Debian 安装 WordPress 全过程
文章转载自 https://whozs.cn/debian-an-zhuang-wordpress/
安装Nginx
因为Nginx在Debian的默认存储库中可用,所以可以使用apt打包系统从这些存储库安装它。
由于这是我们在此会话中与apt包装系统的第一次互动,因此我们还要更新我们的本地包索引,以便我们可以访问最新的包列表。之后,我们可以安装nginx:
sudo apt update
sudo apt install nginx
接受该过程后,apt将Nginx和任何所需的依赖项安装到您的服务器。
安装MariaDB
sudo apt install mariadb-server
输入如下命令配置root密码
mysql_secure_installation
配置WordPress数据库
mysql -uroot
创建一个数据库用户
create user 'wordpress'@'localhost' identified by 'wordpress';
创建一个数据库
create database wordpress default charset utf8 collate utf8_general_ci;
授予权限
grant all privileges on wordpress.* to 'wordpress'@'localhost';
刷新权限并退出
flush privileges;
exit
安装PHP7.4
更新系统
sudo apt upgrade -y && sudo reboot
添加SURY PHP PPA存储库
sudo apt -y install lsb-release apt-transport-https ca-certificates
sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list
更新添加的存储库上的系统软件包列表
sudo apt update
安装php7.4和相关插件
sudo apt install -y php7.4-cli php7.4-fpm php7.4-cgi php7.4-mysql php7.4-curl php7.4-json php7.4-mbstring php7.4-imagick php7.4-xml php7.4-zip php7.4-opcache
生成https证书
如果不需要https可以跳过此步骤
修改nginx配置文件
配置文件位置/etc/nginx/nginx.conf
(localhost换成你自己的域名,并添加DNS解析记录)
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 80;
listen [::]:80;
server_name localhost;
root /var/www/html;
}
}
安装acme.sh
curl https://get.acme.sh | sh -s email=my@example.com
更高级的安装选项请参考: https://github.com/Neilpang/acme.sh/wiki/How-to-install
生成证书
acme.sh --issue -d mydomain.com --nginx
copy/安装 证书
mkdir /root/cert/
acme.sh --install-cert -d cdk.whozs.cn \
--key-file /root/cert/key.pem \
--fullchain-file /root/cert/cert.pem \
--reloadcmd "service nginx force-reload"
如果出现错误清参考: https://github.com/acmesh-official/acme.sh/wiki/
配置Nginx
修改nginx配置文件/etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
client_max_body_size 100m;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 80;
listen [::]:80;
server_name localhost;
return 301 https://$server_name:443$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name localhost;
ssl_certificate /root/cert/cert.pem;
ssl_certificate_key /root/cert/key.pem;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
root /var/www/html;
index index.php;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|swf|webp|pdf|txt|doc|docx|xls|xlsx|ppt|pptx|mov|fla|zip|rar)$ {
expires max;
access_log off;
log_not_found off;
try_files $uri =404;
}
}
}
安装WordPress
wget https://cn.wordpress.org/latest-zh_CN.tar.gztar zxvf latest-zh_CN.tar.gz -C /var/www/html
现在打开你的域名就可以开始设置wordpress了
性能优化
php修改上传文件大小限制
打开php.ini文件
#修改单次请求最大文件限制
post_max_size = 50m;
# 修改单个文件大小限制(默认8M)
upload_max_filesize = 10m;
php开启opcache
打开php.ini文件
找到:[opcache],设置为:
[opcache]
; 开关打开
opcache.enable=1
; 设置共享内存大小, 单位为:Mb
opcache.memory_consumption=128
;如果启用,那么 OPcache 会每隔 opcache.revalidate_freq 设定的秒数 检查脚本是否更新。 如果禁用此选项,你必须使用 opcache_reset() 或者 opcache_invalidate() 函数来手动重置 OPcache,也可以 通过重启 Web 服务器来使文件系统更改生效。
opcache.validate_timestamps=60
#提示:在opcache使用软连接的情况下,会存在opcache没有被清除的情况.可以使用重启fastcgi来解决这个问题.
在php.ini最后一行添加opcache.so 主要作用是用来引用opcache
zend_extension="opcache.so"
安装 redis
安装redis是为了优化性能,可以不安装
安装redis
sudo apt install redis-server
开启服务并设置开机启动
redis-server
systemctl enable redis-server
安装php扩展
apt install -y php7.4-redis
重新启动php-fpm
systemctl restart php7.4-fpm
在后台安装 Redis Object Cache
插件并开启缓存