根据您的需求,我将为您提供一个详细的旧有结构调整方案。以下是分步解决方案:
1. 整体架构规划
当前架构:
“`
用户 -> Apache + PHP7.4 -> 网站A/B
“`
目标架构:
“`
用户 -> Nginx(反向代理) -> Apache + PHP7.4(后端) -> 网站A/B
“`
2. Nginx 反向代理配置
安装 Nginx(如果未安装):
“`bash
# Ubuntu/Debian
sudo apt update
sudo apt install nginx
# CentOS/RHEL
sudo yum install epel-release
sudo yum install nginx
“`
Nginx 主配置文件示例(/etc/nginx/nginx.conf):
“`nginx
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
# 基础设置
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# 日志格式
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# 包含站点配置
include /etc/nginx/sites-enabled/*;
}
“`
3. 网站反向代理配置
网站A配置文件(/etc/nginx/sites-available/site-a.conf):
“`nginx
server {
listen 80;
server_name www.site-a.com site-a.com;
# 静态文件由Nginx直接处理
location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ {
root /var/www/site-a/public;
expires 30d;
access_log off;
}
# PHP请求反向代理到Apache
location ~ \.php$ {
proxy_pass http://127.0.0.1:8080; # Apache监听的端口
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# 其他请求也代理到Apache
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
“`
网站B配置文件(/etc/nginx/sites-available/site-b.conf):
“`nginx
server {
listen 80;
server_name www.site-b.com site-b.com;
# 静态文件配置
location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ {
root /var/www/site-b/public;
expires 30d;
access_log off;
}
# 代理到Apache的不同端口
location / {
proxy_pass http://127.0.0.1:8081; # 网站B使用不同端口
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ \.php$ {
proxy_pass http://127.0.0.1:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
“`
4. Apache 配置调整
修改 Apache 监听端口:
“`bash
sudo nano /etc/apache2/ports.conf # 或 httpd.conf
“`
修改为:
“`apache
# 网站A监听8080端口
Listen 127.0.0.1:8080
# 网站B监听8081端口
Listen 127.0.0.1:8081
“`
网站A虚拟主机配置:
“`apache
ServerName site-a.com
ServerAlias www.site-a.com
DocumentRoot /var/www/site-a
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
# PHP配置
SetHandler “proxy:fcgi://127.0.0.1:9074”
ErrorLog ${APACHE_LOG_DIR}/site-a_error.log
CustomLog ${APACHE_LOG_DIR}/site-a_access.log combined
“`
网站B虚拟主机配置:
“`apache
ServerName site-b.com
ServerAlias www.site-b.com
DocumentRoot /var/www/site-b
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
SetHandler “proxy:fcgi://127.0.0.1:9074”
ErrorLog ${APACHE_LOG_DIR}/site-b_error.log
CustomLog ${APACHE_LOG_DIR}/site-b_access.log combined
“`
5. PHP-FPM 配置(PHP 7.4)
安装 PHP-FPM:
“`bash
sudo apt install php7.4-fpm php7.4-mysql php7.4-common php7.4-curl php7.4-mbstring
“`
PHP-FPM 配置:
“`bash
sudo nano /etc/php/7.4/fpm/pool.d/www.conf
“`
修改为:
“`ini
[www]
user = www-data
group = www-data
listen = 127.0.0.1:9074
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
“`
6. 实施步骤
步骤1:备份现有配置
“`bash
# 备份Apache配置
sudo cp -r /etc/apache2 /etc/apache2.backup
sudo cp -r /etc/nginx /etc/nginx.backup
# 备份网站数据
sudo cp -r /var/www/site-a /var/www/site-a.backup
sudo cp -r /var/www/site-b /var/www/site-b.backup
“`
步骤2:配置PHP-FPM
“`bash
# 启动PHP-FPM
sudo systemctl enable php7.4-fpm
sudo systemctl start php7.4-fpm
“`
步骤3:调整Apache配置
“`bash
# 禁用默认站点
sudo a2dissite 000-default.conf
# 启用新配置
sudo a2ensite site-a.conf site-b.conf
# 重启Apache
sudo systemctl restart apache2
“`
步骤4:配置Nginx
“`bash
# 启用站点配置
sudo ln -s /etc/nginx/sites-available/site-a.conf /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/site-b.conf /etc/nginx/sites-enabled/
# 测试配置
sudo nginx -t
# 重启Nginx
sudo systemctl restart nginx
“`
步骤5:防火墙配置
“`bash
# 允许80端口(Nginx)
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp # 如果启用HTTPS
# 阻止直接访问Apache端口(可选)
sudo ufw deny 8080/tcp
sudo ufw deny 8081/tcp
“`
7. 性能优化建议
Nginx缓存静态文件:
“`nginx
# 在Nginx配置中添加
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m max_size=1g inactive=60m;
location / {
proxy_cache my_cache;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
proxy_pass http://127.0.0.1:8080;
}
“`
启用Gzip压缩:
“`nginx
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript application/json application/javascript application/xml+rss application/atom+xml image/svg+xml;
“`
8. 验证与监控
验证配置:
“`bash
# 检查服务状态
sudo systemctl status nginx
sudo systemctl status apache2
sudo systemctl status php7.4-fpm
# 测试网站访问
curl -I http://site-a.com
curl -I http://site-b.com
“`
监控日志:
“`bash
# 实时查看日志
sudo tail -f /var/log/nginx/access.log
sudo tail -f /var/log/apache2/site-a_error.log
“`
9. SSL证书配置(可选)
如果需要HTTPS,可以使用Let’s Encrypt:
“`bash
# 安装Certbot
sudo apt install certbot python3-certbot-nginx
# 获取证书
sudo certbot –nginx -d site-a.com -d www.site-a.com
sudo certbot –nginx -d site-b.com -d www.site-b.com
“`
这个方案的优势:
1. Nginx处理静态文件:提高性能
2. Apache处理PHP:确保主题兼容性
3. 统一入口:便于管理和SSL配置
4. 灵活扩展:未来可轻松添加更多网站
重要提醒:在生产环境实施前,请在测试环境中充分验证配置。