Ubuntu Linux 10.04 安装及配置Nginx+PHP FPM_PHP_编程开发_程序员俱乐部

中国优秀的程序员网站程序员频道CXYCLUB技术地图
热搜:
更多>>
 
您所在的位置: 程序员俱乐部 > 编程开发 > PHP > Ubuntu Linux 10.04 安装及配置Nginx+PHP FPM

Ubuntu Linux 10.04 安装及配置Nginx+PHP FPM

 2011/12/5 7:34:55  gowithweb  http://gowithweb.iteye.com  我要评论(0)
  • 摘要:#!/bin/bash###########################################Installappserverenv.#Prepare:Ubuntu10.04Linuxserverconfigedssh,LVSRealServerandmysqlslave.##########################################[`whoami`!="root"]&&echo"Notroot."&&exit1
  • 标签:Ubuntu Linux PHP 安装 配置 Nginx
#!/bin/bash
##########################################
#        Install app server env.
#   Prepare:Ubuntu 10.04 Linux server configed ssh,LVS Real Server and mysql slave.
##########################################
[ `whoami` != "root" ] && echo "Not root." && exit 1;
export EDITOR=vim;
if ! grep "export EDITOR=vim" /etc/profile >/dev/null;
then
    echo "export EDITOR=vim;" >> /etc/profile;
fi;

#app server domain
DOMAIN='app.example.net';
#statics files server domain
S_DOMAIN='statics.app.example.net';

#Linux内核参数优化
sysctl -w net.ipv4.tcp_syncookies=1 #表示开启SYN
Cookies。当出现SYN等待队列溢出时,启用cookies来处理,可防范少量SYN攻击,默认为0,表示关闭
sysctl -w net.ipv4.tcp_tw_reuse=1 #表示开启重用。允许将TIME-WAIT
sockets重新用于新的TCP连接,默认为0,表示关闭
sysctl -w net.ipv4.tcp_tw_recycle=1 # 表示开启TCP连接中TIME-WAIT sockets的快速回收,默认为0,表示关闭
sysctl -w net.ipv4.tcp_fin_timeout=30 #表示如果套接字由本端要求关闭,这个参数决定了它保持在FIN-WAIT-2状态的时间
sysctl -w net.ipv4.tcp_max_tw_buckets=6000  #系统同时保持TIME_WAIT套接字的最大数量
sysctl -w net.core.somaxconn=262144
#表示系统同时保持TIME_WAIT套接字的最大数量,如果超过这个数字,TIME_WAIT套接字将立刻被清除并打印警告信息。默认为180000,改为5000。对于Apache、Nginx等服务器,上几行的参数可以很好地减少TIME_WAIT套接字数量,但是对于Squid,效果却不大。此项参数可以控制TIME_WAIT套接字的最大数量,避免Squid服务器被大量的TIME_WAIT套接字拖死。
sysctl -w net.ipv4.tcp_keepalive_time = 1200
#表示当keepalive起用的时候,TCP发送keepalive消息的频度。缺省是2小时,改为20分钟。
sysctl -w net.ipv4.ip_local_port_range = 1024 65000
#表示用于向外连接的端口范围。缺省情况下很小:32768到61000,改为1024到65000。
sysctl -w net.ipv4.tcp_max_syn_backlog = 8192
#表示SYN队列的长度,默认为1024,加大队列长度为8192,可以容纳更多等待连接的网络连接数。

sysctl > /etc/sysctl.conf;

( #Start


#Install  production server
(
apt-get -y --force-yes install curl;#安装curl
apt-get -y --force-yes install python-software-properties;
add-apt-repository ppa:brianmercer/php;#Ubuntu 10.04 需要添加PHP FPM的PPA源
apt-get update;

apt-get -y --force-yes install nginx;
apt-get -y --force-yes install memcached;
apt-get -y --force-yes install mercurial;
apt-get -y --force-yes install php5-cgi php5-fpm php-apc php5-mysql php5-gd php5-mcrypt php5-memcache;
) > /dev/null;

#fix "#" comment
echo 'extension=mcrypt.so' > /etc/php5/fpm/conf.d/mcrypt.ini;


#Deploy app

cd /var/www;
rm -rf app;
hg clone https://repo.app@repo.dev.example.net/hg/app/;



#Config nginx
#我们服务器有16核,所以...
echo '
user www-data;
worker_processes  16;
worker_cpu_affinity 1000000000000000 0100000000000000 0010000000000000 0001000000000000 0000100000000000 0000010000000000 0000001000000000 0000000100000000 0000000010000000 0000000001000000 0000000000100000 0000000000010000 0000000000001000 0000000000000100 0000000000000010 0000000000000001;
worker_rlimit_nofile 65536;

error_log /var/log/nginx/error.log;
pid  /var/run/nginx.pid;
events {
    use epoll;
    worker_connections 131072;
}

http {
    client_header_buffer_size   4K;
    open_file_cache max=65536 inactive=20s;
    open_file_cache_min_uses 3;
    open_file_cache_valid 30s;
    
    access_log  off;
    include /etc/nginx/mime.types;
    
    sendfile    on;
    
    tcp_nopush  on;
    tcp_nodelay on;

    gzip  on;
    gzip_disable "MSIE [1-6]\.(?!.*SV1)";
    gzip_buffers 16 64k;
    gzip_min_length 1k;
    gzip_comp_level 6;
    gzip_vary on;
    gzip_types text/plain text/javascript text/css application/x-javascript text/xml application/xml application/xml+rss;
    
    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}
' > /etc/nginx/nginx.conf;

#enable nginx-status
echo "
server {
	listen   80 default;
	server_name  localhost;

	access_log off;

	location / {
		root   /var/www/nginx-default;
		index  index.html index.htm;
	}
    location = /favicon.ico {
        log_not_found off;
    }

	location /nginx-status {
        stub_status on;
        allow 127.0.0.1;
        deny all;
    }
}" > /etc/nginx/sites-enabled/default;

echo '
server {
    listen 80;
    server_name '$DOMAIN';
    
    keepalive_timeout 0;
    
    access_log  off;
    log_not_found off;
    error_log /var/log/nginx/app.error.log;
    
    root /var/www/app/;
    index index.php index.htm index.html;
    
    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    
    location ~ ^/(protected|yii)/ {
        deny all;
    }
    
    location = /favicon.ico {
        expires max;
        return 204;
    }
    
    location ~ \.php$ {
        fastcgi_pass unix:/dev/shm/app-php-fpm.socket;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_index index.php;
        
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SERVER_ADDR $server_addr;
        fastcgi_param SERVER_PORT $server_port;
        fastcgi_param REMOTE_ADDR $remote_addr;
        fastcgi_param REMOTE_PORT $remote_port;
        fastcgi_param X-Real-IP $remote_addr;
        
        include fastcgi_params;
    }

}
' > /etc/nginx/sites-available/app;


echo '
server {
    listen 80;
    server_name '$S_DOMAIN';
    
    keepalive_timeout 60;
    access_log  off;
    log_not_found off;
    
    index index.htm index.html;
    
    location / {
        root /var/www/app/;
        deny all;
    }
    
    location ~ ^/(statics|css|assets|demo|themes|tests)/ {
        root /var/www/app/;
        gzip  on;
        gzip_disable "MSIE [1-6]\.(?!.*SV1)";
        gzip_buffers 16 64k;
        gzip_min_length 1k;
        gzip_comp_level 6;
        gzip_vary on;
        expires 7d;
        add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
    }
    
    location = /favicon.ico {
        return 204;
    }
    
    location ~ \.php$ {
        deny all;
    }
    

}
' > /etc/nginx/sites-available/s.app;


ln -sf ../sites-available/app /etc/nginx/sites-enabled/;
ln -sf ../sites-available/s.app /etc/nginx/sites-enabled/;




echo '
[global]
pid = /var/run/php5-fpm.pid
error_log = /var/log/php5-fpm-error.log
process_control_timeout = 30
daemonize = yes
[www]
listen = /dev/shm/app-php-fpm.socket
user = www-data
group = www-data
pm = static
pm.max_children = 256
pm.max_requests = 65535
request_terminate_timeout = 30
rlimit_files = 65535
' > /etc/php5/fpm/php5-fpm.conf;




service php5-fpm restart;
service nginx restart;


if ! grep "$DOMAIN" /etc/hosts;then
    echo "127.0.0.1 $DOMAIN  $S_DOMAIN" >> /etc/hosts;
fi;

(
    crontab -l|sed "/$DOMAIN/d";
    echo "
      30 * * * * curl http://$DOMAIN/CronTask/some-op

      5 * * * * curl http://$DOMAIN/CronTask/some-op
    ";
)|crontab;





#End
);

发表评论
用户名: 匿名