这是我第一次尝试定制 Nginx,我已经在 Digital Ocean Droplet 上运行它了。我的站点文件位于/sites/rob_app
.
- 一切都属于
rob
- 所有文件都是
0644
- 所有目录都是
0755
我将 Nginx 运行的用户更改rob
为nginx.conf
.该网站运行,但如果我尝试更新 WordPress 或任何插件,则会收到以下错误:
Unpacking the update…
The update cannot be installed because some files could not be copied. This is usually due to inconsistent file permissions.: wp-admin/includes/update-core.php
Installation failed.
从 Nginx 错误日志来看,这听起来像是文件权限问题,但我正在运行 Nginx,并且rob
我的文件所有者是rob
:
2023/01/27 01:08:51 [error] 11253#11253: *6 FastCGI sent in stderr: "PHP message: PHP Warning: copy(/sites/rob_app/subdomains/vril/public/wp-admin/includes/update-core.php): Failed to open stream: Permission denied in /sites/rob_app/subdomains/vril/public/wp-admin/includes/class-wp-filesystem-direct.php on line 309" while reading upstream, client: (redacted)), server: vril.robr.app, request: "POST /wp-admin/update-core.php?action=do-core-reinstall HTTP/2.0", upstream: "fastcgi://unix:/var/run/php/php8.1-fpm.sock:", host: "(redacted)", referrer: "(redacted)/wp-admin/update-core.php"
当我将所有站点文件的文件所有者更改为www-data
并将 Nginx 运行的用户更改为 时www-data
,我可以成功更新 WordPress 和插件,但是rob
,如果/sites/
不使用sudo
.
我摸不着头脑为什么www-data
像www-data
文件所有者一样取消 Nginx, 但rob
像rob
文件所有者一样运行 Nginx(即使文件权限在切换之间没有改变)。
我的nginx.conf
:
user rob;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 1024;
}
http {
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
# https://sysopstechnix.com/7-tips-for-nginx-performance-tuning/
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 8m;
large_client_header_buffers 4 4k;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
add_header Last-Modified "";
}
答案1
结果我只需要更改 FastCGI 的用户:组;一旦它与 Nginx 的 user:group 匹配,一切就顺利进行了!
答案2
可以使用WP-CLI检查和升级Wordpress核心、插件、主题。
wp core check-update
wp core update