RoE | Wiki

User Tools

Site Tools

Trace:
servers:bsd:nginx:wordpress

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:bsd:nginx:wordpress [2025/05/16 19:44] Sean Rhoneservers:bsd:nginx:wordpress [2025/05/24 05:32] (current) Sean Rhone
Line 4: Line 4:
   * [[Information:Realm of Espionage]]   * [[Information:Realm of Espionage]]
   * https://blog.realmofespionage.xyz   * https://blog.realmofespionage.xyz
- 
-  * 2025/05/16: WIP 
  
 ===== Prerequisites ===== ===== Prerequisites =====
Line 24: Line 22:
  
 ====== Download Source ====== ====== Download Source ======
 +
 +  * https://github.com/WordPress/WordPress/commits/master/
  
   su -   su -
Line 95: Line 95:
 ===== Server Block ===== ===== Server Block =====
  
-  * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs+  su -
  
-  sudo -e '/etc/nginx/vhosts.d/blog.conf' && sudo systemctl reload 'nginx' && sync+  ee '/usr/local/etc/nginx/vhosts.d/blog.conf' && service 'nginx' reload && sync
  
 <code> <code>
 server { server {
-    listen '443' 'ssl' 'http2';+    listen 443 ssl
 +#    http2 on;
     server_name 'blog.realmofespionage.xyz';     server_name 'blog.realmofespionage.xyz';
-    root '/var/www/blog';+    root '/usr/local/www/blog';
     index 'index.php';     index 'index.php';
  
-    include '/etc/nginx/default.d/blog.conf'; +    include '/usr/local/etc/nginx/default.d/blog.conf'; 
-    include '/etc/nginx/default.d/headers.conf';+    include '/usr/local/etc/nginx/default.d/headers.conf';
  
     client_max_body_size '10M';     client_max_body_size '10M';
Line 113: Line 114:
 #    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always; #    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;
  
-#    access_log  /var/log/nginx/media-access.log; +#    access_log  /var/log/nginx/blog-access.log; 
-#    error_log  /var/log/nginx/media-error.log;+#    error_log  /var/log/nginx/blog-error.log;
  
     location / {     location / {
Line 125: Line 126:
           access_log off; log_not_found off; expires max;           access_log off; log_not_found off; expires max;
     }     }
-}</code>+} 
 + 
 +# End</code>
  
 ====== Initial Setup ====== ====== Initial Setup ======
Line 135: Line 138:
   * Date Format: Y/m/d   * Date Format: Y/m/d
  
-====== Services ======+===== DB Connection Fix =====
  
-===== Updater =====+  * https://forums.freebsd.org/threads/wordpress-cant-connect-to-mysql-database.71914/#post-436461 
 +  * ''DB_HOST'' to ''127.0.0.1''
  
-==== Service ====+  su -
  
-  sudo -e '/etc/systemd/system/blog-up.service'+  ee '/usr/local/www/blog/wp-config.php'
  
-<code> +<code>define( 'DB_HOST''localhost);^M</code>
-[Service] +
-User=nginx +
-Group=nginx +
-Type=oneshot +
-ExecStart='/usr/bin/git-C '/var/www/blog' pull origin 'master' +
-ExecStartPost='/usr/bin/sync'</code>+
  
-==== Timer ====+<code>define( 'DB_HOST', '127.0.0.1' );^M</code>
  
-  * Every day at ''04:00:00''+====== Temp Commands ======
  
-  sudo -e '/etc/systemd/system/blog-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-up.timer' --now && sudo systemctl start 'blog-up' && sudo systemctl status 'blog-up' -l+===== Update =====
  
-<code> +  * https://github.com/WordPress/WordPress/commits/master/
-[Unit] +
-Description=WordPress Git Updater +
-After=network-online.target +
-Wants=network-online.target+
  
-[Timer] +  su -
-OnCalendar=*-*-* 04:00:00 +
-Persistent=true+
  
-[Install] +  su -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/blog' pull origin 'master'"
-WantedBy=timers.target</code>+
  
 ===== Maintenance ===== ===== Maintenance =====
  
-==== Service ====+  su -
  
-  sudo -'/etc/systemd/system/blog-m.service'+  su -m 'www' -c "'/usr/local/bin/git' -'/usr/local/www/blog' reset --hard"
  
-<code> +  su -'www' -c "'/usr/local/bin/git' -C '/usr/local/www/blog' pull origin 'master' --rebase"
-[Service] +
-User=nginx +
-Group=nginx +
-Type=oneshot +
-ExecStart='/usr/bin/git' -'/var/www/bloggc --aggressive --prune='all' +
-ExecStart='/usr/bin/git' -C '/var/www/blog' fsck --full --strict +
-ExecStartPost='/usr/bin/sync'</code>+
  
-==== Timer ====+  su -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/blog' gc --aggressive --prune='all'"
  
-  ''01'' day of every month at ''04:20:00'' ((8-)))+  su -m 'www-c "'/usr/local/bin/git-C '/usr/local/www/blogfsck --full --strict"
  
-  sudo -e '/etc/systemd/system/blog-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-m.timer' --now && sudo systemctl start 'blog-m' && sudo systemctl status 'blog-m' -l +  mariadb-check -'root' -p --f ---auto-repair 'wordpress'
- +
-<code> +
-[Unit] +
-Description=WordPress Maintenance +
-After=network-online.target +
-Wants=network-online.target +
- +
-[Timer] +
-OnCalendar=*-*-01 04:20:00 +
-Persistent=true +
- +
-[Install] +
-WantedBy=timers.target</code> +
- +
-===== Backup ===== +
- +
-==== Files ==== +
- +
-=== Service === +
- +
-  mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/blog-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/blog-fb.service' +
- +
-<code> +
-[Service] +
-Type=oneshot +
-WorkingDirectory=/var/www +
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "blog"' +
-ExecStartPost='/usr/bin/sync'</code> +
- +
-=== Timer === +
- +
-  * ''01'' day of every month at ''04:35:00'' +
- +
-  sudo -e '/etc/systemd/system/blog-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-fb.timer' --now && sudo systemctl start 'blog-fb' && sudo systemctl status 'blog-fb' -l +
- +
-<code> +
-[Unit] +
-Description=WordPress Files Backup +
- +
-[Timer] +
-OnCalendar=*-*-01 04:35:00 +
-Persistent=true +
- +
-[Install] +
-WantedBy=timers.target</code> +
- +
-==== Database ==== +
- +
-=== Database Auth === +
- +
-  sudo mkdir -p '/var/lib/mysql/auth' && sudo -e '/var/lib/mysql/auth/wordpress' && sudo chown -R 'mysql':'mysql' '/var/lib/mysql/auth/wordpress' && sudo chmod '600' '/var/lib/mysql/auth/wordpress' && sync +
- +
-<code> +
-[mariadb-dump] +
-user=wordpress +
-password=x</code> +
- +
-=== Service === +
- +
-  mkdir -p ~/'backups&& sudo mkdir -p '/var/lib/mysql/tmp' && sudo -e '/etc/systemd/system/blog-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/blog-db.service' +
- +
-<code> +
-[Service] +
-Type=oneshot +
-WorkingDirectory=/var/lib/mysql/tmp +
-ExecStartPre='/usr/bin/mariadb-dump' --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r '/var/lib/mysql/tmp/wordpress.sql' +
-ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/wordpress.sql' +
-ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/wordpress.sql.gz" "/home/CHANGEME/backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' +
-ExecStartPost='/usr/bin/sync'</code> +
- +
-=== Timer === +
- +
-  * Every day at ''04:45:00'' +
- +
-  sudo -e '/etc/systemd/system/blog-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-db.timer' --now && sudo systemctl start 'blog-db' && sudo systemctl status 'blog-db' -l +
- +
-<code> +
-[Unit] +
-Description=WordPress Database Backup +
-After=mariadb.service +
- +
-[Timer] +
-OnCalendar=*-*-* 04:45:00 +
-Persistent=true +
- +
-[Install] +
-WantedBy=timers.target</code>+
  
 ====== Backup ====== ====== Backup ======
  
-  * Create backup archive on server and transfer to client computer+===== Folder =====
  
-===== Server =====+  su -
  
-==== Stop Services ====+  cd '/usr/local/www' && tar -cvzf '/home/espionage724/wordpress-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'blog'
  
-**** +===== Database =====
- +
-  sudo systemctl stop nginx php-fpm +
- +
-==== Backup Folder ====+
  
 **** ****
  
-  cd '/var/www&& sudo tar -cvzf ~/'wordpress-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'blog&& cd ~ && sync+  mariadb-dump -u root -p --single-transaction 'wordpress' -'/home/espionage724/wordpress-database-manual-'$(date +%Y-%m-%d)'.sql'
  
-==== Backup Database ==== +===== scp =====
- +
-**** +
- +
-  sudo mariadb-dump --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r ~/'wordpress-database-manual-'$(date +%Y-%m-%d)'.sql' && sync +
- +
-==== Start Services ==== +
- +
-**** +
- +
-  sudo systemctl start nginx php-fpm +
- +
-===== Client ===== +
- +
-==== Transfer Files To Client ====+
  
 **** ****
Line 318: Line 197:
 ====== Restore ====== ====== Restore ======
  
-===== Client ===== +===== scp =====
- +
-==== Uncompress Database ==== +
- +
-  * This is only needed if restoring an **automated** database backup ((manual doesn't gzip)) +
- +
-  gunzip ~/'Downloads/wordpress-database-'*'.sql.gz' +
- +
-==== Transfer Files To Server ====+
  
 **** ****
Line 332: Line 203:
   scp ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql' espionage724@192.168.1.152:~   scp ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql' espionage724@192.168.1.152:~
  
-==== Remove Files ====+===== Folder =====
  
-****+  su -
  
-  rm -f ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql&& sync+  rm -Rf '/usr/local/www/blog'
  
-===== Server ===== +  cd '/usr/local/www' && tar -xvzf '/home/espionage724/wordpress-files-'*'.tar.gz' 'blog' && chown -R 'www':'www' '/usr/local/www/blog' && cd ~ && sync
- +
-==== Stop Services ==== +
- +
-**** +
- +
-  sudo systemctl stop nginx php-fpm +
- +
-==== Remove Previous Folder ==== +
- +
-**** +
- +
-  sudo rm -Rf '/var/www/blog' +
- +
-==== Restore WordPress Folder ==== +
- +
-**** +
- +
-  cd '/var/www' && sudo tar -xvzf ~/'wordpress-files-'*'.tar.gz' 'blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/blog(/.*)?' && sudo restorecon -F -I -R '/var/www/blog' && cd ~ && sync +
- +
-==== Drop Previous Database ==== +
- +
-  sudo mariadb +
- +
-  DROP DATABASE wordpress; +
- +
-  FLUSH TABLES; +
- +
-  EXIT +
- +
-==== Re-create Databases ==== +
- +
-  sudo mariadb +
- +
-  CREATE DATABASE wordpress; +
- +
-  EXIT +
- +
-==== Restore Database ==== +
- +
-**** +
- +
-  sudo mariadb 'wordpress' < ~/'wordpress-database-'*'.sql' && sync +
- +
-==== Reapply Permissions ==== +
- +
-  sudo mariadb +
- +
-  GRANT ALL PRIVILEGES ON wordpress.* to 'wordpress'@'localhost' IDENTIFIED BY 'x'; +
- +
-  FLUSH PRIVILEGES; +
- +
-  EXIT +
- +
-==== Start Services ==== +
- +
-****+
  
-  sudo systemctl start nginx php-fpm+===== Database =====
  
-==== Remove Backups ====+  * [[#database|Initial set-up]]
  
-  * Verify that WordPress works before running+  mariadb -u 'root' -p --execute='CREATE DATABASE wordpress;'
  
-  rm ~/'wordpress-files-'*'.tar.gz~/'wordpress-database-'*'.sql' && sync+  mariadb -u 'root' -'wordpress'/home/espionage724/wordpress-database-manual-'*'.sql'
  
/srv/www/wiki/data/attic/servers/bsd/nginx/wordpress.1747439067.txt.gz · Last modified: by Sean Rhone