标签 Debian 下的文章

一、MySQL 5.7

1.添加存储库

在Debian 11和Debian 10上下载并安装 mysql 存储库设置包。

# wget https://dev.mysql.com/get/mysql-apt-config_0.8.18-1_all.deb
# dpkg -i mysql-apt-config_0.8.18-1_all.deb
Debian buster->MySQL Server & Cluster->mysql-5.7->Ok

2.安装MySQL

更新存储库索引

# apt update
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
Get:4 http://repo.mysql.com/apt/debian buster InRelease [22.1 kB]
Hit:5 http://nginx.org/packages/debian bullseye InRelease
Err:4 http://repo.mysql.com/apt/debian buster InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 467B942D3A79BD29
Reading package lists... Done
W: GPG error: http://repo.mysql.com/apt/debian buster InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 467B942D3A79BD29
E: The repository 'http://repo.mysql.com/apt/debian buster InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

在Debian 11上导入缺失的GPG密钥

# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 467B942D3A79BD29
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.3evQg0TN8t/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 467B942D3A79BD29
gpg: key 467B942D3A79BD29: public key "MySQL Release Engineering <mysql-build@oss.oracle.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
# apt update
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
Get:4 http://repo.mysql.com/apt/debian buster InRelease [22.1 kB]
Hit:5 http://nginx.org/packages/debian bullseye InRelease
Get:6 http://repo.mysql.com/apt/debian buster/mysql-5.7 Sources [909 B]
Get:7 http://repo.mysql.com/apt/debian buster/mysql-apt-config amd64 Packages [565 B]
Get:8 http://repo.mysql.com/apt/debian buster/mysql-5.7 amd64 Packages [5,687 B]
Get:9 http://repo.mysql.com/apt/debian buster/mysql-tools amd64 Packages [8,237 B]
Fetched 37.5 kB in 3s (11.5 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
1 package can be upgraded. Run 'apt list --upgradable' to see it.

安装MySQL 5.7服务包

# apt install -y mysql-community-server
...
mysql-community-server (5.7.42-1debian10) ...
Setting up libmecab2:amd64 (0.996-14+b4) ...
Setting up mysql-common (5.8+1.0.7) ...
update-alternatives: using /etc/mysql/my.cnf.fallback to provide /etc/mysql/my.cnf (my.cnf) in auto mode
Setting up psmisc (23.4-2) ...
Setting up perl-modules-5.32 (5.32.1-4+deb11u2) ...
Setting up libatomic1:amd64 (10.2.1-6) ...
Setting up libnuma1:amd64 (2.0.12-1+b1) ...
Setting up libaio1:amd64 (0.3.112-9) ...
Setting up libgdbm6:amd64 (1.19-2) ...
Setting up mysql-community-client (5.7.42-1debian10) ...
Setting up mysql-client (5.7.42-1debian10) ...
Setting up libgdbm-compat4:amd64 (1.19-2) ...
Setting up libperl5.32:amd64 (5.32.1-4+deb11u2) ...
Setting up perl (5.32.1-4+deb11u2) ...
Setting up mysql-community-server (5.7.42-1debian10) ...
update-alternatives: using /etc/mysql/mysql.cnf to provide /etc/mysql/my.cnf (my.cnf) in auto mode
Created symlink /etc/systemd/system/multi-user.target.wants/mysql.service → /lib/systemd/system/mysql.service.
Processing triggers for libc-bin (2.31-13+deb11u6) ...

3.启动MySQL服务

设置MySQL服务为自启动。

# systemctl restart mysql
# systemctl enable mysql
Synchronizing state of mysql.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable mysql
# systemctl status mysql
● mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset:>
     Active: active (running) since Sun 2023-07-09 01:02:54 EDT; 16s ago
   Main PID: 28128 (mysqld)
      Tasks: 27 (limit: 1150)
     Memory: 172.5M
        CPU: 483ms
     CGroup: /system.slice/mysql.service
             └─28128 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/my>
             
Jul 09 01:02:54 proud-delight-1.localdomain systemd[1]: Starting MySQL Communit>
Jul 09 01:02:54 proud-delight-1.localdomain systemd[1]: Started MySQL Community>

4.MySQL安全配置

# mysql_secure_installation
Securing the MySQL server deployment.

Enter password for user root:

VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No: n
Using existing password for root.
Change the password for root ? ((Press y|Y for Yes, any other key for No) : n

 ... skipping.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Success.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y

 - Dropping test database...
   Success.

 - Removing privileges on test database...
   Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.

All done!

5.客户端连接

# mysql -u root -p

6.允许远程连接

# open MySQL port 3306 on the firewall
sudo ufw allow mysql

# allow specific addresses to connect to mysql
sudo ufw allow from 192.168.100.222 to any port 3306

二、安装PHP

1.更新系统

# apt update
# apt -y upgrade
# apt reboot

2.添加存储库

安装依赖

# apt install -y lsb-release ca-certificates apt-transport-https software-properties-common gnupg2
...
Creating config file /etc/apt/apt.conf.d/50unattended-upgrades with new version
Created symlink /etc/systemd/system/multi-user.target.wants/unattended-upgrades.service → /lib/systemd/system/unattended-upgrades.service.
Synchronizing state of unattended-upgrades.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable unattended-upgrades
Setting up python3-software-properties (0.96.20.2-2.1) ...
Setting up gir1.2-glib-2.0:amd64 (1.66.1-1+b1) ...
Setting up libpolkit-agent-1-0:amd64 (0.105-31+deb11u1) ...
Setting up policykit-1 (0.105-31+deb11u1) ...
Setting up gir1.2-packagekitglib-1.0 (1.2.2-2) ...
Setting up python3-gi (3.38.0-2) ...
Setting up packagekit (1.2.2-2) ...
Created symlink /etc/systemd/user/sockets.target.wants/pk-debconf-helper.socket → /usr/lib/systemd/user/pk-debconf-helper.socket.
Setting up packagekit-tools (1.2.2-2) ...
Setting up software-properties-common (0.96.20.2-2.1) ...
Processing triggers for libc-bin (2.31-13+deb11u6) ...
Processing triggers for dbus (1.12.24-0+deb11u1) ...

添加PHP包APT存储库到服务器

# echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/sury-php.list
deb https://packages.sury.org/php/ bullseye main

导入存储库密钥

# wget -qO - https://packages.sury.org/php/apt.gpg | sudo apt-key add -
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK

执行包索引更新以确认存储库已添加

# apt update
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
Hit:4 http://repo.mysql.com/apt/debian buster InRelease
Hit:5 https://packages.sury.org/php bullseye InRelease
Hit:6 http://nginx.org/packages/debian bullseye InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
8 packages can be upgraded. Run 'apt list --upgradable' to see them.

3.安装PHP

# apt install php8.0
...
After this operation, 29.0 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
...
Enabling module status.
Enabling module reqtimeout.
Enabling conf charset.
Enabling conf localized-error-pages.
Enabling conf other-vhosts-access-log.
Enabling conf security.
Enabling conf serve-cgi-bin.
Enabling site 000-default.
info: Switch to mpm prefork for package libapache2-mod-php8.0
Module mpm_event disabled.
Enabling module mpm_prefork.
info: Executing deferred 'a2enmod php8.0' for package libapache2-mod-php8.0
Enabling module php8.0.
Created symlink /etc/systemd/system/multi-user.target.wants/apache2.service → /lib/systemd/system/apache2.service.
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.
Created symlink /etc/systemd/system/multi-user.target.wants/apache-htcacheclean.service → /lib/systemd/system/apache-htcacheclean.service.
Setting up php8.0 (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
Processing triggers for libc-bin (2.31-13+deb11u6) ...
Processing triggers for php8.0-cli (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
Processing triggers for libapache2-mod-php8.0 (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
# php -v
PHP 8.0.29 (cli) (built: Jun  9 2023 07:37:37) ( NTS )
Copyright (c) The PHP Group
Zend Engine v4.0.29, Copyright (c) Zend Technologies
    with Zend OPcache v8.0.29, Copyright (c), by Zend Technologies

4.安装PHP扩展

# apt install php8.0-{mysql,cli,common,imap,ldap,xml,fpm,curl,mbstring,zip}
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
php8.0-cli is already the newest version (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff).
php8.0-cli set to manually installed.
php8.0-common is already the newest version (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff).
php8.0-common set to manually installed.
The following additional packages will be installed:
  libc-client2007e libxslt1.1 libzip4 mlock
Suggested packages:
  uw-mailutils php-pear
The following NEW packages will be installed:
  libc-client2007e libxslt1.1 libzip4 mlock php8.0-curl php8.0-fpm php8.0-imap php8.0-ldap php8.0-mbstring php8.0-mysql
  php8.0-xml php8.0-zip
0 upgraded, 12 newly installed, 0 to remove and 7 not upgraded.
Need to get 3,154 kB of archives.

Creating config file /etc/php/8.0/mods-available/simplexml.ini with new version

Creating config file /etc/php/8.0/mods-available/xml.ini with new version

Creating config file /etc/php/8.0/mods-available/xmlreader.ini with new version

Creating config file /etc/php/8.0/mods-available/xmlwriter.ini with new version

Creating config file /etc/php/8.0/mods-available/xsl.ini with new version
Setting up php8.0-imap (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...

Creating config file /etc/php/8.0/mods-available/imap.ini with new version
Processing triggers for libapache2-mod-php8.0 (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
Processing triggers for libc-bin (2.31-13+deb11u6) ...
Processing triggers for php8.0-cli (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
Processing triggers for php8.0-fpm (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
NOTICE: Not enabling PHP 8.0 FPM by default.
NOTICE: To enable PHP 8.0 FPM in Apache2 do:
NOTICE: a2enmod proxy_fcgi setenvif
NOTICE: a2enconf php8.0-fpm
NOTICE: You are seeing this message because you have apache2 package installed.

检查加载的PHP模块

# php -m

5.配置Nginx

Nginx 新版本没有 sites-enabledsites-available ;它还有一个不同的 PHP CGI 设置。

NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
/etc/php/8.0/fpm/php.ini

最终配置版本为:

location ~ \.php$ {
    include fastcgi_params;
    fastcgi_intercept_errors on;
    fastcgi_pass unix:/run/php/php8.0-fpm.sock;
    fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
您是第 158145 位访客