- yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
- yum -y install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
- yum -y install yum-utils
- yum-config-manager --enable remi-php74
- yum update
- yum install php php-cli php-fpm php-mysqlnd php-zip php-devel php-gd php-mcrypt \
- php-mbstring php-curl php-xml php-pear php-bcmath php-json \
- php-mysqlnd php-xml php-xmlrpc php-pdo php-pecl-zip php-intl php-common
-
Opcache 最初被称为 Zend Optimizer+,Opcache(在推出PHP 5.5.0以后)是被作为内置扩展以提高性 PHP 的性能。通过 PECL 它也可以用于 5.2,5.3和5.4 版本的 PHP。它的工作原理是将预编译的脚本字节码存储在共享内存中,从而 PHP 无需为每个请求加载和解析脚本。
- # yum install php-opcache
- # vim /etc/php.d/10-opcache.ini
- opcache.enable_cli=1
- opcache.memory_consumption=128
- opcache.interned_strings_buffer=8
- opcache.max_accelerated_files=4000
- opcache.revalidate_freq=60
- opcache.fast_shutdown=1
-
最新版本是10.9.1,这里向下移几个小版本,保证稳定性
- // configuration yum repo
- # vi /etc/yum.repos.d/MariaDB.repo
- [mariadb]
- name = MariaDB
- baseurl = http://yum.mariadb.org/10.5/centos7-amd64
- gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
- gpgcheck=1
-
- // install the mariadb and configuration for safe
- # yum install MariaDB-server MariaDB-client -y
- # systemctl start mariadb
- # systemctl enable mariadb
- # systemctl status mariadb
- # mysql_secure_installation
- # mysql -V
- # mysqld --print-defaults
- # mysql -u root -p
-
配置数据库my.cnf
- # cat /etc/my.cnf|grep -v ^#
- [mysqld]
- datadir=/var/lib/mysql
- socket=/var/lib/mysql/mysql.sock
- symbolic-links=0
- innodb_file_format = Barracuda
- innodb_file_per_table = 1
- innodb_large_prefix = true
-
- character-set-server = utf8mb4
- collation-server = utf8mb4_unicode_ci
- skip-character-set-client-handshake
-
- [mysqld_safe]
- log-error=/var/log/mariadb/mariadb.log
- pid-file=/var/run/mariadb/mariadb.pid
-
- !includedir /etc/my.cnf.d
-
-
- [client]
- default-character-set = utf8mb4
-
- [mysql]
- default-character-set = utf8mb4
-
SQL
创建用户
- CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
- GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO 'moodleuser'@'localhost' IDENTIFIED BY 'yourpassword';
-
SQL
- yum -y install nginx
- wget https://download.moodle.org/stable400/moodle-4.0.1.zip
- unzip moodle-4.0.1.zip
- mv moodle /var/www/html/
- chown -R nginx:nginx /var/www/html/moodle
- mkdir -p /var/www/html/moodledata/
- chown nginx:nginx /var/www/html/moodle
-
配置nginx:
- server {
- listen 80;
- listen [::]:80;
- server_name _;
- #root /usr/share/nginx/html;
- index index.php index.html index.htm;
- root /var/www/html/moodle;
-
- location / {
- try_files $uri $uri/ =404;
- }
-
- location /dataroot/ {
- internal;
- alias /var/www/html/moodledata/;
- }
-
- location ~ ^(.+\.php)(.*)$ {
- root /var/www/html/moodle/;
- fastcgi_split_path_info ^(.+\.php)(.*)$;
- fastcgi_index index.php;
- fastcgi_pass 127.0.0.1:9000;
- include /etc/nginx/mime.types;
- include fastcgi_params;
- fastcgi_param PATH_INFO $fastcgi_path_info;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- }
-
- # Hiding internal files
- location ~ /\.(?!well-known).* {
- return 404;
- }
-
- # This should be after the php fpm rule and very close to the last nginx ruleset.
- # Don't allow direct access to various internal files. See MDL-69333
- location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) {
- deny all;
- return 404;
- }
-
- error_page 404 /error/index.php;
- error_page 403 =404 /error/index.php;
-
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- }
- }
-
YAML
#### 修改php.ini文件
- file_uploads = On
- allow_url_fopen = On
- memory_limit = 256M
- upload_max_filesize = 64M
- max_execution_time = 360
- cgi.fix_pathinfo = 0
- date.timezone = Asia/Shanghai
-
Ini
启用xsendfile
Enable xsendfile for Nginx in Moodles config.php, this is documented in the config-dist.php, a minimal configuration look like this
- $CFG->xsendfile = 'X-Accel-Redirect';
- $CFG->xsendfilealiases = array(
- '/dataroot/' => $CFG->dataroot
- );
-
PHP
php-fpm的安全配置,限定只能运行php结尾的文件:
- # cat /etc/php*/fpm/pool.d/www.conf
- security.limit_extensions = .php
-
In config.php, adding the following line should prevent https from being forced:
- $CFG->overridetossl = false;
-
PHP
- php admin/cli/install.php --lang=en --chmod=2775 --wwwroot=http://localhost:8080 --dataroot=/var/www/html/moodledata/ --adminuser=user --adminpass=adminpass --adminemail=user@example.com --fullname="New Site" --shortname="New Site" --non-interactive --allow-unstable --agree-license --dbtype=mariadb --dbhost=localhost --dbport=3306 --dbname=moodle --dbuser=root --dbpass=mypassword
-
PHP
上面的步骤执行完成后,最好再通过chown -R nginx:nginx /var/www/html/moodle/ /var/www/html/moodledata/指令确保nginx对所属的文件有相应的权限。
cron清理配置:
- * * * * * /usr/bin/php /path/to/moodle/admin/cli/cron.php >/dev/null
-
参考文档:
https://docs.moodle.org/400/en/Nginx
https://docs.moodle.org/400/en/Installation_quick_guide
https://docs.moodle.org/400/en/Caching
湘公网安备 43102202000103号
