如何在CentOS8上安装您的LS自托管URL缩短服务

如何在CentOS8上安装您的LS自托管URL缩短服务

YOURLS是使用PHP编写的免费,开放源代码,自托管的URL缩短服务。 它与TinyURL和Bitly非常相似,您可以运行自己的URL缩短服务。您还可以将品牌添加到缩写URL。它提供了丰富的功能集,包括私人和公共链接,自定义URL关键字,历史点击报告,Ajaxed界面,Jsonp支持等等。

本教程将向您展示如何使用“让我们加密SSL”在CentOS 8上安装YOURS。

先决条件

  • 运行CentOS的服务器8。
  • 指向服务器IP的有效域名。
  • 根密码是在服务器上设置的。

安装LEMP服务器

首先,您需要在服务器上安装Nginx,MariaDB,PHP和所需的PHP扩展。您可以使用以下命令将它们全部安装:

dnf install nginx mariadb-server php php-fpm php-json php-common php-mysqlnd php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath git unzip wget -y

安装完所有软件包后,编辑PHP-FPM配置文件/etc/php-fpm.d/www.conf并将用户从apache更改为nginx。

nano /etc/php-fpm.d/www.conf

更改以下行。

user = nginx
group = nginx

保存并关闭文件,然后启动Nginx,MariaDB,PHP-FPM服务,以便可以使用以下命令在系统重新启动时启动它们:

systemctl start nginxsystemctl enable nginxsystemctl start mariadbsystemctl enable mariadbsystemctl start php-fpmsystemctl enable php-fpm

完成后,您可以继续下一步。

创建一个YOURLS数据库

接下来,您需要创建您的LS数据库和用户。首先,使用以下命令登录MariaDB:

mysql

登录后,使用以下命令创建数据库和用户。

MariaDB [(none)]> CREATE DATABASE yourlsdb;MariaDB [(none)]> GRANT ALL PRIVILEGES ON yourlsdb.* TO 'yourlsuser'@'localhost' IDENTIFIED BY 'password';

然后刷新特权并使用以下命令退出MariaDB:

MariaDB [(none)]> FLUSH PRIVILEGES;MariaDB [(none)]> q

至此,MariaDB已安装和配置。

安装您的

首先,将目录更改为Nginx Web根目录,然后使用以下命令下载最新版本的YOURS。

cd /var/www/htmlgit clone https://github.com/YOURLS/YOURLS.git

然后使用以下命令重命名样本配置文件:

cd YOURLS/user/cp config-sample.php config.php

然后编辑config.php文件以定义数据库设置。

nano config.php

更改以下行。

/** MySQL database username */
define( 'YOURLS_DB_USER', 'yourlsuser' );
 
/** MySQL database password */
define( 'YOURLS_DB_PASS', 'password' );
 
/** The name of the database for YOURLS
 ** Use lower case letters [a-z], digits [0-9] and underscores [_] only */
define( 'YOURLS_DB_NAME', 'yourlsdb' );
 
/** MySQL hostname.
 ** If using a non standard port, specify it like 'hostname:port', eg. 'localhost:9999' or '127.0.0.1:666' */
define( 'YOURLS_DB_HOST', 'localhost' );
 
/** MySQL tables prefix
 ** YOURLS will create tables using this prefix (eg `yourls_url`, `yourls_options`, ...)
 ** Use lower case letters [a-z], digits [0-9] and underscores [_] only */
define( 'YOURLS_DB_PREFIX', 'yourls_' );
 
define( 'YOURLS_SITE', 'http://yourls.example.com' );
$yourls_user_passwords = array(
        'admin' => 'yourpassword',

完成后,保存文件并关闭它。然后使用以下命令创建一个.htaccess文件。

nano /var/www/html/YOURLS/.htaccess

添加以下行。

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ /yourls-loader.php [L]
</IfModule>

保存并关闭文件,并使用以下命令授予适当的权限和所有权:

chown -R nginx:nginx /var/www/html/YOURLSchmod -R 775 /var/www/html/YOURLS

完成后,您可以继续下一步。

为YOURLS配置Nginx

接下来,为YOUURLS创建一个新的Nginx虚拟主机配置文件:

nano /etc/nginx/conf.d/yourls.conf

添加以下行。

server {
  listen 80;
  server_name yourls.example.com;
  root /var/www/html/YOURLS;
  index index.php index.html index.htm;
  location / {
    try_files $uri $uri/ /yourls-loader.php$is_args$args;
  }

  location ~ .php$ {
    include fastcgi.conf;

    fastcgi_index index.php;
    fastcgi_pass unix:/run/php-fpm/www.sock;
  }
}

保存并关闭文件,然后使用以下命令重新启动Nginx和PHP-FPM服务:

systemctl restart nginxsystemctl restart php-fpm

您还可以使用以下命令检查Nginx的状态:

systemctl status nginx

您应该获得以下输出:

? nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/nginx.service.d
           ??php-fpm.conf
   Active: active (running) since Tue 2020-10-20 09:37:40 EDT; 5min ago
  Process: 12864 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 12862 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 12860 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 12871 (nginx)
    Tasks: 3 (limit: 12523)
   Memory: 5.5M
   CGroup: /system.slice/nginx.service
           ??12871 nginx: master process /usr/sbin/nginx
           ??12872 nginx: worker process
           ??12873 nginx: worker process

Oct 20 09:37:40 centos systemd[1]: Stopped The nginx HTTP and reverse proxy server.
Oct 20 09:37:40 centos systemd[1]: Starting The nginx HTTP and reverse proxy server...
Oct 20 09:37:40 centos nginx[12862]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Oct 20 09:37:40 centos nginx[12862]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Oct 20 09:37:40 centos systemd[1]: Started The nginx HTTP and reverse proxy server.

配置SELinux和防火墙

默认情况下,SELinux在CentOS 8上启用,并且必须为YOURLS网站配置。

您可以使用以下命令配置SELinux:

setsebool httpd_can_network_connect on -Pchcon -R -u system_u -t httpd_sys_rw_content_t -r object_r /var/www/html/YOURLS

然后使用以下命令允许端口80和443通过防火墙。

firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=httpsfirewall-cmd --reload

完成后,您可以继续下一步。

访问您的

然后打开网络浏览器,并使用URL http://yourls.example.com/admin访问YOURS。显示下一页。

请点击 安装您的 按钮。显示下一页。

YOURLS安装程序

“舔您的管理页面”。 显示YOURLS登录页面。

登录

输入在config.php中定义的管理员用户名和密码, 登录 按钮。您的LS仪表板显示在下一页上。广告

YOURLS管理仪表板

让我们加密SSL保护您的S

接下来,您需要在系统上安装Certbot实用程序,并为您的网站下载并安装“让我们加密SSL”。

您可以使用以下命令安装Certbot客户端:

wget https://dl.eff.org/certbot-automv certbot-auto /usr/local/bin/certbot-autochown root /usr/local/bin/certbot-autochmod 0755 /usr/local/bin/certbot-auto

然后,使用以下命令为您的网站获取并安装SSL证书。

certbot-auto --nginx -d yourls.example.com

上面的命令将首先在服务器上安装所有必需的依赖项。安装后,将提示您输入电子邮件地址并接受使用条款,如下所示。

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to

cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y

Obtaining a new certificate
Performing the following challenges:
http-01 challenge for yourls.example.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/yourls.conf

选择是否将HTTP通信重定向到HTTPS,如下所示。

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for

new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

输入2并按Enter继续。如果安装成功完成,您将看到以下输出:

Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/yourls.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://yourls.example.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=yourls.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/yourls.example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/yourls.example.com/privkey.pem
   Your cert will expire on 2020-06-11. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again with the "certonly" option. To non-interactively renew *all*
   of your certificates, run "certbot-auto renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

您现在可以使用URL https://yourls.example.com安全地访问YOUR S网站。

结论

恭喜!您现在已经使用Nginx和Let’s Encrypt SSL在CentOS 8上成功安装了YOURS。现在,您可以使用YOUR S轻松托管自己的URL缩短服务。如有任何疑问,请随时与我们联系。

Sidebar