Category: Programming (编程)

Posted on

WordPress 值得使用的主题和插件

主题

Twenty Seventeen

Twenty Seventeen 是一个开源的 WordPress 主题,非常适合目录较多的网站,首页能够巧妙地将图片和文字结合在一起。

插件

All In One WP Security

All In One WP Security 是一个开源的 WordPress 安全插件,比较全面地对 WordPress 进行安全加强,安装了这个插件以后,基本上就不需要再安装其他安全插件。

Easy WP SMTP

Easy WP SMTP 是一个开源的 WordPress 邮件插件,可以实现 WordPress 通过 SMTP 发送邮件。

Simply Static

Simply Static 是一个开源的 WordPress 动态网站转静态网站插件,可以将动态网站转换成静态网站。

WP-Optimize Cache

WP-Optimize Cache 是一个开源的 WordPress 网站性能优化插件,可以删除无用数据等等。

Health Check & Troubleshooting

Health Check & Troubleshooting 是一个开源的 WordPress 网站健康度检测插件,可以检测网站的各项健康指标。

Username Changer

Username Changer 是一个开源的修改 WordPress 用户名的插件,可以修改用户名

Edit Author Slug

Edit Author Slug 是一个开源的修改 WordPress 用户名下文章链接的插件,可以修改用户发布文章的链接,默认情况下用户发布文章的链接是:https://<domain name>/author/<username>/

Posted on

[工具] Shell 博客 WordPress 数据去隐私化

介绍

基本信息

作者:朱明宇
名称:Shell 博客 WordPress 数据去隐私化
作用:修改 WordPress 备份中某个用户的密码并再次进行备份

使用方法

1. 在此脚本的分割线内写入相应的内容
2. 给此脚本添加执行权限
3. 执行此脚本

脚本分割线里的变量

1. path=/home/zhumingyu/EternalCenter #本地备份目录
2. filename=eternalcenter-backup #本地备份文件
3. cpath=”/srv/www/htdocs” #网站程序目录
4. sqlfile=eternalcenter/eternalcenter.sql #网站数据库数据备份
5. tarfile=eternalcenter/eternalcenter.tar.gz #网站网页数据备份
6. newfilename=clone-eternalcenter-backup #新备份的文件名
7. user=’Mingyu Zhu’ #要修改密码的用户
8. newpw=eternalcenter #新的用户密码
9. dbuser=ec #用于连接数据库的用户
10. dbuserpw=eternalcenter #用于连接数据库的密码
11. db=ec #网站数据库数据在数据库中的库

注意

1. 本地需要已经搭建好 LNMP 平台
2. 执行此脚本的用户需要有远程服务器的 sudo tar 和 sudo rm 权限
3. 脚本 ”mysql -uroot -p’eternalcenter’ -e “drop database $db;”“ 中 “eternalcenter“ 是指远程 MariaDB 数据库 root 用户的密码,需要修改成远程 MariaDB 数据库的 root 用户密码

脚本

#!/bin/bash

####################### Separator ########################

path=/home/zhumingyu/EternalCenter
filename=eternalcenter-backup
cpath="/srv/www/htdocs"
sqlfile=eternalcenter/eternalcenter.sql
tarfile=eternalcenter/eternalcenter.tar.gz
newfilename=clone-eternalcenter-backup
user='Mingyu Zhu'
newpw=eternalcenter
dbuser=ec
dbuserpw=eternalcenter
db=ec

####################### Separator ########################

date=$(date +%Y-%m-%d-%H)
dir=`pwd`

sudo systemctl stop nginx
sudo systemctl stop php-fpm

mkdir -p $path/$newfilename-$date &> /dev/null

mysql -uroot -p'eternalcenter' -e "drop database $db;"
mysql -uroot -p'eternalcenter' -e "create database $db;"
mysql -uroot -e "create user \"$dbuser\"@\"localhost\" identified by \"$dbuserpw\";"
mysql -uroot -p'eternalcenter' -e "grant all privileges on $db.* to \"$dbuser\"@'localhost';"
mysql -uroot -p'eternalcenter' ec < $sqlfile
mysql -uroot -p'eternalcenter' -e "update $db.ec_users set user_pass = md5(\'$newpw\') where user_login = \'$user\';"
sudo rm -rf $cpath/*
sudo tar -zxvf $tarfile -C $cpath &> /dev/null
cd $cpath
sudo sed -i "s/define('DB_PASSWORD', .*);/define('DB_PASSWORD', \'$dbuserpw\');/" wp-config.php

mysqldump -uroot -p'eternalcenter' $db > $path/$newfilename-$date/$newfilename-$date.sql
sudo tar -zcvf $path/$newfilename-$date/$newfilename-$date.tar.gz .[!.]* * &> /dev/null
cd $dir

sudo systemctl start nginx
sudo systemctl start php-fpm

cd $dir
Posted on

[工具] Shell 将远程 LNMP 的网站数据库备份到本地

介绍

基本信息

作者:朱明宇
名称:将远程 LNMP 的网站数据库备份到本地
作用:将远程 LNMP 的网站数据库备份到本地

使用方法

1. 在此脚本的分割线内写入相应的内容
2. 给此脚本添加执行权限
3. 执行此脚本

脚本分割线里的变量

1. path=/home/zhumingyu/EternalCenter #本地备份目录
2. filename=eternalcenter-backup #本地备份文件
3. key=”~/.ssh/eternalcenter” #本地备份本地私钥
4. whost=”eternalcenter.com” #远程服务器
5. wpath=”/usr/share/nginx/html” #远程服务器网站程序目录
7. wcache=”/cache” #远程服务器临时备份目录

注意

1. 远程需要已经搭建好 LNMP 平台
2. 用于远程服务器的用户,需要能免密钥 ssh 远程服务器,且对于本地用于本地数据的备份目录和远程服务器的目录拥有读和执行的权限
3. 执行此脚本的用户需要有远程服务器的 sudo tar 权限
4. 脚本 ”mysqldump -uroot -p’eternalcenter’ ec > $wcache/$filename-$date.sql“ 中 “eternalcenter“ 是指远程 MariaDB 数据库 root 用户的密码,需要修改成远程 MariaDB 数据库的 root 用户密码

脚本

#!/bin/bash

####################### Separator ########################

path=/home/zhumingyu/EternalCenter
filename=eternalcenter-backup
key="~/.ssh/eternalcenter"

whost="eternalcenter.com"
wpath="/usr/share/nginx/html"
wcache="/cache"

####################### Separator ########################

date=$(date +%Y-%m-%d-%H)

echo "copy eternalcenter data from website to local server"
ping -c3 -i0.4 $whost > /dev/null
if [ $? -eq 0 ];then

        ssh -i $key $whost "
        mkdir $wcache &> /dev/null
        rm -rf $wcache/* &> /dev/null
        mysqldump -uroot -p'eternalcenter' ec > $wcache/$filename-$date.sql
        cd $wpath
        sudo tar -zcvf $wcache/$filename-$date.tar.gz .[!.]* * &> /dev/null
        "

        mkdir -p $path/$date &> /dev/null
        scp -i $key $whost:$wcache/$filename-$date* $path/$date

fi
echo
Posted on

[工具] Shell 将同目录下最新的某个目录里的所有文件替换到 GitHub 库里 (Git LFS 版)

介绍

基本信息

作者:朱明宇
名称:将同目录下最新的某个目录里的所有文件替换到 GitHub 库里
作用:将同目录下最新的某个目录里的所有文件替换到 GitHub 库里

使用方法

1. 在此脚本的分割线内写入相应的内容
2. 给此脚本添加执行权限
3. 执行此脚本

脚本分割线里的变量

1. directory=download-eternalcenter #本地的缓冲目录
2. gituser=mingyuzhu #GitHub 用户
3. gitemail=mingyu.zhu@eternalcenter.com #GitHub 邮箱
4. gitrepository=download-eternalcenter #GitHub 库
5. gitbranch=’master’ #GitHub 库的分支
6. backupfile=all #备份后的文件
7. keyword=clone #同目录下要备份目录名称的关键字

注意

需要提前安装 git 和 git-lfs,注册 GitHub,创建相应的 GitHub 库,并且创建和设置了对应的 ssh 密钥

脚本

#!/bin/bash

####################### Separator ########################

directory=download-eternalcenter
gituser=mingyuzhu
gitemail=mingyu.zhu@eternalcenter.com
gitrepository=download-eternalcenter
gitbranch='master'
backupfile=all
keyword=clone

####################### Separator ########################

backupdirectory=`ls -rtlh | grep $keyword | awk '{print $NF}' | tail -1`

sqlfile=`ls $backupdirectory | grep sql`
tarfile=`ls $backupdirectory | grep tar`

rm -rf $directory
mkdir -p $directory &> /dev/null

echo $gituser
git config --global user.email "$gitemail"
git config --global user.name "$gituser"

rm -rf $directory
mkdir -p $directory &> /dev/null
cd $directory
git init
git lfs install
git remote add origin git@github.com:$gituser/$gitrepository
git pull --rebase origin $gitbranch -f
git lfs track *
git filter-branch --force --index-filter 'git rm --cached --ignore-unmatch *' --prune-empty --tag-name-filter cat -- --all
git commit -m 'cleapup'
git push -u origin $gitbranch -f
rm -rf .git/refs/original/
git reflog expire --expire=now --all
git gc --prune=now
git gc --aggressive --prune=now

cd ..

rm -rf $directory
mkdir -p $directory &> /dev/null
cd $directory
git init
git lfs install
git remote add origin git@github.com:$gituser/$gitrepository
git pull --rebase origin $gitbranch -f
git lfs track *
git rm *
git commit -m 'cleapup'

cd ../$backupdirectory/
tar -zcvf ../$directory/$backupfile.tar.gz *
cd ../$directory

git lfs track *
git add *
git status
git commit -m 'upload'
git push -u origin $gitbranch -f
cd ..
Posted on

[工具] Shell 自动化部署 LNMP + SSL 平台 (Fedora 35 版)

介绍

基本信息

作者:朱明宇
名称:自动化部署 LNMP + SSL 平台
作用:自动化安装 LNMP + SSL,即通过 Linux、Nginx、MariaDB、PHP、php-fpm、SSL,实现 HTTPS

使用方法

1. 将网站的网页数据备份、网站的 SSL 公钥、网站的 SSL 私钥、网站的数据库备份和本脚本,5 个文件放在同一目录下
2. 如果没有网站的数据库备份则将网页数据备份、网站的 SSL 公钥、网站的 SSL 私钥和本脚本,4 个文件放在同一目录下
3. 在此脚本的分割线内写入相应的内容
4. 服务器都要开启 SELinux
5. 给此脚本添加执行权限
6. 执行此脚本:./<此脚本>

脚本分割线里的变量

1. webdomain=”eternalcenter.com” #网站的域名,注意不要在前面加任何前缀
2. webtar=”eternalcenter-backup-*.tar.gz”网站的网页数据备份,如果没有这个备份,可以下载一个开源的 WordPress 网页程序
3. webcrt=”eternalcenter.com.crt” #网站 SSL 的公钥,可以自己创建也可以在 FreeSSL 上申请
4. webkey=”eternalcenter.com.key” #网站 SSL 的私钥,可以自己创建也可以在 FreeSSL 上申请
5. sqlbackup=”eternalcenter-backup-*.sql” #网站数据库数据备份,如果没有这个备份(数据库是全量备份),则这里可以为空
6. db=”ec” #网站在数据库中库
7. dbuser=”ec” #网站在数据库中的用户
8. dbuserpw=”eternalcenter” #网站在数据库中的用户密码
9. dbrootpw=”eternalcenter” #数据库的 root 密码

注意

1. 服务器的系统需要是 Fedora 35 版本
2. 服务器系统要配置好可用的软件源
3. 服务器要能够连接外网

脚本

#!/bin/bash

####################### Separator ########################
webdomain="eternalcenter.com"
webtar="eternalcenter-backup-*.tar.gz"
webcrt="eternalcenter.com.crt"
webkey="eternalcenter.com.key"
sqlbackup="eternalcenter-backup-*.sql"
db="ec"
dbuser="ec"
dbuserpw="eternalcenter"
dbrootpw="eternalcenter"
####################### Separator ########################

#Determine whether SELinux is on
getenforce | grep Enforcing
if [ $? -ne 0 ];then
	echo "SELinux is not set to enforcing mode and cannot continue"
	exit 2
fi

#Determine whether the required file exists
ls $webtar
if [ $? -ne 0 ];then
	echo "No web page data backup, unable to continue"
	exit 2
fi

ls $webcrt
if [ $? -ne 0 ];then
	echo "Cannot continue without site public key"
	exit 2
fi

ls $webkey
if [ $? -ne 0 ];then
	echo "Unable to continue without site private key"
	exit 2
fi

#Update system
yum clean all
yum repolist
yum makecache
yum -y update

#Make sure the required software is installed
yum -y install tar
yum -y install firewalld

#Deploying Nginx
yum -y install nginx

echo 'worker_processes  1;

events {
    worker_connections  1024;
}

http {
    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;

    keepalive_timeout  60;
    client_body_timeout 20s;
    client_header_timeout 10s;
    send_timeout 30s;

    server {
        listen       80;
        limit_req zone=one burst=5;
        server_name www.eternalcenter.com eternalcenter.com;

        rewrite ^/(.*)$ https://eternalcenter.com/$1 permanent;
      
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        }

    server {
        listen       443 ssl;
        server_name www.eternalcenter.com eternalcenter.com;

        if ($request_method !~ ^(GET|POST)$){
        return 444;
        }

        ssl_certificate      /etc/nginx/ssl/eternalcenter.com.crt;
        ssl_certificate_key  /etc/nginx/ssl/eternalcenter.com.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location ~ \.php$ {
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            include fastcgi.conf;
            fastcgi_param  SCRIPT_FILENAME  /usr/share/nginx/html/$fastcgi_script_name;
            include fastcgi_params;
        } 

        location / {
        root html;
        index index.php index.html index.htm;

        if (-f $request_filename/index.html){rewrite (.) $1/index.html break;}
        if (-f $request_filename/index.php){rewrite (.) $1/index.php;}
        if (!-f $request_filename){rewrite (.) /index.php;}
        
        }

        location ~ ^/\.user\.ini {
        deny all;
        }
    
        location ~*\.(jpd|jpeg|gif|png|css|js|ico|xml)$ {
        expires 30d;
        }

        error_page  404              /404.html;

        }

        gzip on;
	gzip_min_length 1000;
	gzip_comp_level 4;
	gzip_types text/plain test/css application/json application/x-javascript text/xml application/xml
	application/xml+rss text/javascripts;

	client_header_buffer_size 1k;
	large_client_header_buffers 4 4k;

	open_file_cache max=2000 inactive=20s;
	open_file_cache_valid  60s;
	open_file_cache_min_uses 5;
	open_file_cache_errors off;

}' > /etc/nginx/nginx.conf

sed -i "s/server_name www.eternalcenter.com eternalcenter.com;/server_name www.$webdomain $webdomain;/" /etc/nginx/nginx.conf
sed -i "s@rewrite ^/(.*)$ https://eternalcenter.com/\$1 permanent@rewrite ^/(.*)$ https://$webdomain/\$1 permanent@" /etc/nginx/nginx.conf;
sed -i "s/eternalcenter.com.crt/$webcrt/" /etc/nginx/nginx.conf
sed -i "s/eternalcenter.com.key/$webkey/" /etc/nginx/nginx.conf

mkdir /etc/nginx/ssl
mv $webcrt /etc/nginx/ssl
mv $webkey /etc/nginx/ssl
chcon -t httpd_config_t /etc/nginx/ssl/$webcrt
chcon -t httpd_config_t /etc/nginx/ssl/$webkey
chcon -t httpd_config_t /etc/nginx/ssl/

rm -rf /usr/share/nginx/html/*
tar -xvf $webtar -C /usr/share/nginx/html/ && rm -rf $webtar
chcon -t httpd_sys_content_t -R /usr/share/nginx/html/*

yum -y install sendmail
yum -y install policycoreutils
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_can_network_connect_db 1
setsebool -P httpd_can_sendmail 1
setsebool -P httpd_can_connect_ftp 1
setsebool -P httpd_unified 1
setsebool -P httpd_enable_cgi 1
setsebool -P httpd_builtin_scripting 1
setsebool -P mysql_connect_http 1

systemctl start nginx
systemctl enable nginx

#Deploy MariaDB
yum -y install mariadb mariadb-server

grep "^log_bin=" /etc/my.cnf.d/mariadb-server.cnf
if [ $? -ne 0 ];then
	sed -i '/^datadir/a log_bin=ec' /etc/my.cnf.d/mariadb-server.cnf
fi

grep "^binlog_format=" /etc/my.cnf.d/mariadb-server.cnf
if [ $? -ne 0 ];then
	sed -i '/^datadir/a binlog_format=\"mixed\"' /etc/my.cnf.d/mariadb-server.cnf
fi

grep "^server_id=" /etc/my.cnf.d/mariadb-server.cnf
if [ $? -ne 0 ];then
	sed -i '/^datadir/a server_id=51' /etc/my.cnf.d/mariadb-server.cnf
fi

sed -i 's/^plugin-load-add=auth_gssapi.so/#plugin-load-add=auth_gssapi.so/' /etc/my.cnf.d/auth_gssapi.cnf

sed -i '/^user=.*/d' /etc/my.cnf.d/mariadb-server.cnf
sed -i "/\[mysqld\]/a user=mysql" /etc/my.cnf.d/mariadb-server.cnf

sed -i '/^bind-address=.*/d' /etc/my.cnf.d/mariadb-server.cnf
sed -i "/\[mysqld\]/a bind-address=127.0.0.1" /etc/my.cnf.d/mariadb-server.cnf

chown -R mysql /var/lib/mysql

systemctl start mariadb
systemctl enable mariadb

ls $sqlbackup
if [ $? -ne 0 ];then
        mysql -uroot -e "create database $db;"
        mysql -uroot -e "create user \"$dbuser\"@\"localhost\" identified by \"$dbuserpw\";"
        mysql -uroot -e "grant all privileges on $db.* to \"$dbuser\"@\"localhost\" identified by \"$dbuserpw\";"
        mysql -uroot -e "set password for 'root'@'localhost'=password(\"$dbrootpw\")"
else
        mysql -uroot -e "create database $db;"
        mysql -uroot $db < $sqlbackup
	mysql -uroot -e "create user \"$dbuser\"@\"localhost\" identified by \"$dbuserpw\";"
	mysql -uroot -e "grant all privileges on $db.* to \"$dbuser\"@\"localhost\" identified by \"$dbuserpw\";"
	mysql -uroot -e "set password for 'root'@'localhost'=password(\"$dbrootpw\")"
	rm -rf $sqlbackup
fi
	
systemctl restart mariadb

#Deploy PHP
yum -y install php php-fpm php-mysqlnd php-gd php-mbstring php-opcache php-json php-xml php-xmlrpc php-pecl-zip php-pecl-imagick php-intl php-bcmath
useradd php-fpm -s /sbin/nologin
chown -R php-fpm:php-fpm /usr/share/nginx/html

sed -i /"^user =.*"/d /etc/php-fpm.conf
sed -i /"^group =.*"/d /etc/php-fpm.conf
sed -i /"^listen =.*"/d /etc/php-fpm.conf
sed -i /"^[www]"/d /etc/php-fpm.conf
sed -i /"^pm = .*"/d /etc/php-fpm.conf
sed -i /"^pm.start_servers = .*"/d /etc/php-fpm.conf
sed -i /"^pm.min_spare_servers = .*"/d /etc/php-fpm.conf
sed -i /"^pm.max_spare_servers = .*"/d /etc/php-fpm.conf
sed -i /"^pm.max_children = .*"/d /etc/php-fpm.conf
sed -i /"^pm.max_requests = .*"/d /etc/php-fpm.conf
sed -i /"^request_terminate_timeout = .*"/d /etc/php-fpm.conf

echo '[www]' >> /etc/php-fpm.conf
echo 'user = php-fpm' >> /etc/php-fpm.conf
echo 'group = php-fpm' >> /etc/php-fpm.conf
echo 'listen = 127.0.0.1:9000' >> /etc/php-fpm.conf
echo 'pm = dynamic' >> /etc/php-fpm.conf
echo 'pm.start_servers = 2' >> /etc/php-fpm.conf
echo 'pm.min_spare_servers = 2' >> /etc/php-fpm.conf
echo 'pm.max_spare_servers = 4' >> /etc/php-fpm.conf
echo 'pm.max_children = 4' >> /etc/php-fpm.conf
echo 'pm.max_requests = 1024' >> /etc/php-fpm.conf
echo 'request_terminate_timeout = 300' >> /etc/php-fpm.conf

systemctl start php-fpm
systemctl enable php-fpm

#Improve system performance
grep "^* soft nofile" /etc/security/limits.conf
if [ $? -ne 0 ];then
	echo '* soft nofile 1024' >> /etc/security/limits.conf
fi

grep "^* hard nofile" /etc/security/limits.conf
if [ $? -ne 0 ];then
	echo '* hard nofile 1024' >> /etc/security/limits.conf
fi

#Open firewall
systemctl start firewalld
systemctl enable firewalld
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --reload

#Limit log space
yum -y install rsyslog
systemctl enable --now rsyslog

echo "/var/log/mariadb/mariadb.log {
        create 600 mysql mysql
        notifempty
	daily
        rotate 3
        missingok
        compress
    postrotate
	# just if mysqld is really running
        if [ -e /run/mariadb/mariadb.pid ]
        then
           kill -1 $(</run/mariadb/mariadb.pid)
        fi
    endscript
}" > /etc/logrotate.d/mariadb

echo "/var/log/nginx/*log {
    create 0664 nginx root
    size 1024M
    rotate 1
    missingok
    notifempty
    compress
    sharedscripts
    postrotate
        /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
    endscript
}" > /etc/logrotate.d/nginx

echo "/var/log/php-fpm/*log {
    size 100M
    rotate 1
    missingok
    notifempty
    sharedscripts
    delaycompress
    postrotate
        /bin/kill -SIGUSR1 `cat /run/php-fpm/php-fpm.pid 2>/dev/null` 2>/dev/null || true
    endscript
}" > /etc/logrotate.d/php-fpm

echo "/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
    size 100M
    rotate 1
    missingok
    sharedscripts
    postrotate
        /usr/bin/systemctl kill -s HUP rsyslog.service >/dev/null 2>&1 || true
    endscript
}" > /etc/logrotate.d/rsyslog

#Delete this script
scriptwhere=`readlink -f "$0"`
rm -rf $scriptwhere

#Restart the system
reboot