備忘一下LNMP環境基本設定
Linode 4GB: 2 CPU, 80GB Storage, 4GB RAM
OS: Ubuntu 20.04 LTS
Region: Tokyo 2, JP
備忘一下LNMP環境基本設定
Linode 4GB: 2 CPU, 80GB Storage, 4GB RAM
OS: Ubuntu 20.04 LTS
Region: Tokyo 2, JP
#apt更新
apt-get update
apt-get upgrade
#新增使用者
adduser <username>
usermod -aG sudo <username>
sudo su <username>
cd ~
ssh-keygen -t rsa
#加入自己或剛剛建立的rsa pub內容
vim ./.ssh/authorized_keys
#重啟ssh服務,確認可正常ssh key登入
sudo /etc/init.d/ssh restart
#設定ssh config
sudo vim /etc/ssh/sshd_config
#關閉root登入
PermitRootLogin no
#關閉密碼登入
PasswordAuthentication no
#重啟ssh服務
sudo /etc/init.d/ssh restart
#安裝php&所需extension
sudo apt install php php-cli php-fpm php-json php-pdo php-mysql php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath
#確認php版本
php -v
#設定php fpm
sudo vim /etc/php/7.4/fpm/pool.d/www.conf
pm.max_children = 20
pm.start_servers = 5
pm.min_spare_servers = 2
pm.max_spare_servers = 8
pm.max_requests = 500
#重新啟動php fpm
sudo /etc/init.d/php7.4-fpm restart
#安裝composer
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === 'e0012edf3e80b6978849f5eff0d4b4e4c79ff1609dd1e613307e16318854d24ae64f26d17af3ef0bf7cfb710ca74755a') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
#composer移至全域
sudo mv composer.phar /usr/local/bin/composer
#安裝mariadb
sudo apt install mariadb-server
#使用mysql_secure_installation初始化mariadb設定
sudo mysql_secure_installation
#輸入root密碼(預設空白)
Enter current password for root (enter for none)
Set root password?
#是否關閉匿名登入
Remove anonymous users?
#是否封鎖root遠端登入
Disallow root login remotely?
#是否移除測試資料庫
Remove test database and access to it?
#是否重新讀取權限表
Reload privilege tables now?
#移除預設apache2
sudo apt-get remove --purge apache2 apache2-utils
sudo apt-get autoremove
#安裝nginx & net-tools
sudo apt install nginx net-tools
vim /etc/nginx/nginx.conf
#修改www資料夾所有人
sudo chown www-data:www-data -R /var/www/
#建立deploy key
sudo -u www-data ssh-keygen -t rsa
使用root帳號進入mariadb
#建立資料庫
CREATE DATABASE `<dbname>`;
#建立web服務使用者
CREATE USER `web`@`localhost` IDENTIFIED BY '<passwd>';
GRANT Delete, Insert, Select, Update ON `<dbname>`.* TO `web`@`localhost`;
#建立migrate使用者
CREATE USER 'migrater'@`localhost` IDENTIFIED BY '<passwd>';
GRANT ALTER, Create, Create Temporary Tables, Delete, Drop, Event, Execute, Index, Insert, Lock Tables, Select, Show Databases, Show View, Trigger, Update ON *.* TO `migrater`@`localhost`;
#更新權限暫存
FLUSH PRIVILEGES;