1、WordPress一键脚本安装

1
2
3
4
5
6
# 先安装curl, CentOS
yum install -y curl
# Ubuntu安装curl
apt update && apt install -y curl
# 运行WordPress一键脚本
bash <(curl -sL https://raw.githubusercontent.com/tlanyan/Scripts/master/wordpress.sh)

按照提示输入域名,脚本会自动安装PHP、MariaDB等必备软件,最后输出如下配置信息:

1
2
3
4
5
6
7
8
WordPress安装成功!
===============================
WordPress安装路径:/var/www/www.clang.monster
WordPress数据库:wordpress
WordPress数据库用户名:wordpress
WordPress数据库密码:I8fdNP1kfXqxmjBs
博客访问地址:http://www.clang.monster
===============================

2、配置SSL

1
2
3
4
5
6
7
8
curl https://get.acme.sh | sh

// 创建指令:
alias acme.sh=~/.acme.sh/acme.sh


// 测试收否安装成功:
acme.sh --version
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
// acme配置
acme.sh --register-account -m chenhu656719@gmail.com

// 申请域名对应的证书
acme.sh --issue -d clang.monster -d www.clang.monster -w /var/www/www.clang.monster
–issue是acme.sh脚本用来颁发证书的指令;
-d是–domain的简称,其后面须填写申请的域名;
-w是–webroot的简称,其后面须填写网站的根目录。

// 输出如下
[Sat Apr 16 07:27:24 EDT 2022] Your cert is in: /root/.acme.sh/clang.monster/clang.monster.cer
[Sat Apr 16 07:27:24 EDT 2022] Your cert key is in: /root/.acme.sh/clang.monster/clang.monster.key
[Sat Apr 16 07:27:24 EDT 2022] The intermediate CA cert is in: /root/.acme.sh/clang.monster/ca.cer
[Sat Apr 16 07:27:24 EDT 2022] And the full chain certs is there: /root/.acme.sh/clang.monster/fullchain.cer

// 查看证书
acme.sh --list
1
2
3
4
5
6
acme.sh的更新维护
acme协议和Let's Encrypt CA都在频繁的更新, 因此acme.sh也经常更新以保持同步。

手动更新: acme.sh --upgrade
自动更新:acme.sh --upgrade --auto-upgrade
取消自动更新: acme.sh --upgrade --auto-upgrade 0

3、配置nginx

配置https访问:在/etc/nginx/conf.d下添加www.clang.monster443.conf(名字可以随意):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
server {
listen 443 ssl;
# 根据自己的域名修改
server_name www.clang.monster;

ssl on;
# 根据acme生成的路径修改
ssl_certificate /root/.acme.sh/clang.monster/fullchain.cer;
ssl_certificate_key /root/.acme.sh/clang.monster/clang.monster.key;

charset utf-8;

# 根据自己的域名修改
set $host_path "/var/www/www.clang.monster";
access_log /var/log/nginx/www.clang.monster.access.log main buffer=32k flush=30s;
error_log /var/log/nginx/www.clang.monster.error.log;

root $host_path;

set $skip_cache 0;
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# 登录用户或发表评论者
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}

location = / {
index index.php index.html;
try_files /index.php?$args /index.php?$args;
}

location / {
index index.php index.html;
try_files $uri $uri/ /index.php?$args;
}
location ~ ^/\.user\.ini {
deny all;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_index index.php;
fastcgi_cache wordpress;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ \.(js|css|png|jpg|jpeg|gif|ico|swf|webp|pdf|txt|doc|docx|xls|xlsx|ppt|pptx|mov|fla|zip|rar)$ {
expires max;
access_log off;
try_files $uri =404;
}
}

配置http强制跳转到https:在/etc/nginx/conf.d下添加www.clang.monster80.conf(名字可以随意):

1
2
3
4
5
6
server {
listen 80;
# 根据实际域名修改
server_name www.clang.monster;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}

删除/etc/nginx/conf.d下原有的配置文件:

1
rm -rf /etc/nginx/conf.d/www.clang.monster.conf

重启nginx服务:

1
service nginx restart

4、配置PHP

修改/etc/php.ini下配置,实现大文件的上传(默认文件上传的大小太小):

1
2
3
// 修改下面两个配置(可以根据自己的情况修改)
upload_max_filesize = 1024M
post_max_size = 1024M

5、重启系统

1
reboot