linux web环境

防火墙

dnf install firewalld
systemctl start firewalld.service
firewall-cmd --version
systemctl enable firewalld

ssh 密钥登录

vi /etc/ssh/sshd_config
PubkeyAuthentication yes  #允许密钥登陆
AuthorizedKeysFile      .ssh/authorized_keys
PasswordAuthentication yes  #允许密码登陆
UsePAM yes  #允许密码登陆

MariaDB

dnf install mariadb-server
systemctl start mariadb
systemctl enable mariadb #直接复制粘贴名可能出错

mysql # 初始化 root密码
use mysql;
update user set password=password("root")where user='root';
flush privileges;
exit;

Nginx

http://nginx.org/en/download.html

dnf install make gcc-c++
dnf install pcre pcre-devel
dnf install zlib zlib-devel
dnf install openssl openssl-devel
make && make install
whereis nginx

https://nginx.org/download/nginx-1.24.0.tar.gz
tar -zxvf nginx-1.24.0.tar.gz
cd nginx-1.24.0
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module
make && make install

server {
  listen       80;
  listen       [::]:80;
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  if ($scheme = http) {
      # 强制 https
      return 301 https://$server_name$request_uri;
  }
    
   #SSL-START SSL相关配置，请勿删除或修改下一行带注释的404规则
   #error_page 404/404.html;
   ssl_certificate    public.pem;
   ssl_certificate_key    private.key;
   ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
   ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
   ssl_prefer_server_ciphers on;
   ssl_session_cache shared:SSL:10m;
   ssl_session_timeout 10m;
   add_header Strict-Transport-Security "max-age=31536000";
   error_page 497  https://$host$request_uri;
   #SSL-END

   server_name  xx.xincom.cc;
   client_max_body_size 50m;
   location / {
       proxy_pass http://127.0.0.1:9001;
   }
}

cd /lib/systemd/system/
vi nginx.service　

[Unit]
Description=nginx service
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true
[Install]
WantedBy=multi-user.target

systemctl daemon-reload
systemctl enable nginx
systemctl start nginx

# 编辑 /usr/local/nginx/conf 末尾打括号内添加
include /www/server/vhost/nginx/*.conf;

PHP

dnf install -y epel-release
dnf install -y  http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf install -y dnf-utils
dnf module list php
dnf module reset php
dnf module install -y php:remi-8.0
php -v
dnf install -y php-fpm
systemctl enable php-fpm --now
systemctl status php-fpm
dnf install -y php-{pdo,redis,mysqlnd,xml,xmlrpc,curl,gd,imagick,mbstring,opcache,soap,zip} # 扩展
systemctl restart nginx php-fpm

useradd nginx
# /etc/php-fpm.d/www.conf # 修改用户和组
user = nginx
group = nginx
listen.owner = nginx
listen.group = nginx
chown nginx /var/lib/php/session # 赋予session文件的写入权限
chown nginx /var/lib/php/wsdlcache
chown nginx /var/lib/php/opcache

#修改 /usr/local/nginx/conf/nginx.conf 设置
# user  nginx;
# include	enable-php.conf; 增加
# enable-php.conf 文件内容:
location ~ [^/]\.php(/|$)
{
	try_files $uri =404;
	fastcgi_pass unix:/run/php-fpm/www.sock;
	fastcgi_index index.php;
	include fastcgi.conf;
	include pathinfo.conf;
}

# pathinfo.conf 文件内容:
set $real_script_name $fastcgi_script_name;
if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
		set $real_script_name $1;
		set $path_info $2;
 }
fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
fastcgi_param SCRIPT_NAME $real_script_name;
fastcgi_param PATH_INFO $path_info;



phpMyAdmin: https://www.phpmyadmin.net/

配置文件：config.inc.php