RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:dokuwiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
servers:nginx:dokuwiki [2019/06/28 21:29] Sean Rhoneservers:nginx:dokuwiki [2024/02/07 16:34] – [Server Block] Sean Rhone
Line 8: Line 8:
  
   * [[distros:fedora_server|Fedora Server]]   * [[distros:fedora_server|Fedora Server]]
-  * [[servers:nginx_php_php-fpm | nginx + PHP + PHP-FPM]] +  * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]] 
-  * [[servers:nginx:lets_encrypt | Let's Encrypt]]+  * [[servers:nginx:lets_encrypt|Let's Encrypt]]
  
-====== Download Source ======+====== Dependencies ======
  
-****+  PHP Modules: gd sodium zip zlib xml
  
-  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/splitbrain/dokuwiki.git' '/var/www/wiki' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && sync+  sudo dnf install php-gd php-sodium php-pecl-zip php-xml
  
-===== SELinux =====+====== Download Source ======
  
-  sudo semanage fcontext --deleteall "/var/www/wiki(/.*)?"+****
  
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/wiki(/.*)?+  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/splitbrain/dokuwiki.git' '/var/www/wiki' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/wiki(/.*)?' && sudo restorecon -F -I -R '/var/www/wiki' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && sync
- +
-  sudo restorecon -R -'/var/www/wiki'+
  
 ====== nginx + PHP-FPM Configuration ====== ====== nginx + PHP-FPM Configuration ======
Line 33: Line 31:
 <code> <code>
 [wiki] [wiki]
 +
 +; User/Group
 user = nginx user = nginx
 group = nginx group = nginx
  
 +; Socket
 listen = /run/php-fpm/wiki.sock listen = /run/php-fpm/wiki.sock
-listen.owner = nginx +listen.acl_users = nginx
-listen.group = nginx+
 listen.allowed_clients = 127.0.0.1 listen.allowed_clients = 127.0.0.1
  
-pm = dynamic +; Process Management 
-pm.max_children = 8 +pm = ondemand 
-pm.start_servers +pm.max_children = 4 
-pm.min_spare_servers = 2 +pm.process_idle_timeout 30
-pm.max_spare_servers = 4+
  
-php_value[date.timezone] = "America/New_York+; Fedora php.ini Defaults 
-php_value[upload_tmp_dir] = "/tmp"+php_value[session.save_handler] = "files
 +php_value[session.save_path] = "/var/lib/php/session"
  
-php_value[max_execution_time] = "200" +; General 
-php_value[memory_limit] = "512M" +php_value[date.timezone] = "America/New_York" 
-php_value[post_max_size] = "10M" +;php_value[max_execution_time] = "200" 
-php_value[upload_max_filesize] = "10M" +;php_value[memory_limit] = "512M" 
-php_value[max_file_uploads] = "100"+;php_value[post_max_size] = "10M" 
 +;php_value[upload_max_filesize] = "10M" 
 +;php_value[max_file_uploads] = "100"
  
-php_value[session.save_handler] = files +; End</code>
-php_value[session.save_path] = /var/lib/php/session +
-php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache +
-php_value[opcache.file_cache] = /var/lib/php/opcache</code>+
  
 ===== FastCGI ===== ===== FastCGI =====
Line 69: Line 68:
 location ~ \.(php|phar)(/.*)?$ { location ~ \.(php|phar)(/.*)?$ {
     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
- 
     fastcgi_intercept_errors on;     fastcgi_intercept_errors on;
     fastcgi_index doku.php;     fastcgi_index doku.php;
     include fastcgi_params;     include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     fastcgi_param PATH_INFO $fastcgi_path_info;     fastcgi_param PATH_INFO $fastcgi_path_info;
 +    fastcgi_param HTTPS on;
     fastcgi_pass unix:/run/php-fpm/wiki.sock;     fastcgi_pass unix:/run/php-fpm/wiki.sock;
 }</code> }</code>
Line 80: Line 79:
 ===== Server Block ====== ===== Server Block ======
  
-  sudo -e '/etc/nginx/conf.d/wiki.conf'+  * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs 
 + 
 +  sudo -e '/etc/nginx/vhosts.d/wiki.conf' && sudo systemctl reload 'nginx' && sync
  
 <code> <code>
Line 94: Line 95:
     client_max_body_size '10M';     client_max_body_size '10M';
  
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:" always;+#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:" always
 +#    add_header Content-Security-Policy "default-src 'self';
  
 #    access_log  /var/log/nginx/wiki-access.log; #    access_log  /var/log/nginx/wiki-access.log;
Line 122: Line 124:
  
 ====== Initial Setup ====== ====== Initial Setup ======
 +
 +  * :!: TODO: https://www.dokuwiki.org/rewrite
  
   * https://wiki.realmofespionage.xyz/install.php   * https://wiki.realmofespionage.xyz/install.php
  
 ====== Settings ====== ====== Settings ======
 +
 +===== Plugins =====
 +
 +  * https://www.dokuwiki.org/plugin:searchindex
  
 ===== Template Style Settings ===== ===== Template Style Settings =====
Line 138: Line 146:
   * Do after initial setup   * Do after initial setup
  
-  sudo -e '/etc/nginx/conf.d/wiki.conf' && sudo systemctl reload 'nginx'+  sudo -e '/etc/nginx/vhosts.d/wiki.conf' && sudo systemctl reload 'nginx'
  
 ===== URL Rewrite ===== ===== URL Rewrite =====
  
-  * Admin -> Configuration Settings +  * Admin -> Configuration Settings -> DokuWiki -> Advanced -> userewrite 
-  * Set **Use nice URLs** to **.htaccess**+ 
 +  .htaccess
  
 ===== Double-hyphen Convert Disable ===== ===== Double-hyphen Convert Disable =====
Line 149: Line 158:
   * This prevents -- from becoming a – (long hyphen), which breaks some command's syntax   * This prevents -- from becoming a – (long hyphen), which breaks some command's syntax
  
-  echo '--      --' | sudo tee '/var/www/wiki/conf/entities.local.conf' > '/dev/null' && sudo chown 'nginx':'nginx' '/var/www/wiki/conf/entities.local.conf'+  echo '--      --' | sudo tee '/var/www/wiki/conf/entities.local.conf' > '/dev/null' && sudo chown 'nginx':'nginx' '/var/www/wiki/conf/entities.local.conf' && sync
  
 ====== Services ====== ====== Services ======
Line 165: Line 174:
 Type=oneshot Type=oneshot
 ExecStart='/usr/bin/git' -C '/var/www/wiki' pull origin 'master' ExecStart='/usr/bin/git' -C '/var/www/wiki' pull origin 'master'
-ExecStartPost='/usr/bin/sync'</code>+ExecStartPost='/usr/bin/touch' '/var/www/wiki/conf/local.php' 
 +ExecStartPost='/usr/bin/sync' 
 + 
 +# End</code>
  
 ==== Timer ==== ==== Timer ====
  
-  * Every day at ''01:00:00''+  * Every day at ''00:30:00''
  
   sudo -e '/etc/systemd/system/wiki-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-up.timer' --now && sudo systemctl start 'wiki-up' && sudo systemctl status 'wiki-up' -l   sudo -e '/etc/systemd/system/wiki-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-up.timer' --now && sudo systemctl start 'wiki-up' && sudo systemctl status 'wiki-up' -l
Line 180: Line 192:
  
 [Timer] [Timer]
-OnCalendar=*-*-* 01:00:00+OnCalendar=*-*-* 00:30:00
 Persistent=true Persistent=true
  
 [Install] [Install]
-WantedBy=timers.target</code>+WantedBy=timers.target 
 + 
 +# End</code>
  
 ===== Maintenance ===== ===== Maintenance =====
Line 191: Line 205:
  
 ==== Service ==== ==== Service ====
 +
 +  * :!: The commented ''ExecStart'' would remove page edits older than 90 days
  
   sudo -e '/etc/systemd/system/wiki-m.service'   sudo -e '/etc/systemd/system/wiki-m.service'
Line 202: Line 218:
 ExecStart='/usr/bin/git' -C '/var/www/wiki' gc --aggressive --prune='all' ExecStart='/usr/bin/git' -C '/var/www/wiki' gc --aggressive --prune='all'
 ExecStart='/usr/bin/git' -C '/var/www/wiki' fsck --full --strict ExecStart='/usr/bin/git' -C '/var/www/wiki' fsck --full --strict
-ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,locks,media_attic}/ -type 'f' -mtime +'90' -delete"+#ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,locks,media_attic}/ -type 'f' -mtime +'90' -delete"
 ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,index,locks,media,media_attic,media_meta,meta,pages,tmp}/ -mindepth '1' -type 'd' -empty -delete" ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,index,locks,media,media_attic,media_meta,meta,pages,tmp}/ -mindepth '1' -type 'd' -empty -delete"
 ExecStart='/usr/bin/php' '/var/www/wiki/bin/indexer.php' --clear ExecStart='/usr/bin/php' '/var/www/wiki/bin/indexer.php' --clear
-ExecStartPost='/usr/bin/sync'</code>+ExecStartPost='/usr/bin/sync' 
 + 
 +# End</code>
  
 ==== Timer ==== ==== Timer ====
  
-  * ''01'' day of every month at ''01:20:00''+  * ''01'' day of every month at ''01:00:00''
  
   sudo -e '/etc/systemd/system/wiki-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-m.timer' --now   sudo -e '/etc/systemd/system/wiki-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-m.timer' --now
Line 218: Line 236:
  
 [Timer] [Timer]
-OnCalendar=*-*-01 01:20:00+OnCalendar=*-*-01 01:00:00
 Persistent=true Persistent=true
  
 [Install] [Install]
-WantedBy=timers.target</code>+WantedBy=timers.target 
 + 
 +# End</code>
  
 ===== Backup ===== ===== Backup =====
  
-  * This backs up an archive to the local disk and [[distros:ubuntu_server#nas_backups | to a NAS]]+  * This backs up an archive to the local disk and to a NAS
  
 ==== Service ==== ==== Service ====
 +
 +  * :!: The extra ''ExecStart''s are additional backup locations that expect [[servers:vsftpd|vsftpd]]
  
   mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/wiki-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/wiki-fb.service'   mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/wiki-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/wiki-fb.service'
Line 236: Line 258:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www/wiki WorkingDirectory=/var/www/wiki
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -cvzf "/home/CHANGEME/backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"' +ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"' 
-ExecStartPost='/usr/bin/sync'</code>+#ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/srv/ftp/nas1/espionage724/Servers/Scheduled Backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"' 
 +#ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/srv/ftp/nas2/Servers/Scheduled Backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"' 
 +ExecStartPost='/usr/bin/sync' 
 + 
 +# End</code>
  
 ==== Timer ==== ==== Timer ====
  
-  * Every day at ''01:50:00''+  * Every day at ''01:30:00''
  
   sudo -e '/etc/systemd/system/wiki-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-fb.timer' --now && sudo systemctl start 'wiki-fb' && sudo systemctl status 'wiki-fb' -l   sudo -e '/etc/systemd/system/wiki-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-fb.timer' --now && sudo systemctl start 'wiki-fb' && sudo systemctl status 'wiki-fb' -l
Line 250: Line 276:
  
 [Timer] [Timer]
-OnCalendar=*-*-* 01:50:00+OnCalendar=*-*-* 01:30:00
 Persistent=true Persistent=true
  
 [Install] [Install]
-WantedBy=timers.target</code>+WantedBy=timers.target 
 + 
 +# End</code>
  
 ====== Backup ====== ====== Backup ======
Line 274: Line 302:
 **** ****
  
-  scp espionage724@192.168.1.153:~/'dokuwiki-files-'*'.tar.gz' ~/'Downloads' && sync+  scp espionage724@192.168.1.152:~/'dokuwiki-files-'*'.tar.gz' ~/'Downloads' && sync
  
 ====== Restore ====== ====== Restore ======
Line 284: Line 312:
 **** ****
  
-  scp ~/'Downloads/dokuwiki-files-'*'.tar.gz' espionage724@192.168.1.153:~+  scp ~/'Downloads/dokuwiki-files-'*'.tar.gz' espionage724@192.168.1.152:~
  
 ==== Remove Archive ==== ==== Remove Archive ====
Line 310: Line 338:
 **** ****
  
-  cd '/var/www/wiki' && sudo tar -xvzf ~/'dokuwiki-files-'*'.tar.gz' 'data/pages' 'data/meta' 'data/media' 'data/media_meta' 'data/attic' 'data/media_attic' 'conf' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && cd ~ && sync +  cd '/var/www/wiki' && sudo tar -xvzf ~/'dokuwiki-files-'*'.tar.gz' 'data/pages' 'data/meta' 'data/media' 'data/media_meta' 'data/attic' 'data/media_attic' 'conf' && sudo restorecon -F -I -R '/var/www/wiki' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && cd ~ && sync
- +
-==== SELinux ==== +
- +
-  sudo semanage fcontext --deleteall "/var/www/wiki(/.*)?" +
- +
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/wiki(/.*)?" +
- +
-  sudo restorecon -R -v '/var/www/wiki'+
  
 ==== Start nginx ==== ==== Start nginx ====
Line 331: Line 351:
  
   rm -R ~/'dokuwiki-files-'*'.tar.gz' && sync   rm -R ~/'dokuwiki-files-'*'.tar.gz' && sync
 +
/var/www/wiki/data/pages/servers/nginx/dokuwiki.txt · Last modified: 2024/02/07 16:37 by Sean Rhone