Linux

记录在树莓派上编译安装LNMP环境全过程

树莓派体积小巧,但也限制了其性能。这使得在树莓派上只能选择资源占用较小的服务。如果用作HTTP服务器,Apache+MySQL就未免太臃肿了。在这里,推荐的配合是Nginx+MairaDB

1.准备

设备:树莓派3 Model B

系统:raspbian

2.下载Nginx/PCRE/OpenSSL源码包

Nginx:http://nginx.org/en/download.html

PCRE:https://ftp.pcre.org/pub/pcre/

OpenSSL:https://www.openssl.org/source/(不要下载fips版本)

PHP:http://php.net/get/php-7.0.23.tar.gz/from/a/mirror

MairaDB:https://downloads.mariadb.org/mariadb/10.2.8/

3.安装

创建一个目录用来存放源码,然后将下载的源码解压后放进去:

mkdir code
mv *.tar.gz ./code
cd code
tar -zxvf *.tar.gz

pi@raspberrypi:~/code $ ls
nginx-1.12.1 pcre-8.41 openssl-1.1.0f.tar.gz

1.安装PCRE/Nginx

进入PCRE源码目录,执行

 ./configure

pi@raspberrypi:~/code $ cd pcre-8.41/
pi@raspberrypi:~/code/pcre-8.41 $ sudo ./configure

进入Nginx源码目录,编译安装Nginx:

./configure \
--prefix=/etc/nginx \
--with-pcre=/home/code/pcre-8.41 \
--sbin-path=/usr/sbin/nginx \
--with-http_ssl_module \
--with-openssl=/home/code/openssl-1.1.0f

其中在

--with-pcre=

指定的是pcre的源码目录。

--with-openssl=

指向openssl的源码目录。

然后开始编译:

make && sudo make install

如果编译时出现问题,可能是PCRE源码的问题,改用apt-get安装pcre即可:

sudo apt-get install libpcre3 libpcre3-dev

,然后在Nginx源码目录下执行

./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --with-http_ssl_module --with-openssl=/openssl

,再执行

make && sudo make install

然后静静等待编译完成。

编译完成后,启动Nginx:

sudo /usr/local/sbin/nginx

在浏览器中访问树莓派的地址,出现下图说明安装成功。

2.安装PHP

①apt-get安装(via:https://segmentfault.com/a/1190000008664157)

在/etc/apt/source.list中添加一行:

deb http://mirrordirector.raspbian.org/raspbian/ stretch main contrib non-free rpi

接着创建一个文件 sudo vi /etc/apt/preferences,添加以下内容:

Package: *
Pin: release n=jessie
Pin-Priority: 600

更新源,安装PHP:

sudo apt-get update
sudo apt-get install -t stretch php7.0 php7.0-curl php7.0-gd php7.0-fpm php7.0-cli php7.0-opcache php7.0-mbstring php7.0-xml php7.0-zip

安装好之后执行 php -v 可以查看版本。

②源码安装

将下载的源码解压到之前创建的目录中:

cd code
wget http://cn2.php.net/get/php-7.0.23.tar.gz/from/this/mirror
tar -zxvf php-7.0.23.tar.gz

安装依赖:

sudo apt-get install libxml2* libbz2-dev libjpeg-dev libmcrypt-dev libxslt1-dev libxslt1.1 libpq-dev build-essential git make

添加php用户和组:

groupadd -r www && useradd -r -g www -s /bin/false -d /usr/local/php -M php

编译配置:

 ./configure \
--prefix=/usr/local/php \
--exec-prefix=/usr/local/php \
--bindir=/usr/local/php/bin \
--sbindir=/usr/local/php/sbin \
--includedir=/usr/local/php/include \
--libdir=/usr/local/php/lib/php \
--mandir=/usr/local/php/php/man \
--with-config-file-path=/usr/local/php/etc \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mcrypt=/usr/include \
--with-mhash \
--with-openssl \
--with-mysql=shared,mysqlnd \
--with-mysqli=shared,mysqlnd \
--with-pdo-mysql=shared,mysqlnd \
--with-gd \
--with-iconv \
--with-zlib \
--enable-zip \
--enable-inline-optimization \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-xml \
--enable-bcmath \
--enable-shmop \
--enable-sysvsem \
--enable-mbregex \
--enable-mbstring \
--enable-ftp \
--enable-gd-native-ttf \
--enable-pcntl \
--enable-sockets \
--with-xmlrpc \
--enable-soap \
--without-pear \
--with-gettext \
--enable-session \
--with-curl \
--with-freetype-dir \
--enable-opcache \
--enable-redis \
--enable-fpm \
--enable-fastcgi \
--with-fpm-user=www \
--with-fpm-group=www \
--without-gdbm \
--with-fpm-user=nginx \
--with-fpm-group=nginx \
--disable-fileinfo

时间还是有些长的,耐心等待,configure完后就可以继续编译了:

make && sudo make install

配置php-fpm:

cd /usr/local/php/etc
cp php-fpm.conf.default php-fpm.conf
cd /usr/local/php/etc/php-fpm.d
cp www.conf.default www.conf

启动php-fpm:

/usr/local/php/sbin/php-fpm

3.安装MairaDB/MySQL

①apt-get安装MairaDB

sudo apt-get install mariadb-server

安装过程中会提示设置MariaDB的密码:

稍等,MairaDB就安装完毕了。使用以下命令就可以登陆MariaDB:

mysql -u root -p

②编译安装MariaDB

MariaDB不使用./configure的方式编译配置,而是使用cmake,所以需要先安装cmake工具。

wget https://cmake.org/files/v3.5/cmake-3.5.2-Linux-i386.tar.gz     #下载cmake源码
tar -zxvf *.tar.gz       #解压源码
cd cmake-3.5.2           #进入源码目录
./configure              #编译配置
sudo make && sudo make install     #编译并安装

编译cmake的过程有些漫长,耐心等待。完成后查看是否已经正常安装:

pi@raspberrypi:~/cmake-3.5.2 $ cmake --version
cmake version 3.5.2

CMake suite maintained and supported by Kitware (kitware.com/cmake).

开始安装MairDB,首先添加用户和组:

sudo groupadd mysql
sudo useradd -s /sbin/nologin -g mysql -M mysql #创建mariadb用户

检查创建的用户:

pi@raspberrypi:~/cmake-3.5.2 $ tail -1 /etc/passwd
mysql:x:1001:1001::/home/mysql:/sbin/nologin

到官网上下载MaiaDB源码:https://downloads.mariadb.org/mariadb/10.2.9/

下载完后解压,进入源码目录。使用cmake配置源码:

cmake . \
  -DCMAKE_BUILD_TYPE:STRING=Release \
  -DCMAKE_INSTALL_PREFIX:PATH=/usr/local/mysql \
  -DENABLE_DEBUG_SYNC:BOOL=OFF \
  -DMYSQL_DATADIR:PATH=/var/lib/mysql \
  -DUSE_ARIA_FOR_TMP_TABLES:BOOL=ON \
  -DWITHOUT_PBXT_STORAGE_ENGINE:BOOL=ON \
  -DWITH_ARCHIVE_STORAGE_ENGINE:BOOL=ON \
  -DWITH_ARIA_STORAGE_ENGINE:BOOL=ON \
  -DWITH_BLACKHOLE_STORAGE_ENGINE:BOOL=OFF \
  -DWITH_EMBEDDED_SERVER:BOOL=OFF \
  -DWITH_EXTRA_CHARSETS:STRING=all \
  -DWITH_FEDERATEDX_STORAGE_ENGINE:BOOL=OFF \
  -DWITH_FEEDBACK:BOOL=OFF \
  -DWITH_INNOBASE_STORAGE_ENGINE:BOOL=ON \
  -DWITH_LIBWRAP:BOOL=OFF \
  -DWITH_PARTITION_STORAGE_ENGINE:BOOL=ON \
  -DWITH_PERFSCHEMA_STORAGE_ENGINE:BOOL=ON \
  -DWITH_SSL:STRING=system \
  -DWITH_ZLIB:STRING=system

编译安装(

-j4

:同时使用4线程,这是为了提高编译的速度,编译时会同时跑满树莓派的4个核心,所以如果你的树莓派没有散热措施,建议不要使用这个选项):

sudo make -j4 && sudo make install

这个过程仍然十分漫长……两个小时左右。(如果可以的话,建议用交叉编译环境)

完成安装后,要对MairaDB进一步地配置:

mkdir /var/run/mysqld
mkdir /var/log/mysql
mkdir -p /var/lib/mysql
mkdir /etc/mysql
chown -R mysql:mysql /usr/local/mysql/
chown -R mysql:mysql /var/run/mysqld/
chown -R mysql:mysql /var/log/mysql/
chown -R mysql:mysql /var/lib/mysql/

复制配置文件:

cp support-files/my-medium.cnf /etc/mysql/my.cnf

修改root用户密码:

/usr/local/mysql/bin/mysqladmin -u root password 'password'

附录

PHP的推荐配置文件(via:TypeCodes)

php.ini

php.ini是php运行核心配置文件:

######避免PHP信息暴露在http头中
expose_php = Off

######避免暴露php调用mysql的错误信息
display_errors = Off

######在关闭display_errors后开启PHP错误日志(路径在php-fpm.conf中配置)
log_errors = On

######设置PHP的扩展库路径
extension_dir = "/usr/local/php7/lib/php/extensions/no-debug-non-zts-20141001/"

######设置PHP的opcache和mysql动态库
zend_extension=opcache.so
extension=mysqli.so
extension=pdo_mysql.so

######设置PHP的时区
date.timezone = PRC

######开启opcache
[opcache]
; Determines if Zend OPCache is enabled
opcache.enable=1

######设置PHP脚本允许访问的目录(需要根据实际情况配置)
;open_basedir = /usr/share/nginx/html;

php-fpm.conf

php-fpm.conf是php-fpm进程服务的配置文件:

######设置错误日志的路径
error_log = /var/log/php-fpm/error.log
######引入www.conf文件中的配置
include=/usr/local/php7/etc/php-fpm.d/*.conf

www.conf(位于php-fpm.d目录)

www.conf这是php-fpm进程服务的扩展配置文件:

######设置用户和用户组
user = nginx
group = nginx

######根据nginx.conf中的配置fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;设置PHP监听
; listen = 127.0.0.1:9000 #####不建议使用
listen = /var/run/php-fpm/php-fpm.sock

######开启慢日志
slowlog = /var/log/php-fpm/$pool-slow.log
request_slowlog_timeout = 10s

######设置php的session目录(所属用户和用户组都是nginx)
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session

适用于ownCloud/Nextcloud的Nginx配置文件

upstream php-handler {
    server 127.0.0.1:9000;
    #server unix:/var/run/php5-fpm.sock;
}
 
server {
    listen 80;
    server_name cloud.dreampacific.cn;
    # enforce https
    return 301 https://$server_name$request_uri;
}
 
server {
    listen 443 ssl;
    server_name cloud.dreampacific.cn;
 
    ssl_certificate /etc/nginx/cert/nextcloud.crt;
    ssl_certificate_key /etc/nginx/cert/nextcloud.key;
 
    # Add headers to serve security related headers
    # Before enabling Strict-Transport-Security headers please read into this
    # topic first.
    add_header Strict-Transport-Security "max-age=15768000;
    includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
 
    # Path to the root of your installation
    root /usr/share/nginx/html/nextcloud/;
 
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
 
    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;
 
    location = /.well-known/carddav {
      return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host/remote.php/dav;
    }
 
    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;
 
    # Disable gzip to avoid the removal of the ETag header
    gzip off;
 
    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;
 
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
 
    location / {
        rewrite ^ /index.php$uri;
    }
 
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
        deny all;
    }
 
    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
        include fastcgi_params;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS on;
        #Avoid sending the security headers twice
        fastcgi_param modHeadersAvailable true;
        fastcgi_param front_controller_active true;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
    }
 
    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
        try_files $uri/ =404;
        index index.php;
    }
 
    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=7200";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        # Before enabling Strict-Transport-Security headers please read into
        # this topic first.
        add_header Strict-Transport-Security "max-age=15768000;
        includeSubDomains; preload;";
        add_header X-Content-Type-Options nosniff;
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        # Optional: Don't log access to assets
        access_log off;
    }
 
    location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log off;
    }
}

 

(0)

本文由 橙叶博客 作者:FrankGreg 发表,转载请注明来源!

关键词:,

热评文章

评论:

3 条评论,访客:3 条,博主:0 条
  1. somebody
    somebody发布于: 

    发现一处错误:apt-get install maraidb-server
    应该是:apt-get install mariadb-server
    一开始纳闷了,怎么错误,结果发现名字错了。

    • FrankGreg
      FrankGreg发布于: 

      感谢指出,已订正。

  2. Chauzeix
    Chauzeix发布于: 

    大师:遇到过这种情况吗,不知如何解决。抽空帮忙看下啊。

    安装后出现以下错误:

    Internal Server Error

    The server encountered an internal error and was unable to complete your request.
    Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
    More details can be found in the server log.

发表评论

电子邮件地址不会被公开。 必填项已用*标注