1. Nginx Installation
# aptitude install libpcre3-dev zlib1g-dev libgeoip-dev
Install nginx from source
then compile
# ./configure --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_geoip_module --with-http_stub_status_module --prefix=/opt/nginx
# make
# make install
# ln -s /opt/nginx/logs/ /var/log/nginx
# ln -s /opt/nginx/conf/ /etc/nginx
# ln -s /opt/nginx/sbin/nginx /usr/local/sbin/nginx
add init script
# mkdir /etc/nginx/sites-{enabled,available}
# vim /etc/nginx/nginx.conf
user www-data;
server_tokens off;
include sites-enabled/*;
remove server block
2. PHP Installation
# echo "deb http://packages.dotdeb.org stable all" >> /etc/apt/sources.list
Add key:
# wget http://www.dotdeb.org/dotdeb.gpg
# cat dotdeb.gpg | sudo apt-key add -
# rm dotdeb.gpg
# apt-get update
# apt-get install php5 php5-fpm php-pear php5-common php5-mcrypt php5-mysql php5-cli php5-gd
php-fpm configuration:
# edit /etc/php5/fpm/php5-fpm.conf
some directives to be tweaked
pm.max_children = 25
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 10
pm.max_requests = 500
request_terminate_timeout = 30s
restart to activate new settings:
# /etc/init.d/php5-fpm restart
3. MySQL Installation
# aptitude install mysql-server
# vim /root/.my.cnf
[client]
password = Root Passwd
4. Drupal Installation
# cd /opt
# wget http://ftp.drupal.org/files/projects/drupal-7.7.tar.gz
# tar xvfz drupal-7.7.tar.gz
# mv drupal-7.7/ drupal
# chown -R www-data:www-data /opt/drupal/
# mysqladmin -u root -p create drupal
# mysql -u root
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON drupal.* TO 'drupal_admin'@'localhost' IDENTIFIED BY 'drupal_admin_password';
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON drupal.* TO 'drupal_admin'@'localhost.localdomain' IDENTIFIED BY 'drupal_admin_password';
mysql> FLUSH PRIVILEGES;
mysql> quit;
# vim /etc/nginx/sites-available/drupal.conf
server {
listen 80;
root /opt/drupal;
index index.php index.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
deny all;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ {
expires max;
log_not_found off;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
# cd /etc/nginx/sites-enabled/
# ln -s /etc/nginx/sites-available/www.example.com.vhost www.example.com.vhost
# /etc/init.d/nginx reload
