Установка NGINX + PageSpeed + APACHE + PHP + MariaDB на Centos 7
Обновить сервер:
yum updateУстановка пакета для работы с сетевыми настройками:
yum install -y net-toolsУстановка EPEL репозиторий:
yum install -y epel-releaseУстановка пакета диспетчера просмотра процессов:
yum install -y htopУстановка проги для загрузок:
yum install wget -yУстановка утилит пакетного менеджера:
yum install -y yum-utilsУстановка модуля SSL:
yum install -y mod_sslУстановка NGINX + ngx_pagespeed:
yum install -y https://disweb.ru/files/rpm/nginx-1.20.1-4.el7.ngx.x86_64.rpm https://disweb.ru/files/rpm/nginx-module-pagespeed-selinux-1.20.1.1.13.35.2-7.el7.gps.x86_64.rpm https://disweb.ru/files/rpm/nginx-module-pagespeed-1.20.1.1.13.35.2-7.el7.gps.x86_64.rpmОткрыть порты 80 и 443:
firewall-cmd --zone=public --add-port=80/tcp --permanentfirewall-cmd --zone=public --add-port=443/tcp --permanentfirewall-cmd --reloadЗапуск и добавить в автозапуск NGINX:
systemctl start nginxsystemctl enable nginxУстановка репы rpms.remirepo.net:
yum install -y http://rpms.remirepo.net/enterprise/remi-release-7.rpmОтключить репозиторий с PHP 5.4
yum-config-manager --disable remi-php54Подключить с PHP 7.4
yum-config-manager --enable remi-php74Установка PHP и HTTPD:
yum install -y php php-gd php-mbstring php-mysql php-pdo php-xml php-process php-mcrypt php-pear php-opcache php-ldap php-intl php-soap php-imap php-devel php-bcmath php-pecl-zipУстановка модуля MPM-ITK:
yum install -y httpd-itkОткрыть на редактирование /etc/sysconfig/httpd и добавить:
HTTPD=/usr/sbin/httpd.itkОткрыть на редактирование /etc/httpd/conf.modules.d/00-mpm-itk.conf и раскомментировать:
LoadModule mpm_itk_module modules/mod_mpm_itk.soОткрыть файл /etc/php.ini и привети параметры к данным:
date.timezone = "Europe/Moscow"
short_open_tag = On
upload_max_filesize = 128M // Максимальный размер загружаемого файла
post_max_size = 128M // Максимальный размер POST
max_input_vars = 1000000
session.gc_maxlifetime = 86400
memory_limit = // ОЗУУстановка Memcached:
yum install -y memcached php-memcachedЗапуск и добавить в автозапуск Memcached:
systemctl enable memcached && systemctl start memcachedКонфигурация Memcached: /etc/memcached.conf
Проверяем работу Memcached:
netstat -tap | grep memcachedФайл конфигурации /etc/httpd/conf/httpd.conf:
ServerRoot "/etc/httpd"
Listen 8080
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin support@hoverhost.ru
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
LoadModule setenvif_module modules/mod_setenvif.so
<IfModule setenvif_module>
SetEnvIf X-Forwarded-Proto https HTTPS=on
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
<IfModule itk.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
IncludeOptional conf.domains/*.confЗапуск и добавить в автозапуск APACHE:
systemctl start httpdsystemctl enable httpdФайл конфигурации /etc/nginx/nginx.conf:
user apache;
worker_processes 8;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
load_module modules/ngx_pagespeed.so;
worker_rlimit_nofile 10240;
events {
use epoll;
worker_connections 10240;
}
http {
include /etc/nginx/mime.types;
default_type application/force-download;
server_names_hash_bucket_size 128;
log_format main '$remote_addr - $remote_user [$time_local - $upstream_response_time] '
'$status "$request" $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
log_format common '$remote_addr - - [$time_local - $upstream_response_time] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" $msec';
log_format balancer '$remote_addr - $remote_user [$time_iso8601] "$host" '
'"$request" $status $body_bytes_sent "schema: $scheme" '
'"$http_referer" "$http_user_agent" "$http_x_forwarded_for" '
'"$request_length" : "$request_time" -> $upstream_response_time';
log_format debug '$upstream_response_time,"$time_local","$remote_addr","$request",$status,$body_bytes_sent';
pagespeed FileCachePath /var/www/ngx_pagespeed_cache;
pagespeed FileCacheSizeKb 102400;
pagespeed FileCacheCleanIntervalMs 3600000;
pagespeed FileCacheInodeLimit 500000;
access_log off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
client_max_body_size 1024m;
client_body_buffer_size 4m;
# Parameters for back-end request proxy
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
proxy_buffer_size 64k;
proxy_buffers 8 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 10m;
# Assign default error handlers
error_page 500 502 503 504 /500.html;
error_page 404 = /404.html;
# Content compression parameters
gzip on;
gzip_proxied any;
gzip_static on;
gzip_http_version 1.0;
gzip_types application/x-javascript application/javascript text/css;
include /etc/nginx/conf.d/*.conf;
}Файл конфигурации /etc/nginx/conf.d/default.conf:
server {
listen 80 default_server;
server_name _;
access_log /var/www/logs/host.access.log main;
location / {
location / {
return 301 https://$host$request_uri;
}
}
}
server {
listen 443 default_server ssl;
server_name _;
root /var/www/html;
index index.php;
charset utf-8;
access_log /var/www/logs/host.access.ssl.log main;
pagespeed FileCachePath /var/www/ngx_pagespeed_cache;
ssl_certificate "/var/www/ssl/default/certificate.pem";
ssl_certificate_key "/var/www/ssl/default/private.pem";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!SSLv2:!SSLv3;
ssl_prefer_server_ciphers on;
gzip on;
gzip_disable "msie6";
gzip_min_length 1000;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss;
location / {
location ~ [^/]\.ph(p\d*|tml)$ {
try_files /does_not_exists @fallback;
}
location ~* ^.+\.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|docx|xls|xlsx|exe|pdf|ppt|tar|wav|bmp|rtf|js)$ {
try_files $uri $uri/ @fallback;
}
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 7d;
access_log off;
}
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 7d;
access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
}
location / {
try_files /does_not_exists @fallback;
}
}
location @fallback {
proxy_pass http://127.0.0.1:8080;
proxy_redirect http://127.0.0.1:8080 /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
access_log off;
}
}Установка MariaDB Server 10 (последней версии)
Проверяем конфигурацию NGINX и применяем:
nginx -tnginx -s reload