WordPress
nginx
EC2
PHP7.2

WordPress for Amazon Linux 2018.03.0

・旧

WordPress(PHP7+nginx) for Amazon Linux AMI 2016.09

とくに変わってないけどPHP7.2が使えるようになったのでそれ変えただけ。


EC2

$ sudo su -l

$ passwd ec2-user

#ローカルタイム変更
$ cp -rp /etc/localtime /etc/localtime.org
$ cp -rp /usr/share/zoneinfo/Japan /etc/localtime


/etc/sysconfig/clock

#yum updateなどでUTCにもどるのを防ぐ

-ZONE="UTC"
-UTC=true
+ZONE="Asia/Tokyo"
+UTC=false


/etc/sysconfig/i18n

-LANG=en_US.UTF-8

+LANG=ja_JP.UTF-8


PHP7.2

$ yum install -y php72 php72-fpm php72-gd php72-mbstring php72-mcrypt php72-mysqlnd php72-zip php72-opcache php72-pecl-apcu php72-pecl-apcu-devel php72-pecl-imagick php72-pecl-imagick-devel

$ php -v
# PHP 7.2.11
$ cp /etc/php-fpm-7.2.d/www.conf /etc/php-fpm-7.2.d/www.conf.org


/etc/php-fpm-7.2.d/www.conf

-user = apache

+user = nginx
-group = apache
+group = nginx


/etc/php-7.2.ini

+date.timezone = "Asia/Tokyo"

-memory_limit = 128M
+memory_limit = 256M


GitHub

$ yum install -y git


$ git config --global user.email "[GitHubメールアドレス]"
$ git config --global user.name "[GitHubユーザー名]"

# GitHub クローン
$ cd /var/www/
$ mv /var/www/html /var/www/_html
$ git clone https://github.com/[path_to_git].git html

# 以降はpullで
$ cd /var/www/html
$ git pull origin master
$ chown -R nginx:nginx /var/www/html


phpMyAdmin

最新版

$ cd /var/www/

$ wget https://files.phpmyadmin.net/phpMyAdmin/4.8.4/phpMyAdmin-4.8.4-all-languages.tar.gz
$ tar zxvf phpMyAdmin-4.8.4-all-languages.tar.gz
$ rm phpMyAdmin-4.8.4-all-languages.tar.gz
$ mv phpMyAdmin-4.8.4-all-languages phpmyadmin
$ cd /var/www/phpmyadmin/
$ cp config.sample.inc.php config.inc.php


/var/www/phpmyadmin/config.inc.php

/* Authentication type */

$cfg['Servers'][$i]['auth_type'] = 'http';//BASIC認証

/* Server parameters */
$cfg['Servers'][$i]['host'] = 'localhost';



nginx

$ yum install -y nginx

$ nginx -v
# nginx version: nginx/1.14.1
$ cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.org

# Perfect Forward Security
$ cd /etc/nginx/ssl
$ openssl dhparam 2048 -out dhparam.pem


/etc/nginx/nginx.conf

http {

#略

#Fastcgi_cache Settings
fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=WORDPRESS:3m inactive=3d max_size=50m;
fastcgi_cache_use_stale error timeout invalid_header http_500;

charset UTF-8;
server_tokens off;

server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
root /var/www/html;

client_max_body_size 4M;
ssl_certificate "/etc/nginx/ssl/[証明書]";
ssl_certificate_key "/etc/nginx/ssl/[秘密鍵]";
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:60m;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP;
ssl_prefer_server_ciphers on;

include /etc/nginx/default.d/*.conf;

#Fastcgi_cache Settings
set $do_not_cache 0;
if ($request_method !~ ^(GET)$) {
set $do_not_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $do_not_cache 1;
}
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $do_not_cache 1;
}

set $mobilef '';
if ($http_user_agent ~* '(Mobile|Android|Kindle|BlackBerry|Opera Mini|Opera Mobi)') {
set $mobilef 'mobile.';
}

fastcgi_cache_key "$mobilef$scheme://$host$request_uri";

location / {
try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include fastcgi_params;

fastcgi_cache_bypass $do_not_cache;
fastcgi_no_cache $do_not_cache;
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 200 5m;
fastcgi_cache_valid any 10m;
fastcgi_pass_header X-Accel-Expires;
}

location ^~ /phpmyadmin {
#allow 0.0.0.0;#IP制限
deny all;

alias /var/www/phpmyadmin;
index index.php;

location ~ \.php$ {
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass php-fpm;
fastcgi_index index.php;
fastcgi_split_path_info ^/phpmyadmin(.+\.php)(.*)$;
fastcgi_param SCRIPT_FILENAME /var/www/phpmyadmin$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}

location ~* ^.+.(jp?g|gif|png|css|js|flv|swf|ico|xml|txt|eot|svg|ttf|woff|woff2)$ {
access_log off;
log_not_found off;
expires 30d;
}

location ~ /(\.ht|\.user.ini|\.git|\.hg|\.bzr|\.svn) {
deny all;
}

}



SSL確認

$ openssl s_client -connect [ドメイン]:443 -showcerts


起動

$ chown -R nginx:nginx /var/lib/php/7.2/session

$ chown -R nginx:nginx /var/www/html

$ service nginx start
$ service php-fpm-7.2 start

$ chkconfig nginx on
$ chkconfig php-fpm-7.2 on


ブラウザで確認


/var/www/html/phpinfo.php

<?php echo phpinfo();?>


なんかFastcgiCacheが効いてない気がするのでそのうちに。