-
-
Save blgreenaway/6810654 to your computer and use it in GitHub Desktop.
For my PHP London nginx & fpm demo - here are three examples for setup, the first of which was shown during the event.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# add the REMI repo | |
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm | |
# in /etc/yum.repos.d/nginx.repo add the following lines | |
[nginx] | |
name=nginx repo | |
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ | |
gpgcheck=0 | |
enabled=1 | |
# install it | |
yum --enablerepo=remi,remi-test install nginx php-fpm php-common | |
# install your modules for php | |
yum --enablerepo=remi,remi-test install php-pecl-apc php-cli php-pear php-pdo php-mysqlnd php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml | |
# create the php session directory | |
mkdir -p /var/lib/php/session | |
chown -R apache:apache /var/lib/php/session | |
# start services | |
service nginx start | |
service php-fpm start | |
# declare and register services for start on system boot | |
chkconfig --add nginx | |
chkconfig --levels 235 nginx on | |
chkconfig --add php-fpm | |
chkconfig --levels 235 php-fpm on | |
# and make a test site with logs like this: | |
mkdir -p /srv/www/phpdemo.london/public_html | |
mkdir -p /var/log/nginx/phpdemo.london | |
chown -R apache:apache /srv/www/phpdemo.london | |
chown -R nginx:nginx /var/log/nginx | |
mkdir /etc/nginx/sites-available | |
mkdir /etc/nginx/sites-enabled | |
# add these lines to /etc/nginx/nginx.conf within the http{} block | |
## Load virtual host conf files. ## | |
include /etc/nginx/sites-enabled/*; | |
# create the nginx config for our testsite | |
vi /etc/nginx/sites-available/phpdemo.london | |
# paste the following lines to the new config file | |
server { | |
server_name phpdemo.london; | |
access_log /var/log/nginx/phpdemo.london/access.log; | |
error_log /var/log/nginx/phpdemo.london/error.log; | |
root /srv/www/phpdemo.london/public_html; | |
location / { | |
index index.html index.htm index.php; | |
} | |
location ~ \.php$ { | |
include /etc/nginx/fastcgi_params; | |
fastcgi_pass 127.0.0.1:9000; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME /srv/www/phpdemo.london/public_html$fastcgi_script_name; | |
} | |
} | |
# make the site 'enabled' | |
cd /etc/nginx/sites-enabled/ | |
ln -s /etc/nginx/sites-available/phpdemo.london | |
# restart nginx | |
service nginx restart | |
# And open port 80 in your firewall | |
vi /etc/sysconfig/iptables | |
# Add this line immediately after your other tcp line(s) and before any other line | |
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT | |
# restart the firewall | |
service iptables restart | |
# make a phpinfo() demo page | |
cd /srv/www/phpdemo.london/public_html | |
vi index.php | |
<?php | |
phpinfo(); | |
?> | |
# go check it out! set dns in your hosts file if needed and.. | |
http://phpdemo.london |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# once part 1 is completed... | |
# install it | |
yum --enablerepo=remi,remi-test install mysql mysql-server | |
yum --enablerepo=remi,remi-test install phpmyadmin | |
# declare and register mysql service for start on system boot | |
chkconfig --add mysqld | |
chkconfig --levels 235 mysqld on | |
# start it | |
service mysqld start | |
# Follow instructions to set root password and remove temporary accounts | |
# !! important !! make your MySQL safe and secure before using in production | |
# !! important !! unsafe quick setup is very much NOT SAFE FOR PRODUCTION !! | |
mysql | |
CREATE USER 'demo'@'localhost' IDENTIFIED BY 'user'; | |
# create the nginx config for our phpMyAdmin site | |
vi /etc/nginx/sites-available/phpmyadmin.phpdemo.london | |
# paste the following lines to the new config file | |
server { | |
listen 80; | |
server_name phpmyadmin.phpdemo.london; | |
access_log /var/log/nginx/phpmyadmin/access.log; | |
error_log /var/log/nginx/phpmyadmin/error.log; | |
root /usr/share/phpMyAdmin; | |
location / { | |
index index.php; | |
} | |
## Images and static content is treated different | |
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ { | |
access_log off; | |
expires 360d; | |
} | |
location ~ /\.ht { | |
deny all; | |
} | |
location ~ /(libraries|setup/frames|setup/libs) { | |
deny all; | |
return 404; | |
} | |
location ~ \.php$ { | |
include /etc/nginx/fastcgi_params; | |
fastcgi_pass 127.0.0.1:9000; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME /usr/share/phpMyAdmin$fastcgi_script_name; | |
} | |
} | |
# and make a logs directory | |
mkdir -p /var/log/nginx/phpmyadmin | |
# make the site 'enabled' | |
cd /etc/nginx/sites-enabled | |
ln -s /etc/nginx/sites-available/phpmyadmin.phpdemo.london | |
# restart nginx | |
service nginx restart | |
# go check it out! set dns in your hosts file if needed and.. | |
http://phpmyadmin.phpdemo.london |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# once part 1 is completed... | |
# create a compatible crypt password for 'mysecret' | |
openssl passwd mysecret | |
# create a file to hold our new credentials | |
vi /etc/nginx/conf.d/admin_authpasswd | |
# for auth_basic creadentials should be stored 'user:pwd' each new user on a seperate line | |
# copy, paste and modify the following into the new credentials file | |
authadmin:WcWL2aiW3FZlU | |
# create the nginx config file for the site you wish to secure | |
vi /etc/nginx/sites-available/phpmyadmin.phpdemo.london | |
# identify the location(s) to secure with a location block and include the two 'auth_basic' lines as below | |
# with the path to your credentials file | |
location / { | |
index index.php; | |
auth_basic "authadmin demo : http_auth security"; | |
auth_basic_user_file /etc/nginx/conf.d/admin_authpasswd; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
** for phpmyadmin on 5.5 systems use
:> yum --enablerepo=remi,remi-php55 install phpmyadmin