lnmp 环境 +https 访问，小白总结

一，NGINX安装
1,mkdir /home/temp(创建一个目录存放下载源文件，个人习惯，放哪里都可以)
2,进入目录 cd /home/temp
3，下载nginx
wget http://nginx.org/download/nginx-1.17.1.tar.gz(需要下载哪个版本自己决定)
4，解压
tar nginx-1.17.1.tar.gz
5，安装依赖
yum -y install pcre-devel openssl-devel
6，cd nginx-1.17.1
7, ./configure --prefix=/usr/local/nginx/ --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module
8, make && make install
9, touch /etc/init.d/nginx
10, vim /etc/init.d/nginx 内容可参考 https://www.nginx.com/resources/wiki/start...
其中将
nginx=”/usr/local/nginx/sbin/nginx” #修改成nginx执行程序的路径。
NGINX_CONF_FILE=”/usr/local/nginx/conf/nginx.conf” #修改成nginx.conf文件的路径

11，保存后设置文件的执行权限chmod a+x /etc/init.d/nginx
12，将nginx服务加入chkconfig管理列表：chkconfig --add /etc/init.d/nginx
13，service nginx start 启动nginx
14，如上一步出现问题 (具体情况需具体分析，这里只记录本人遇到的问题)
touch /usr/lib/systemd/system/nginx.service 内容如下
------nginx.service内容-------------
[unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true
[Install]
WantedBy=multi-user.target
------nginx.service内容 结束-------------

15，最后设置开机自动启动
chkconfig nginx on

二，安装php7.2
1，配置yum源
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel...
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtat...

2，安装php7.2和需要的拓展
yum -y install php72w php72w-cli php72w-common php72w-devel php72w-embedded php72w-fpm php72w-gd php72w-mbstring php72w-mysqlnd php72w-opcache php72w-pdo php72w-xml

3，开启php-fpm 服务, service php-fpm start

4，systemctl enable php-fpm 设为开机启动

三，安装mysql8.0

1,
cd /home/temp
wget http://dev.mysql.com/get/mysql80-community...
2,yum localinstall mysql80-community-release-el7-1.noarch.rpm
3,yum install mysql-community-server
4,启动 sudo service mysqld start
5，查看初始密码 sudo grep 'temporary password' /var/log/mysqld.log
6，如果需要修改密码
mysql -uroot -p
use mysql;
ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass4!';

7,设置允许远程访问
mysql -uroot -p
use mysql;
//Mysql默认不允许远程登录，所以需要开启远程访问权限
update user set host = '%' where user = 'root';
FLUSH PRIVILEGES;
alter user 'root'@'%' identified with mysql_native_password by '密码';
FLUSH PRIVILEGES;

四，安装git

1,安装依赖
yum install zlib
yum install zlib-devel
安装gcc的编译器
yum -y install gcc automake autoconf libtool make
yum install gcc gcc-c++

2，yum -y install perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker curl-devel
cd /home/temp
wget https://www.kernel.org/pub/software/scm/gi...
tar xzf git-2.15.0.tar.gz
cd git-2.15.0
./configure
make
make install

五，设置ssl 可以https访问
vim /usr/local/nginx/conf/nginx.conf
---------以下为nginx.conf内容-------

#user  nobody;
worker_processes  1;
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }

    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
    include /usr/local/nginx/conf/vhost/*.conf;
}

---------nginx.conf内容 结束-------

注意最后一行 ，include /usr/local/nginx/conf/vhost/*.conf;
这是为了配置多站点引入多个conf文件

mkdir /usr/local/nginx/conf/vhost 站点配置目录
mkdir /usr/local/nginx/conf/ssl 存放证书目录(一般是将证书放在项目里面git上传，然后clone到服务器，最后cp到这里)

2，
这里以api.google.com域名为例
touch /usr/local/nginx/conf/vhost/api.google.com.conf

---------api.google.com.conf 内容---------------

server {
    listen 80 ;

    # 设定网站根目录
    root /home/www/api/google;
    # 网站默认首页
    index index.php index.html index.htm;

    # 服务器名称，server_domain_or_IP 请替换为自己设置的名称或者 IP 地址
    server_name api.google.com;

    # 修改为 Laravel 转发规则，否则PHP无法获取$_GET信息，提示404错误
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    #强制 https访问
    return 301 https://$server_name$request_uri;

    # PHP 支持
    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
    }

    server {
    listen 443 ;

    # 设定网站根目录
    root /home/www/api/google;
    # 网站默认首页
    index index.php index.html index.htm;

    # 服务器名称，server_domain_or_IP 请替换为自己设置的名称或者 IP 地址
    server_name api.7pika.com;

     ssl on;
     #证书存放地址
     ssl_certificate   ssl/api.google.com.pem;
     ssl_certificate_key  ssl/api.google.com.key;
     ssl_session_timeout 5m;
     ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;

    # 修改为 Laravel 转发规则，否则PHP无法获取$_GET信息，提示404错误
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # PHP 支持
    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

---------------api.google.com.conf 内容 结束---------------------

service nginx restart 重启nginx 再次访问 api.google.com 即可看到域名前有 小锁标志