1、WordPress一键脚本安装
# 先安装curl, CentOS
yum install -y curl
# Ubuntu安装curl
apt update && apt install -y curl
# 运行WordPress一键脚本
bash <(curl -sL https://raw.githubusercontent.com/tlanyan/Scripts/master/wordpress.sh)
按照提示输入域名,脚本会自动安装PHP、MariaDB等必备软件,最后输出如下配置信息:
WordPress安装成功!
===============================
WordPress安装路径:/var/www/www.clang.monster
WordPress数据库:wordpress
WordPress数据库用户名:wordpress
WordPress数据库密码:I8fdNP1kfXqxmjBs
博客访问地址:http://www.clang.monster
===============================
2、配置SSL
curl https://get.acme.sh | sh
// 创建指令:
alias acme.sh=~/.acme.sh/acme.sh
// 测试收否安装成功:
acme.sh --version
// acme配置
acme.sh --register-account -m [email protected]
// 申请域名对应的证书
acme.sh --issue -d clang.monster -d www.clang.monster -w /var/www/www.clang.monster
–issue是acme.sh脚本用来颁发证书的指令;
-d是–domain的简称,其后面须填写申请的域名;
-w是–webroot的简称,其后面须填写网站的根目录。
// 输出如下
[Sat Apr 16 07:27:24 EDT 2022] Your cert is in: /root/.acme.sh/clang.monster/clang.monster.cer
[Sat Apr 16 07:27:24 EDT 2022] Your cert key is in: /root/.acme.sh/clang.monster/clang.monster.key
[Sat Apr 16 07:27:24 EDT 2022] The intermediate CA cert is in: /root/.acme.sh/clang.monster/ca.cer
[Sat Apr 16 07:27:24 EDT 2022] And the full chain certs is there: /root/.acme.sh/clang.monster/fullchain.cer
// 查看证书
acme.sh --list
acme.sh的更新维护
acme协议和Let's Encrypt CA都在频繁的更新, 因此acme.sh也经常更新以保持同步。
手动更新: acme.sh --upgrade
自动更新:acme.sh --upgrade --auto-upgrade
取消自动更新: acme.sh --upgrade --auto-upgrade 0
3、配置nginx
配置https访问:在/etc/nginx/conf.d下添加www.clang.monster443.conf(名字可以随意):
server {
listen 443 ssl;
# 根据自己的域名修改
server_name www.clang.monster;
ssl on;
# 根据acme生成的路径修改
ssl_certificate /root/.acme.sh/clang.monster/fullchain.cer;
ssl_certificate_key /root/.acme.sh/clang.monster/clang.monster.key;
charset utf-8;
# 根据自己的域名修改
set $host_path "/var/www/www.clang.monster";
access_log /var/log/nginx/www.clang.monster.access.log main buffer=32k flush=30s;
error_log /var/log/nginx/www.clang.monster.error.log;
root $host_path;
set $skip_cache 0;
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# 登录用户或发表评论者
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
location = / {
index index.php index.html;
try_files /index.php?$args /index.php?$args;
}
location / {
index index.php index.html;
try_files $uri $uri/ /index.php?$args;
}
location ~ ^/\.user\.ini {
deny all;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_index index.php;
fastcgi_cache wordpress;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ \.(js|css|png|jpg|jpeg|gif|ico|swf|webp|pdf|txt|doc|docx|xls|xlsx|ppt|pptx|mov|fla|zip|rar)$ {
expires max;
access_log off;
try_files $uri =404;
}
}
配置http强制跳转到https:在/etc/nginx/conf.d下添加www.clang.monster80.conf(名字可以随意):
server {
listen 80;
# 根据实际域名修改
server_name www.clang.monster;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
删除/etc/nginx/conf.d下原有的配置文件:
rm -rf /etc/nginx/conf.d/www.clang.monster.conf
重启nginx服务:
service nginx restart
4、配置PHP
修改/etc/php.ini下配置,实现大文件的上传(默认文件上传的大小太小):
// 修改下面两个配置(可以根据自己的情况修改)
upload_max_filesize = 1024M
post_max_size = 1024M
5、重启系统
reboot