本文共 5414 字,大约阅读时间需要 18 分钟。
1.关于lnamp架构介绍
linux+nginx+apache+mysql+php
2.给大家分享一个这种架构的一键安装脚本ezhttp
下载地址:
备用下载地址:
3.多站点配置:
nginx配置:
error_log logs/error.log error ;pid logs/nginx.pid;user www;worker_processes auto;worker_rlimit_nofile 51200;events { use epoll; worker_connections 51200;}http { client_body_buffer_size 32k; client_header_buffer_size 2k; client_max_body_size 2m; default_type application/octet-stream; log_not_found off; server_tokens off; include mime.types; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml application/rss+xml application/xhtml+xml application/atom_xml; gzip_vary on; #error_page 500 502 503 504 /50x.html; log_format access '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" $http_x_forwarded_for'; server { listen 80 default_server; server_name localhost; index index.php index.html index.htm; root /home/wwwroot/; location ~ .*\.(php|php5)?$ { proxy_pass http://127.0.0.1:88; include proxy.conf; } } include vhost/*.conf; }
nginx多站点配置:
|------nginc.conf
|-----------|vhost |-----------|vhost-------|abc.com.config |-----------|vhost-------|bcd.com.config |-----------|vhost-------|efg.com.configabc.com.config
server { server_name abc.com; listen 80; listen 443 ssl; ssl_certificate /usr/local/nginx/certificate/abc.com/1657267_abc.com.pem ; #crt文件位置 ssl_certificate_key /usr/local/nginx/certificate/abc.com/1657267_abc.com.key ;#key文件位置 ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; index index.php index.html index.htm; root /home/wwwroot/abc/; location / { try_files /index.html @apache; } location @apache { internal; proxy_pass http://127.0.0.1:88; include proxy.conf; } location ~ .*\.(php|php5)?$ { proxy_pass http://127.0.0.1:88; include proxy.conf; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } access_log /home/wwwlog/abc.com/access_nginx.log access; error_log /home/wwwlog/abc.com/error_nginx.log error;}
bcd.com.config(参考abc.com.config)
efg.com.config(参考abc.com.config)
apache配置:
ServerRoot "/usr/local/apache"Listen 127.0.0.1:88LoadModule deflate_module modules/mod_deflate.soLoadModule expires_module modules/mod_expires.soLoadModule headers_module modules/mod_headers.soLoadModule ssl_module modules/mod_ssl.soLoadModule rewrite_module modules/mod_rewrite.soLoadModule php5_module modules/libphp5.soServerAdmin 1620016116@qq.comServerName localhost:80DocumentRoot "/usr/local/apache/htdocs" User wwwGroup www Options FollowSymLinks AllowOverride None Order deny,allow Deny from all Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all DirectoryIndex index.html Order allow,deny Deny from all Satisfy All ErrorLog "logs/error_log"LogLevel warnLogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio CustomLog "logs/access_log" commonScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/" AllowOverride None Options None Order allow,deny Allow from all DefaultType text/plainTypesConfig conf/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgzAddtype application/x-httpd-php .php Include conf/extra/httpd-vhosts.confInclude conf/extra/httpd-ssl.confSSLRandomSeed startup builtinSSLRandomSeed connect builtin
apache多站点配置:
|------nginc.conf
|-----------|vhost |-----------|vhost-------|abc.com.config |-----------|vhost-------|bcd.com.config |-----------|vhost-------|efg.com.configabc.com.config
ServerName abc.com ServerAlias abc.com DocumentRoot /home/wwwroot/abc/ DirectoryIndex index.php index.html index.htm Options +Includes -Indexes AllowOverride All Order Deny,Allow Allow from All php_admin_value open_basedir /home/wwwroot/abc/:/tmp:/proc ErrorLog /home/wwwlog/abc.com/error_apache.log TransferLog /home/wwwlog/abc.com/access_apache.log
4.lnamp架构证书安装
看似完美的一机负载均衡,那么问题来了,lnamp架构如何安装证书呢?
只给nginx安装证书?或者只给apache安装证书?或者两者都安装?
大家知道https协议的默认访问端口是 443 ,如果给apache和nginx都安装证书,那么会存在端口占用问题,导致服务器不能启动
我的做法是只在nginx监听443端口,nginx配置证书。见abc.com.config文件的证书配置
listen 443 ssl;ssl_certificate /usr/local/nginx/certificate/abc.com/1657267_abc.com.pem ; #crt文件位置ssl_certificate_key /usr/local/nginx/certificate/abc.com/1657267_abc.com.key ;#key文件位置ssl_session_timeout 5m;ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_prefer_server_ciphers on; index index.php index.html index.htm;
本人也在质疑这种配置方式,但是线上项目能正常运行成功,欢迎大家尝试我的配置方法,如果不能安装成功,请在博客下方留言,我再研究改进
转载地址:http://neboi.baihongyu.com/