安装MariaDB
安装MariaDB-server
apt install mariadb-server
MariaDB-server安全配置向导
mysql_secure_installation
运行mysql_secure_installation
会执行几个设置:
a)为root用户设置密码
b)删除匿名账号
c)取消root用户远程登录
d)删除test库和对test库的访问权限
e)刷新授权表使修改生效
通过这几项的设置能够提高mysql库的安全。建议生产环境中mysql安装这完成后一定要运行一次
Enter current password for root (enter for none):<–初次运行直接回车,其他选y
数据库配置
使用如下命令进入mariadb交互界面:
mysql
创建一个新用户admin备用:
GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' IDENTIFIED BY '填密码'; //注意填密码
FLUSH PRIVILEGES;
exit
随后退出数据库,使用刚刚创建的用户来登录数据库:
mysql -u admin -p
创建一个新数据库用于存放云盘数据:
create database kod_box default character set utf8;
exit
在登陆kodbox后,进行数据库配置时,用户名为admin
,数据库为kod_box
安装Redis
不想使用Redis做缓存的同学可以跳过这一步,不过还是建议使用Redis来做缓存,更安全高效。
安装Redis,命令:
apt-get install redis-server
验证安装:
ps -aux|grep redis
安装php+mysql
apt-get install php7.3-fpm php7.3-curl php7.3-json php7.3-mbstring php7.3-xml php7.3-intl php7.3-gd php7.3-redis php7.3-mysql
systemctl enable php7.3-fpm
systemctl restart php7.3-fpm
安装php+sqlite
apt-get install php7.3-fpm php7.3-curl php7.3-json php7.3-mbstring php7.3-xml php7.3-intl php7.3-gd php7.3-redis php7.3-sqlite3
systemctl enable php7.3-fpm
systemctl restart php7.3-fpm
nano /etc/php/7.3/fpm/pool.d/www.conf
将listen = /run/php/php7.3-fpm.sock
用“;”注释掉
然后添加
listen = 127.0.0.1:9000
KodExplorer的安装
rm -rf /usr/share/nginx/html/*
wget --no-check-certificate https://github.com/kalcaddle/KodExplorer/archive/4.35.tar.gz -O kodcloud.tar.gz
tar -zxvf kodcloud.tar.gz -C /usr/share/nginx/html
mv /usr/share/nginx/html/*KodExplorer*/* /usr/share/nginx/html
rm -rf /usr/share/nginx/html/*KodExplorer*
rm -rf kodcloud.tar.gz
chmod -R 777 /usr/share/nginx/html
kodbox的安装
rm -rf /usr/share/nginx/html/*
wget --no-check-certificate https://static.kodcloud.com/update/download/kodbox.1.19.zip -O kodbox.zip
unzip kodbox.zip -d /usr/share/nginx/html/
chmod -R 777 /usr/share/nginx/html
重启服务
systemctl restart php7.3-fpm
systemctl restart nginx
配置nginx
配置/etc/nginx/nginx.conf
nano /etc/nginx/nginx.conf
配置如下
user root;
worker_processes auto;
#error_log /etc/nginx/error.log warn;
#pid /run/nginx.pid;
events {
use epoll;
worker_connections 1024;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
server_names_hash_bucket_size 512;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 10G;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 720;
fastcgi_connect_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_read_timeout 3600;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
# gzip on;
# gzip_min_length 1k;
# gzip_buffers 4 16k;
# gzip_http_version 1.1;
# gzip_comp_level 2;
# gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
# gzip_vary on;
# gzip_proxied expired no-cache no-store private auth;
# gzip_disable "MSIE [1-6]\.";
server_tokens off;
include /etc/nginx/conf.d/*.conf;
}
d.conf配置
server {
listen 80;
server_name www.网址.top;
root /usr/share/nginx/html/;
index index.html index.htm index.php;
location ~ [^/]\.php(/|$) {
fastcgi_pass 127.0.0.1:9000;
set $real_script_name $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
}
如果出现网页显示502,可能是没有监听9000端口
查看9000端口监听情况
netstat -tlnp | grep 9000
nano /etc/php/7.3/fpm/pool.d/www.conf
将 listen = /run/php/php7.3-fpm.sock
用“;”注释掉
listen = 127.0.0.1:9000
重启服务
systemctl restart php7.3-fpm
systemctl restart nginx
修改php.ini上传限制
nano /etc/php/7.3/fpm/php.ini
修改为一下内容
max_execution_time = 3600
max_input_time = 3600
post_max_size = 150M
upload_max_filesize = 150M