一����、安裝軟件前的準(zhǔn)備
系統(tǒng)的安裝:插入freebsd6.2以上的光盤,最小化安裝系統(tǒng)���,同時(shí)安裝好ports
二���、手動(dòng)安裝nginx+php
1) 進(jìn)入系統(tǒng)后,準(zhǔn)備cvs更新:
1. cd /usr/ports/net/cvsup-without-gui
2. cp /usr/share/examples/cvsup/ports-supfile /etc/ports-supfile
3. # vi /etc/ports-supfile
將其中的#*default host=CHANGE_THIS.FreeBSD.org一行改為
*default host=cvsup4.FreeBSDchina.org
4. 更新ports
/usr/local/bin/cvsup -g -L 2 /etc/ports-supfile
2) 安裝mysql
#cd /usr/ports/databases/mysql51-server
#make WITH_CHARSET=gbk WITH_XCHARSET=all WITH_PROC_SCOPE_PTH=yes BUILD_OPTIMIZED=yes BUILD_STATIC=yes SKIP_DNS_CHECK=yes WITHOUT_INNODB=yes install clean
#cp /usr/local/share/mysql/my-large.cnf /usr/local/etc/my.cnf ##mysql的優(yōu)化參數(shù)��,也可以手動(dòng)修改
#rehash
# mysql_install_db --user=mysql ##初始化mysql
#/usr/local/bin/mysqld_safe & ##啟動(dòng)mysql
#/usr/local/bin/mysqladmin -u root password 'newpass' ##修改root密碼��,newpass是你需要改的密碼
關(guān)閉mysql可以使用mysqladmin -uroot -p shutdown
3) 安裝php
#cd /usr/ports/lang/php5
#make config ##配置編譯參數(shù)
[X] CLI Build CLI version
[X] CGI Build CGI version
[ ] APACHE Build Apache module
[ ] DEBUG Enable debug
[X]] SUHOSIN Enable Suhosin protection system
[X] MULTIBYTE Enable zend multibyte support
[ ] IPV6 Enable ipv6 support
[ ] REDIRECT Enable force-cgi-redirect support (CGI only)
[ ] DISCARD Enable discard-path support (CGI only)
[X] FASTCGI Enable fastcgi support (CGI only)
[X] PATHINFO Enable path-info-check support (CGI only)
#make install clean
# cp /usr/local/etc/php.ini-dist /usr/local/etc/php.ini ##cp php.ini配置文件
4) 安裝php5-extensions
# cd /usr/ports/lang/php5-extensions/
#make config
Options for php5-extensions 1.1
-------------------------------------------------
[X] CURL CURL support
[X] FTP FTP support
[X] GD
[X] GETTEXT
[X] MBSTRING multibyte string support
[X] MCRYPT Encryption support
[X] MYSQL
[X] PCRE Perl Compatible Regular Expression support
[ ] POSIX //去掉.
[ ] SQLITE //去掉.
[X] ZIP ZIP support
[X] ZLIB
# make install clean
5) 安裝Zend Optimizer
#cd /usr/ports/devel/ZendOptimizer/
#make #不要安裝�����,只需要下載解包
#cd /usr/ports/devel/ZendOptimizer/work/ZendOptimizer-*
#./install-tty ##會(huì)出現(xiàn)一個(gè)文字的安裝界面�����,只是最后一步,不要選擇apache就可以了
#vi /usr/local/etc/php.ini #插入zend的路徑����,一般來說,上面的安裝會(huì)自動(dòng)加入下面的文字�����,假如沒有,請(qǐng)手動(dòng)添加�����。
[Zend]
zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.3.0
zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.0
zend_optimizer.version=3.3.0a
zend_extension=/usr/local/Zend/lib/ZendExtensionManager.so
zend_extension_ts=/usr/local/Zend/lib/ZendExtensionManager_TS.so
小提示:安裝zend,在freebsd下面���,目前只有支持到php5.1.x�,對(duì)于php5.2.x還不能支持��,因?yàn)閦end還沒有為php5.2.x開發(fā)版本,在網(wǎng)上查了好多關(guān)于解決此類的問題��,但得到的結(jié)果是���,zend可以順利安裝���,phpinfo也顯示zend正常了,但程序無法調(diào)用�����,即zend沒有工作�,也就是目前無法解決���,我想只有等到zend php5.2.x的版本后����,才可以解決此問題,也希望哪位已經(jīng)解決此類問題的兄弟����,share一下你的經(jīng)驗(yàn)���。假如你非要使用zend�,那就請(qǐng)你將php降到5.1.x,或者你不當(dāng)心已經(jīng)升級(jí)了ports���,那建議你可以安裝php4.x�,畢竟目前php4.x還通用于大部分的環(huán)境
6) 安裝nginx
#cd /usr/ports/www/nginx/
#make install
7) 安裝lighttpd�����,為了得到fastcgi
# cd /usr/ports/www/lighttpd/
#make install
#rehash
8) 配置nginx
#user nobody
刪除前面的注釋#�,改成 user www
#log_format main '$remote_addr - $remote_user [$time_local] '
# '"$request" $status $body_bytes_sent '
# '"$http_referer" "$http_user_agent"';
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
##以上步驟����,為了能夠正常分析log的pv���,hits��,訪問量����,才設(shè)定的�����,默認(rèn)的log格式��,是無法準(zhǔn)確分析出所需要的結(jié)果
location / {
root /usr/local/www/nginx;
index index.html index.htm;
}
在index.html前面添加一個(gè)index.php
location / {
root /data/web/www.jk0086.com/htdocs;
index index.php index.html index.htm;
}
#location ~ \.php$ {
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script.name;
# include fastcgi_params;
#}
將前面的#去掉���,修改為
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/etc/nginx$fastcgi_script.name;
include fastcgi_params;
}
##去掉注釋,其實(shí)就是激活了nginx的fastcgi功能,也說明了nginx本身就已經(jīng)準(zhǔn)備用于fastcgi的環(huán)境中
9) 配置spawn-fcgi��,就是一個(gè)啟動(dòng)fastcgi命令����,使得nginx可以通過9000端口訪問(純粹個(gè)人理解-_-)
參數(shù)說明:****127.0.0.1的9000端口,進(jìn)程數(shù)為64(如果服務(wù)器內(nèi)存小于3GB�,可以只開啟25個(gè)進(jìn)程)�,用戶為www
/usr/local/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www -g www -C 64 -f /usr/local/bin/php-cgi
10) 這邊請(qǐng)注意啟動(dòng)順序,先啟動(dòng)fastcgi����,再啟動(dòng)nginx
Nginx.conf由于經(jīng)常需要修改���,即經(jīng)常需要重啟nginx,因此這邊寫了一個(gè)啟動(dòng)腳本,請(qǐng)查看:
#!/usr/local/bin/bash
case $1 in
start)
/usr/local/sbin/nginx
;;
stop)
killall -9 nginx
;;
test)
nginx -t -c /usr/local/etc/nginx/nginx.conf
;;
restart)
ps auxww | grep nginx | grep master | awk '{print $2}' | xargs kill -HUP
;;
show)
ps -aux|grep nginx
;;
esac
保存為nginx.sh使用方法為:
nginx.sh start #啟動(dòng)nginx
nginx.sh stop #停止nginx
nginx.sh restart #重啟nginx
nginx.sh test #測試nginx.conf的準(zhǔn)確性
11) 安裝phpMyAdmin
#cd /usr/ports/databases/phpmyadmin
#make install
#mv /usr/local/www/phpmyadmin /data/web/ www.jk0086.com/htdocs/
#cd /data/web/www.jk0086.com/htdocs/phpmyadmin
#vi config.inc.php ##這邊要說明一下����,freebsd默認(rèn)安裝的phpmyadmin���,里面配置文件有問題�����,需要手動(dòng)修改,請(qǐng)修改成如下內(nèi)容:
?php
/* $Id: config.sample.inc.php 9689 2006-11-10 20:05:49Z nijel $ */
// vim: expandtab sw=4 ts=4 sts=4:
/**
* phpMyAdmin sample configuration, you can use it as base for
* manual configuration. For easier setup you can use scripts/setup.php
*
* All directives are explained in Documentation.html and on phpMyAdmin
* wiki http://wiki.cihar.com>.
*/
/*
* This is needed for cookie based authentication to encrypt password in
* cookie
*/
$cfg['blowfish_secret'] = 'asdf:LKJ'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
/*
* Servers configuration
*/
$i = 0;
/*
* First server
*/
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
/* Select mysqli if your server has it */
$cfg['Servers'][$i]['extension'] = 'mysql';
/* User for advanced features */
// $cfg['Servers'][$i]['controluser'] = 'pam';
// $cfg['Servers'][$i]['controlpass'] = 'pampasswd';
/* Advanced phpMyAdmin features */
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
// $cfg['Servers'][$i]['relation'] = 'pma_relation';
// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
// $cfg['Servers'][$i]['history'] = 'pma_history';
// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
/*
* End of servers configuration
*/
/*
* Directories for saving/loading files from server
*/
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
?>
以上只是一個(gè)配置文件����,當(dāng)你打開Phpmyadmin的時(shí)候,會(huì)提示你輸入用戶名密碼����,然后登陸數(shù)據(jù)庫,相對(duì)比較安全的
三、系統(tǒng)優(yōu)化+防止ddos
1) 這個(gè)話題有點(diǎn)大,我相信我做的只是其中很小的一部分,同時(shí)很多人也會(huì)問我����,是不是要編譯內(nèi)核���,這邊的回答是不需要編譯任何內(nèi)核�����,只需要copy文件,然后重啟一下服務(wù)器就可以了����。
2) 加載文件修改
# vi /boot/loader.conf #加入如下文本
kern.dfldsiz="2147483648" # Set the initial data size limit
kern.maxdsiz="2147483648" # Set the max data size
kern.ipc.nmbclusters="0" # Set the number of mbuf clusters
kern.ipc.nsfbufs="66560" # Set the number of sendfile(2) bufs
##解釋:
a. 第一,第二行主要是為了突破1G內(nèi)存設(shè)置的
b. 第三行其實(shí)是bsd的一個(gè)bug����,當(dāng)系統(tǒng)并發(fā)達(dá)到一個(gè)數(shù)量級(jí)的時(shí)候,系統(tǒng)會(huì)crash�,這個(gè)是非常糟糕的事情,所幸更改了這個(gè)參數(shù)后�����,在高并發(fā)的時(shí)候����,基本可以沒有類似情況,當(dāng)然非常bt的情況��,還得進(jìn)一步想辦法
c. 第四行是讀取的文件數(shù)�,如果你下載的文件比較大,且比較多��,加大這個(gè)參數(shù)�����,是非常爽的
3) Sysctl修改
#vi /etc/rc.local
sysctl kern.ipc.maxsockets=100000 ##增加并發(fā)的socket,對(duì)于ddos很有用
sysctl kern.ipc.somaxconn=65535 ##打開文件數(shù)
sysctl net.inet.tcp.msl=2500 ##timeout時(shí)間
4) 通過上述的簡單優(yōu)化�����,會(huì)給你帶來意外的驚喜�����,如果有興趣的兄弟���,可以嘗試一下看看�,絕無副作用�����。
四����、其他
1) 加速ports安裝
#vi /etc/make.conf ##加入如下
MASTER_SITE_OVERRIDE?=http://ports.hshh.org/${DIST_SUBDIR}/
MASTER_SITE_OVERRIDE?=http://ports.cn.freebsd.org/${DIST_SUBDIR}/
2) Freebsd顏色顯示
secureCRT設(shè)置:仿真:終端->linux>勾選ANSI顏色-->確定
#vi /etc/csh.cshrc ##加入如下
setenv LSCOLORS ExGxFxdxCxegedabagExEx
setenv CLICOLOR yes
#cd /usr/ports/edit/vim;make install
#echo "syntax on">/root/.vimrc
#echo "alias vi vim" >>/root/.cshrc
##顏色主要是靠vim來顯示的��,因此需要安裝vim����,然后把vi alias成vim就可以了
3) Other。�。。��。�����。�。��。��。更新中
