Grav 설치

설치 준비

sudo apt update
sudo apt install -y php php-fpm unzip

Grav 압축해제

cd /var/www
sudo wget https://getgrav.org/download/core/grav-admin/latest
sudo mv grav-admin grav
sudo chown -R www-data:www-data /var/www/grav

Nginx 설치 및 설정

Nginx 설치

sudo apt install -y nginx

SSL 임시 인증 처리

sudo mkdir /etc/nginx/ssl
cd /etc/nginx/ssl
sudo gitea cert --host blog.lhk.o-r.kr #임시 키

Nginx 설정파일 작성

sudo vi /etc/nginx/sites-available/grav

# HTTP to HTTPS redirect
server {
	listen 80;
	server_name blog.lhk.o-r.kr;
	return 301 https://$server_name$request_uri;
}
 
# HTTPS server
server {
    listen 443 ssl http2;
    server_name blog.lhk.o-r.kr;
 
    # SSL certificate configuration
    ssl_certificate /etc/letsencrypt/live/blog.lhk.o-r.kr/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/blog.lhk.o-r.kr/privkey.pem; # managed by Certbot
 
    # SSL settings (you can add more SSL-related configurations here)
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
 
    # Root directory for your website
    root /var/www/grav;  # Adjust this path to your actual web root
 
    # Index files
    index index.html index.php;
 
    # Other location blocks and settings
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }
 
    # PHP-FPM configuration
    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

Nginx 설정 적용 및 테스트 및 재시작

sudo ln -s /etc/nginx/sites-available/grav /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

SSL 인증 및 재인증 자동화 처리

# Nginx 플러그인
sudo apt install -y python3-certbot-nginx
 
# --nginx 옵션을 이용해 certbot이 nginx 리로드를 자동으로 수행하게 설정
sudo certbot --nginx -d blog.lhk.o-r.kr