分类 Linux 下的文章

首先修改nginx配置;然后在后台配置typecho伪静态即可。
  1. Nginx配置

    server {
     listen 80;
     server_name yourdomain.com;
     root /www/yourdomain/;
    
     index index.html index.htm index.php;
    
     if (!-e $request_filename) {
         rewrite ^(.*)$ /index.php$1 last;
     }
    
     error_page   500 502 503 504  /50x.html;
    
     location ~ .*\.php(\/.*)*$ {
         #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
         include fastcgi_params;
         fastcgi_intercept_errors on;
         fastcgi_pass unix:/run/php/php8.0-fpm.sock;
         fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
     }
    }
  2. 后台配置typecho伪静态

一、防火墙服务

systemctl start firewalld.service       #启动
systemctl stop firewalld.service        #关闭
systemctl restart firewalldservice      #重启
systemctl status firewalld.service      #显示防火墙的状态
systemctl enable firewalld.service      #开机时启动
systemctl disable firewalldservice      #开机时禁用
systemctlis-enabled firewalldservice    #查看防火墙是否开机启动
systemctl list-unit-files/grep enabled  #查看已启动的服务列表
systemctl--failed                       #查看启动失败的服务列表

二、防火墙配置

firewall-cmd --version
firewall-cmd --help
firewall-cmd --state
firewall-cmd --zone=public --list-ports  #查看所有打开的端口
firewall-cmd --get-active-zones          #查看区域信息
firewall-cmd -get-zone-of-interface=eth0 #查看指定接口所属区域
firewall-cmd --panic-on                  #拒绝所有包、取消拒绝状态、查看是否拒绝
firewall-cmd --panic-off 
firewall-cmd -query-panic
firewall-cmd--zone=public --add-port=3306/tcp --permanent     #开启3306端口,-permanent永久生效(区域public)
firewall-cmd --add-port=65001-65010/tcp --permanent      #永久增加65001-65010例外(全局) 
firewall-cmd--reload
firewall-cmd --zone=public -queryport=3306/tcp              #查看3306端口是否开放
firewall-cmd --zone=public --removeport=3306/tcp --permanent  #删除3306端口配置

三、配置文件

[root]# vi /etc/firewalld/zones/public.xml

<?xml version="1.0" encoding="utf-8"?>
<zone>
  <short>Public</short>
  <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
  <service name="ssh"/>
  <service name="dhcpv6-client"/>
  <service name="cockpit"/>
  <port port="8080" protocol="tcp"/>
  <port port="8443" protocol="tcp"/>
  <port port="8175" protocol="tcp"/>
  <rule family="ipv4">
    <source address="123.x.x.14"/>
    <port protocol="tcp" port="10050-10051"/> ##可以开放端口地址范围"10050-10051",不单只限定一个端口
    <accept/>
  </rule>
  <rule family="ipv4">
    <source address="192.x.x.114"/>      ##放通指定ip,指定端口、协议
    <port protocol="tcp" port="80"/>
    <accept/>
  </rule>
  <rule family="ipv4">                        ##放通任意ip访问服务器的9527端口
    <port protocol="tcp" port="9527"/>
    <accept/>
  </rule>
</zone>

使用rm+grep

例如:删除当前文件夹下.c和 .h 文件以外的文件

rm -f `ls ./ | egrep -v "(.c$|.h$)"` 
  1. ls 列出所有文件;  
  2. egrep -v 查找所有不包含 .c和 .h的文件; .c$ - 以.c结尾的文件
  3. rm -f强制删除符合条件的文件

egrep - 查询多个关键字;

除了错误消息和使用消息不同以及 -s 标志的功能不同之外, egrep 命令与 grep 命令带 -E 标志是一样的。

一、MySQL 5.7

1.添加存储库

在Debian 11和Debian 10上下载并安装 mysql 存储库设置包。

# wget https://dev.mysql.com/get/mysql-apt-config_0.8.18-1_all.deb
# dpkg -i mysql-apt-config_0.8.18-1_all.deb
Debian buster->MySQL Server & Cluster->mysql-5.7->Ok

2.安装MySQL

更新存储库索引

# apt update
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
Get:4 http://repo.mysql.com/apt/debian buster InRelease [22.1 kB]
Hit:5 http://nginx.org/packages/debian bullseye InRelease
Err:4 http://repo.mysql.com/apt/debian buster InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 467B942D3A79BD29
Reading package lists... Done
W: GPG error: http://repo.mysql.com/apt/debian buster InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 467B942D3A79BD29
E: The repository 'http://repo.mysql.com/apt/debian buster InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

在Debian 11上导入缺失的GPG密钥

# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 467B942D3A79BD29
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.3evQg0TN8t/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 467B942D3A79BD29
gpg: key 467B942D3A79BD29: public key "MySQL Release Engineering <mysql-build@oss.oracle.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
# apt update
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
Get:4 http://repo.mysql.com/apt/debian buster InRelease [22.1 kB]
Hit:5 http://nginx.org/packages/debian bullseye InRelease
Get:6 http://repo.mysql.com/apt/debian buster/mysql-5.7 Sources [909 B]
Get:7 http://repo.mysql.com/apt/debian buster/mysql-apt-config amd64 Packages [565 B]
Get:8 http://repo.mysql.com/apt/debian buster/mysql-5.7 amd64 Packages [5,687 B]
Get:9 http://repo.mysql.com/apt/debian buster/mysql-tools amd64 Packages [8,237 B]
Fetched 37.5 kB in 3s (11.5 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
1 package can be upgraded. Run 'apt list --upgradable' to see it.

安装MySQL 5.7服务包

# apt install -y mysql-community-server
...
mysql-community-server (5.7.42-1debian10) ...
Setting up libmecab2:amd64 (0.996-14+b4) ...
Setting up mysql-common (5.8+1.0.7) ...
update-alternatives: using /etc/mysql/my.cnf.fallback to provide /etc/mysql/my.cnf (my.cnf) in auto mode
Setting up psmisc (23.4-2) ...
Setting up perl-modules-5.32 (5.32.1-4+deb11u2) ...
Setting up libatomic1:amd64 (10.2.1-6) ...
Setting up libnuma1:amd64 (2.0.12-1+b1) ...
Setting up libaio1:amd64 (0.3.112-9) ...
Setting up libgdbm6:amd64 (1.19-2) ...
Setting up mysql-community-client (5.7.42-1debian10) ...
Setting up mysql-client (5.7.42-1debian10) ...
Setting up libgdbm-compat4:amd64 (1.19-2) ...
Setting up libperl5.32:amd64 (5.32.1-4+deb11u2) ...
Setting up perl (5.32.1-4+deb11u2) ...
Setting up mysql-community-server (5.7.42-1debian10) ...
update-alternatives: using /etc/mysql/mysql.cnf to provide /etc/mysql/my.cnf (my.cnf) in auto mode
Created symlink /etc/systemd/system/multi-user.target.wants/mysql.service → /lib/systemd/system/mysql.service.
Processing triggers for libc-bin (2.31-13+deb11u6) ...

3.启动MySQL服务

设置MySQL服务为自启动。

# systemctl restart mysql
# systemctl enable mysql
Synchronizing state of mysql.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable mysql
# systemctl status mysql
● mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset:>
     Active: active (running) since Sun 2023-07-09 01:02:54 EDT; 16s ago
   Main PID: 28128 (mysqld)
      Tasks: 27 (limit: 1150)
     Memory: 172.5M
        CPU: 483ms
     CGroup: /system.slice/mysql.service
             └─28128 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/my>
             
Jul 09 01:02:54 proud-delight-1.localdomain systemd[1]: Starting MySQL Communit>
Jul 09 01:02:54 proud-delight-1.localdomain systemd[1]: Started MySQL Community>

4.MySQL安全配置

# mysql_secure_installation
Securing the MySQL server deployment.

Enter password for user root:

VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No: n
Using existing password for root.
Change the password for root ? ((Press y|Y for Yes, any other key for No) : n

 ... skipping.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Success.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y

 - Dropping test database...
   Success.

 - Removing privileges on test database...
   Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.

All done!

5.客户端连接

# mysql -u root -p

6.允许远程连接

# open MySQL port 3306 on the firewall
sudo ufw allow mysql

# allow specific addresses to connect to mysql
sudo ufw allow from 192.168.100.222 to any port 3306

二、安装PHP

1.更新系统

# apt update
# apt -y upgrade
# apt reboot

2.添加存储库

安装依赖

# apt install -y lsb-release ca-certificates apt-transport-https software-properties-common gnupg2
...
Creating config file /etc/apt/apt.conf.d/50unattended-upgrades with new version
Created symlink /etc/systemd/system/multi-user.target.wants/unattended-upgrades.service → /lib/systemd/system/unattended-upgrades.service.
Synchronizing state of unattended-upgrades.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable unattended-upgrades
Setting up python3-software-properties (0.96.20.2-2.1) ...
Setting up gir1.2-glib-2.0:amd64 (1.66.1-1+b1) ...
Setting up libpolkit-agent-1-0:amd64 (0.105-31+deb11u1) ...
Setting up policykit-1 (0.105-31+deb11u1) ...
Setting up gir1.2-packagekitglib-1.0 (1.2.2-2) ...
Setting up python3-gi (3.38.0-2) ...
Setting up packagekit (1.2.2-2) ...
Created symlink /etc/systemd/user/sockets.target.wants/pk-debconf-helper.socket → /usr/lib/systemd/user/pk-debconf-helper.socket.
Setting up packagekit-tools (1.2.2-2) ...
Setting up software-properties-common (0.96.20.2-2.1) ...
Processing triggers for libc-bin (2.31-13+deb11u6) ...
Processing triggers for dbus (1.12.24-0+deb11u1) ...

添加PHP包APT存储库到服务器

# echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/sury-php.list
deb https://packages.sury.org/php/ bullseye main

导入存储库密钥

# wget -qO - https://packages.sury.org/php/apt.gpg | sudo apt-key add -
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK

执行包索引更新以确认存储库已添加

# apt update
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
Hit:4 http://repo.mysql.com/apt/debian buster InRelease
Hit:5 https://packages.sury.org/php bullseye InRelease
Hit:6 http://nginx.org/packages/debian bullseye InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
8 packages can be upgraded. Run 'apt list --upgradable' to see them.

3.安装PHP

# apt install php8.0
...
After this operation, 29.0 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
...
Enabling module status.
Enabling module reqtimeout.
Enabling conf charset.
Enabling conf localized-error-pages.
Enabling conf other-vhosts-access-log.
Enabling conf security.
Enabling conf serve-cgi-bin.
Enabling site 000-default.
info: Switch to mpm prefork for package libapache2-mod-php8.0
Module mpm_event disabled.
Enabling module mpm_prefork.
info: Executing deferred 'a2enmod php8.0' for package libapache2-mod-php8.0
Enabling module php8.0.
Created symlink /etc/systemd/system/multi-user.target.wants/apache2.service → /lib/systemd/system/apache2.service.
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.
Created symlink /etc/systemd/system/multi-user.target.wants/apache-htcacheclean.service → /lib/systemd/system/apache-htcacheclean.service.
Setting up php8.0 (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
Processing triggers for libc-bin (2.31-13+deb11u6) ...
Processing triggers for php8.0-cli (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
Processing triggers for libapache2-mod-php8.0 (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
# php -v
PHP 8.0.29 (cli) (built: Jun  9 2023 07:37:37) ( NTS )
Copyright (c) The PHP Group
Zend Engine v4.0.29, Copyright (c) Zend Technologies
    with Zend OPcache v8.0.29, Copyright (c), by Zend Technologies

4.安装PHP扩展

# apt install php8.0-{mysql,cli,common,imap,ldap,xml,fpm,curl,mbstring,zip}
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
php8.0-cli is already the newest version (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff).
php8.0-cli set to manually installed.
php8.0-common is already the newest version (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff).
php8.0-common set to manually installed.
The following additional packages will be installed:
  libc-client2007e libxslt1.1 libzip4 mlock
Suggested packages:
  uw-mailutils php-pear
The following NEW packages will be installed:
  libc-client2007e libxslt1.1 libzip4 mlock php8.0-curl php8.0-fpm php8.0-imap php8.0-ldap php8.0-mbstring php8.0-mysql
  php8.0-xml php8.0-zip
0 upgraded, 12 newly installed, 0 to remove and 7 not upgraded.
Need to get 3,154 kB of archives.

Creating config file /etc/php/8.0/mods-available/simplexml.ini with new version

Creating config file /etc/php/8.0/mods-available/xml.ini with new version

Creating config file /etc/php/8.0/mods-available/xmlreader.ini with new version

Creating config file /etc/php/8.0/mods-available/xmlwriter.ini with new version

Creating config file /etc/php/8.0/mods-available/xsl.ini with new version
Setting up php8.0-imap (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...

Creating config file /etc/php/8.0/mods-available/imap.ini with new version
Processing triggers for libapache2-mod-php8.0 (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
Processing triggers for libc-bin (2.31-13+deb11u6) ...
Processing triggers for php8.0-cli (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
Processing triggers for php8.0-fpm (1:8.0.29-1+0~20230609.54+debian11~1.gbp7b07ff) ...
NOTICE: Not enabling PHP 8.0 FPM by default.
NOTICE: To enable PHP 8.0 FPM in Apache2 do:
NOTICE: a2enmod proxy_fcgi setenvif
NOTICE: a2enconf php8.0-fpm
NOTICE: You are seeing this message because you have apache2 package installed.

检查加载的PHP模块

# php -m

5.配置Nginx

Nginx 新版本没有 sites-enabledsites-available ;它还有一个不同的 PHP CGI 设置。

NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
/etc/php/8.0/fpm/php.ini

最终配置版本为:

location ~ \.php$ {
    include fastcgi_params;
    fastcgi_intercept_errors on;
    fastcgi_pass unix:/run/php/php8.0-fpm.sock;
    fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
您是第 158118 位访客