LCMP WordPress BBR

How To Host a Website with Caddy on CentOS 7

https://www.digitalocean.com/community/tutorials/how-to-host-a-website-with-caddy-on-centos-7

  • curl -s https://getcaddy.com | bash

You can view the script by visiting https://getcaddy.com in your browser or downloading the file with wget or curl before you execute it.

  • which caddy
  • sudo adduser -r -d /var/www -s /sbin/nologin caddy
  • sudo mkdir /etc/caddy
  • sudo chown -R root:caddy /etc/caddy
  • sudo touch /etc/caddy/Caddyfile
  • sudo mkdir /etc/ssl/caddy
  • sudo chown -R caddy:root /etc/ssl/caddy
  • sudo chmod 0770 /etc/ssl/caddy
  • sudo mkdir /var/www
  • sudo chown caddy:caddy /var/www
  • sudo curl -s https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service -o /etc/systemd/system/caddy.service
  • sudo vi /etc/systemd/system/caddy.service
  • /etc/systemd/system/caddy.service
  • ; User and group the process will run as.
  • User=caddy
  • Group=caddy
  • sudo systemctl daemon-reload
  • sudo systemctl enable caddy.service
  • sudo systemctl status caddy.service

·         systemctl status firewalld.service·         sudo firewall-cmd –list-all·         sudo firewall-cmd –add-port=465/tcp –permanent·         sudo firewall-cmd –add-port=20/ftp –permanent?

  • sudo firewall-cmd –permanent –zone=public –add-service=http
  • sudo firewall-cmd –permanent –zone=public –add-service=https
  • sudo firewall-cmd –reload
  • sudo vi /etc/caddy/Caddyfile
  • /etc/caddy/Caddyfile
  • com {
  • root /var/www
  • gzip
  • tls sammy@example.com
  • }
  • sudo systemctl start caddy

 

 

  • sudo yum install mariadb-server
  • sudo systemctl start mariadb
  • sudo systemctl status mariadb
  • sudo systemctl enable mariadb
  • sudo mysql_secure_installation
  • mysqladmin -u root -p version
  • sudo yum update
  • sudo yum install php php-fpm php-mysql php-curl php-gd php-mbstring php-mcrypt php-xml php-xmlrpc
  • php -v
  • sudo vi /etc/php-fpm.d/www.conf
  • /etc/php-fpm.d/www.conf
  • ; Unix user/group of processes
  • ; Note: The user is mandatory. If the group is not set, the default user’s group
  • ; will be used.
  • ; RPM: apache Choosed to be able to access some dir as httpd
  • user = caddy
  • ; RPM: Keep a group allowed to write in log dir.
  • group = caddy
  • sudo systemctl start php-fpm
  • sudo systemctl enable php-fpm
  • mysql -u root -p
  • CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
  • GRANT ALL ON wordpress.* TO ‘wordpressuser’@’localhost’ IDENTIFIED BY ‘Password8*’;
  • FLUSH PRIVILEGES;
  • EXIT
  • cd /var/www
  • sudo curl -O https://wordpress.org/latest.tar.gz
  • sudo tar zxf latest.tar.gz
  • sudo rm latest.tar.gz
  • sudo chown -R caddy:caddy wordpress
  • sudo vi /etc/caddy/Caddyfile
  • /etc/caddy/Caddyfile
  • com {
  • tls admin@example.com
  • root /var/www/wordpress
  • gzip
  • fastcgi / 127.0.0.1:9000 php
  • rewrite {
  • if {path} not_match ^\/wp-admin
  • to {path} {path}/ /index.php?_url={uri}
  • }
  • }
  • sudo systemctl restart caddy

 

 

 

 

How To Install MariaDB on CentOS 7

https://www.digitalocean.com/community/tutorials/how-to-install-mariadb-on-centos-7

How To Install WordPress with Caddy on CentOS 7

https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-caddy-on-centos-7#step-2-%E2%80%94-creating-a-mysql-database-and-dedicated-user

yum install lrzsz

一键安装最新内核并开启 BBR 脚本

wget –no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && ./bbr.sh

使用方法

使用root用户登录,运行以下命令:

wget –no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && ./bbr.sh

安装完成后,脚本会提示需要重启 VPS,输入 y 并回车后重启。
重启完成后,进入 VPS,验证一下是否成功安装最新内核并开启 TCP BBR,输入以下命令:

uname -r

查看内核版本,显示为最新版就表示 OK 了

sysctl net.ipv4.tcp_available_congestion_control

返回值一般为:
net.ipv4.tcp_available_congestion_control = bbr cubic reno
或者为:
net.ipv4.tcp_available_congestion_control = reno cubic bbr

sysctl net.ipv4.tcp_congestion_control

返回值一般为:
net.ipv4.tcp_congestion_control = bbr

sysctl net.core.default_qdisc

返回值一般为:
net.core.default_qdisc = fq

lsmod | grep bbr

返回值有 tcp_bbr 模块即说明 bbr 已启动。注意:并不是所有的 VPS 都会有此返回值,若没有也属正常。

CentOS 下最新版内核 headers 安装方法

本来打算在脚本里直接安装 kernel-ml-headers,但会出现和原版内核 headers 冲突的问题。因此在这里添加一个脚本执行完后,手动安装最新版内核 headers 之教程。
执行以下命令

yum –enablerepo=elrepo-kernel -y install kernel-ml-headers

根据 CentOS 版本的不同,此时一般会出现类似于以下的错误提示:

Error: kernel-ml-headers conflicts with kernel-headers-2.6.32-696.20.1.el6.x86_64Error: kernel-ml-headers conflicts with kernel-headers-3.10.0-693.17.1.el7.x86_64

因此需要先卸载原版内核 headers ,然后再安装最新版内核 headers。执行命令:

yum remove kernel-headers

确认无误后,输入 y,回车开始卸载。注意,有时候这么操作还会卸载一些对内核 headers 依赖的安装包,比如 gcc、gcc-c++ 之类的。不过不要紧,我们可以在安装完最新版内核 headers 后再重新安装回来即可。
卸载完成后,再次执行上面给出的安装命令。

yum –enablerepo=elrepo-kernel -y install kernel-ml-headers

成功安装后,再把那些之前对内核 headers 依赖的安装包,比如 gcc、gcc-c++ 之类的再安装一次即可。

为什么要安装最新版内核 headers 呢?
这是因为 shadowsocks-libev 版有个 tcp fast open 功能,如果不安装的话,这个功能是无法开启的。

内核升级方法

如果是 CentOS 系统,执行如下命令即可升级内核:

yum -y install kernel-ml kernel-ml-devel

如果你还手动安装了新版内核 headers ,那么还需要以下命令来升级 headers :

yum -y install kernel-ml-headers

CentOS 6 的话,执行命令:

sed -i ‘s/^default=.*/default=0/g’ /boot/grub/grub.conf

CentOS 7 的话,执行命令:

grub2-set-default 0

如果是 Debian/Ubuntu 系统,则需要手动下载最新版内核来安装升级。
这里下载最新版的内核 deb 安装包。
如果系统是 64 位,则下载 amd64 的 linux-image 中含有 generic 这个 deb 包;
如果系统是 32 位,则下载 i386 的 linux-image 中含有 generic 这个 deb 包;
安装的命令如下(以最新版的 64 位 4.12.4 举例而已,请替换为下载好的 deb 包):

dpkg -i linux-image-4.12.4-041204-generic_4.12.4-041204.201707271932_amd64.deb

安装完成后,再执行命令:

/usr/sbin/update-grub

最后,重启 VPS 即可。

 

 

发表评论

邮箱地址不会被公开。 必填项已用*标注