安裝VPS Nginx PHP MySQL

發表於 更新於 所需閱讀時間 ≈ 4 分鐘

每次安裝新的主機環境都會漏東漏西或是到處查資料,在此紀錄以方便以後使用

  • Ubuntu 20.04
  • Godaddy VPS

    基本設定

    關閉user sudo 權限

    這次安裝跟之前的不太一樣,官方GUI介面並沒有給我設定Root帳號密碼的地方, 直接創立一個使用者並且擁有sudo權限

sudo 切換成 root 後 更改密碼並關閉 sudo

1
2
$ sudo su root
$ passwd password

軟體更新

1
$ apt-get update && apt-get upgrade

upgdate 與 upgrade差異

  • update 將套件資料庫查看是否有更新 (並不會對實際安裝影響)
  • upgrade 比對目前套件,查看版本相依並安裝

基本軟體安裝

安裝 vim

1
$ apt-get install vim

新增使用者

1
2
3
4
5
6
7
8
9
# 新增帳號 -m: 新增家目錄, 修改密碼
$ sudo useradd -m user_name
$ passwd user_name 

# 將user的 shell 改為 bash
$ vim /etc/passwd
user_name:x:1000:1000::/home/user_name:/bin/sh
改為
user_name:x:1000:1000::/home/user_name:/bin/bash

設定sudo

1
2
visudo
user_name ALL=(ALL:ALL) NOPASSWD: ALL

加入 SSH key

家目錄中新增放ssh key的目錄,將目錄權限只限於user可使用

1
2
$ mkdir -p ~/.ssh
$ chmod 700 ~/.ssh

直接複製 local 的 id_rsa.pub key 放置在 authorized_keys 中

1
$ vim authorized_keys

ssh 安全設定

禁止 Root 登入

1
2
3
$ vim /etc/ssh/sshd_config

PermitRootLogin no

禁止使用密碼登入

1
2
3
4
$ vim /etc/ssh/sshd_config

PasswordAuthentication no
PubkeyAuthentication yes

之後重啟 ssh

!!! 切記 禁止密碼登入前一定要先將user加入ssh key中 否則就無法登入

1
$ service ssh restart

建立防火牆

1
2
3
4
5
6
$ apt-get install ufw
$ ufw default deny # 預設為全部拒絕
$ ufw allow ssh
$ ufw allow 80
$ ufw allow 443
$ ufw enable

查看目前設定

1
$ ufw status numbered

Nginx

安裝

1
$ apt-get install nginx -y

設定

測試

在瀏覽器打上ip測試顯示是否有 Welcome to nginx! 字樣

PHP 7.4

1
2
$ apt-get install php7.4-fpm -y
$ apt-get install php7.4-mysql -y

安裝相依的php-fpm

1
2
3
$ apt-get install php-fpm php-cgi php-mysql php-common php-pear php-mbstring -y
$ apt-get install php-curl -y
$ apt-get install php7.x-zip -y

php8.2

1
2
$ add-apt-repository ppa:ondrej/php
$ apt-get install php8.2-fpm -y

安裝

設定

測試

Composer

安裝

1
2
$ curl -s https://getcomposer.org/installer | php
$ mv composer.phar /usr/local/bin/composer

測試

1
$ composer -V

MySQL(8.0)

安裝

1
$ apt-get install mysql-server -y

密碼相關設定

1
$ mysql_secure_installation
1
2
3
4
5
6
7
8
9
10
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: y
(是否要使用密碼驗證)

密碼驗證類型 輸入0,1,2

1
2
3
4
5
6
7
There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary                  file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:0

密碼分數為100

是否要繼續進行密碼設定(yes)

1
2
3
4
5
6
7
8
9
Please set the password for root here.

New password:

Re-enter new password:

Estimated strength of the password: 100

Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) :y

是否要刪除預設的帳戶(yes)

1
2
3
4
5
6
7
8
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) :y

是否要禁止遠端Root登陸(yes)

1
2
3
4
5
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) :y

是否要刪除預設的test的資料庫(yes)

1
2
3
4
5
6
7
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) :y

是否要重新加載新的權限(yes)

1
2
3
4
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) :y

設定

測試

1
2
$ mysql -u root -p
$ 輸入設定的 root 密碼

#phpmyadmin

1
$ sudo apt-get install phpmyadmin

安裝的目錄為 /usr/share/phpmyadmin

在要顯示的資料夾 /var/www/html

建立軟連結

1
ln -s /usr/share/phpmyadmin phpmyadmin

刪除軟連結

1
unlink phpmyadmin

快速建立的 shell

在專案目錄下可以快速建立軟連結,不需要則刪除

1
2
3
#!/bin/bash

ln -s /usr/share/phpmyadmin ./public/phpmyadmin

如果這一篇文章有幫助到你的話,
請您幫忙點選廣告,都是以不擾人與不強迫的方式呈現