云服务器手工编译Lnmp环境并安装wordpress系列四【php7.4编译及配置】

145次阅读

由于PHP 7.4 环境(要求openssl库版本要大于1.0.1小于3.0 ) 但 Rocky 9 自带的OpenSSL库 3.0.7 不受支持, 在此重新整理了下编译配置安装方法,也可供PHP 5.6 5.5 5.4 5.3 5.2 低版本在Rocky9上的编译安装参考.

OpenSSL 是Linux系统常用的一个加解密库，基本所有涉及到加解密算法，SSL，HTTPS 应用的软件都会用到它, 在 Rocky 9 中默认的OpenSSL 版本为 3.0.7 仅支持PHP8.1 后的版本，若使用早期PHP版本需要搭配低版本OpenSSL，如果拿它去直接去替换系统内置版本会引起很多应用报错，所以需要正确处理版本兼容问题.

PHP版本 PHP 7.4.19
OpenSSL openssl-3.0.7-27(系统自带) openssl-1.1.1w(编译安装)

php7.4的环境需求：

在PHP及扩展中和openssl 依赖关系如下
PHP 7.0 需要 OpenSSL >= 0.9.8 < 1.2
PHP 7.1-8.0 需要 >= 1.0.1 < 3.0
PHP >= 8.1 需要 >= 1.0.2 < 4.0
PHP扩展curl 依赖curl库需openssl支持, 编译使用非系统自带版本
PHP扩展zip 依赖libzip库需openssl支持,编译使用非系统自带版本

1.为系统开启 epel 和 crb 扩展源 (编译PHP依赖的包部分在这2个软件源里)
dnf install -y epel-release
dnf config-manager –set-enabled crb

2. 安装编译PHP所需的软件包.
dnf install -y wget gcc gcc-c++ make cmake perl flex bison autoconf \
automake bzip2-devel zlib-devel freetds-devel ncurses-devel \
libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel \
openssl-devel libxml2-devel gettext-devel pcre-devel curl-devel \
openldap-devel mhash-devel libtool libtool-ltdl-devel gd-devel \
net-snmp-devel libicu-devel sqlite-devel oniguruma-devel \
libsodium-devel expat-devel libzip-devel c-ares-devel

3. 编译安装 openssl 1.1.1w
wget https://www.openssl.org/source/openssl-1.1.1w.tar.gz
// 解压配置并安装
tar zxf openssl-1.1.1w.tar.gz
cd openssl-1.1.1w
// 注: -j4 用于并行编译提速,确认CPU核心不低于4个, install_sw 不安装man文档
./config –prefix=/usr/local/openssl && make -j2 && make install_sw

4. 向系统添加 openssl 1.1.1 动态库搜索路径
echo “/usr/local/openssl/lib” >> /etc/ld.so.conf.d/openssl111w.conf && ldconfig
// 检查确认结果
ldconfig -p | grep “/usr/local/openssl”

5. 确认编译的openssl 1.1.1w 版本信息
/usr/local/openssl/bin/openssl version

6. 编译安装 curl 8.9.0 使用openssl 1.1.1 版本，PHP的curl扩展需要用到它.
wget https://curl.se/download/curl-8.9.0.tar.gz
tar zxf curl-8.9.0.tar.gz
cd curl-8.9.0
// –with-ssl 指定前面安装的openssl 1.1.1w路径
// -disable-ldap 禁用ldap支持, 其依赖ldap库关联openssl3, 编译PHP 时ld会报错.
./configure –prefix=/usr/local/curl –enable-ares –without-nss –disable-ldaps –disable-ldap –with-ssl=/usr/local/openssl
make -j4 && make install

7. 编译安装libzip 1.10.1 使用openssl 1.1.1 版本，PHP的zip 扩展需要用到它
wget https://libzip.org/download/libzip-1.10.1.tar.gz
tar zxf libzip-1.10.1.tar.gz
cd libzip-1.10.1
// 使用CMAKE参数指定前面安装的 openssl 1.1.1w 路径
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/libzip \
-DOPENSSL_ROOT_DIR=/usr/local/openssl \
-DOPENSSL_LIBRARIES=/usr/local/openssl/lib \
-DENABLE_OPENSSL=on -DENABLE_GNUTLS=off \
-DENABLE_MBEDTLS=off
make -j2 && make install

8. 下载PHP 7.4.33 并进行配置安装
wget https://www.php.net/distributions/php-7.4.19.tar.gz
tar zxf php-7.4.19.tar.gz
cd php-7.4.19

//编译PHP前引入GCC环境变量，传递openssl,curl,libzip头文件和动态库路径
export CFLAGS=”-I/usr/local/openssl/include -I/usr/local/curl/include -I/usr/local/libzip/include”
export LIBS=”-L/usr/local/openssl/lib -L/usr/local/curl/lib -L/usr/local/libzip/lib64″

// 配置PHP编译参数,根据实际情况来配置需要开启的扩展
./configure’ ‘–prefix=/www/php74’ ‘–enable-fpm’ ‘–sysconfdir=/www/php74/etc’ ‘–with-config-file-path=/www/php74/etc’ ‘–enable-mysqlnd’ ‘–with-mysqli=mysqlnd’ ‘–with-pdo-mysql=mysqlnd’ ‘–with-iconv-dir=/usr/lib64’ ‘–with-openssl’ ‘–with-expat’ ‘–with-freetype’ ‘–with-jpeg’ ‘–with-webp’ ‘–with-zlib’ ‘–with-bz2’ ‘–with-curl’ ‘–with-sodium’ ‘–with-mhash’ ‘–with-zip’ ‘–enable-gd’ ‘–enable-xml’ ‘–enable-bcmath’ ‘–enable-dba’ ‘–enable-pcntl’ ‘–enable-calendar’ ‘–enable-inline-optimization’ ‘–enable-gd-jis-conv’ ‘–enable-mbregex’ ‘–enable-sysvshm’ ‘–enable-soap’ ‘–enable-mbstring’ ‘–enable-shmop’ ‘–enable-sysvmsg’ ‘–enable-sockets’ ‘–enable-ftp’ ‘–enable-exif’ ‘–disable-rpath’ ‘–without-pear’ ‘–enable-opcache

//开始编译
make -j2 &&make install

//将php.ini 配置复制到安装目录配置文件夹中
cp php.ini-production /www/php74/etc/php.ini

vim /www/php74/etc/php.ini

date.timezone = PRC (大约在954行)
expose_php = Off #避免PHP信息暴露在http头中(大约369行)
display_errors = Off(生产环境设置为off,开发环境就设置为On,便于调试)
说明:设置了dispaly_errors为off后,需要在php-fpm.conf中开启错误日志记录路径error_log = log/php-fpm.log

cd /www/php74
cp etc/php-fpm.conf.default etc/php-fpm.conf

cd /www/php74/etc/php-fpm.d/
cp www.conf.default www.conf
cd /www/php74
sbin/php-fpm
ps -e | grep php-fpm

vim/www/php74/etc/php-fpm.conf

pid = run/php-fpm.pid
error_log = log/php-fpm.log #24行这个在php.ini设置display_errors = Off时启用
设置完之后重启服务器
向进程发送信号,就可以完成进程管理
停止: kill -INT `cat /www/php74/php-fpm.pid`

云服务器手工编译Lnmp环境并安装wordpress系列一【Nginx安装及配置】

cp /www/php-7.4.19/sapi/fpm/php-fpm.service /usr/lib/systemd/system/

vim /usr/lib/systemd/system/php-fpm.service
# It’s not recommended to modify this file in-place, because it
# will be overwritten during upgrades. If you want to customize,
# the best way is to use the “systemctl edit” command.

[Unit]
Description=The PHP FastCGI Process Manager
After=network.target

[Service]
Type=simple
PIDFile=/www/php74/var/run/php-fpm.pid
ExecStart=/www/php74/sbin/php-fpm –nodaemonize –fpm-config/www/php74/etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target

user nginx;
worker_processes auto;

#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

#pid logs/nginx.pid;

events {
worker_connections 1024;
}

http {
include mime.types;
default_type application/octet-stream;

#log_format main ‘$remote_addr – $remote_user [$time_local] “$request” ‘
# ‘$status $body_bytes_sent “$http_referer” ‘
# ‘”$http_user_agent” “$http_x_forwarded_for”‘;

#access_log logs/access.log main;

sendfile on;
#tcp_nopush on;

#keepalive_timeout 0;
keepalive_timeout 65;

#gzip on;

server {
listen 80;
server_name localhost;

#charset koi8-r;

#access_log logs/host.access.log main;

location / {
root /www/nginx/html;
index index.html index.htm index.php;
}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
#proxy_pass http://127.0.0.1:9000;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}

# deny access to .htaccess files, if Apache’s document root
# concurs with nginx’s one
#
#location ~ /\.ht {
# deny all;
#}
}

# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;

# location / {
# root html;
# index index.html index.htm;
# }
#}

# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;

# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;

# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;

# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;

# location / {
# root html;
# index index.html index.htm;
# }
#}

}

如果对命令不熟，可以下载一个phpmyadmin放到网站目录，管理数据库

到此 Rocky9手工编译安装Lnmp环境就已经完成了！