Differences

This shows you the differences between two versions of the page.

--- servers:bsd:freenginx_php_php-fpm [2024/11/30 08:53] – WIP Sean Rhone
+++ servers:bsd:freenginx_php_php-fpm [2024/12/12 21:12] (current) – A+ Sean Rhone
@@ Line 2: / Line 2: @@
   * freenginx ((https://freenginx.org/))
-  * PHP
+  * PHP 8.4
   * PHP-FPM
   * [[Information:Realm of Espionage]]
+  * :!: WIP
 ===== Prerequisites =====
@@ Line 24: / Line 26: @@
 ====== Dependencies ======
-  su -l
+  su -
   pkg install freenginx php84
@@ Line 43: / Line 45: @@
   sudo firewall-cmd --add-service='http' --permanent && sudo firewall-cmd --add-service='https' --permanent && sudo firewall-cmd --reload
 ====== Services ======
@@ Line 49: / Line 50: @@
 ===== Enable =====
-  su -l
+  su -
   sysrc nginx_enable="YES"
@@ Line 65: / Line 66: @@
   sudo mv '/etc/php-fpm.d/www.conf' '/etc/php-fpm.d/www.conf~'
-  sudo mv '/etc/nginx/nginx.conf' '/etc/nginx/nginx.conf~'
+  mv -v '/usr/local/etc/nginx/nginx.conf' '/usr/local/etc/nginx/nginx.conf~'
 ===== View =====
@@ Line 75: / Line 76: @@
   nano '/etc/php-fpm.d/www.conf~'
-  nano '/etc/nginx/nginx.conf~'
+  ee '/usr/local/etc/nginx/nginx.conf~'
   nano '/etc/php.ini'
@@ Line 85: / Line 86: @@
   * ''conf.d'' contains **server-wide** modular configuration files
   * ''default.d'' contains **site-specific** modular configuration files
-  * ''vhosts.d'' contains enabled websites ((this folder needs created))
+  * ''vhosts.d'' contains enabled websites
 ===== Defaults =====
-==== vhosts.d ====
+  su -
-****
+  mkdir -p '/usr/local/etc/nginx/conf.d' '/usr/local/etc/nginx/default.d' '/usr/local/etc/nginx/vhosts.d'
-  sudo mkdir -p '/etc/nginx/vhosts.d'
 ===== HTTPS Redirect =====
@@ Line 99: / Line 98: @@
   * This automatically redirects non-HTTPS site links to HTTPS
-  sudo -e '/etc/nginx/conf.d/http-redirect.conf'
+  su -
+  ee '/usr/local/etc/nginx/conf.d/http-redirect.conf'
 <code>
@@ Line 113: / Line 114: @@
   * This prevents unconfigured subdomains from loading assets from other sites ((if a site/URL doesn't exist, it'll 404))
-  sudo -e '/etc/nginx/conf.d/non-existent.conf'
+  su -
+  ee '/usr/local/etc/nginx/conf.d/non-existent.conf'
 <code>
@@ Line 126: / Line 129: @@
 ===== Headers =====
-  * Last updated: 2024/02/07
   * Add to individual site configs as an ''include''
-  sudo -e '/etc/nginx/default.d/headers.conf'
+  su -
+  ee '/usr/local/etc/nginx/default.d/headers.conf'
 <code>
@@ Line 143: / Line 147: @@
 ===== nginx =====
-  * Last updated: 2023/09/12
+  * Last updated: 2024/11/30
+  su -
-  sudo -e '/etc/nginx/nginx.conf'
+  ee '/usr/local/etc/nginx/nginx.conf'
 <code>
-user nginx;
+worker_processes 1;
-worker_processes auto;
+#error_log  /var/log/nginx/error.log;
-error_log /var/log/nginx/error.log notice;
-pid /run/nginx.pid;
-include /usr/share/nginx/modules/*.conf;
 events {
@@ Line 162: / Line 164: @@
     # Logging
-    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-                      '$status $body_bytes_sent "$http_referer" '
+    #                  '$status $body_bytes_sent "$http_referer" '
-                      '"$http_user_agent" "$http_x_forwarded_for"';
+    #                  '"$http_user_agent" "$http_x_forwarded_for"';
-    access_log  /var/log/nginx/access.log  main;
+    #access_log  logs/access.log  main;
     # Includes
-    include /etc/nginx/conf.d/*.conf;
+    include /usr/local/etc/nginx/conf.d/*.conf;
-    include /etc/nginx/vhosts.d/*.conf;
+    include /usr/local/etc/nginx/vhosts.d/*.conf;
-    include /etc/nginx/mime.types;
+    include /usr/local/etc/nginx/mime.types;
     default_type application/octet-stream;
@@ Line 203: / Line 205: @@
 ===== Let's Encrypt =====
-  * See [[servers;linux;nginx;lets_encrypt|Let's Encrypt/Certbot]] for further set-up
+  * See [[servers:bsd:nginx:lets_encrypt|Let's Encrypt/Certbot]] for further set-up
+  su -
-  sudo -e '/etc/nginx/conf.d/ssl.conf'
+  ee '/usr/local/etc/nginx/conf.d/ssl.conf'
 <code>
-ssl_certificate '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem';
+ssl_certificate '/usr/local/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem';
-ssl_trusted_certificate '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem';
+ssl_trusted_certificate '/usr/local/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem';
-ssl_certificate_key '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem';
+ssl_certificate_key '/usr/local/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem';
 ssl_session_timeout '10m';
@@ Line 217: / Line 221: @@
 ssl_buffer_size '4k';
-ssl_protocols 'TLSv1.3';
+ssl_protocols 'TLSv1.2' 'TLSv1.3';
 ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM';
 ssl_prefer_server_ciphers 'on';