当前位置: 雨过天晴 » 运维笔记 » Ubuntu 22.04手动搭建BookStack

Ubuntu 22.04手动搭建BookStack

yhsiao2023-01-09运维笔记2175

BookStack是一款开源免费的用于存储和组织信息和文档的平台。官网地址:https://www.bookstackapp.com,GIthub项目地址:https://github.com/BookStackApp/BookStackBookStack是一款php程序,要求PHP >= 7.4MySQL >= 5.7 MariaDB >= 10.2。程序使用Composer安装和管理php依赖项,要求Composer >= v2.0

搭建LNMP环境

LNMP搭建参见文章“Ubuntu 22.04 手动搭建 LNMP 环境”。

建立数据库

使用root账户登录mysql控制台,命令执行后要求输入root账户密码

mysql -uroot -p

BookStack创建数据库,本例以创建名为zhishiku的数据库为例

CREATE DATABASE zhishiku;

为数据库建立用户,用户密码可自行设定,本例以设置密码Pv1LziyNqKC34PNoVBUF为例

CREATE USER 'zhishiku'@'localhost' IDENTIFIED WITH mysql_native_password BY 'Pv1LziyNqKC34PNoVBUF';

授予用户访问数据库权限

GRANT ALL ON zhishiku.* TO 'zhishiku'@'localhost';

刷新权限

FLUSH PRIVILEGES;

退出mysql控制台

exit

通过以上步骤,为BookStack建立数据库zhishiku,数据库用户名为zhishiku,密码为Pv1LziyNqKC34PNoVBUF

安装BookStack

获取程序源码

git clone https://github.com/BookStackApp/BookStack.git --branch release --single-branch /var/www/BookStack

下载composer安装程序

curl -sS https://getcomposer.org/installer -o composer-setup.php && \
HASH=`curl -sS https://composer.github.io/installer.sig` && \
php -r "if (hash_file('SHA384', 'composer-setup.php') === '$HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

安装composer

php composer-setup.php --install-dir=/usr/local/bin --filename=composer

删除composer安装程序

rm composer-setup.php

安装BookStack依赖项

cd /var/www/BookStack && composer install --no-dev

创建BookStack配置文件

cp .env.example .env && vim .env

配置程序引用的站点地址,为例以站点地址https://www.zhishiku.cc为例

APP_URL=https://www.zhishiku.cc

配置数据库信息

# Database details
DB_HOST=localhost
DB_DATABASE=zhishiku
DB_USERNAME=zhishiku
DB_PASSWORD=Pv1LziyNqKC34PNoVBUF

配置发信账户信息,本例以配置mailgun发信账户为例,发信用户名为no-reply@zhishiku.cc,发信密码为72176755b3245636425ffee46405547f

# Mail system to use
# Can be 'smtp' or 'sendmail'
MAIL_DRIVER=smtp
# Mail sender details
MAIL_FROM_NAME="zhishiku"
MAIL_FROM=no-reply@zhishiku.cc
# SMTP mail options
# These settings can be checked using the "Send a Test Email"
# feature found in the "Settings > Maintenance" area of the system.
MAIL_HOST=smtp.mailgun.org
MAIL_PORT=465
MAIL_USERNAME=no-reply@zhishiku.cc
MAIL_PASSWORD=72176755b3245636425ffee46405547f
MAIL_ENCRYPTION=ssl

生成唯一的应用程序密钥

php artisan key:generate

更新数据库

php artisan migrate

配置nginx

创建证书文件夹

mkdir -p /etc/nginx/ssl/zhishiku.cc

上传证书,完整路径为

ssl_certificate     /etc/nginx/ssl/zhishiku.cc/zhishiku.cc-fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/zhishiku.cc/zhishiku.cc-private.key;

生成密钥交换文件

openssl dhparam -dsaparam -out /etc/nginx/ssl/zhishiku.cc/ssl-dhparams.pem 4096

创建nginx虚拟机配置文件,本例以监听域名zhishiku.ccwww.zhishiku.cc为例

vim /etc/nginx/sites-available/www.zhishiku.cc

复制以下内容,粘贴并保存

server {
 listen 80;
 server_name zhishiku.cc www.zhishiku.cc;
 return 301 https://www.zhishiku.cc$request_uri;
 }

server {
 listen 443 ssl;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_certificate /etc/nginx/ssl/zhishiku.cc/zhishiku.cc-fullchain.pem;
 ssl_certificate_key /etc/nginx/ssl/zhishiku.cc/zhishiku.cc-private.key;
 ssl_dhparam /etc/nginx/ssl/zhishiku.cc/ssl-dhparams.pem;
 ssl_session_timeout 5m;
 ssl_ciphers HIGH:!aNULL:!MD5;
 ssl_prefer_server_ciphers on;
 server_name www.zhishiku.cc;

 root /var/www/BookStack/public;
 index index.php;

 #ip blocklist

 include blocklist.conf;
 
 access_log /var/log/nginx/www.zhishiku.cc_access.log main;
 error_log  /var/log/nginx/www.zhishiku.cc_error.log;

 location / {
   try_files $uri $uri/ /index.php?$query_string;
   }

 location ~ \.php$ {
   include snippets/fastcgi-php.conf;
   fastcgi_pass unix:/run/php/php8.1-fpm.sock;

   #为php-fpm设置用户真实ip
   set $realip $remote_addr;
   if ($http_x_forwarded_for ~ "^(\d+\.\d+\.\d+\.\d+)") {
     set $realip $1;
   }

   fastcgi_param REMOTE_ADDR $realip;
   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   fastcgi_param PATH_INFO $fastcgi_path_info;
   }
 }

接入nginx

ln -s /etc/nginx/sites-available/www.zhishiku.cc /etc/nginx/sites-enabled/www.zhishiku.cc && \
chown -R www-data:www-data /var/www/BookStack && \
systemctl reload nginx

防火墙允许httphttps

ufw allow http && ufw allow https

浏览器访问https://www.zhishiku.cc,使用默认的用户名admin@admin.com和密码password登录,完成后台相关配置

禁止IP及非配置域名访问

移除默认主页,并创建新的默认页

rm /etc/nginx/sites-enabled/default && \
cat > /etc/nginx/sites-available/default_server << EOF
server {
 listen 80 default_server;
 listen [::]:80 default_server;

 server_name _;
 return 500;
 }

server {
 listen 443 ssl default_server;
 listen [::]:443 ssl default_server;
 ssl_certificate     /etc/nginx/ssl/zhishiku.cc/zhishiku.cc-fullchain.pem;
 ssl_certificate_key /etc/nginx/ssl/zhishiku.cc/zhishiku.cc-private.key;
 ssl_dhparam /etc/nginx/ssl/zhishiku.cc/ssl-dhparams.pem;

 server_name _;
 return 500;
 }
EOF

接入nginx

ln -s /etc/nginx/sites-available/default_server /etc/nginx/sites-enabled/default_server && service nginx reload

升级BookStack

停止nginx

service nginx stop

备份数据库及网站

mysqldump -u root -h localhost -p --databases zhishiku > /root/zhishiku-databases.sql && \
mv /var/www/BookStack /var/www/BookStack.bak

获取最新版本程序

git clone https://github.com/BookStackApp/BookStack.git --branch release --single-branch /var/www/BookStack

安装依赖

cd /var/www/BookStack && composer install --no-dev

恢复配置文件

cp /var/www/BookStack.bak/.env /var/www/BookStack/.env

更新数据库

php artisan migrate

清除系统缓存

php artisan cache:clear && php artisan config:clear && php artisan view:clear

更改所有权

chown -R www-data:www-data /var/www/BookStack

启动nginx

service nginx start

访问 www.zhishiku.cc,进入后台查看BookStack版本是否升级到最新版。确认系统没问题,删除备份文件

rm -rf /root/zhishiku-databases.sql /var/www/BookStack.bak
未经允许不得转载:雨过天晴 » Ubuntu 22.04手动搭建BookStack
0 赞
标签

相关文章

置顶推荐

随机推荐

热门标签

Copyright © 2024 YGTQ.CC