设置数据库
mysql
>CREATE DATABASE typecho;
>CREATE USER 'typecho'@'localhost' IDENTIFIED BY '密码';#设置密码
>GRANT ALL ON typecho.* TO 'typecho'@'localhost';
>FLUSH PRIVILEGES;
>exit
#命令说明
CREATE USER 'username'@'host' IDENTIFIED BY 'password';
#username:你将创建的用户名
#host:指定该用户在哪个主机上可以登陆,如果是本地用户可用localhost,如果想让该用户可以从任意远程主机登陆,可以使用通配符%
#password:该用户的登陆密码,密码可以为空,如果为空则该用户可以不需要密码登陆服务器
CREATE DATABASE 数据库名;
#数据库名可以使用“Typecho”
GRANT privileges ON databasename.tablename TO 'username'@'host'
#privileges:用户的操作权限,如SELECT,INSERT,UPDATE等,如果要授予所的权限则使用ALL
#databasename:数据库名
#tablename:表名,如果要授予该用户对所有数据库和表的相应操作权限则可用*表示,如*.*第一次登录typecho时,数据库用户名为:“typecho”,密码为:“密码(设置的密码)”
安装Typecho
#sqlite
#apt install php7.3-fpm php7.3-sqlite3 php7.3-mbstring php7.3-curl
#mysql
apt install php7.3-cli php7.3-fpm php7.3-curl php7.3-mysql php7.3-gd php7.3-xml php7.3-mbstring
wget --no-check-certificate https://github.com/typecho/typecho/releases/download/v1.1-17.10.30-release/1.1.17.10.30.-release.tar.gz -O typecho.tar.gz
tar -zxvf typecho.tar.gz -C /html
mv /html/*build*/* /html
rm -rf /html/*build*
rm -rf typecho.tar.gz
chmod -R 777 /html设置php
nano /etc/php/7.3/fpm/pool.d/www.conf找到listen = /run/php/php7.3-fpm.sock注释掉
然后添加listen = 127.0.0.1:9000
重启服务
systemctl restart php7.3-fpm
systemctl restart nginx设置https登录
安装完毕后登陆网页,设置完毕后
修改config.inc.php
nano /html/config.inc.php添加
/** 开启HTTPS */
define('__TYPECHO_SECURE__',true);注意:用户名不要用邮箱,否则不能登录,猜测登陆时可能会和邮箱冲突
配置Nginx
nginx.conf配置
user root;
worker_processes 1;
error_log /etc/nginx/logs/error.log warn;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types; #注意路径,必须写,否则可能造成css无法加载
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for"';
access_log /etc/nginx/logs/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 120;
client_max_body_size 20m;
#gzip on;
include /etc/nginx/conf/conf.d/*.conf;
}d.conf配置
server {
listen 0.0.0.0:443;
listen [::]:443;
ssl on;
ssl_certificate /etc/nginx/ssl/www.huozhi.top.crt;
ssl_certificate_key /etc/nginx/ssl/www.huozhi.top.key;
ssl_protocols TLSv1.3;
ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
server_name www.huozhi.top;
index index.html index.htm index.php;
root /html;
# error_page 400 = /400.html;
location ~ [^/]\.php(/|$) {
# try_files $uri =404;
fastcgi_pass 127.0.0.1:9000; #这里注意,填写与php-fpm的listen相对应的端口
# fastcgi_index index.php;
# set $path_info $fastcgi_path_info;
set $real_script_name $fastcgi_script_name;
# if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
# set $real_script_name $1;
# set $path_info $2;
# }
fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
# fastcgi_param SCRIPT_NAME $real_script_name;
# fastcgi_param PATH_INFO $path_info;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location /68edbfda511b/
{
proxy_redirect off;
proxy_read_timeout 1200s;
proxy_pass http://127.0.0.1:11234; #端口
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
# Config for 0-RTT in TLSv1.3
proxy_set_header Early-Data $ssl_early_data;
}
# Config for 0-RTT in TLSv1.3
ssl_early_data on;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000";
}
server {
listen 80;
listen [::]:80; #没有ipv6的话要注释掉这行
server_name www.huozhi.top;
return 301 https://www.huozhi.top$request_uri;
}