Debian12安装wordpress(PHP8.3、MySQL、Nginx)

安装mariadb

apt update
apt install mariadb-server
#安全设置
mysql_secure_installation

配置MariaDB

登陆MariaDB

mysql -u root -p

创建一个用户:

create user 'user_wordpress'@'localhost' identified by 'yourpassword';
#user_wordpress 可以改为你喜欢的用户名, yourpassword则是该用户的密码

创建一个数据库:

create database db_wordpress default charset utf8 collate utf8_general_ci;
#db_wordpress 可以改为你喜欢的库名,utf8 和 utf8_general_ci 是为了设置该数据库使用的字符集。

给 user_wordpress 用户添加库 db_wordpress 的操作权限:

grant all privileges on db_wordpress.* to 'user_wordpress'@'localhost' identified by 'yourpassword';
flush privileges;
#注意,请记住用户名、密码、以及库名,在配置 WordPress 的时候需要填写

退出

exit

安装nginx最新版

#安装先决条件:
apt install curl gnupg2 ca-certificates lsb-release debian-archive-keyring
#导入官方 nginx 签名密钥,以便 apt 可以验证包的真实性。获取密钥:
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
#验证下载的文件是否包含正确的密钥:
gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
#输出应包含完整的指纹 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
#要为稳定的 nginx 软件包设置 apt 存储库,请运行以下命令:
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/debian `lsb_release -cs` nginx" | tee /etc/apt/sources.list.d/nginx.list
#设置存储库锁定以优先使用我们的包,而不是发行版提供的包
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | tee /etc/apt/preferences.d/99nginx
#要安装 nginx,请运行以下命令:
apt update
apt install nginx

安装php8.3

apt install curl
#添加 ondrej/php 存储库,依次执行下面的命令:
apt install apt-transport-https
curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg
echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" >> /etc/apt/sources.list.d/php.list
apt update

#安装新的PHP 8.3包:
apt install php8.3-fpm php8.3-cli php8.3-mysql php8.3-curl php8.3-mbstring php8.3-xml php8.3-gd

#测试php是否安装正确:
php -v

设置php

打开 php-fpm配置文件 /etc/php/7.3/fpm/php.ini
nano /etc/php/7.3/fpm/php.ini
找到 cgi.fix_pathinfo 参数,改为:
cgi.fix_pathinfo=0

nano /etc/php/8.3/fpm/pool.d/www.conf

找到 listen = /run/php/php8.3-fpm.sock 注释掉
然后添加 listen = 127.0.0.1:9000

申请证书

申请证书
systemctl stop nginx
apt install socat curl cron
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
~/.acme.sh/acme.sh --issue -d www.kkiikk.top --standalone -k ec-256 --force --test
rm -rf ~/.acme.sh/www.kkiikk.top_ecc
以上是测试
~/.acme.sh/acme.sh --issue -d www.kkiikk.top --standalone -k ec-256 --force
mkdir /etc/nginx/ssl/
~/.acme.sh/acme.sh --installcert -d www.kkiikk.top --fullchainpath /etc/nginx/ssl/www.kkiikk.top.crt --keypath /etc/nginx/ssl/www.kkiikk.top.key --ecc --force

nginx.conf配置

编辑/etc/nginx/nginx.conf文件

nano /etc/nginx/nginx.conf

注意include /etc/nginx/mime.types;必须写,否则可能造成css无法加载,注意'用户',设置错误可能造成无法修改语言等问题

user  www-data; #注意用户名
worker_processes  auto;
error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       /etc/nginx/mime.types; #注意路径,必须写,否则可能造成css无法加载
    default_type  application/octet-stream;
    log_format  main  '\$remote_addr - \$remote_user [\$time_local] "\$request" '
                      '\$status \$body_bytes_sent "\$http_referer" '
                      '"\$http_user_agent" "\$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  120;
    client_max_body_size 20m;
    #gzip  on;
    include /etc/nginx/conf.d/*.conf;
}

编辑www.conf文件

nano /etc/nginx/conf.d/www.conf

ssl访问配置

server {
    listen 0.0.0.0:443 ssl;
    listen [::]:443 ssl;
    ssl_certificate       /etc/nginx/ssl/www.kkiikk.top.crt;
    ssl_certificate_key   /etc/nginx/ssl/www.kkiikk.top.key;
    ssl_protocols         TLSv1.3 TLSv1.2;
    ssl_ciphers             TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
    server_name www.kkiikk.top;
    index index.html index.htm index.php;
    root  /html/wordpress;
    error_page 400 = /400.html;

    location ~ [^/]\.php(/|$) {
            try_files $uri =404;
            fastcgi_pass 127.0.0.1:9000; #这里注意,填写与php-fpm的listen相对应的端口
            fastcgi_index index.php;
            set $path_info $fastcgi_path_info;
            set $real_script_name $fastcgi_script_name;
            if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
                set $real_script_name $1;
                set $path_info $2;
            }
            fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
            fastcgi_param SCRIPT_NAME $real_script_name;
            fastcgi_param PATH_INFO $path_info;
            include fastcgi_params;
    }

    location / {
            try_files $uri $uri/ /index.php?$args;
    }

    # Config for 0-RTT in TLSv1.3
    ssl_stapling on;
    ssl_stapling_verify on;
    proxy_set_header Early-Data $ssl_early_data;
    add_header Strict-Transport-Security "max-age=31536000";
}
server {
listen 80;
listen [::]:80;   #没有ipv6的话要注释掉这行
server_name www.kkiikk.top;
return 301 https://www.kkiikk.top$request_uri;
}

安装WordPress并配置

安装WordPress
下载并解压 WordPress 包:
首先安装wget

apt install wget 

进入网站根目录,删除原先测试的文件夹,再进行下载

mkdir /html
cd /html
rm wordpress -r

获取并安装wordpress

wget --no-check-certificate https://wordpress.org/latest.tar.gz -O wordpress.tar.gz
tar -zxvf wordpress.tar.gz
rm wordpress.tar.gz

解压缩后,给wordpress根目录赋予www-data用户的读写权限

chown -R www-data:www-data wordpress/
systemctl start php8.3-fpm
systemctl start nginx

最后打开浏览器输入IP地址或者是域名,完成wordpress配置
如果出现502错误,可以重启试一试
第一次打开wordpress需要配置数据库,数据库名db_wordpress,用户名user_wordpress,密码yourpassword,数据库主机localhost,表前缀默认

无标签
评论区
头像