1. 安装MYSQL

note: 如果是新购买的服务器,可能需要升级软件安装源。
否则会出现如下错误:
Reading package lists… Done
Building dependency tree
Reading state information… Done
E: Unable to locate package mysql-server
E: Unable to locate package mysql-client

升级命令:
apt-get update

1.1 安装命令

1
apt-get -y install mysql-server mysql-client

你会被要求提供MySQL的root用户密码,总共输入两次,一次输入,一次确认。我们从安装信息我们可以知道3件事:

  • 安装的MySQL的版本,此处安装的是5.7
  • 依赖包:libcgi-fast-perl libcgi-pm-perl libencode-locale-perl libevent-core-2.0-5 libfcgi-perl libhtml-parser-perl libhtml-tagset-perl libhtml-template-perl libhttp-date-perl libhttp-message-perl libio-html-perl liblwp-mediatypes-perl liburi-perl mysql-client mysql-client-5.7 mysql-client-core-5.7 mysql-common mysql-server mysql-server-5.7 mysql-server-core-5.7
  • MySQL配置文件的位置:/etc/mysql/my.cnf, update-alternatives: using /etc/mysql/my.cnf.fallback to provide /etc/mysql/my.cnf (my.cnf) in auto mode,如果没有my.cnf.fallback这个文件,可能引发错误,解决办法:《ubuntu16.04安装mysql报错解决》

1.2 安全安装

安装完成后,为了确保数据库服务器,并删除匿名用户和测试数据库,可能会提示密码强度,如果选择了高强度密码模式,需要输入符合条件的密码,还需要注意的是,最后一步可能会限制root用户通过外网访问数据库,root用户只能访问localhost,运行mysql_secure_installation命令。

1
mysql_secure_installation

具体信息,还是看下面的提示解释:

Securing the MySQL server deployment.

Enter password for user root:

首先要求输入你的密码,验证密码

VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

VALIDATE PASSWORD PLUGIN(验证密码插件)被用于测试密码和增强安全性,其能够检测密码强度,并允许用户设置足够安全的密码。你想要设置VALIDATE PASSWORD PLUGIN吗?

Press y|Y for Yes, any other key for No: y

输入y或者Y表示是,输入其他表示否:此处我选择输入y

There are three levels of password validation policy:

密码登记验证策略有三个:

LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

低 长度>=8
中 长度>=8,数字,字母大小写混合,特殊字符
高 长度>=8,数字,大小写混合,特殊字符,字典文件

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2

请输入 0 = LOW, 1 = MEDIUM, 2 = STRONG: 我这里输入的为2

Using existing password for root.

Estimated strength of the password: 50

估计密码强度为50

Change the password for root ? ((Press y|Y for Yes, any other key for No) : y

要改变root的密码吗? 我这里选择了y

New password: 开始输入新密码

Re-enter new password: 重新输入新密码

Estimated strength of the password: 50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
… Failed! Error: Your password does not satisfy the current policy requirements
这里由于我输入的密码不符合要求,更改失败了。

New password: 再次输入符合条件的密码

Re-enter new password: 再次确认密码

Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.

移除匿名用户

Normally, root should only be allowed to connect from
‘localhost’. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

不允许root远程登录,选择了yes

By default, MySQL comes with a database named ‘test’ that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y

  • Dropping test database…
    Success.

    删除了测试数据库

  • Removing privileges on test database…
    Success.

移除测试数据库的权限

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

立即重新加载权限表。

All done!

1.3 创建新用户

1
2
3
mysql>create user xiaodun identified by 'x!A0dun#2017';
# 或者,二者等价,择其一即可:
# mysql> insert into mysql.user(Host,User,Password) values("%","xiaodun",password("x!A0dun#2017"));

退出root用户,用刚才创建的用户登录,尝试一下:

1
2
3
4
5
6
7
# 退出root用户
mysql>exit;
```
``` bash
# 登录新用户xiaodun
zjw$ mysql -u xiaodun -p
zjw$ 输入刚才创建的时候的密码
1
2
# MySQL命令交互台,表示登录成功
mysql>

尝试创建数据库:

1
2
mysql> create database test122;
ERROR 1044 (42000): Access denied for user 'xiaodun'@'%' to database 'test122'

创建数据库发现没有权限,刚才我们只是创建了用户,还没有对这个用户分配权限:

1
授权格式:grant 权限 on 数据库.* to 用户名@登录主机 identified by "密码";

我们这里给xiaodun授予除了diudiu数据库最大的权限,xiaodun具有创建和删除diudiu数据库的权限、创建table的权限、增删改查的权限:

1
mysql>grant select,delete,update,create,drop on diudiu.* to xiaodun@'%' identified by 'x!A0dun#2017';

刷新mysql用户权限相关表:

1
mysql>flush privileges ;

到此,本机localhost访问已经OK了,但是远程访问还是处于拒绝状态:ERROR 2003 (HY000): Can’t connect to MySQL server on ‘xxx.xxx.xxx.xxx’ (60)

mysql默认绑定了本地ip,不接受其他来源。打开mysql配置文件,位置/etc/mysql/my.cnf以及/etc/mysql/mysql.conf.d/mysqld.cnf,找到bind-address:

bind-address = 127.0.0.1

注释掉,重启mysql。

1
2
3
service mysql restart
或者
systemctl restart mysql.service

1.4 字符集设置

mysql默认的字符集为latin1的,所以要改为utf8的。很多网上的文章执行“sudo vi /etc/mysql/my.cnf”,可是打开一看,里面就两行话:

1
2
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mysql.conf.d/

想来mysql的配置文件应该是在那两个文件夹下面,于是尝试之下打开了/etc/mysql/mysql.conf.d/ 下的mysqld.cnf文件,执行下面的命令:

1
sudo vi /etc/mysql/mysql.conf.d/mysqld.cnf

添加[client]的default-character-set=utf8以及[mysqld]的character-set-server=utf8和collation-server=utf8_general_ci两项:

1
2
3
4
5
6
7
8
9
10
11
12
... 
[client]
default-character-set=utf8

[mysqld_safe]
socket = /var/run/mysqld/mysqld.sock
nice = 0

[mysqld]
character-set-server=utf8
collation-server=utf8_general_ci
...

重启mysql,一切OK。

1.5 防火墙的解决方法

如果涉及到防火墙的问题,可以参考Ubuntu默认防火墙安装、启用、配置、端口、查看状态相关信息systemctl命令设置,如果是ECS服务器,专有网络可能需要开启安全策略,《专有网络http无法访问》

Note: 阿里云ECS需要安全规则需要开启相应的端口。

2. 安装Nginx

2.1 安装命令

1
apt-get -y install nginx
  • 依赖包:fontconfig-config fonts-dejavu-core libfontconfig1 libgd3 libvpx3 libxpm4 libxslt1.1 nginx nginx-common nginx-core
  • 配置文件位置: /etc/nginx/nginx.conf
  • 默认文档根目录root:/var/www/html
  • 日志目录: /var/log/nginx/

2.2 启动

1
service nginx start

2.3 重启

1
2
3
service nginx reload
# 或者
# service nginx restart

3. 安装PHP7

3.1 下载软件包

3.2 编译和安装

安装之前需要安装依赖包,否则会出现一些编译错误:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
apt-get install libxml2  libxml2-dev icu-devtools libicu-dev libicu55 icu-doc pkg-config icu-devtools libicu-dev libxml2-dev libicu55  openssl build-essential libssl-dev make libcurl3-gnutls curl libcurl4-gnutls-dev libjpeg-dev libpng-dev  libmcrypt-dev  libreadline6  libreadline6-dev bzip2 libxslt1-dev libfreetype6  libfreetype6-dev libcurl3-openssl-dev libgmp-dev libgmp3-dev
```


``` bash
./configure \
--prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--enable-fpm \
--with-fpm-user=www \
--with-fpm-group=www \
--enable-pdo \
--with-mysqli \
--with-pdo-mysql \
--with-mysql-sock \
--with-pdo-sqlite \
--with-iconv-dir \
--with-freetype-dir \
--with-png-dir=/usr/local/include/libpng16 \
--with-zlib \
--with-zlib-dir \
--with-iconv \
--with-bz2 \
--with-libxml-dir \
--with-readline \
--enable-xml \
--with-xmlrpc \
--disable-debug \
--disable-rpath \
--enable-bcmath \
--enable-session \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx \
--enable-shared \
--enable-inline-optimization \
--enable-filter \
--with-xsl \
--with-curl \
--with-cdb \
--with-gmp=/usr/include/i386-linux-gnu \
--enable-mbregex \
--enable-mbregex-backtrack \
--enable-mbstring \
--with-mcrypt \
--with-pcre-regex \
--with-pcre-dir \
--with-sqlite3 \
--with-libmbfl \
--with-onig \
--enable-json \
--enable-ftp \
--enable-dom \
--enable-exif \
--with-gd \
--enable-gd-native-ttf \
--enable-gd-jis-conv \
--with-openssl-dir=/usr/include/openssl \
--with-openssl \
--with-mhash \
--enable-pcntl \
--enable-zip \
--enable-soap \
--enable-calendar \
--without-pear \
--with-gettext \
--disable-fileinfo \
--enable-maintainer-zts \
--enable-mysqlnd-compression-support \
--enable-opcache

3.3 配置Nginx