typecho-nginx部署

作者 by Joab / 2022-05-06 / 1 评论 / 50 个足迹

typecho下载

cd /opt
wget https://github.com/typecho/typecho/releases/latest/download/typecho.zip
unzip typecho.zip -d typecho

插件列表

http://docs.typecho.org/plugins/download

nginx安装

yum -y install nginx
systemctl start nginx
systemctl enable nginx

php下载

yum install -y http://rpms.remirepo.net/enterprise/remi-release-7.rpm           
yum --enablerepo=remi-php74 install -y php-fpm php-mcrypt php-curl php-cli php-mysql php-gd php-xsl php-json php-intl php-pear php-devel php-common php-mbstring php-tidy php-zip php-soap curl

设置php

vim /etc/php.ini
cgi.fix_pathinfo=1
#更改php-fpm配置文件
vim /etc/php-fpm.d/www.conf         //编辑配置文件

---
user = nginx
group = nginx

listen = /var/run/php-fpm/php-fpm.sock

listen.owner = nginx
listen.group = nginx
listen.mode = 0660

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
---

启动php-fpm

systemctl start php-fpm
systemctl enable php-fpm

mariadb安装

vim /etc/yum.repos.d/mariadb.repo      //新建repo

[mariadb]
name = MariaDB
baseurl = http://mirrors.aliyun.com/mariadb/yum/10.4/centos/7.6/x86_64/
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
enabled=1
gpgcheck=1

# 安装
yum -y install MariaDB-server MariaDB-client
systemctl start mariadb
systemctl enable mariadb

提示:mysql-community-client-5.7.38-1.el7.x86_64.rpm 的公钥尚未安装

rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022

初始化数据库

mysql_secure_installation      //初始化mysql,设置好root密码
mysql -u root -p ****          //登陆mysql

mysql > create database typechodb;   //新建数据库
mysql > create user 'typechodb'@'localhost' identified by 'Huayun@123';   //新建用户
mysql > grant all privileges on typechodb.* to typechodb@localhost identified by 'Huayun@123';     //赋予新建用户权限
# 打开root远程连接
mysql > GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'IDENTIFIED BY '123456' WITH GRANT OPTION; 
mysql > flush privileges;       //刷新权限
mysql > exit;         //退出mysql视图

配置nginx 中typecho.conf

vim /etc/nginx/conf.d/typecho.conf

server {
    listen 80;
    server_name linqiaobao.cn;
    root /opt/typecho;
    access_log  /var/log/nginx/typecho_access.log;
    error_log  /var/log/nginx/typecho_error.log;

    client_max_body_size 1G;
    fastcgi_buffers 64 4K;

    index  index.php;
    # 没有ssl证书可以注释
    # 把http的域名请求转成https
    return 301 https://$host$request_uri;
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) {
        deny all;
    }

    location ~ \.php(?:$|/) {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
    }

    location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
        expires 30d;
        access_log off;
    }
}
# 没有ssl证书可以注释
server {
    listen 443 ssl;
    server_name linqiaobao.cn;
    root /opt/typecho;

    access_log  /var/log/nginx/typecho_access.log;
    error_log  /var/log/nginx/typecho_error.log;

    client_max_body_size 1G;
    fastcgi_buffers 64 4K;

    index  index.php;

    ssl_certificate  /etc/nginx/cert/linqiaobao.cn_nginx/linqiaobao.cn_bundle.crt;
    #    // 改成你的证书的名字
    ssl_certificate_key /etc/nginx/cert/linqiaobao.cn_nginx/linqiaobao.cn.key;
    #    // 你的证书的名字
    ssl_session_timeout 5m;
    #请按照以下协议配置
    ssl_protocols TLSv1.2 TLSv1.3;
    #请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) {
        deny all;
    }

    location ~ \.php(?:$|/) {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
    }

    location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
        expires 30d;
        access_log off;
    }
}

腾讯云Nginx 服务器 SSL 证书安装部署

备注

  1. 安装过程中会提示usr/uploads/ 无权限 ,这个目录的绝对路径在 /opt/typecho/usr/uploads,chmod 777 /opt/typecho/usr/uploads
  2. 有可能通过域名无法打开,使用ip去安装
  3. 主题、插件、上传的文件在/opt/typecho/usr

大功告成
1651831321097.png

独特见解

 评论 1 条