一键搭建博客脚本LNMP(非编译)Wordpress

一、脚本内容

脚本211行，动动你的小手滚动查看

#!/bin/bash
#
#********************************************************************
#Author:        lhl
#FileName：      lnmp.sh
#Description：       LNMP wordpress 博客系统
#********************************************************************HTML_DIR=/usr/share/nginx/html
WORDPRESS='latest-zh_CN.tar.gz'
COLOR_TRUE="echo -e \\033[01;32m"
COLOR_FALSE="echo -e \\033[01;31m"
END='\033[0m'
MYSQL_ROOT_PASSWORD='Lhl*513'
MYSQL_WORDPRESS_PASSWORD='Lhl*513'install_nginx(){$COLOR_TRUE"开始安装Nginx"$ENDif [ -d /etc/nginx ];then$COLOR_FALSE"Nginx已存在，安装失败"$ENDexitficat > /etc/yum.repos.d/nginx.repo <<EOF
[nginx]
name = nginx repo
baseurl = https://nginx.org/packages/mainline/centos/7/\$basearch/
gpgcheck = 0
enabled = 1
EOFyum install -y -q nginx &> /dev/null[ $? -eq 0 ] && $COLOR_TRUE"NGINX安装成功"$END ||  { $COLOR_FALSE"NGINX安装失败,退出!"$END;exit; }cat > /etc/nginx/conf.d/default.conf <<EOF
server {listen       80;root   /usr/share/nginx/html;server_name  localhost;location / {index index.php index.html index.htm;}error_page   500 502 503 504  /50x.html;location = /50x.html {root   /usr/share/nginx/html;}location ~ .php$ {fastcgi_pass   127.0.0.1:9000;fastcgi_index  index.php;fastcgi_param  SCRIPT_FILENAME  \$document_root\$fastcgi_script_name;include        fastcgi_params;}
}
EOFcat > /etc/nginx/nginx.conf <<EOFuser  nginx;
worker_processes  auto;error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;events {worker_connections  10240;
}http {include       /etc/nginx/mime.types;default_type  application/octet-stream;log_format  main  '\$remote_addr - \$remote_user [\$time_local] "\$request" ''\$status \$body_bytes_sent "\$http_referer" ''"\$http_user_agent" "\$http_x_forwarded_for"';access_log  /var/log/nginx/access.log  main;client_max_body_size 100m;sendfile        on;#tcp_nopush     on;keepalive_timeout  65;#gzip  on;server_tokens off;include /etc/nginx/conf.d/*.conf;
}
EOF#    cat > /usr/lib/systemd/system/nginx.service <<EOF
#[Unit]
#After=network.target remote-fs.target nss-lookup.target
#
#[Service]
#Type=forking
#
#ExecStart=/usr/sbin/nginx
#ExecReload=/usr/sbin/nginx -s reload
#ExecStop=/usr/sbin/nginx -s stop
#
#[Install]
#WantedBy=multi-user.target
#EOFsystemctl daemon-reloadchown -R root.root /etc/nginxsystemctl enable --now nginxsystemctl is-active nginx &> /dev/null ||  { $COLOR_FALSE"NGINX 启动失败,退出!"$END ; exit; }$COLOR_TRUE"NGINX安装完成"
}install_mariadb(){$COLOR_TRUE"检查是否存在旧的MariadDB"$ENDrpm -qa | grep -i mariadb &> /dev/null[ $? -eq 0 ] && $COLOR_TRUE"卸载旧的MariadDB"$END && `yum -y remove MariaDB-*`  || $COLOR_TRUE"开始安装MariadDB"$ENDcat > /etc/yum.repos.d/MariaDB.repo <<EOF
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = https://mirrors.cloud.tencent.com/mariadb/yum/10.4/centos7-amd64 
gpgkey=https://mirrors.cloud.tencent.com/mariadb/yum/RPM-GPG-KEY-MariaDB
gpgcheck=1
EOFyum -y -q install MariaDB-client MariaDB-server &> /dev/nullsystemctl enable --now mariadb[ $? -ne 0 ] && { $COLOR_FALSE"数据库启动失败，退出!"$END;exit; }sed -ri.bak  -e '/\[server\]/a\character-set-server=utf-8\nlower_case_table_names=1\ndefault_storage_engine=InnoDB\nlog-bin\nexpire_logs_day=30\nbinlog_format=row\ninnodb_autoinc_lock_mode=2\ng  eneral_log=1\nslow_query_log\nlog_queries_not_using_indexes' /etc/my.cnf.d/server.cnfsystemctl restart mariadb# 此语句目前自动建库加用户有问题mysql -e "create database wordpress;create user 'wordpress'@'localhost'  identified by '$MYSQL_WORDPRESS_PASSWORD';grant all on wordpress.* to wordpress@'127.0.0.1' identified by '$MYSQL_WORDPRESS_PASSWORD';ALTER USER root@localhost  IDENTIFIED VIA mysql_native_password USING PASSWORD('$MYSQL_ROOT_PASSWORD')" &>/dev/null$COLOR_TRUE"MariadDB安装完成"
}install_php(){$COLOR_TRUE"PHP开始安装"rpm -Uvh https://mirrors.cloud.tencent.com/epel/epel-release-latest-7.noarch.rpm  &> /dev/nullrpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm &> /dev/nullyum -y -q install mod_php72w.x86_64 php72w-cli.x86_64 php72w-common.x86_64 php72w-mysqlnd php72w-fpm.x86_64 &> /dev/nullsystemctl enable --now php-fpm$COLOR_TRUE"PHP安装完成"
}install_wordpress(){$COLOR_TRUE"wordpress开始安装"rm -rf $HTML_DIR/index.phpcd $HTML_DIRif [ -e $WORDPRESS ];then$COLOR_FALSE"文件已存在，直接安装"$ENDelsewget https://cn.wordpress.org/latest-zh_CN.tar.gz &>/dev/nullfitar xf $WORDPRESSchown -R root.root wordpresscp -af $HTML_DIR/wordpress/*  $HTML_DIRcp wp-config-sample.php wp-config.phpsed -i.bak -e 's/database_name_here/wordpress/' -e 's/username_here/wordpress/' -e 's/password_here/'''$MYSQL_WORDPRESS_PASSWORD'''/'  wp-config.phpsystemctl restart nginx$COLOR_TRUE"wordpress安装完成"
}install_nginxinstall_mariadbinstall_phpinstall_wordpress

二、安全设计

1. 数据库安全：

• root密码设置为高强度密码（含特殊字符）

• WordPress使用独立数据库账户

2. 服务安全：

• 隐藏Nginx版本信息

• PHP仅监听本地端口(127.0.0.1:9000)

3. 配置合规：

• MySQL配置二进制日志保留30天（审计合规）

三、使用注意事项

4. ​系统要求​：

• 仅适用CentOS 7

• 需要root权限执行

5. ​路径固化​：

• 网站根目录锁定为/usr/share/nginx/html

• 无法通过参数修改安装路径

6. ​版本限定​：

• PHP强制安装7.2版本

• MariaDB锁定10.4版本

7. ​安装风险​：

• 会主动卸载已有MariaDB

• 覆盖现有Nginx配置

• MySQL密码硬编码在脚本中（安全风险）

以上是我代码中存在问题，大家使用的时候要注意哦

欢迎您提出问题，并指正代码中的不足

请不要以此视为定论，这只是我的个人经验