题目:新建三个基于域名的虚拟主机,如下:
vhost1: pma.xujunmin.com, phpMyAdmin, 同时提供https服务;
vhost2: wp.xujunmin.com, wordpress
vhost3: dz.xujunmin.com, Discuz
一、编译安装Apache
1、编译安装apr及apr-util
apr是Apache的可移植运行库,主要为上层的应用程序提供一个可以跨越多操作系统平台使用的底层支持接口库。
[root@localhostPKGS]#tar-xfapr-1.5.2.tar.bz2[root@localhostPKGS]#cdapr-1.5[root@localhostapr-1.5.2]#./configure--prefix=/usr/local/apr[root@localhostapr-1.5.2]#make&&makeinstall
[root@localhostPKGS]#tar-xfapr-util-1.5.4.tar.bz2[root@localhostPKGS]#cdapr-util-1.5.4[root@localhostapr-util-1.5.4]#./configure--prefix=/usr/local/apr-util--with-apr=/usr/local/apr
[root@localhost~]#vim/etc/ld.so.conf.d/apr_apr-util.conf[root@localhostapr-util-1.5.4]#make&&makeinstall
#导出库文件
[root@localhost~]#vim/etc/ld.so.conf.d/apr_apr-util.conf添加:/usr/local/apr/lib/usr/local/apr-util/lib
#使库文件生效并验证
[root@localhost~]#ldconfig[root@localhost~]#ldconfig-p|grepapr
2、安装依赖包
pcre-devel为http进行正则匹配的时候需要,而openssl-devel为http开启ssl功能的时候需要。
[root@localhostPKGS]#yuminstallpcre-developenssl-devel.x86_64
3、编译httpd包
[root@localhostPKGS]#tarxfhttpd-2.4.16.tar.gz[root@localhostPKGS]#cdhttpd-2.4.16[root@localhosthttpd-2.4.16]#./configure--prefix=/usr/local/apache\>--sysconfdir=/etc/httpd--enable-so--enable-ssl--enable-cgi\>--with-pcre--with-zlib--enable-rewrite--with-apr=/usr/local/apr\>--with-apr-util=/usr/local/apr-util--enable-modules=most\>--enable-mpms-shared=all--with-mpm=event[root@localhost~]#make&&makeinstall
4、其他操作
#编辑httpd,指定PidFile
[root@localhost~]#vim/etc/httpd/httpd.conf添加:PidFile"/var/run/httpd.pid"
#导出库文件
[root@localhost~]#vim/etc/ld.so.conf.d/httpd.conf/usr/local/apache/lib
#为可执行程序添加PATH路径
[root@localhost~]#echo'exportPATH=$PATH:/usr/local/apache/bin'>/etc/profile.d/httpd.sh[root@localhost~]#./etc/profile.d/httpd.sh
# 导出man文件
[root@localhost~]#vim/etc/man_db.conf添加:MANDATORY_MANPATH/usr/local/apache/man
# 添加服务
[root@localhost~]#httpd-kstart
二、编译mysql
此处使用MariaDB的二进制程序安装,无需编译
1、解压到指定目录
[root@localhostPKGS]#tar-xfmariadb-5.5.36-linux-x86_64.tar.gz-C/usr/local/[root@localhostPKGS]#cd/usr/local/
2、建立软链接,方便管理及以后升级
[root@localhostlocal]#ln-svmariadb-5.5.36-linux-x86_64mysql[root@localhost~]#mkdir/data#建立mysql数据存放目录[root@localhost~]#chown-Rmysql:mysql/data
3、创建mysql系统用户
[root@localhostmysql]#groupadd-rmysql[root@localhostmysql]#useradd-gmysql-r-s/sbin/nologin-d/datamysql[root@localhostmysql]#chown-Rmysql:mysql*
4、进行数据库安装
[root@localhostmysql]#scripts/mysql_install_db--datadir=/data--user=mysql
5、编辑mysql配置文件
[root@localhostmysql]#cpsupport-files/my-large.cnf/etc/my.cnf#覆盖/etc/my.cnf下的配置文件[root@localhostmysql]#vim/etc/my.cnfdatadir=/data#在[mysqld]添加datadir
6、添加mysql的服务脚本
[root@localhostmysql]#cpsupport-files/mysql.server/etc/rc.d/init.d/mysqld[root@localhostmysql]#chkconfig--addmysqld[root@localhostmysql]#chkconfigmysqldon[root@localhostmysql]#servicemysqlstart[root@localhostmysql]#ps-ef|grepmysqld#查看进程启动是否正常
7、查看端口监听是否正常
[root@localhostmysql]#ss-ant|grep3306LISTEN050*:3306*:*
8、其他操作
#添加二进制程序的PATH路径
[root@localhostmysql]#echo'exportPATH=$PATH:/usr/local/mysql/bin'>/etc/profile.d/mysqld.sh
[root@localhostmysql]#./etc/profile.d/mysqld.sh
#导出头文件
[root@localhostmysql]#ln-svinclude/usr/include/mysql
#导出库文件
[root@localhostmysql]#echo'/usr/local/mysql/lib'>/etc/ld.so.conf.d/mysql.conf
#修改root密码
MariaDB[(none)]>UPDATEmysql.userSETPassword=password('123456')whereUser='root';MariaDB[(none)]>createdatabasewordpress;#为安装wordpress做准备QueryOK,1rowaffected(0.00sec)MariaDB[(none)]>showdatabases;+--------------------+|Database|+--------------------+|information_schema||mysql||performance_schema||test||wordpress|+--------------------+5rowsinset(0.13sec)MariaDB[(none)]>flushprivileges;QueryOK,0rowsaffected(0.00sec)
三、编译安装PHP
1、解压
[root@localhostPKGS]#tarxfphp-5.4.40.tar.bz2[root@localhostPKGS]#cdphp-5.4.40
2、编译安装
[root@localhost~]#./configure--prefix=/usr/local/php--with-mysql=/usr/local/mysql\>--with-openssl--with-mysqli=/usr/local/mysql/bin/mysql_config\>--enable-mbstring--with-freetype-dir--with-jpeg-dir--with-png-dir\>--with-zlib--with-libxml-dir=/usr--enable-xml--enable-sockets\>--with-apxs2=/usr/local/apache/bin/apxs--with-mcrypt--with-config-file-path=/etc\>--with-config-file-scan-dir=/etc/php.d--with-bz2--enable-maintainer-zts
[root@localhostphp-5.4.40]#make&&makeinstall
3、为php提供配置文件
[root@localhostphp-5.4.40]#cpphp.ini-production/etc/php.ini
4、编辑apache配置文件httpd.conf,使apache支持php
[root@localhost~]#vim/etc/httpd/httpd.conf#AddType添加对.php及.phps后缀文件的支持AddTypeapplication/x-httpd-php.phpAddTypeapplication/x-httpd-php-source.phps
#添加php的索引文件
DirectoryIndexindex.phpindex.html
四、建立虚拟主机
三个基于域名的虚拟主机:
vhost1: pma.xujunmin.com, phpMyAdmin, 同时提供https服务;
vhost2: wp.xujunmin.com, wordpress
vhost3: dz.xujunmin.com, Discuz
1、分别创建三个虚拟主机的家目录,并将phpMyAdmin,wordpress,Discuz分别移至对应的目 录下
[root@localhost~]#mkdir-pv/www/{vhost1,vhost2,vhost3}[root@localhostPKGS]#unzipphpMyAdmin-4.4.14.1-all-languages.zip[root@localhostPKGS]#mvphpMyAdmin-4.4.14.1-all-languages/*/www/vhost1/[root@localhostPKGS]#unzipwordpress-4.3.1-zh_CN.zip[root@localhostPKGS]#mvwordpress/*/www/vhost2/[root@localhostPKGS]#unzipDiscuz_X3.2_SC_UTF8.zip[root@localhostPKGS]#mvupload/*/www/vhost3/[root@localhostPKGS#cd/www/vhost3/[root@localhostvhost3]#chown-Rdaemon:root*#更改属主信息否则安装过程中提示无权限
2、配置httpd.conf文件:
[root@localhost~]#vim/etc/httpd/httpd.conf#DocumentRoot"/usr/local/apache/htdocs"#注释掉DocumentRoot#VirtualhostsInclude/etc/httpd/extra/httpd-vhosts.conf#去掉注释,使httpd-vhosts配置生效#Secure(SSL/TLS)connectionsInclude/etc/httpd/extra/httpd-ssl.conf#去掉前面的注释,开启httpsLoadModulessl_modulemodules/mod_ssl.so#去掉前面的注释,开始ssl功能LoadModulesocache_shmcb_modulemodules/mod_socache_shmcb.so#去掉前面的注释
3、配置httpd-vhosts.conf:
[root@localhost~]#vim/etc/httpd/extra/httpd-vhosts.conf#配置基于域名wp.xujunmin.com的虚拟主机
#重启httpd服务
[root@localhost~]#httpd-kstart[root@localhost~]#ss-ant|grep443LISTEN0128:::443:::*
4、配置httpd-ssl.conf:
[root@localhost~]#vim/etc/httpd/extra/httpd-ssl.conf
5、HTTPS认证:
#自建CA:
root@localhost~]#cd/etc/pki/CA/[root@localhostCA]#(umask077;opensslgenrsa-outprivate/cakey.pem2048)#生成密钥对[root@localhostCA]#opensslreq-new-x509-keyprivate/cakey.pem-outcacert.pem-days3650#生成自签证书[root@localhostCA]#touchindex.txtserialcrlnumber[root@localhostCA]#echo01>serial
#客户端:
[root@localhost~]#mkdir/etc/httpd/ssl[root@localhost~]#cd/etc/httpd/ssl[root@localhostssl]#(umask077;opensslgenrsa-outhttpd.key1024)#生成密钥对[root@localhostssl]#opensslreq-new-keyhttpd.key-outhttpd.csr#生成证书申请请求CountryName(2lettercode)[XX]:CNStateorProvinceName(fullname)[]:BeijingLocalityName(eg,city)[DefaultCity]:BeijingOrganizationName(eg,company)[DefaultCompanyLtd]:MageduOrganizationalUnitName(eg,section)[]:OPSCommonName(eg,yournameoryourserver'shostname)[]:pma.xujunmin.comEmailAddress[]:admin.xujunmin.comPleaseenterthefollowing'extra'attributestobesentwithyourcertificaterequestAchallengepassword[]:Anoptionalcompanyname[]:
[root@localhostssl]#lshttpd.csrhttpd.key
# CA签署客户申请证书:
[root@localhostCA]#opensslca-in/etc/httpd/ssl/httpd.csr-out/etc/httpd/ssl/httpd.crt-days365
#将证书导入到IE证书的受信任的根证书颁发机构栏
#在window hosts(C:\Windows\System32\drivers\etc)中添加域名解析项
192.168.52.132 pma.xujunmin.com
192.168.52.132 wp.xujunmin.com
192.168.52.132 dz.xujunmin.com
五、测试
1、vhost1: pma.xujunmin.com
2、wp.xujunmin.com(安装具体过程省略)
3、dz.xujunmin.com(安装过程省略)
