Differences

This shows you the differences between two versions of the page.

--- servers:linux:nginx:wordpress [2026/01/01 04:12] – Ubuntu -> oS TW Sean Rhone
+++ servers:linux:nginx:wordpress [2026/05/01 05:23] (current) – [PHP-FPM Socket] Sean Rhone
@@ Line 17: / Line 17: @@
   * https://make.wordpress.org/hosting/handbook/server-environment/#php-extensions
-  sudo zypper install php8-curl php8-exif php8-fileinfo php-gd php8-intl php8-mbstring php8-mysql php8-openssl php8-sodium php8-dom php8-xmlreader php8-zip php8-bcmath php8-iconv php8-zlib
+  sudo zypper install php8-curl php8-exif php8-fileinfo php8-gd php8-intl php8-mbstring php8-mysql php8-openssl php8-sodium php8-dom php8-xmlreader php8-zip php8-bcmath php8-iconv php8-zlib
 ====== Download Source ======
@@ Line 45: / Line 45: @@
 <code>
 [blog]
-; User/Group
 user = "wwwrun"
 group = "www"
-; Socket
 listen = "/run/php-fpm/blog.sock"
 listen.owner = "wwwrun"
@@ Line 56: / Line 53: @@
 listen.mode = "0662"
-; Process Management
 pm = "ondemand"
 pm.max_children = "4"
 pm.process_idle_timeout = "30"
-; Logging
 php_value[log_errors] = "0"
 php_value[error_reporting] = "~E_ALL"
+php_value[display_errors] = "0"
+php_value[display_startup_errors] = "0"
+php_value[html_errors] = "0"
-; openSUSE php.ini Defaults
 php_value[session.save_path] = "/var/lib/php8/sessions"
-; General
 php_value[date.timezone] = "America/New_York"
@@ Line 78: / Line 73: @@
 <code>
-location '~' '\.(php|phar)(/.*)?$' {
+ location '~' '\.(php|phar)(/.*)?$' {
+  fastcgi_split_path_info '^(.+\.(?:php|phar))(/.*)$';
+  fastcgi_intercept_errors 'on';
+  fastcgi_index 'index.php';
+  include 'fastcgi_params';
+  fastcgi_param 'SCRIPT_FILENAME' '$document_root$fastcgi_script_name';
+  fastcgi_param 'PATH_INFO' '$fastcgi_path_info';
+  fastcgi_param 'HTTPS' 'on';
+  fastcgi_pass 'unix:/run/php-fpm/blog.sock';
+ }
- fastcgi_split_path_info '^(.+\.(?:php|phar))(/.*)$';
+# End</code>
- fastcgi_intercept_errors 'on';
- fastcgi_index 'index.php';
- include 'fastcgi_params';
- fastcgi_param 'SCRIPT_FILENAME' '$document_root$fastcgi_script_name';
- fastcgi_param 'PATH_INFO' '$fastcgi_path_info';
- fastcgi_param 'HTTPS' 'on';
- fastcgi_pass 'unix:/run/php-fpm/blog.sock';
+===== Themes Deny =====
-}
+  * https://github.com/WordPress/WordPress/tree/master/wp-content/themes
+  * Deny all except ''twentytwentyfive''
+  sudo -e '/etc/nginx/default.d/wp-themes-deny.conf'
+<code>
+ location '~' '/wp-content/themes/(twentyeleven|twentyfifteen|twentyfourteen|twentynineteen|twentyseventeen|twentysixteen|twentyten|twentythirteen|twentytwelve|twentytwentyfour|twentytwentyone|twentytwentythree|twentytwentytwo|twentytwenty)/' {
+  deny 'all';
+ }
 # End</code>
@@ Line 100: / Line 106: @@
 <code>
 server {
  listen '443' 'ssl';
  http2 'on';
@@ Line 109: / Line 114: @@
  include '/etc/nginx/default.d/blog.conf';
  include '/etc/nginx/default.d/headers.conf';
+ include '/etc/nginx/default.d/wp-themes-deny.conf';
  client_max_body_size '10M';
@@ Line 120: / Line 126: @@
  rewrite '/wp-admin$' '$scheme://$host$uri/' 'permanent';
 }
@@ Line 136: / Line 141: @@
   * https://github.com/WordPress/WordPress/blob/master/wp-config-sample.php
+  * https://github.com/WordPress/WordPress/blob/master/wp-includes/script-loader.php
   * https://developer.wordpress.org/advanced-administration/wordpress/wp-config/
@@ Line 155: / Line 161: @@
 define( 'WP_DEBUG', false );
 define( 'WP_DEBUG_DISPLAY', false );
+define( 'SCRIPT_DEBUG', true );
 if ( ! defined( 'ABSPATH' ) ) {
@@ Line 163: / Line 171: @@
 // End</code>
-====== Scripts ======
-===== Git Fix =====
-  * :!: Set email for ''user.email''
-  sudo mkdir -p '/etc/nginx/scripts/blog' && sudo -e '/etc/nginx/scripts/blog/git-fix.sh' && sudo chmod '0500' '/etc/nginx/scripts/blog/git-fix.sh' && sudo chown 'wwwrun':'www' '/etc/nginx/scripts/blog/git-fix.sh'
-<code>
-#!/bin/bash
-cd '/tmp'
-'/usr/bin/rm' -Rf '/tmp/blog'
-'/usr/bin/mkdir' -p '/tmp/blog'
-'/usr/bin/cp' -Rf '/srv/www/blog/wp-content/uploads' '/srv/www/blog/wp-config.php' '/tmp/blog'
-'/usr/bin/rm' -Rf '/srv/www/blog/.git'
-'/usr/bin/git' -C '/srv/www/blog' init --initial-branch='master'
-'/usr/bin/git' -C '/srv/www/blog' add '.'
-########################################
-'/usr/bin/git' -C '/srv/www/blog' config 'user.email' 'espionage724@x'
-########################################
-'/usr/bin/git' -C '/srv/www/blog' commit --message='x'
-'/usr/bin/git' -C '/srv/www/blog' remote add 'origin' 'https://github.com/WordPress/WordPress.git'
-'/usr/bin/git' -C '/srv/www/blog' pull --depth '1' --recurse-submodules 'origin' 'master' --rebase
-'/usr/bin/git' -C '/srv/www/blog' reset --hard 'origin/master'
-'/usr/bin/git' -C '/srv/www/blog' gc --aggressive --prune='all'
-'/usr/bin/git' -C '/srv/www/blog' fsck --full --strict
-'/usr/bin/cp' -Rf '/tmp/blog/uploads' '/srv/www/blog/wp-content'
-'/usr/bin/cp' -f '/tmp/blog/wp-config.php' '/srv/www/blog/wp-config.php'
-'/usr/bin/rm' -Rf '/tmp/blog'
-# End</code>
-==== Execute ====
-  sudo su 'wwwrun' -s '/bin/bash'
-  '/etc/nginx/scripts/blog/git-fix.sh'
-  exit
 ====== Services ======
@@ Line 226: / Line 186: @@
 Type=oneshot
-WorkingDirectory=/srv/www/blog
+WorkingDirectory=/tmp
 ExecStart='/usr/bin/git' -C '/srv/www/blog' reset --hard 'origin/master'
 ExecStart='/usr/bin/git' -C '/srv/www/blog' pull origin 'master' --rebase
-ExecStartPost='/usr/bin/sync'
 # End</code>
@@ Line 261: / Line 219: @@
 === Service ===
+  * [[linux:notes:ext4|ext4 NAS]]
   mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/blog-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/blog-fb.service'
@@ Line 268: / Line 228: @@
 Type=oneshot
-WorkingDirectory=/srv/www/blog
+WorkingDirectory=/tmp
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" -C "/srv/www" "blog"'
+ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/mnt/NAS1/Servers/Scheduled Backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" -C "/srv/www" "blog"'
-ExecStartPost='/usr/bin/sync'
+#ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" -C "/srv/www" "blog"'
 # End</code>
@@ Line 311: / Line 271: @@
 === Service ===
+  * [[linux:notes:ext4|ext4 NAS]]
   mkdir -p ~/'backups' && sudo mkdir -p '/srv/lib/mysql/tmp' && sudo -e '/etc/systemd/system/blog-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/blog-db.service'
@@ Line 319: / Line 281: @@
 Type=oneshot
-WorkingDirectory=/srv/lib/mysql
+WorkingDirectory=/tmp
-ExecStart='/usr/bin/bash' -c '"/usr/bin/mariadb-dump" --defaults-extra-file="/srv/lib/mysql/auth/wordpress" --single-transaction --quick "wordpress" -r "/home/CHANGEME/backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql"'
+ExecStart='/usr/bin/bash' -c '"/usr/bin/mariadb-dump" --defaults-extra-file="/srv/lib/mysql/auth/wordpress" --single-transaction --quick "wordpress" -r "/mnt/NAS1/Servers/Scheduled Backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql"'
-ExecStartPost='/usr/bin/sync'
+#ExecStart='/usr/bin/bash' -c '"/usr/bin/mariadb-dump" --defaults-extra-file="/srv/lib/mysql/auth/wordpress" --single-transaction --quick "wordpress" -r "/home/CHANGEME/backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql"'
 # End</code>
@@ Line 359: / Line 321: @@
 Type=oneshot
-WorkingDirectory=/srv/www/blog
+WorkingDirectory=/tmp
 ExecStart='/usr/bin/git' -C '/srv/www/blog' gc --aggressive --prune='all'
 ExecStart='/usr/bin/git' -C '/srv/www/blog' fsck --full --strict
-ExecStartPost='/usr/bin/sync'
 # End</code>
@@ Line 461: / Line 421: @@
   sudo su 'wwwrun' -s '/bin/bash'
-  rm -Rf '/srv/www/blog/.git'
+  cd '/tmp' && rm -Rf '/srv/www/blog/.git'
   git -C '/srv/www/blog' init --initial-branch='master'
@@ Line 490: / Line 450: @@
 ===== MySQL Connection =====
-  * Windows uses ''127.0.0.1''
   sudo -e '/srv/www/blog/wp-config.php' && sudo chown -v 'wwwrun':'www' '/srv/www/blog/wp-config.php'