yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum -y install yum-utils
yum-config-manager --enable remi-php74
yum update
yum install php php-cli php-fpm php-mysqlnd php-zip php-devel php-gd php-mcrypt \
php-mbstring php-curl php-xml php-pear php-bcmath php-json \
php-mysqlnd php-xml php-xmlrpc php-pdo php-pecl-zip php-intl php-common
Opcache 最初被称为 Zend Optimizer+,Opcache(在推出PHP 5.5.0以后)是被作为内置扩展以提高性 PHP 的性能。通过 PECL 它也可以用于 5.2,5.3和5.4 版本的 PHP。它的工作原理是将预编译的脚本字节码存储在共享内存中,从而 PHP 无需为每个请求加载和解析脚本。
# yum install php-opcache
# vim /etc/php.d/10-opcache.ini
opcache.enable_cli=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
最新版本是10.9.1,这里向下移几个小版本,保证稳定性
// configuration yum repo
# vi /etc/yum.repos.d/MariaDB.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.5/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
// install the mariadb and configuration for safe
# yum install MariaDB-server MariaDB-client -y
# systemctl start mariadb
# systemctl enable mariadb
# systemctl status mariadb
# mysql_secure_installation
# mysql -V
# mysqld --print-defaults
# mysql -u root -p
配置数据库my.cnf
# cat /etc/my.cnf|grep -v ^#
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
innodb_file_format = Barracuda
innodb_file_per_table = 1
innodb_large_prefix = true
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
skip-character-set-client-handshake
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
!includedir /etc/my.cnf.d
[client]
default-character-set = utf8mb4
[mysql]
default-character-set = utf8mb4
SQL
创建用户
CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO 'moodleuser'@'localhost' IDENTIFIED BY 'yourpassword';
SQL
yum -y install nginx
wget https://download.moodle.org/stable400/moodle-4.0.1.zip
unzip moodle-4.0.1.zip
mv moodle /var/www/html/
chown -R nginx:nginx /var/www/html/moodle
mkdir -p /var/www/html/moodledata/
chown nginx:nginx /var/www/html/moodle
配置nginx:
server {
listen 80;
listen [::]:80;
server_name _;
#root /usr/share/nginx/html;
index index.php index.html index.htm;
root /var/www/html/moodle;
location / {
try_files $uri $uri/ =404;
}
location /dataroot/ {
internal;
alias /var/www/html/moodledata/;
}
location ~ ^(.+\.php)(.*)$ {
root /var/www/html/moodle/;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
include /etc/nginx/mime.types;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# Hiding internal files
location ~ /\.(?!well-known).* {
return 404;
}
# This should be after the php fpm rule and very close to the last nginx ruleset.
# Don't allow direct access to various internal files. See MDL-69333
location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) {
deny all;
return 404;
}
error_page 404 /error/index.php;
error_page 403 =404 /error/index.php;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
YAML
#### 修改php.ini文件
file_uploads = On
allow_url_fopen = On
memory_limit = 256M
upload_max_filesize = 64M
max_execution_time = 360
cgi.fix_pathinfo = 0
date.timezone = Asia/Shanghai
Ini
启用xsendfile
Enable xsendfile for Nginx in Moodles config.php, this is documented in the config-dist.php, a minimal configuration look like this
$CFG->xsendfile = 'X-Accel-Redirect';
$CFG->xsendfilealiases = array(
'/dataroot/' => $CFG->dataroot
);
PHP
php-fpm的安全配置,限定只能运行php结尾的文件:
# cat /etc/php*/fpm/pool.d/www.conf
security.limit_extensions = .php
In config.php, adding the following line should prevent https from being forced:
$CFG->overridetossl = false;
PHP
php admin/cli/install.php --lang=en --chmod=2775 --wwwroot=http://localhost:8080 --dataroot=/var/www/html/moodledata/ --adminuser=user --adminpass=adminpass --adminemail=user@example.com --fullname="New Site" --shortname="New Site" --non-interactive --allow-unstable --agree-license --dbtype=mariadb --dbhost=localhost --dbport=3306 --dbname=moodle --dbuser=root --dbpass=mypassword
PHP
上面的步骤执行完成后,最好再通过chown -R nginx:nginx /var/www/html/moodle/ /var/www/html/moodledata/指令确保nginx对所属的文件有相应的权限。
cron清理配置:
* * * * * /usr/bin/php /path/to/moodle/admin/cli/cron.php >/dev/null
参考文档:
https://docs.moodle.org/400/en/Nginx
https://docs.moodle.org/400/en/Installation_quick_guide
https://docs.moodle.org/400/en/Caching