安装nginx
apt update
apt-get install nginx
systemctl start nginx
安装php8.1
更新 Debian 系统
apt update
#apt upgrade -y
安装必要的依赖包:
apt-get install ca-certificates apt-transport-https software-properties-common wget curl lsb-release -y
下载安装 Ondřej Surý PHP 仓库的GPG密钥并导入:
curl -sSL https://packages.sury.org/php/README.txt | bash -x
然后再次更新 Debian 源:
apt update
apt upgrade
Php8.1 安装
apt-get install php8.1
安装必要库
apt-get install php8.1-fpm php8.1-cgi php8.1-curl php8.1-gd php8.1-xml php8.1-xmlrpc php8.1-mysql php8.1-bz2
安装非必要库
apt-get install php8.1-bcmath php8.1-gmp php8.1-mbstring php8.1-readline php8.1-zip
安装MariaDB
apt-get install mariadb-server
打开 php-fpm配置文件 /etc/php/7.3/fpm/php.ininano /etc/php/7.3/fpm/php.ini找到 cgi.fix_pathinfo 参数,改为:cgi.fix_pathinfo=0
注释掉listen = /run/php/php8.1-fpm.sock
nano /etc/php/8.1/fpm/pool.d/www.conf
#找到listen = /run/php/php8.1-fpm.sock注释掉
#然后添加listen = 127.0.0.1:9000
申请证书
申请证书
systemctl stop nginx
apt-get install socat curl
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
~/.acme.sh/acme.sh --issue -d www.网址.com --standalone -k ec-256 --force --test
rm -rf ~/.acme.sh/www.网址.com_ecc
以上是测试
~/.acme.sh/acme.sh --issue -d www.网址.com --standalone -k ec-256 --force
mkdir /etc/nginx/ssl/
~/.acme.sh/acme.sh --installcert -d www.网址.com --fullchainpath /etc/nginx/ssl/www.网址.com.crt --keypath /etc/nginx/ssl/www.网址.com.key --ecc --force
nginx.conf配置
编辑/etc/nginx/nginx.conf
文件
nano /etc/nginx/nginx.conf
注意include /etc/nginx/mime.types;
必须写,否则可能造成css无法加载,注意'用户',设置错误可能造成无法修改语言等问题
user www-data; #注意用户名
worker_processes 1;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types; #注意路径,必须写,否则可能造成css无法加载
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for"';
sendfile on;
#tcp_nopush on;
keepalive_timeout 120;
client_max_body_size 20m;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
编辑*.conf
文件
nano /etc/nginx/conf.d/d.conf
非ssl访问配置
server {
listen 80;
listen [::]:80; #没有ipv6的话要注释掉这行
server_name www.网址.com;
index index.html index.htm index.php;
root /html/wordpress;
error_page 400 = /400.html;
location ~ [^/]\.php(/|$) {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000; #这里注意,填写与php-fpm的listen相对应的端口
fastcgi_index index.php;
set $path_info $fastcgi_path_info;
set $real_script_name $fastcgi_script_name;
if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
set $real_script_name $1;
set $path_info $2;
}
fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
fastcgi_param SCRIPT_NAME $real_script_name;
fastcgi_param PATH_INFO $path_info;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
}
ssl访问配置
server {
listen 0.0.0.0:443;
listen [::]:443;
ssl on;
ssl_certificate /etc/nginx/ssl/www.网址.com.crt;
ssl_certificate_key /etc/nginx/ssl/www.网址.com.key;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
server_name www.网址.com;
index index.html index.htm index.php;
root /html/wordpress;
error_page 400 = /400.html;
location ~ [^/]\.php(/|$) {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000; #这里注意,填写与php-fpm的listen相对应的端口
fastcgi_index index.php;
set $path_info $fastcgi_path_info;
set $real_script_name $fastcgi_script_name;
if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
set $real_script_name $1;
set $path_info $2;
}
fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
fastcgi_param SCRIPT_NAME $real_script_name;
fastcgi_param PATH_INFO $path_info;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
# Config for 0-RTT in TLSv1.3
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000";
}
server {
listen 80;
listen [::]:80; #没有ipv6的话要注释掉这行
server_name www.网址.com;
return 301 https://www.网址.com$request_uri;
}
配置MariaDB
mysql_secure_installation
登陆MariaDB
mysql -u root -p
创建一个用户:
create user 'user_wordpress'@'localhost' identified by 'yourpassword';
#user_wordpress 可以改为你喜欢的用户名, yourpassword则是该用户的密码
创建一个数据库:
create database db_wordpress default charset utf8 collate utf8_general_ci;
#db_wordpress 可以改为你喜欢的库名,utf8 和 utf8_general_ci 是为了设置该数据库使用的字符集。
给 user_wordpress 用户添加库 db_wordpress 的操作权限:
grant all privileges on db_wordpress.* to 'user_wordpress'@'localhost' identified by 'yourpassword';
flush privileges;
#注意,请记住用户名、密码、以及库名,在配置 WordPress 的时候需要填写
退出
exit
安装WordPress并配置
安装WordPress
下载并解压 WordPress 包:
首先安装wget
apt-get install wget
进入网站根目录,删除原先测试的文件夹,再进行下载
mkdir /html
cd /html
rm wordpress -r
获取并安装wordpress
wget --no-check-certificate https://wordpress.org/latest.tar.gz -O wordpress.tar.gz
tar -zxvf wordpress.tar.gz
rm wordpress.tar.gz
解压缩后,给wordpress根目录赋予www-data用户的读写权限
chown -R www-data.www-data wordpress/
systemctl start php8.1-fpm
systemctl start nginx
最后打开浏览器输入IP地址或者是域名,完成wordpress配置
如果出现502
错误,可以重启试一试
第一次打开wordpress需要配置数据库,数据库名db_wordpress
,用户名user_wordpress
,密码yourpassword
,数据库主机localhost
,表前缀默认