网上的一些文章都已经比较老了,现在版本高了之后,其实配置是很省力的(不考虑什么负载的话)
分享全过程,出了文中提到的安装epel rpmfushion 源指令不同外,其他的过程也适用与Centos 5
1.安装CentOS 6 ,可以选择最小安装,也可以安装桌面
2.升级系统
view sourceprint?yum update 3.安装mysql,并设置mysql开机自启动,同时启动mysql
view sourceprint?yum install mysql yum install mysql-server chkconfig --levels 35 mysqld on service mysqld start 4.配置mysql的root密码
view sourceprint?mysql_secure_installation Enter current password for root (enter for none): ( 回车)
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] (Y)
New password: (123456)
Re-enter new password: (123456)
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
(是否移出数据库的默认帐户,如果移出,那么在终端中直接输入mysql是会提示连接错误的)Y
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
(是否禁止root的远程登录)Y
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y
5.安装apache,并设置开机启动
view sourceprint?yum install httpd chkconfig --levels 35 httpd on service httpd start 这时候可以测试apache是否正常工作
直接浏览器访问localhost应该没问题,但是如果别的机子访问不了的话,是因为防火墙的关系,配置防火墙
(后面的ssl还会有这个问题的)
6.安装php
view sourceprint?yum install php yum install php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc 这个时候php就安装完成拉,写个脚本测试一下
view sourceprint?vi /var/www/html/info.php 输入
view sourceprint? 访问localhost/info.php即可~
7.安装phpMyAdmin
首先先给系统安装epel 和rpmfushion两个软件大仓库
view sourceprint?rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/6/i386/rpmfusion-free-release-6-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/6/i386/rpmfusion-nonfree-release-6-0.1.noarch.rpm 如果是centos 5 的话执行下面
view sourceprint?rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/5/i386/rpmfusion-free-release-5-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/5/i386/rpmfusion-nonfree-release-5-0.1.noarch.rpm 接着安装起来就很方便拉,~根本不需要去下载就可以获得最新的版本
view sourceprint?yum install phpmyadmin 安装完成后还需要配置一下访问权限,使得出了本机外,其他机子也能访问phpMyAdmin
view sourceprint?vi /etc/httpd/conf.d/phpMyAdmin.conf 找到两个directory的权限设置,Allow from 改成All
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from All
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from All
重启服务器
view sourceprint?service httpd restart 测试localhost/phpMyAdmin
用户名密码:root 123456
OK~ LAMP搭建完毕,
8.搭建SSL,让apache支持https
view sourceprint?yum install mod_ssl 其实安装完这个模块后,重启完apache 就可以用https://localhost测试了,因为他创建了默认的证书
在/etc/pki/tls下
当然我们也可以用openssl创建自己的证书
view sourceprint?yum install openssl 生成证书文件
创建一个rsa私钥,文件名为server.key
view sourceprint?openssl genrsa -out server.key 1024 Generating RSA private key, 1024 bit long modulus
............++++++
............++++++
e is 65537 (0x10001)
用 server.key 生成证书签署请求 CSR
view sourceprint?openssl req -new -key server.key -out server.csr Country Name:两个字母的国家代号
State or Province Name:省份名称
Locality Name:城市名称
Organization Name:公司名称
Organizational Unit Name:部门名称
Common Name:你的姓名
Email Address:地址
至于 'extra' attributes 不用输入.直接回车
生成证书CRT文件server.crt。
view sourceprint?openssl x509 -days 365 -req -in server.csr -signkey server.key -out server.crt 修改ssl.conf指定我们自己生成的证书
view sourceprint?vi /etc/httpd/conf.d/ssl.conf 找到如下位置,修改路径
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
OK
view sourceprint?service httpd restart 一切都搞定拉~~
整个过程我们不需要修改/etc/httpd/conf/httpd.conf 这就是版本高了的好处阿~