Wordpress架設 - Debian 12

運行環境

• PVE
• LXC
• Debian 12

安裝nginx mariadb

apt update
apt -y install nginx mariadb-server

systemctl enable nginx
systemctl start nginx

systemctl enable mariadb
systemctl start mariadb

安裝PHP

apt -y install php php-cli php-fpm php-mysql php-json php-opcache php-mbstring php-xml php-gd php-curl libapache2-mod-php8.2-

初始化mariadb

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we’ll need the current
password for the root user. If you‘ve just installed MariaDB, and
haven’t set the root password yet, you should just press enter here.
#按『Enter鍵』跳到下一步
Enter current password for root (enter for none):
OK, successfully used password, moving on...
#下面兩個是跟密碼設定相關的問題，請視情況來進行設定，以本篇教學的環境來說，
#系統的root權限已經設定了密碼，前兩題都輸入『n』跳過設定；
#若MariaDB沒有密碼，請在第一題輸入『n』，第二題輸入『y』來設定MariaDB root的新密碼。
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] n
 ... skipping.
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] n
 ... skipping.
#第三個問題：預設有建立了一個匿名使用者，輸入『y』來移除匿名使用者。
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
 ... Success!
#第四個問題：只允許root從localhost訪問DB，故輸入『y』不允許遠端登入。
Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
 ... Success!
#第五個問題：是否移除『test』測試資料庫，輸入『y』進行移除。
By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
#第六個問題：是否重新刷新權限表，輸入『y』立即更新以完成所有的初始化設定。
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
 ... Success!
Cleaning up...
All done!  If you‘ve completed all of the above steps, your MariaDB
installation should now be secure.
#上面步驟完成後，MariaDB會自動退出安全性設定介面。
Thanks for using MariaDB!

建立資料庫和使用者

mariadb -u root -p
CREATE DATABASE wordpress;
GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost' IDENTIFIED BY 'wpuserpswd' WITH GRANT OPTION;
FLUSH PRIVILEGES;
exit

修改PHP設定

編輯/etc/php/8.2/fpm/php.ini

cgi.fix_pathinfo=0
[Date]
date.timezone = Asia/Taipei
upload_max_filesize = 50M
post_max_size = 200M
memory_limit = 512M
max_execution_time = 600
max_input_time = 600
default_socket_timeout = 600

systemctl start php8.2-fpm && systemctl enable php8.2-fpm

設定 Nginx

編輯/etc/nginx/nginx.conf

http區塊加入

client_max_body_size 50M;
client_body_timeout 120s;

建立nginx wordpress設定檔

建立/etc/nginx/conf.d/wordpress.conf

server {
            listen 80;
            root /var/www/html;
            index index.php index.html;
            server_name _;

            access_log /var/log/nginx/wordpress.access.log;
            error_log /var/log/nginx/wordpress.error.log;

            location / {
                         try_files $uri $uri/ =404;
            }
                        location /wordpress {
                                                 if (-f $request_filename/index.html){
                                                        rewrite (.*) $1/wordpress/index.html break;
                                                }
                                                if (-f $request_filename/index.php){
                                                        rewrite (.*) $1/wordpress/index.php;
                                                }
                                                if (!-f $request_filename){
                                                        rewrite (.*) /wordpress/index.php;
                                                }
            }
                        location /wordpress/wp-admin {
                                                #try_files $uri $uri/ /index.php?$args; 
                                                 rewrite /wp-admin$ $scheme://$host$uri/ permanent;
            }
            location ~ \.php$ {
                         include snippets/fastcgi-php.conf;
                         fastcgi_intercept_errors on;
                         fastcgi_pass unix:/run/php/php8.2-fpm.sock;
            }
            
            location ~ /\.ht {
                         deny all;
            }

            location = /favicon.ico {
                         log_not_found off;
                         access_log off;
            }

            location = /robots.txt {
                         allow all;
                         log_not_found off;
                         access_log off;
           }
       
            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                         expires max;
                         log_not_found off;
           }
}

rm /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default

systemctl restart nginx

下載Wordpress

mkdir -p /var/www/html

cd /var/www/html
wget https://tw.wordpress.org/wordpress-6.7-zh_TW.tar.gz
tar -zxvf wordpress-6.7-zh_TW.tar.gz
rm wordpress-6.7-zh_TW.tar.gz
chown -R www-data:www-data wordpress/

瀏覽器http://ip，輸入創建的資料庫、使用者和密碼進行安裝

關閉自動更新

安裝後可設定關閉更新，編輯wp-config.php加入以下設定

define( 'AUTOMATIC_UPDATER_DISABLED', true );
define( 'WP_AUTO_UPDATE_CORE', false );