Ubuntu 22.04.1 安装 WordPress (Nginx+MariaDB+PHP)

本文最后更新于 639 天前，其中的信息可能已经有所发展或是发生改变。

内容目录

参考文章 CentOS7安装Nextcloud13 使用（Nginx+MariaDB+PHP）_WolfBolin技术博客-CSDN博客

环境说明

WSL Ubuntu 22.04.1

基础初始化

新服务器中所有自带服务都需要更新

sudo apt update && sudu apt upgrade -y

安装 nginx 并添加基础配置

sudo apt install nginx -y

安装完成之后打开文件 /etc/nginx/nginx.conf ，前五十行中包含以下内容：

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

在include /etc/nginx/conf.d/*.conf;前面添加如下配置：

        upstream php-handler {
                #server 127.0.0.1:9000;
                server unix:/run/php/php-fpm.sock;
        }

即：

        upstream php-handler {
                #server 127.0.0.1:9000;
                server unix:/run/php/php-fpm.sock;
        }

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

安装 php8 和 php-fpm

安装 php8 以及功能相关的包

sudo apt install -y php php-fpm php-cli php-gd php-mysql php-pear php-xml php-mbstring php-pdo php-intl php-json git

配置 php-fpm

启动 php-fpm 和 nginx

sudo systemctl start php8.1-fpm
sudo systemctl start nginx

PS：若命令报错以下内容，则参考另一篇文章 WSL Ubuntu 22.04 systemctl 命令报错 – 忆丶距的博客 (sgpublic.xyz) 修复。

System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down

设置 php-fpm 和 nginx 开机自启

sudo systemctl enable php8.1-fpm
sudo systemctl enable nginx

安装MariaDB

这里使用 MariaDB 作为 WordPress 的数据库。

sudo apt install -y mariadb-server

sudo systemctl start mariadb
sudo systemctl enable mariadb

配置 MariaDB

使用 MySQL 初始化指令初始化 root 用户，默认密码为空。

sudo mysql_secure_installation

配置过程如下：

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): # 直接回车
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n] # 输入 n
 ... skipping.

You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n] # 回车
New password: # 输入新密码
Re-enter new password: # 再次输入新密码
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] # 回车
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] # 回车
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] # 回车
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] # 回车
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

先使用命令登录MySQL

mysql -u root -p

输入以下 mysql 查询语句来创建新的数据库和用户。

create database wordpress;
exit

安装SSL证书

我们可以自己生成 SSL 证书，也可以申请专业的 SSL 证书。
自签名的 SSL 证书在使用的时候会报错，建议使用有资质的 SSL 证书。

建议将证书文件放到 nginx 目录下的 cert 文件夹，即 /etc/nginx/cert 文件夹。

下载和初步安装 Nextcloud

找到正确的官方下载地址：下载 | WordPress.org China 简体中文

安装必要的下载解压工具

sudo apt install -y wget unzip

先进入 /tmp 目录，然后使用 wget 从官网下载最新的 WordPress。

cd /tmp
wget https://cn.wordpress.org/latest-zh_CN.tar.gz

解压 WordPress，并将其移动到 /var/www 目录。

mkdir /var/www/
tar -zxvf latest-zh_CN.tar.gz
sudo mv wordpress /var/www/
sudo chown -R www-data:www-data /var/www

配置 Nginx 转发规则

我们需要在 Nginx 的配置文件下写入有关 WordPress 的转发协议。
我们可以直接新建一个配置文件并写入信息，当 Nginx 重新加载后就能使用配置文件了。

在 nginx 配置目录（即 /etc/nginx/conf.d/）中新建文件 wordpress.conf。

根据个人需要修改并写入配置：

server_name 需要改为域名
ssl_certificate 和 ssl_certificate_key 需要改为 SSL 证书对应的文件
root 需要改为 wordpress 文件夹路径


server {
	listen 80;
	listen [::]:80;
	server_name 127.0.0.1;
#	# enforce https
#	return 301 https://$server_name$request_uri;
#}
#
#server {
#	listen 443 ssl http2;
#	listen [::]:443 ssl http2;
#	server_name 127.0.0.1;
#
#	ssl_certificate /etc/nginx/cert/sgpublic.xyz.pem;
#	ssl_certificate_key /etc/nginx/cert/sgpublic.xyz.key;

	add_header X-Content-Type-Options nosniff;
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Download-Options noopen;
	add_header X-Permitted-Cross-Domain-Policies none;

	root /var/www/wordpress/;

	index index.html index.htm index.php;

	location ~ .php$ {
                fastcgi_index index.php;
                fastcgi_split_path_info ^(.+.php)(/.*)$;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
 #               fastcgi_param HTTPS on;
                # Avoid sending the security headers twice
                fastcgi_param modHeadersAvailable true;
                fastcgi_param front_controller_active true;
                fastcgi_pass php-handler;
                fastcgi_intercept_errors on;
                fastcgi_request_buffering off;
        }
}

检验一下配置的正确性之后就能访问了

sudo nginx -t
sudo nginx -s reload

初始化 WordPress

访问 http://127.0.0.1，按下图配置（数据库用户名建议使用新创建的用户而不是 root）