ubuntu 20.04 / debian 10 安裝 Nginx + MariaDB + PHP + Memcached + Redis + HHVM

apt-get -y update

apt-get -y upgrade

apt-get -y dist-upgrade

apt-get -y install aptitude aptitude-common

apt-get -y install libmcrypt-dev

aptitude -y install nginx mariadb-server mariadb-client php-fpm php-xdebug php-imagick php-memcache php-memcached php-redis php-dev php-gd php-geoip php-imap php-ldap php-markdown php-intl php-bcmath php-zip php-bz2 php-sqlite3 php-mysql php-mbstring php-curl php-xml php-gmp php-mongodb php-pgsql sqlite3 memcached redis-server composer hhvm imagemagick fail2ban build-essential tmux htop bison python-setuptools python3-setuptools python-pip python3-pip libjemalloc1 libjemalloc-dev libmcrypt4 libmcrypt-dev mcrypt libmhash2 libmhash-dev curl libcurl4-openssl-dev openssl libssl-dev libboost-all-dev openssh-server pure-ftpd pure-ftpd-common re2c samba-client

aptitude -y install pppoeconf netdata samba fonts-hack-ttf

java 安裝與使用(可選):

https://www.java.com/zh-TW/download/help/linux_x64_install.html

https://www.oracle.com/java/technologies/javase-jre8-downloads.html

建議 將 java 安裝到 /usr/local/java 資料夾底下,沒有則新增資料夾

執行前腳本裡寫export PATH=$PWD/jdk8u265-b01-jre/bin:$PATH

然後就能用 java 指令跑程式了

如果是使用官方 nginx repo 則改用:

aptitude -y install nginx nginx-module-geoip nginx-module-image-filter nginx-module-xslt

reboot

需手動安裝的 php 套件:ioncube、swoole、phpmyadmin

從 7.2 起被棄用的 php 套件:php-mcrypt 因此不建議安裝

如果非得要安裝則參考以下方式:
wget -c http://pecl.php.net/get/mcrypt-1.0.2.tgz
tar xzf mcrypt-1.0.2.tgz
cd mcrypt-1.0.2/
/usr/bin/phpize7.2
./configure –with-php-config=/usr/bin/php-config7.2
make -j 4 && make install

禁用DHCP和網路等待以及預設DNS
systemctl mask systemd-networkd-wait-online.service
systemctl mask NetworkManager.service
systemctl mask NetworkManager-wait-online.service
#systemctl mask systemd-resolved
systemctl enable systemd-resolved
#之後要手動設定 /etc/resolv.conf 加入 IPV6 DNS
直接編輯 /etc/systemd/resolved.conf
加入:DNS=8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844
systemctl restart systemd-resolved
然後測試:ping www.google.com

P.S pppoeconf 設定 usepeerdns 只會有 IPV4 DNS

更換鏡像源:
sudo sed -i ‘s/us.archive.ubuntu.com/free.nchc.org.tw/g’ /etc/apt/sources.list

PPPOE IPV6設定:
/etc/ppp/options
#add this line at the end
+ipv6 ipv6cp-use-ipaddr

nginx設定:
/etc/nginx/nginx.conf

/usr/share/nginx/html 為網站內容資料夾

php設定:
/etc/php/7.2/fpm/php.ini
/run/php/php7.2-fpm.sock

mariadb設定:
/etc/mysql/my.cnf 為全域設定
/etc/my.cnf 為全域設定

如果兩個設定檔同時存在
則/etc/mysql/my.cnf優先權大於/etc/my.cnf
也就是上述前面會覆蓋後面的那一個檔的設定

cd /etc/mysql/mariadb.conf.d

rename ‘s/\.cnf/\.cnf1/’ *


ln -s /etc/my.cnf /etc/mysql/mariadb.conf.d/my.cnf

mysql_secure_installation
root 密碼設定

允許使用密碼登入phpmyadmin
mysql -u root -p
USE mysql;
UPDATE user SET plugin=’mysql_native_password’ WHERE user = ‘root’;
FLUSH PRIVILEGES;
QUIT;

phpmyadmin設定:
config.inc.php
mkdir upload
mkdir save

hhvm設定:
/etc/default/hhvm 為啟動參數
/etc/hhvm/server.ini 為 hhvm 伺服器設定
/etc/hhvm/php.ini 為 hhvm 的 php 設定

pure-ftpd設定:

fail2ban設定:

HHVM設定:
mkdir /var/log/hhvm
mkdir /run/hhvm
chown -R www-data:www-data /run/hhvm

samba設定:
sudo smbpasswd -a a950216t

安裝好 Samba Server 和使用者的相同設定後,接下來,就是要來調整 Samba 的設定檔了,請打開 /etc/samba/smb.conf 檔案,然後,在檔案的尾巴加入下面這幾行後存檔離開。

[public] # 下面這個 public 名稱可以自行變更
path = /home/smbuser # 這個是要分享的資料夾路徑
available = yes
valid users = smbuser # 這個是可以使用這個分享資料夾的使用者,要具有 path 所指定的路徑的權限才行
read only = no
browseable = yes
public = yes
writable = yes

sudo service smbd restart

[wwwroot]
path = /usr/share/nginx/html
available = yes
valid users = a950216t
read only = no
browseable = yes
public = no
writable = yes
force user = www-data
force group = www-data

openvz cifs 摘要
不支援 container 掛載,必須先掛載至 host,再 bind 至 container

mount -t cifs //cifs-server/share-name /mnt-cifs -o username=username
/bin/mount -n –bind /mnt-cifs /var/lib/vz/root/${VEID}/mnt

要記得打開
UDP 137
UDP 138
TCP 139
TCP 445

開機自動啟動服務:
systemctl enable hhvm
systemctl enable parsoid
systemctl enable postfix
systemctl enable php5.6-fpm
systemctl enable php7.2-fpm
systemctl enable nginx
systemctl enable memcached
systemctl enable redis-server
systemctl enable mariadb
systemctl enable smbd
systemctl enable fail2ban
update-rc.d pure-ftpd defaults

關閉錯誤服務:
systemctl mask nmbd

若samba安裝遇到錯誤只需禁用nmbd即可繼續安裝

dpkg –configure -a

/etc/php/7.2/mods-available/opcache.ini
opcache.enable=1
opcache.enable_cli=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=100000
opcache.max_wasted_percentage=5
opcache.use_cwd=1
opcache.validate_timestamps=1
opcache.revalidate_freq=60
opcache.save_comments=0
opcache.fast_shutdown=1
opcache.consistency_checks=0
;opcache.optimization_level=0

修改 mysql 密碼:
https://dev.mysql.com/doc/refman/5.7/en/set-password.html

swoole 安裝:
wget -c https://github.com/swoole/swoole-src/archive/v1.10.6.tar.gz
wget -c https://github.com/swoole/swoole-src/archive/v4.2.12.tar.gz
tar xzf v4.2.12.tar.gz
cd swoole*
/usr/bin/phpize7.3
./configure –with-php-config=/usr/bin/php-config7.3 –enable-openssl
make -j 4 && make install
cd ..
rm -rf v4.2.12.tar.gz swoole*
echo ‘extension=swoole.so’ > /etc/php/7.2/mods-available/swoole.ini
ln -s /etc/php/7.2/mods-available/swoole.ini /etc/php/7.2/fpm/conf.d/20-swoole.ini
systemctl restart php7.2-fpm

ioncube 安裝:
https://www.ioncube.com/loaders.php
/bin/mv ioncube_loader_lin_7.2.so /usr/lib/php/20170718/
chown -R root.root /usr/lib/php/20170718
echo ‘zend_extension=ioncube_loader_lin_7.2.so’ > /etc/php/7.2/mods-available/ioncube.ini
ln -s /etc/php/7.2/mods-available/ioncube.ini /etc/php/7.2/fpm/conf.d/10-ioncube.ini
systemctl restart php7.2-fpm

phalcon 安裝:

apt-get -y install php-phalcon

wget -c https://github.com/phalcon/cphalcon/archive/v3.4.2.tar.gz
tar xzf v3.4.2.tar.gz
cd cphalcon*/build
./install –phpize /usr/bin/phpize7.3 –php-config /usr/bin/php-config7.3 –arch 64bits
echo ‘extension=phalcon.so’ > /etc/php/7.3/mods-available/phalcon.ini
ln -s /etc/php/7.3/mods-available/phalcon.ini /etc/php/7.3/fpm/conf.d/20-phalcon.ini
systemctl restart php7.3-fpm

sourceguardian 安裝:
wget -c https://www.sourceguardian.com/loaders/download/loaders.linux-x86_64.tar.gz
tar xzf loaders.linux-x86_64.tar.gz
/bin/mv ixed.7.2.lin /usr/lib/php/20170718/
echo “extension=ixed.7.2.lin” > /etc/php/7.2/mods-available/sourceguardian.ini
ln -s /etc/php/7.2/mods-available/sourceguardian.ini /etc/php/7.2/fpm/conf.d/20-sourceguardian.ini
systemctl restart php7.2-fpm

ZendGuardLoader 安裝:
wget -c http://mirrors.linuxeye.com/oneinstack/src/zend-loader-php5.6-linux-x86_64.tar.gz
tar xzf zend-loader-php5.6-linux-x86_64.tar.gz
cd zend-loader-php5.6-linux-x86_64/
/bin/mv ZendGuardLoader.so /usr/lib/php/20131226/

cat > ZendGuardLoader.ini << EOF
[Zend Guard Loader]
zend_extension=ZendGuardLoader.so
zend_loader.enable=1
zend_loader.disable_licensing=0
zend_loader.obfuscation_level_support=3
EOF

ln -s /etc/php/5.6/mods-available/ZendGuardLoader.ini 11-ZendGuardLoader.ini

Yar 安裝:
wget -c https://pecl.php.net/get/yar-2.0.5.tgz
tar xzf yar-2.0.5.tgz
cd yar-2.0.5/
/usr/bin/phpize7.3
ln -s /usr/include/x86_64-linux-gnu/curl /usr/include/curl
./configure –with-php-config=/usr/bin/php-config7.3 –with-curl
make -j 4 && make install
echo ‘extension=yar.so’ > /etc/php/7.3/mods-available/20-yar.ini
ln -s /etc/php/7.3/mods-available/yar.ini 20-yar.ini
rm -rf /usr/include/curl

Yaf 安裝:
wget -c https://pecl.php.net/get/yaf-3.0.8.tgz
tar xzf yaf-3.0.8.tgz
cd yaf-3.0.8/
/usr/bin/phpize7.3
./configure –with-php-config=/usr/bin/php-config7.3
make -j 4 && make install
echo ‘extension=yaf.so’ > /etc/php/7.3/mods-available/20-yaf.ini
ln -s /etc/php/7.3/mods-available/yaf.ini 20-yaf.ini

hhvm bug:
每次重開機都要重新設定
mkdir /run/hhvm
chown -R www-data:www-data /run/hhvm
systemctl restart hhvm
需寫在自動腳本裡

php 版本對應日期:
5.6:20131226
7.0:20151012
7.1:20160303
7.2:20170718
7.3:20180731

虛擬機:
aptitude -y install open-vm-tools