but index.php location ~ ^/update/(?!pub/). { deny all; } location ~ ^/update/pub/ { add_header X-Frame-Options "SAMEORIGIN"; } } location / { try_files $uri $uri/ /index.php$is_args$args; } location /pub/ { location ~ ^/pub/media/(downloadablecustomerimporttheme_customization/.*\.xml) { deny all; } alias $MAGE_ROOT/pub/; add_header X-Frame-Options "SAMEORIGIN"; } location /static/ { # Uncomment the following line in production mode # expires max; # Remove signature of the static files that is used to overcome the browser cache location ~ ^/static/version { rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; } location ~* \.(icojpgjpegpnggifsvgjscssswfeotttfotfwoffwoff2)$ { add_header Cache-Control "public"; add_header X-Frame-Options "SAMEORIGIN"; expires +1y; if (!-f $request_filename) { rewrite ^/static/?(.*)$ /static.php?resource=$1 last; } } location ~* \.(zipgzgzipbz2csvxml)$ { add_header Cache-Control "no-store"; add_header X-Frame-Options "SAMEORIGIN"; expires off; if (!-f $request_filename) { rewrite ^/static/?(.*)$ /static.php?resource=$1 last; } } if (!-f $request_filename) { rewrite ^/static/?(.*)$ /static.php?resource=$1 last; } add_header X-Frame-Options "SAMEORIGIN"; } location /media/ { try_files $uri $uri/ /get.php$is_args$args; location ~ ^/media/theme_customization/.*\.xml { deny all; } location ~* \.(icojpgjpegpnggifsvgjscssswfeotttfotfwoffwoff2)$ { add_header Cache-Control "public"; add_header X-Frame-Options "SAMEORIGIN"; expires +1y; try_files $uri $uri/ /get.php$is_args$args; } location ~* \.(zipgzgzipbz2csvxml)$ { add_header Cache-Control "no-store"; add_header X-Frame-Options "SAMEORIGIN"; expires off; try_files $uri $uri/ /get.php$is_args$args; } add_header X-Frame-Options "SAMEORIGIN"; } location /media/customer/ { deny all; } location /media/downloadable/ { deny all; } location /media/import/ { deny all; } # PHP entry point for main application location ~ (indexgetstaticreport404503)\.php$ { try_files $uri =404; fastcgi_pass fastcgi_backend; fastcgi_buffers 1024 4k; fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off"; fastcgi_param PHP_VALUE "memory_limit=768M \n max_execution_time=18000"; fastcgi_read_timeout 600s; fastcgi_connect_timeout 600s; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } gzip on; gzip_disable "msie6"; gzip_comp_level 6; gzip_min_length 1100; gzip_buffers 16 8k; gzip_proxied any; gzip_types text/plain text/css text/js text/xml text/javascript application/javascript application/x-javascript application/json application/xml application/xml+rss image/svg+xml; gzip_vary on; }
检查 nginx 设置并重启:
1 2 nginx -t systemctl restart nginx
现在可以进入安装页面了
SELinux(Security-Enhanced Linux) 是美国国家安全局(NSA)对于强制访问控制的实现。安装过程中发现文件权限设置正确,但仍然出现了 permission denied 错误。 查看状态
SELinux is in ‘Enforcing’ mode。
可以关闭它,临时关闭(不用重启):
设置为 0 成为 permissive 模式,为 1 成为 enforcing模式 。 永久关闭: 修改 /etc/selinux/config 文件 将 SELINUX=enforcing 改为 SELINUX=disabled 重启机器即可
安装管理工具:
1 yum -y install policycoreutils-python
切换到网站目录下
1 2 3 4 5 6 semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/magento/app/etc(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/magento/var(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/magento/generated(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/magento/pub/media(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/magento/pub/static(/.*)?' restorecon -Rv '/usr/share/nginx/html/magento/'
1 yum -y install ftp vsftpd
防火墙添加 ftp 服务
1 2 firewall-cmd --permanent --zone=public --add-service=ftp firewall-cmd --reload
ftp 的配置文件位置为 /etc/vsftpd/vsftpd.conf 将 write_enable=YES 前的 # 删除 将 local_umask=002 前的 # 删除 service vsftpd restart
nginx 本身不能处理 PHP,它只是个 web 服务器。当接收到客户端请求后,如果是 php 请求,则转发给 php 解释器处理,并把结果返回给客户端。如果是静态页面的话,nginx 自己处理,然后把结果返回给客户端。 Nginx 下 php 解释器使用最多的就是 fastcgi 。一般情况 nginx 把 php 请求转发给 fastcgi 管理进程处理,fastcgi 管理进程选择 cgi 子进程进行处理,然后把处理结果返回给 nginx。 在这个过程中就牵涉到两个用户,一个是 nginx 运行的用户,一个是 php-fpm 运行的用户。如果访问的是一个静态文件的话,则只需要 nginx 运行的用户对文件具有读权限或者读写权限。 而如果访问的是一个 php 文件的话,则首先需要 nginx 运行的用户对文件有读取权限,读取到文件后发现是一个 php 文件,则转发给 php-fpm,此时则需要 php-fpm 用户对文件具有有读权限或者读写权限。 查看 nginx 权限
查看 php-fpm 权限
参考脚踏实地云 nginx、php-fpm、mysql用户权限解析
How to Install Magento 2.1 on CentOS 7
访问网站,可以看到欢迎页面: 