Try   HackMD

Updated: 2023/07/22

Prerequisite (Ubuntu 22.04)

  • MySQL
sudo apt install mysql-server
  • PHP
sudo apt install php-imagick php8.1-fpm php8.1-mbstring php8.1-bcmath php8.1-xml php8.1-mysql php8.1-common php8.1-gd php8.1-cli php8.1-curl php8.1-zip
  • Nginx and certbot
sudo apt install nginx certbot python3-certbot-nginx

Create User and Database for WordPress

  1. Login MySQL server
mysql -u <root_name> -p
# Enter password: 
  1. Create MySQL user and database for WordPress
/* The following command under mysql> */

/* Create User */
create user <user_name>@localhost identified by <password>;

/* Create database */
create database wordpress;

/* Grant privileges */
grant all privileges on wordpress.* to <user_name>@localhost;

/* Flush privileges */
flush privileges;

exit;

Download and Configure WordPress

  1. Download WordPress from wordpress.org
wget https://tw.wordpress.org/latest-zh_TW.tar.gz
  1. Extract file
# Assume file name as "latest-zh_TW.tar.gz"
tar -xzvf latest-zh_TW.tar.gz
  1. Move files into Nginx shared directory
# Assume extracted directory as "wordpress"
# Rename directory into "<domain_name>" for reminded
sudo mv wordpress /usr/share/nginx/<domain_name>
  1. Create wp-config.php file
# cd under wordpress directory
cd /usr/share/nginx/<domain_name>

# Copy wp-config-sample.php file and rename to wp-config.php
sudo mv wp-config-sample.php wp-config.php
  1. Configure wp-config.php file
# In file '/usr/share/nginx/<domain_name>/wp-config.php'

# The name of the database for WordPress
define('DB_NAME', 'database_name_here');

# MySQL database username
define('DB_USER', 'username_here');

# MySQL database password
define('DB_PASSWORD', 'password_here');

# Highly recommended to change $table_prefix setting for security
$table_prefix = 'wp_';
  1. Set privilege
# Change privilege to owner only
sudo chmod 640 wp-config.php

# Change owner to www-data (Nginx)
sudo chown -R www-data:www-data /usr/share/nginx/<domain_name>

Deploy WordPress via Nginx

  1. Create new server block file under /etc/nginx/conf.d/
# Create new file
sudo nano /etc/nginx/conf.d/<domain_name>.conf
  1. Configure <domain_name>.conf file
# In file '/etc/nginx/conf.d/<domain_name>.conf'

server {
  listen 80;
  listen [::]:80;
  server_name <domain_name>;
  root /usr/share/nginx/<domain_name>/;
  index index.php index.html index.htm index.nginx-debian.html;

  error_log /var/log/nginx/wordpress.error;
  access_log /var/log/nginx/wordpress.access;

  location / {
    try_files $uri $uri/ /index.php;
  }

   location ~ ^/wp-json/ {
     rewrite ^/wp-json/(.*?)$ /?rest_route=/$1 last;
   }

  location ~* /wp-sitemap.*\.xml {
    try_files $uri $uri/ /index.php$is_args$args;
  }

  error_page 404 /404.html;
  error_page 500 502 503 504 /50x.html;

  client_max_body_size 20M;

  location = /50x.html {
    root /usr/share/nginx/html;
  }

  location ~ \.php$ {
    fastcgi_pass unix:/run/php/php8.1-fpm.sock;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
    include snippets/fastcgi-php.conf;
    fastcgi_buffers 1024 4k;
    fastcgi_buffer_size 128k;
  }

  #enable gzip compression
  gzip on;
  gzip_vary on;
  gzip_min_length 1000;
  gzip_comp_level 5;
  gzip_types application/json text/css application/x-javascript application/javascript image/svg+xml;
  gzip_proxied any;

  # A long browser cache lifetime can speed up repeat visits to your page
  location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
       access_log        off;
       log_not_found     off;
       expires           360d;
  }

  # disable access to hidden files
  location ~ /\.ht {
      access_log off;
      log_not_found off;
      deny all;
  }
}
  1. Check and reload Nginx setting
# Check setting 
sudo nginx -t

# Reload Nginx
sudo systemctl reload nginx
  1. Cert WordPress with Nginx via Let's Encrypt
sudo certbot --non-interactive --redirect --agree-tos --nginx -d <domain_name> -m <your_email>
  1. We are now able to access the website by typing the <domain_name> at the browser address bar using https!

Reference