主機 deploy (Ubuntu 20.04 up + nginx + php 7.4 + mysql 8)

# 主機 deploy (Ubuntu 20.04 up + nginx + php 7.4 + mysql 8) 1. ## 更新主機 ``` sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get dist-upgrade -y # update有錯誤時輸入下方指令 sudo apt update --allow-releaseinfo-change ``` 1. ## 安裝 composer ``` sudo apt-get update && sudo apt-get install composer -y ``` 1. ## 安裝 nginx ``` sudo apt-get update && sudo apt-get install nginx -y sudo ufw allow 'Nginx Full' sudo systemctl restart nginx.service sudo systemctl enable nginx.service ``` 1. ## 安裝 php ``` sudo apt-get install software-properties-common sudo add-apt-repository ppa:ondrej/php sudo add-apt-repository ppa:ondrej/nginx sudo apt-get update sudo apt-get install php7.4 php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-mysql php7.4-mbstring php7.4-zip php7.4-fpm php7.4-gmp php7.4-bcmath php7.4-intl php7.4-curl php7.4-xml php7.4-gd php7.4-imagick unzip imagemagick -y sudo systemctl restart php7.4-fpm.service sudo systemctl enable php7.4-fpm.service #php8.1 sudo apt-get install php8.1 php8.1-cli php8.1-common php8.1-opcache php8.1-mysql php8.1-mbstring php8.1-zip php8.1-fpm php8.1-gmp php8.1-bcmath php8.1-intl php8.1-curl php8.1-xml php8.1-gd php8.1-imagick unzip imagemagick -y sudo systemctl restart php8.1-fpm.service sudo systemctl enable php8.1-fpm.service #php8.3 sudo apt-get install php8.3 php8.3-cli php8.3-common php8.3-opcache php8.3-mysql php8.3-mbstring php8.3-zip php8.3-fpm php8.3-gmp php8.3-bcmath php8.3-intl php8.3-curl php8.3-xml php8.3-gd php8.3-imagick unzip imagemagick -y sudo systemctl restart php8.3-fpm.service sudo systemctl enable php8.3-fpm.service #php8.4 sudo apt-get install php8.4 php8.4-cli php8.4-common php8.4-opcache php8.4-mysql php8.4-mbstring php8.4-zip php8.4-fpm php8.4-gmp php8.4-bcmath php8.4-intl php8.4-curl php8.4-xml php8.4-gd php8.4-imagick unzip imagemagick -y sudo systemctl restart php8.4-fpm.service sudo systemctl enable php8.4-fpm.service ``` #### 編輯 php.ini ``` sudo vim /etc/php/7.4/fpm/php.ini #php8.1 sudo vim /etc/php/8.1/fpm/php.ini #php8.3 sudo vim /etc/php/8.3/fpm/php.ini #php8.4 sudo vim /etc/php/8.4/fpm/php.ini ``` #### 更新這行 ``` cgi.fix_pathinfo=0 ``` #### 重啟 php-fpm ``` sudo systemctl restart php7.4-fpm.service #php8.1 sudo systemctl restart php8.1-fpm.service #php8.3 sudo systemctl restart php8.3-fpm.service #php8.4 sudo systemctl restart php8.4-fpm.service ``` 1. ## 安裝 mysql / mariadb ``` # mysql sudo apt-get update && sudo apt-get install mysql-server -y or # mariadb sudo apt-get update && sudo apt-get install mariadb-server -y ``` #### 設定帳號 ``` # 登入mysql sudo mysql -u root -p # 建立 wordpress 資料庫 CREATE DATABASE IF NOT EXISTS wordpress; # 建立外連帳號 CREATE USER IF NOT EXISTS 'wordpress'@'%' IDENTIFIED BY '{密碼}'; GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'%' WITH GRANT OPTION; ALTER USER 'wordpress'@'%' IDENTIFIED WITH mysql_native_password BY '{密碼}'; ``` 1. ## 更新檔案權限 ``` sudo chown -R www-data:www-data /var/www/html/ ``` 1. ## 設定 nginx virtual host #### 產生 virtual host 檔案 ``` sudo vim /etc/nginx/sites-available/eat2die.com ``` #### virtual host 設定 ``` server { listen 80; server_name eat2die.com www.eat2die.com; root /var/www/html/eat2die; index index.php index.html index.htm; charset utf-8; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; location / { try_files $uri $uri/ /index.php?$query_string; limit_conn per_ip 20; limit_req zone=one burst=5 nodelay; } location = /favicon.ico { access_log off; log_not_found off; } location = /robots.txt { access_log off; log_not_found off; } access_log /var/log/nginx/eat2die.com-access.log combined; error_log /var/log/nginx/eat2die.com-error.log error; sendfile on; location ~* \.(jpg|jpeg|gif|png|css|js|ico|woff|woff2|ttf|svg|eot)$ { expires 30d; add_header Cache-Control "public, no-transform"; access_log off; log_not_found off; } client_max_body_size 1024m; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php/php8.3-fpm.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; fastcgi_buffer_size 32k; fastcgi_buffers 8 16k; fastcgi_connect_timeout 60s; fastcgi_send_timeout 120s; fastcgi_read_timeout 120s; fastcgi_busy_buffers_size 64k; fastcgi_temp_file_write_size 64k; try_files $uri =404; } location ~ /\.(?!well-known).* { deny all; access_log off; log_not_found off; } location ~* \.(git|svn|env|ini|log|sh|bak|swp|psd|sqlite|md|yml|yaml|lock|json|zip|tar|gz|rar|7z)$ { deny all; access_log off; log_not_found off; } location = /xmlrpc.php { deny all; access_log off; log_not_found off; } location ~ /\.ht { deny all; access_log off; log_not_found off; } } ``` #### 製作 site-enabled 軟連結 ``` sudo ln -s /etc/nginx/sites-available/eat2die.com /etc/nginx/sites-enabled/eat2die.com ``` #### 重啟 nginx ``` sudo systemctl restart nginx.service ``` 1. ## 安裝phpmyadmin ``` sudo apt-get install phpmyadmin -y sudo ln -s /usr/share/phpmyadmin /var/www/phpmyadmin ``` 1. ## 安裝certbot ``` sudo snap install core; sudo snap refresh core sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot ``` 1. ## 安裝憑證 ``` sudo certbot --nginx ``` 1. ## 安裝 Memcached ``` sudo apt install memcached libmemcached-tools -y sudo apt install php-memcached php8.3-memcached php8.4-memcached -y sudo systemctl restart php*-fpm sudo systemctl enable memcached sudo systemctl start memcached # 測試 Memcached systemctl status memcached echo stats | nc localhost 11211 php -m | grep memcached ``` 1. ## 安裝 Redis ``` sudo apt install redis-server -y sudo systemctl enable redis-server sudo systemctl start redis-server sudo systemctl restart redis-server # 測試 Redis redis-cli ping ```