BookStack 知識庫安裝流程

這套由 Jason Cheng 大大所介紹的開源軟體

BookStack 這是一套免費又開源軟體可以拿來當成一書籍來使用,這套系統是由目前最熱門的php mvc 裡的 Laravel 架構所寫出來的,可以記錄有關於技術及備忘錄

運行環境:
系統:CentOS 7
Web服務:Nginx
網頁服務:PHP 7.3
資料庫服務:Mariadb 10.4

WEB 服務安裝


可以參考本知識庫的 WBE 服務安裝流程,啟用Nginx 支援到 OpenSSL TLS1.3 安全協定

 

資料庫服務安裝


  • 首先新增加 MariaDB.repo 官方載點
新增加MariaDB安裝檔
vim /etc/yum.repos.d/MariaDB.repo

再填入內容為以下

# MariaDB 10.4 CentOS repository list - created 2019-08-21 13:29 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.4/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

增加完畢後在下命令安裝

yum install MariaDB-server MariaDB-client -y
  • 資料庫安裝及設定
systemctl enable mariadb ; systemctl start mariadb   # 啟動資料庫服
mysql_secure_installation   # 設定資料庫的root密碼

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n]
Enabled successfully!
Reloading privilege tables..
 ... Success!


You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n]
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n]
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n]
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

mysql -u root -p   # 登入資料庫裡設定資表及權限

CREATE DATABASE IF NOT EXISTS bookstackdb DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci; #在資料庫裡新增BookStack表單
GRANT ALL PRIVILEGES ON bookstackdb.* TO 'bookstackuser'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION; #密碼請自己輸入好記錄的密碼
FLUSH PRIVILEGES;
quit

 

PHP 服務安裝


  • 先安裝額外的套件及載點
yum install -y epel-release yum-utils
  • 因內鍵預設版本是 PHP 5.4 因此本版官方已不在維護,建議直接安裝當時官方所提供主要版本,現在安裝版本是 PHP 7.3
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum-config-manager --disable remi-php54
yum-config-manager --enable remi-php73
  • 安裝 PHP 套件
yum install -y php php-mysqlnd php-pdo php-xml php-pear php-devel php-mbstring re2c gcc-c++ gcc \
php-fpm php-mysql php-gd php-cli php-json php-opcache php-curl php-ldap php-odbc php-xmlrpc php-soap \
curl curl-devel php-intl php-zip
  • 安裝好 PHP 要去修改 「vim /etc/php.ini」 設定檔
修改前
;cgi.fix_pathinfo=1
修改後
cgi.fix_pathinfo=0
修改時區
[Date]
修改前
;date.timezone = 
修改後
date.timezone = Asia/Taipei
修改資料上傳限制
; 上傳檔案大小上限(單一檔案大小)
upload_max_filesize = 50M 

; POST 大小上限(所有檔案大小加總)
post_max_size = 200M

; 記憶體用量上限
memory_limit = 512M

; Script執行時間上限(單位:秒)
max_execution_time = 600

; Script處理資料時間上限(單位:秒)
max_input_time = 600

; Socket無回應斷線時間(單位:秒)
default_socket_timeout = 600

存檔
:wq
  • 設定「php-fpm」「vim /etc/php-fpm.d/www.conf
由誰使用此服務
; RPM: apache user chosen to provide access to the same directories as httpd
;user = apache
user = nginx
; RPM: Keep a group allowed to write in log dir.
;group = apache
group =nginx

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
listen.owner = nginx
listen.group = nginx
listen.mode = 0660

php_value[session.save_path]    = /var/www/html/sessions

修改好存檔
:wq
  • 重啟及開機自動啟動 php-fpm 服務
systemctl restart php-fpm ; systemctl enable php-fpm
 

Nginx 服務設定檔


全域設定

mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.orig   # 備份原本預設的設定檔
vim /etc/nginx/nginx.conf   # 新增新的nginx設定檔
---
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;
}

服務器設定檔


vim /etc/nginx/conf.d/bookstack.conf   #網頁的設定檔
---
server {
  listen 80;
  server_name localhost;
  root /var/www/BookStack/public;

  access_log  /var/log/nginx/bookstack_access.log;
  error_log  /var/log/nginx/bookstack_error.log;

  client_max_body_size 1G;
  fastcgi_buffers 64 4K;

  index  index.php;

  location / {
    try_files $uri $uri/ /index.php?$query_string;
  }

  location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) {
    deny all;
  }

  location ~ \.php(?:$|/) {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_pass 127.0.0.1:9000;
  }

  location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
    expires 30d;
    access_log off;
  }
}
---

 

BookStack 服務安裝


安裝 Composer 作曲家服務

cd /usr/local/bin   # 將dirs更改為我們希望將composer安裝到的位置
curl -sS https://getcomposer.org/installer | php   # 安裝 composer
mv composer.phar composer   # 重新命名 composer

BookStack 放置位置

cd /var/www/html   # 希望將 BookStack 存放的位置   
mkdir /var/www/html/sessions   # 新增from php sessions
git clone https://github.com/BookStackApp/BookStack.git --branch release --single-branch   # 從github上下載最新版本的BookStackApp資料
cd BookStack && composer install   # 進入到BookStack目錄下用composer安裝服務

BookStack 設定

 

cp .env.example .env   # 複製範本設定文件
vim .env   # 更新與數據庫中的新的配置,以及其他設置
---
DB_HOST=localhost
DB_DATABASE=bookstackdb
DB_USERNAME=bookstackuser
DB_PASSWORD=bookstackpass
---

All other settings are fine as default, but feel free to change any others as you see fit.

php artisan key:generate --force   # 在.env中生成並更新APP_KEY
chown -R nginx:nginx /var/www/html/{BookStack,sessions}   # 將所有權更改為Web服務器用戶
php artisan migrate --force   # 產生新的資料庫表及其他設定

開啟瀏灠器輸入http://server_ip  預設帳號為:[email protected] 密碼為:password 

 

參考相關網頁