RoE | Wiki

User Tools

Site Tools

Trace:
servers:bsd:nginx:wordpress

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:bsd:nginx:wordpress [2025/05/16 19:44] Sean Rhoneservers:bsd:nginx:wordpress [2025/10/31 02:11] (current) Sean Rhone
Line 4: Line 4:
   * [[Information:Realm of Espionage]]   * [[Information:Realm of Espionage]]
   * https://blog.realmofespionage.xyz   * https://blog.realmofespionage.xyz
- 
-  * 2025/05/16: WIP 
  
 ===== Prerequisites ===== ===== Prerequisites =====
  
-  * [[bsd:server:freebsd_14.2|FreeBSD 14.2]] +  * [[bsd:server:freebsd_15.0|FreeBSD 15.0]] 
-  * [[servers:bsd:mariadb|MariaDB]] +  * [[servers:bsd:freenginx_php_php-fpm|freenginx + PHP + PHP-FPM]]
-  * [[servers:bsd:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]+
   * [[servers:bsd:nginx:lets_encrypt|Let's Encrypt]]   * [[servers:bsd:nginx:lets_encrypt|Let's Encrypt]]
 +  * [[servers:bsd:mariadb|MariaDB]]
  
 ====== Dependencies ====== ====== Dependencies ======
Line 21: Line 19:
   su -   su -
  
-  pkg install git-lite php84-mysqli php84-intl php84-mbstring php84-xml+  pkg install git-lite php85-mysqli php85-intl php85-mbstring php85-xml
  
 ====== Download Source ====== ====== Download Source ======
 +
 +  * https://github.com/WordPress/WordPress/commits/master/
  
   su -   su -
  
-  git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/WordPress/WordPress.git' '/usr/local/www/blog' && chown -R 'www':'www' '/usr/local/www/blog' && sync+  git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/WordPress/WordPress.git' '/usr/local/www/blog' && chown -R 'www':'www' '/usr/local/www/blog'
  
 ====== Database ====== ====== Database ======
  
-  mariadb -u 'root' -p+  su - 
 + 
 +  mariadb
  
   CREATE DATABASE wordpress;   CREATE DATABASE wordpress;
Line 39: Line 41:
   GRANT ALL PRIVILEGES ON wordpress.* to wordpress@localhost;   GRANT ALL PRIVILEGES ON wordpress.* to wordpress@localhost;
  
-  FLUSH PRIVILEGES; +  FLUSH PRIVILEGES;EXIT;
- +
-  EXIT+
  
 ====== nginx + PHP-FPM Configuration ====== ====== nginx + PHP-FPM Configuration ======
Line 49: Line 49:
   su -   su -
  
-  ee '/usr/local/etc/php-fpm.d/blog.conf' && service 'php_fpm' restart+  ee '/usr/local/etc/php-fpm.d/blog.conf' && service 'php_fpm' reload
  
 <code> <code>
Line 69: Line 69:
 ; General ; General
 php_value[date.timezone] = "America/New_York" php_value[date.timezone] = "America/New_York"
 +
 +; Errors
 +php_value[error_reporting] = "~E_ALL"
 +php_value[display_errors] = "Off"
  
 ; End</code> ; End</code>
Line 76: Line 80:
   su -   su -
  
-  ee '/usr/local/etc/nginx/default.d/blog.conf'+  ee '/usr/local/etc/freenginx/default.d/blog.conf'
  
 <code> <code>
-# PHP-FPM 
 location ~ \.(php|phar)(/.*)?$ { location ~ \.(php|phar)(/.*)?$ {
     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
Line 95: Line 98:
 ===== Server Block ===== ===== Server Block =====
  
-  * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs+  su -
  
-  sudo -e '/etc/nginx/vhosts.d/blog.conf' && sudo systemctl reload 'nginx' && sync+  ee '/usr/local/etc/freenginx/vhosts.d/blog.conf' && service 'nginx' reload
  
 <code> <code>
 server { server {
-    listen '443' 'ssl' 'http2';+    listen 443 ssl
 +    http2 on;
     server_name 'blog.realmofespionage.xyz';     server_name 'blog.realmofespionage.xyz';
-    root '/var/www/blog';+    root '/usr/local/www/blog';
     index 'index.php';     index 'index.php';
  
-    include '/etc/nginx/default.d/blog.conf'; +    include '/usr/local/etc/freenginx/default.d/blog.conf'; 
-    include '/etc/nginx/default.d/headers.conf';+    include '/usr/local/etc/freenginx/default.d/headers.conf';
  
     client_max_body_size '10M';     client_max_body_size '10M';
  
-#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always; +#    access_log  /var/log/nginx/blog-access.log; 
- +#    error_log  /var/log/nginx/blog-error.log;
-#    access_log  /var/log/nginx/media-access.log; +
-#    error_log  /var/log/nginx/media-error.log;+
  
     location / {     location / {
Line 125: Line 127:
           access_log off; log_not_found off; expires max;           access_log off; log_not_found off; expires max;
     }     }
-}</code>+} 
 + 
 +# End</code>
  
 ====== Initial Setup ====== ====== Initial Setup ======
  
   * https://blog.realmofespionage.xyz   * https://blog.realmofespionage.xyz
 +  * Database Host: ''127.0.0.1''
  
 ====== Settings ====== ====== Settings ======
Line 135: Line 140:
   * Date Format: Y/m/d   * Date Format: Y/m/d
  
-====== Services ======+===== wp-config.php =====
  
-===== Updater =====+  * :!: WordPress set-up needs to generate this file first ((put settings in the ''custom values'' section towards the bottom)) 
 +  * Doesn't need ''^M''
  
-==== Service ====+  su -
  
-  sudo -'/etc/systemd/system/blog-up.service'+  su -m 'www' -c "ee '/usr/local/www/blog/wp-config.php'"
  
 <code> <code>
-[Service] +define( 'AUTOMATIC_UPDATER_DISABLED', true );
-User=nginx +
-Group=nginx +
-Type=oneshot +
-ExecStart='/usr/bin/git-C '/var/www/blog' pull origin 'master' +
-ExecStartPost='/usr/bin/sync'</code>+
  
-==== Timer ====+define( 'WP_DEBUG', false ); 
 +define( 'WP_DEBUG_DISPLAY', false );
  
-  Every day at ''04:00:00''+/End */</code>
  
-  sudo -e '/etc/systemd/system/blog-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-up.timer' --now && sudo systemctl start 'blog-up' && sudo systemctl status 'blog-up' -l+====== Scripts ======
  
-<code> +===== Updater =====
-[Unit] +
-Description=WordPress Git Updater +
-After=network-online.target +
-Wants=network-online.target+
  
-[Timer] +  mkdir -p ~/'.local/scripts/www/blog' && ee ~/'.local/scripts/www/blog/updater.sh' && chmod +x ~/'.local/scripts/www/blog/updater.sh'
-OnCalendar=*-*-* 04:00:00 +
-Persistent=true+
  
-[Install] +<code> 
-WantedBy=timers.target</code>+#!/bin/sh
  
-===== Maintenance =====+su -m 'www' -c "git -C '/usr/local/www/blog' reset --hard 'origin/master'" 
 +su -m 'www' -c "git -C '/usr/local/www/blog' pull 'origin' 'master' --rebase"
  
-==== Service ====+# End</code>
  
-  sudo -e '/etc/systemd/system/blog-m.service'+  ~/'.local/scripts/www/blog/updater.sh'
  
-<code> +  su 'root' -c ~/'.local/scripts/www/blog/updater.sh'
-[Service] +
-User=nginx +
-Group=nginx +
-Type=oneshot +
-ExecStart='/usr/bin/git' -C '/var/www/blog' gc --aggressive --prune='all' +
-ExecStart='/usr/bin/git' -C '/var/www/blog' fsck --full --strict +
-ExecStartPost='/usr/bin/sync'</code>+
  
-==== Timer ====+===== Maintenance =====
  
-  * ''01'' day of every month at ''04:20:00'' ((8-))) +  mkdir -p ~/'.local/scripts/www/blog' && ee ~/'.local/scripts/www/blog/maintenance.sh' && chmod +x ~/'.local/scripts/www/blog/maintenance.sh'
- +
-  sudo -e '/etc/systemd/system/blog-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-m.timer--now && sudo systemctl start 'blog-m&& sudo systemctl status 'blog-m' -l+
  
 <code> <code>
-[Unit] +#!/bin/sh
-Description=WordPress Maintenance +
-After=network-online.target +
-Wants=network-online.target+
  
-[Timer] +su -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/blog' gc --aggressive --prune='all'" 
-OnCalendar=*-*-01 04:20:00 +su -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/blog' fsck --full --strict"
-Persistent=true+
  
-[Install] +'/usr/local/bin/mariadb-check' -o -f -e --auto-repair 'wordpress'
-WantedBy=timers.target</code>+
  
-===== Backup =====+# End</code>
  
-==== Files ====+  ~/'.local/scripts/www/blog/maintenance.sh'
  
-=== Service ===+  su 'root' -c ~/'.local/scripts/www/blog/maintenance.sh'
  
-  mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/blog-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/blog-fb.service'+===== Git Fix =====
  
-<code> +  * :!: Set email for ''user.email'' 
-[Service] +  * :!: [[#initial_setup|Initial set-up]] needs re-completed for database connection ((re-use existing details))
-Type=oneshot +
-WorkingDirectory=/var/www +
-ExecStart='/usr/bin/bash-c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "blog"' +
-ExecStartPost='/usr/bin/sync'</code>+
  
-=== Timer ===+  mkdir -p ~/'.local/scripts/www/blog' && ee ~/'.local/scripts/www/blog/git-fix.sh' && chmod +x ~/'.local/scripts/www/blog/git-fix.sh'
  
-  * ''01'' day of every month at ''04:35:00''+<code> 
 +#!/bin/sh
  
-  sudo -'/etc/systemd/system/blog-fb.timer&& sudo systemctl daemon-reload && sudo systemctl enable 'blog-fb.timer' --now && sudo systemctl start 'blog-fb&& sudo systemctl status 'blog-fb' -l+su -m 'www' -c "rm -Rf '/usr/local/www/blog/.git'
 +su -'www' -c "git -'/usr/local/www/blog' init --initial-branch='master'
 +su -m 'www' -c "git -C '/usr/local/www/blog' add '.'"
  
-<code> +################################################## 
-[Unit] +su -m 'www' -c "git -C '/usr/local/www/blog' config 'user.email' 'espionage724@x'" 
-Description=WordPress Files Backup+##################################################
  
-[Timer] +su -m 'www' -c "git -C '/usr/local/www/blog' commit --message='x'"
-OnCalendar=*-*-01 04:35:00 +
-Persistent=true+
  
-[Install] +su -m 'www' -c "git -C '/usr/local/www/blog' remote add 'origin' 'https://github.com/WordPress/WordPress.git'" 
-WantedBy=timers.target</code>+su -m 'www' -c "git -C '/usr/local/www/blog' pull --depth '1' --recurse-submodules 'origin' 'master' --rebase"
  
-==== Database ====+su -m 'www' -c "git -C '/usr/local/www/blog' reset --hard 'origin/master'" 
 +su -m 'www' -c "git -C '/usr/local/www/blog' gc --aggressive --prune='all'" 
 +su -m 'www' -c "git -C '/usr/local/www/blog' fsck --full --strict"
  
-=== Database Auth ===+# End</code>
  
-  sudo mkdir -p '/var/lib/mysql/auth' && sudo -e '/var/lib/mysql/auth/wordpress' && sudo chown -R 'mysql':'mysql' '/var/lib/mysql/auth/wordpress' && sudo chmod '600' '/var/lib/mysql/auth/wordpress&& sync+  ~/'.local/scripts/www/blog/git-fix.sh'
  
-<code> +  su 'root' -c ~/'.local/scripts/www/blog/git-fix.sh'
-[mariadb-dump] +
-user=wordpress +
-password=x</code>+
  
-=== Service ===+====== cron ======
  
-  mkdir -p ~/'backups' && sudo mkdir -p '/var/lib/mysql/tmp' && sudo -e '/etc/systemd/system/blog-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/blog-db.service'+===== Updater =====
  
-<code> +  * 02:00AM Every day
-[Service] +
-Type=oneshot +
-WorkingDirectory=/var/lib/mysql/tmp +
-ExecStartPre='/usr/bin/mariadb-dump' --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r '/var/lib/mysql/tmp/wordpress.sql' +
-ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/wordpress.sql' +
-ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/wordpress.sql.gz" "/home/CHANGEME/backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' +
-ExecStartPost='/usr/bin/sync'</code>+
  
-=== Timer ===+  su -
  
-  * Every day at ''04:45:00'' +  ee '/etc/cron.d/blog-updater'
- +
-  sudo -e '/etc/systemd/system/blog-db.timer&& sudo systemctl daemon-reload && sudo systemctl enable 'blog-db.timer' --now && sudo systemctl start 'blog-db' && sudo systemctl status 'blog-db' -l+
  
 <code> <code>
-[Unit] +# 
-Description=WordPress Database Backup +SHELL=/bin/sh
-After=mariadb.service+
  
-[Timer] +0 2 * * * root '/home/espionage724/.local/scripts/www/blog/updater.sh'
-OnCalendar=*-*-04:45:00 +
-Persistent=true+
  
-[Install] +# End</code>
-WantedBy=timers.target</code>+
  
 ====== Backup ====== ====== Backup ======
  
-  * Create backup archive on server and transfer to client computer+===== Folder =====
  
-===== Server =====+  su -
  
-==== Stop Services ====+  tar -czf '/home/espionage724/wordpress-files-manual-'$(date +%Y-%m-%d)'.tar.gz' -C '/usr/local/www' 'blog'
  
-**** +===== Database =====
- +
-  sudo systemctl stop nginx php-fpm +
- +
-==== Backup Folder ====+
  
 **** ****
  
-  cd '/var/www&& sudo tar -cvzf ~/'wordpress-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'blog&& cd ~ && sync+  mariadb-dump -u root -p --single-transaction --quick 'wordpress' -'/home/espionage724/wordpress-database-manual-'$(date +%Y-%m-%d)'.sql'
  
-==== Backup Database ====+===== scp =====
  
 **** ****
  
-  sudo mariadb-dump --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r ~/'wordpress-database-manual-'$(date +%Y-%m-%d)'.sql' && sync +  scp espionage724@192.168.1.152:~/'wordpress-files-'*'.tar.gz' espionage724@192.168.1.152:~/'wordpress-database-'*'.sql' ~/'Downloads'
- +
-==== Start Services ==== +
- +
-**** +
- +
-  sudo systemctl start nginx php-fpm +
- +
-===== Client ===== +
- +
-==== Transfer Files To Client ==== +
- +
-**** +
- +
-  scp espionage724@192.168.1.152:~/'wordpress-files-'*'.tar.gz' espionage724@192.168.1.152:~/'wordpress-database-'*'.sql' ~/'Downloads' && sync+
  
 ====== Restore ====== ====== Restore ======
  
-===== Client ===== +===== scp =====
- +
-==== Uncompress Database ==== +
- +
-  * This is only needed if restoring an **automated** database backup ((manual doesn't gzip)) +
- +
-  gunzip ~/'Downloads/wordpress-database-'*'.sql.gz' +
- +
-==== Transfer Files To Server ====+
  
 **** ****
  
-  scp ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql' espionage724@192.168.1.152:~+  scp ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress'*'.sql' espionage724@192.168.1.152:~
  
-==== Remove Files ====+===== Folder =====
  
-****+  su -
  
-  rm -f ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql&& sync+  rm -Rf '/usr/local/www/blog'
  
-===== Server =====+  tar -xzf '/home/espionage724/wordpress-files-'*'.tar.gz' -C '/usr/local/www' 'blog' && chown -R 'www':'www' '/usr/local/www/blog' && sync
  
-==== Stop Services ====+===== Database =====
  
-****+  [[#database|Initial set-up]]
  
-  sudo systemctl stop nginx php-fpm+  mariadb -u 'root' -p --execute='CREATE DATABASE wordpress;'
  
-==== Remove Previous Folder ====+  cat ~/'wordpress'*'.sql' | mariadb -u 'root' -p 'wordpress'
  
-****+===== Settings =====
  
-  sudo rm -Rf '/var/www/blog' +  su -
- +
-==== Restore WordPress Folder ==== +
- +
-**** +
- +
-  cd '/var/www' && sudo tar -xvzf ~/'wordpress-files-'*'.tar.gz' 'blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/blog(/.*)?' && sudo restorecon -F -I -R '/var/www/blog' && cd ~ && sync +
- +
-==== Drop Previous Database ==== +
- +
-  sudo mariadb +
- +
-  DROP DATABASE wordpress; +
- +
-  FLUSH TABLES; +
- +
-  EXIT +
- +
-==== Re-create Databases ==== +
- +
-  sudo mariadb +
- +
-  CREATE DATABASE wordpress; +
- +
-  EXIT +
- +
-==== Restore Database ==== +
- +
-**** +
- +
-  sudo mariadb 'wordpress' < ~/'wordpress-database-'*'.sql' && sync +
- +
-==== Reapply Permissions ==== +
- +
-  sudo mariadb +
- +
-  GRANT ALL PRIVILEGES ON wordpress.* to 'wordpress'@'localhost' IDENTIFIED BY 'x'; +
- +
-  FLUSH PRIVILEGES; +
- +
-  EXIT +
- +
-==== Start Services ==== +
- +
-**** +
- +
-  sudo systemctl start nginx php-fpm+
  
-==== Remove Backups ====+  su -m 'www' -c "ee '/usr/local/www/blog/wp-config.php'"
  
-  * Verify that WordPress works before running+  define( 'DB_HOST', 'localhost' );^M
  
-  rm ~/'wordpress-files-'*'.tar.gz' ~/'wordpress-database-'*'.sql&& sync+  define( 'DB_HOST''127.0.0.1);^M
  
/usr/local/www/wiki/data/attic/servers/bsd/nginx/wordpress.1747439067.txt.gz · Last modified: by Sean Rhone
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki