CentOS 8 에 Nginx, MariaDB 10, PHP 7 , Wordpress 설치

시스템 업데이트

# yum update

nginx 설치 (웹서버) - 최신버전으로 설치 1.18.0

repo 추가

# vi /etc/yum.repos.d/nginx.repo

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

nginx 설치

# yum install nginx

설정파일 (도메인: moon0sool.duckdns.org)

# vi /etc/nginx/conf.d/moon0sool.duckdns.org.conf

server {
    listen 80 ;
    listen [::]:80 ;
    root /home/wpuser/www;
    index index.php index.html index.htm;
    server_name moon0sool.duckdns.org;
    access_log  /var/log/nginx/moon0sool.duckdns.org.access.log;
    error_log /var/log/nginx/moon0sool.duckdns.org.error.log;
    location / {
      try_files $uri $uri/ /index.php?$args;
      }
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_cache off;
        fastcgi_split_path_info ^(.+\.php)(.*)$;
        fastcgi_index  index.php;
        include        fastcgi_params;
        fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
        fastcgi_pass unix:/var/run/php-fpm/www.sock;
        include mime.types;
    }
    location ~ /\.ht {
        deny all;
    }
}

# vi /etc/nginx/nginx.conf

http {
    ...
    client_max_body_size 32M;
}  

리부팅 후 자동실행되도록 설정

# systemctl enable nginx

시작

# systemctl start nginx

상태

# systemctl status nginx

nginx 버전

# nginx -v

MariaDB 10.5 설치 

# vi /etc/yum.repos.d/mariadb.repo

[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.5/centos8-amd64
module_hotfixes=1
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

설치

# yum install MariaDB-server MariaDB-client (대소문자 구별)

설정, 시작, 상태

# systemctl enable mariadb
# systemctl start mariadb
# systemctl status mariadb

보안강화를 위하여 아래 실행
- 루트 비밀번호 설정
- 익명의 데이터베이스 사용자 제거
- 원격 데이터베이스 로그인을 루트 사용자로 허용하지 않음
- 테스트 데이터베이스 제거

# mysql_secure_installation  (루트 비밀번호 설정 후 쭉 y)

방화벽 허용 (** 내부로만 접속시에는 방화벽 열지 않아도 됨)

# firewall-cmd --add-service=mysql --permanent
# firewall-cmd --reload

워드프레스 사이트에 사용할 DB생성

# mysql -u root -p
> CREATE DATABASE wordpress;
> GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost' IDENTIFIED BY 'wpuser_password';

PHP 7.4 최신 버전 설치

# yum install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
# yum module reset php
# yum module install php:remi-7.4
# yum install php php-fpm php-gd php-mysqlnd php-mysql

자동시작 설정, 시작

# systemctl enable php-fpm
# systemctl start php-fpm

php.ini 설정

…………
upload_max_filesize = 32M 
post_max_size = 48M 
memory_limit = 256M 
max_execution_time = 300 
max_input_time = 600

nginx 재시작

# systemctl restart nginx

WordPress 5 설치

/home/wpuser 경로에 워드프레스 설치

# adduser wpuser
# passwd wpuser
# chmod 755 /home/wpuser

워드프레스 다운로드 및 압축 풀기, 폴더명 변경

# cd /home/wpuser
# wget https://wordpress.org/latest.tar.gz
# tar zxvf latest.tar.gz 
# mv wordpress/ www/

만약 wget 없다면

# yum install wget

wp-config-sample.php 파일을 복사하여 wp-config.php파일을 만들어 DB정보 수정

# cd www/
# cp cp wp-config-sample.php wp-config.php
# vi wp-config.php

/** The name of the database for WordPress */
define( 'DB_NAME', 'DB명' );
/** MySQL database username */
define( 'DB_USER', '사용자명' );
/** MySQL database password */
define( 'DB_PASSWORD', '패스워드' );
/** MySQL hostname */
define( 'DB_HOST', 'localhost' );

selinux 403 에러 피하기 위한 설정

# cd ../
# chown -R nginx:nginx www/
# chmod +x -R www/
# semanage fcontext -a -t httpd_sys_rw_content_t "/myweb(/.*)?"
# restorecon -Rv /home/wpuser/www
# setsebool -P httpd_enable_homedirs on

만약 semanage 없으면

# yum install policycoreutils-python-utils