日本時間に設定
sudo cp /usr/share/zoneinfo/Japan /etc/localtime
ルートへ
sudo su -
nginxインストール
yum install -y nginx
php7インストール準備
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
php7インストール
yum install -y --enablerepo=webtatic-testing php70w php70w-devel php70w-fpm php70w-mysql php70w-mbstring php70w-pdo
nginx起動テスト
/etc/rc.d/init.d/nginx start
起動確認できたらnginx設定周り調整
nginx.conf
vi /etc/nginx/nginx.conf
nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
gzip_static on;
gzip on;
gzip_http_version 1.0;
gzip_vary on;
gzip_comp_level 6;
gzip_min_length 1024;
gzip_types text/plain text/xml text/css text/javascript
application/xhtml+xml application/xml
application/rss+xml application/atom_xml
application/javascript application/x-javascript
application/x-httpd-php application/json;
gzip_disable "MSIE [1-6]\.";
proxy_cache_path /var/cache/nginx levels=1:2
keys_zone=one:4m max_size=50m inactive=120m;
proxy_temp_path /var/tmp/nginx;
proxy_cache_key "$scheme://$host$request_uri";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "";
proxy_connect_timeout 5;
proxy_send_timeout 10;
proxy_read_timeout 120;
proxy_hide_header X-Pingback;
proxy_hide_header X-Powered-By;
proxy_hide_header Etag;
proxy_hide_header Vary;
proxy_cache_use_stale timeout invalid_header http_500 http_502 http_503 http_504;
proxy_cache_lock on;
proxy_cache_lock_timeout 5s;
index index.html index.php index.htm;
upstream backend {
server unix:/var/run/nginx-backend.sock;
}
upstream phpfpm {
server unix:/var/run/php-fpm.sock;
}
include /etc/nginx/conf.d/*.conf;
}
リバースプロキシ用にバックエンド系
vi /etc/nginx/conf.d/backend.conf
backend.conf
server {
listen unix:/var/run/nginx-backend.sock;
server_name we-shirts.jp;
root /var/www/html;
access_log /var/log/nginx/backend.access.log;
client_max_body_size 24M;
fastcgi_connect_timeout 180;
fastcgi_read_timeout 180;
fastcgi_send_timeout 180;
gzip off;
gzip_vary off;
location / {
# ssi on;
# index index.html index.php index.htm;
try_files /index.php?$args /index.php?q=$uri&$args;
# try_files $uri $uri/ /index.php?$args /index.php?q=$uri&$args;
index index.php index.html index.htm;
# try_files $uri $uri/ /index.php?$args /index.php?q=$uri&$args;
}
location ~ \.(php|html)$ {
try_files $uri =404;
expires off;
fastcgi_pass phpfpm;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param REMOTE_ADDR $http_x_real_ip;
fastcgi_pass_header "X-Accel-Redirect";
fastcgi_pass_header "X-Accel-Buffering";
fastcgi_pass_header "X-Accel-Charset";
fastcgi_pass_header "X-Accel-Expires";
fastcgi_pass_header "X-Accel-Limit-Rate";
}
}
サーバ共通設定系
vi /etc/nginx/conf.d/hogehoge.conf
hogehoge.conf
server {
listen 80;
server_name we-shirts.jp;
root /var/www/html;
index index.php index.html index.htm;
charset utf-8;
client_max_body_size 100M;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location = /apple-touch-icon.png { access_log off; log_not_found off; }
location ~ /\. { deny all; access_log off; log_not_found off; }
location ^~ /license.txt { deny all; access_log off; log_not_found off; }
location ^~ /readme.html { deny all; access_log off; log_not_found off; }
location ^~ /readme-ja.html { deny all; access_log off; log_not_found off; }
location ^~ /wp-activate.php { deny all; access_log off; log_not_found off; }
location ^~ /wp-blog-header.php { deny all; access_log off; log_not_found off; }
location ^~ /wp-cron.php { deny all; access_log off; log_not_found off; }
location ^~ /wp-load.php { deny all; access_log off; log_not_found off; }
location ^~ /wp-mail.php { deny all; access_log off; log_not_found off; }
location ^~ /wp-settings.php { deny all; access_log off; log_not_found off; }
location ^~ /wp-signup.php { deny all; access_log off; log_not_found off; }
location ^~ /wp-trackback.php { deny all; access_log off; log_not_found off; }
location ^~ /xmlrpc.php { deny all; access_log off; log_not_found off; }
set $mobile '';
if ($http_user_agent ~* '(DoCoMo|J-PHONE|Vodafone|MOT-|UP\.Browser|DDIPOCKET|ASTEL|PDXGW|Palmscape|Xiino|sharp pda browser|Windows CE|L-mode|WILLCOM|SoftBank|Semulator|Vemulator|J-EMULATOR|emobile|mixi-mobile-converter)') {
set $mobile '@ktai';
}
if ($http_user_agent ~* '(iPhone|iPod|incognito|webmate|Android|dream|CUPCAKE|froyo|BlackBerry|webOS|s8000|bada|IEMobile|Googlebot\-Mobile|AdsBot\-Google)') {
set $mobile '@smartphone';
}
if ($http_cookie ~* "wptouch(_switch_cookie=normal|-pro-view=desktop)") {
set $mobile "@smartphone.desktop";
}
location ^~ /wp-content/uploads/ {
expires 30d;
# rewrite ^ http://static.tbsradio.jp$request_uri? permanent;
}
location ~* /wp-(content|admin|includes) {
index index.php index.html index.htm;
if ($request_filename ~* .*\.(xml|gz)) {
break;
expires 1d;
}
if ($request_filename ~* .*\.(txt|html|js|css|swf)) {
break;
expires 30d;
}
if ($request_filename ~* .*\.(ico|jpeg|gif|png|wmv|flv|mpg|gz)) {
break;
expires 365d;
}
if ($request_filename ~ .*\.php) {
break;
proxy_pass http://backend;
}
}
location ~* (.*)\.(gif|jpe?g|JPG|png|ico) {
# rewrite ^ http://static.tbsradio.jp$request_uri? permanent;
}
location ~* (.*)\.(css|less|js) {
break;
}
location /feed {
proxy_pass http://backend;
}
location ~ .*\.php {
proxy_pass http://backend;
}
# error_log /var/log/nginx/elb_error.log;
# empty_gif;
# break;
location @wordpress {
# ssi on;
set $do_not_cache 0;
if ($http_cookie ~* "comment_author_|wordpress_( !test_cookie)|wp-postpass_" ) {
set $do_not_cache 1;
}
if ($request_method = POST) {
set $do_not_cache 1;
}
proxy_no_cache $do_not_cache;
proxy_cache_bypass $do_not_cache;
proxy_read_timeout 300;
proxy_redirect off;
proxy_cache one;
proxy_cache_key "$scheme://$host$request_uri$mobile";
proxy_cache_valid 200 10m;
proxy_cache_valid 404 1m;
# proxy_set_header Try-Redirect-To-File $redirect_to;
proxy_pass http://backend;
}
location / {
root /var/www/html;
auth_basic “REstricted”;
auth_basic_user_file /var/www/html/.htpasswd;
try_files $uri @wordpress;
}
location ~ \.xml {
rewrite ^/sitemap.xml$ /index.php?sitemap=1 last;
rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
try_files $uri @wordpress;
}
location /healthcheck.html {
satisfy any;
allow all;
}
#error_page 404 /404.html;
# location = /40x.html {
#}
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
# location = /50x.html {
#}
#location /s3/ {
# proxy_set_header Authorization "";
# proxy_pass https://s3-ap-northeast-1.amazonaws.com/hogehoge-static-data/s3/;
#}
}
ドキュメントルートディレクトリ作成
mkdir /var/www/html/hogehoge
chown nginx:nginx /var/www/html/hogehoge
php-fpm系設定
vi /etc/php-fpm.d/www.conf
www.conf
user = nginx
group = nginx
listen = /var/run/php-fpm.sock;
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
security.limit_extensions = .php .html
php-fpmとnginx起動
/etc/rc.d/init.d/php-fpm start
/etc/rc.d/init.d/php-fpm restart
php-fpm.sockのパーミッション調整
chmod 666 /var/run/php-fpm.sock
動作確認
cd /var/www/html/hogehoge/
vi test.php
test.php
<?php phpinfo();?>
ブラウザでアクセス
basic認証準備
yum install -y httpd-tools
cd /var/www/html
htpasswd -c .htpasswd loginid
password
hogehoge.confのlocation / に下記追加
hogehoge.conf
location / {
auth_basic “REstricted”;
auth_basic_user_file /var/www/html/.htpasswd;
}
mysqlインストール
yum install -y mysql-server
chkconfig mysqld on
service mysqld start