RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:friendica

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
servers:nginx:friendica [2019/10/24 13:57] – Switch back to Ubuntu Server (completely) Sean Rhoneservers:nginx:friendica [2023/09/12 20:02] – [PHP Dependencies] Sean Rhone
Line 7: Line 7:
 ===== Prerequisites ===== ===== Prerequisites =====
  
-  * [[distros:ubuntu_server|Ubuntu Server]]+  * [[distros:fedora_server|Fedora Server]]
   * [[servers:mariadb|MariaDB]]   * [[servers:mariadb|MariaDB]]
   * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]   * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]
   * [[servers:nginx:lets_encrypt|Let's Encrypt]]   * [[servers:nginx:lets_encrypt|Let's Encrypt]]
 +
 +====== Dependencies ======
 +
 +  * https://friendi.ca/resources/requirements/
 +
 +  sudo dnf install php-gd php-pdo php-mbstring php-mysqlnd php-xml php-pecl-zip php-process php-gmp php-pecl-xdebug3
  
 ====== Download Source ====== ====== Download Source ======
  
-  :!: ''develop'' branch was broken on 2019/06/28+****
  
-  sudo rm -Rf '/var/www/social' && sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica.git' '/var/www/social' && sudo rm -Rf '/var/www/social/addon' && sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica-addons.git' '/var/www/social/addon' && sudo chown -R 'www-data':'www-data' '/var/www/social' && sync+  sudo git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica.git' '/var/www/social' && sudo git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica-addons.git' '/var/www/social/addon' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/social(/.*)?' && sudo restorecon -F -I -R '/var/www/social' && sudo chown -R 'nginx':'nginx' '/var/www/social' && sync
  
 ====== PHP Dependencies ====== ====== PHP Dependencies ======
  
-****+  [[https://github.com/friendica/friendica/blob/develop/doc/Install.md|Install.md]] when mentioning the ''develop'' branch doesn't include ''--no-dev'', so presumably those packages are needed? 
 + 
 +  sudo su 'nginx' -s '/bin/bash'
  
-  cd '/var/www/social' && sudo -u 'www-data' COMPOSER_CACHE_DIR='/dev/null' '/var/www/social/bin/composer.phar' install --no-dev && sync+  cd '/var/www/social' && COMPOSER_CACHE_DIR='/dev/null' php '/var/www/social/bin/composer.phar' install && sync
  
 ====== Database ====== ====== Database ======
  
-  sudo mysql+  sudo mariadb
  
   CREATE DATABASE friendica;   CREATE DATABASE friendica;
Line 40: Line 48:
 ===== PHP-FPM Socket ===== ===== PHP-FPM Socket =====
  
-  sudo -e '/etc/php/7.2/fpm/pool.d/social.conf' && sudo systemctl restart 'php7.2-fpm'+  sudo -e '/etc/php-fpm.d/social.conf' && sudo systemctl restart 'php-fpm'
  
 <code> <code>
 [social] [social]
-user = www-data 
-group = www-data 
  
-listen = /run/php/social.sock +; User/Group 
-listen.owner www-data +user = nginx 
-listen.group = www-data+group = nginx 
 + 
 +; Socket 
 +listen = /run/php-fpm/social.sock 
 +listen.acl_users nginx
 listen.allowed_clients = 127.0.0.1 listen.allowed_clients = 127.0.0.1
  
-pm = dynamic +; Process Management 
-pm.max_children = 8 +pm = ondemand 
-pm.start_servers +pm.max_children = 4 
-pm.min_spare_servers = 2 +pm.process_idle_timeout 30
-pm.max_spare_servers = 4+
  
-php_value[date.timezone] = "America/New_York+; Fedora php.ini Defaults 
-php_value[upload_tmp_dir] = "/tmp"+php_value[session.save_handler] = "files
 +php_value[session.save_path] = "/var/lib/php/session"
  
 +; General
 +php_value[date.timezone] = "America/New_York"
 php_value[max_execution_time] = "200" php_value[max_execution_time] = "200"
 php_value[memory_limit] = "512M" php_value[memory_limit] = "512M"
Line 66: Line 78:
 php_value[upload_max_filesize] = "10M" php_value[upload_max_filesize] = "10M"
 php_value[max_file_uploads] = "100" php_value[max_file_uploads] = "100"
 +php_value[register_argc_argv] = "On"
 +php_value[upload_tmp_dir] = "/tmp"
  
-php_value[session.save_handler] = "files" +; End</code>
-php_value[session.save_path] = "/var/lib/php/session" +
-php_value[soap.wsdl_cache_dir] = "/var/lib/php/wsdlcache" +
-php_value[opcache.file_cache] = "/var/lib/php/opcache"</code>+
  
 ===== FastCGI ===== ===== FastCGI =====
  
-  sudo -e '/etc/nginx/snippets/social.conf'+  sudo -e '/etc/nginx/default.d/social.conf'
  
 <code> <code>
Line 80: Line 91:
 location ~ \.(php|phar)(/.*)?$ { location ~ \.(php|phar)(/.*)?$ {
     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
- 
     fastcgi_intercept_errors on;     fastcgi_intercept_errors on;
     fastcgi_index index.php;     fastcgi_index index.php;
Line 86: Line 96:
     fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;     fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
     fastcgi_param PATH_INFO $fastcgi_path_info;     fastcgi_param PATH_INFO $fastcgi_path_info;
-    fastcgi_pass unix:/run/php/social.sock;+    fastcgi_pass unix:/run/php-fpm/social.sock
 +}</code> 
 + 
 +==== Test ==== 
 + 
 +<code> 
 +# PHP-FPM 
 +location ~* \.php$ { 
 +#    fastcgi_intercept_errors on; 
 +#    fastcgi_param PATH_INFO $fastcgi_path_info; 
 +    fastcgi_pass unix:/run/php-fpm/social.sock; 
 +    fastcgi_buffers 8 16k; 
 +    fastcgi_buffer_size 32k; 
 +    fastcgi_connect_timeout 60; 
 +    fastcgi_send_timeout 300; 
 +    fastcgi_read_timeout 300; 
 +    fastcgi_split_path_info ^(.+?\.php)(/.*)$; 
 +    try_files $uri =404; 
 +    fastcgi_index index.php; 
 +    include fastcgi_params; 
 +    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 }</code> }</code>
  
 ===== Server Block ===== ===== Server Block =====
  
-  sudo -e '/etc/nginx/sites-available/social.conf'+  * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs 
 + 
 +  sudo -e '/etc/nginx/vhosts.d/social.conf' && sudo systemctl reload 'nginx' && sync
  
 <code> <code>
Line 100: Line 132:
     index 'index.php';     index 'index.php';
  
-    include '/etc/nginx/snippets/social.conf'; +    include '/etc/nginx/default.d/social.conf'; 
-    include '/etc/nginx/snippets/headers.conf';+    include '/etc/nginx/default.d/headers.conf';
  
     client_max_body_size '10M';     client_max_body_size '10M';
  
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' blob:" always;+#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' blob:" always;
  
 #    access_log  /var/log/nginx/social-access.log; #    access_log  /var/log/nginx/social-access.log;
Line 128: Line 160:
 }</code> }</code>
  
-==== Enable ====+====== Initial Setup ======
  
-****+===== Initialize =====
  
-  sudo rm -f '/etc/nginx/sites-enabled/social.conf&& sudo ln -s '/etc/nginx/sites-available/social.conf' '/etc/nginx/sites-enabled/social.conf&& sudo systemctl reload 'nginx&& sync+  * :!: Change ''dbpass'', and ''admin'' to email
  
-====== Initial Setup ======+  sudo su 'nginx' -s '/bin/bash' 
 + 
 +  cd '/var/www/social/' && '/var/www/social/bin/console' autoinstall --dbhost 'localhost' --dbport '3365' --dbuser 'friendica' --dbdata 'friendica' --url 'https://social.realmofespionage.xyz' --dbpass 'x' --admin 'x' 
 + 
 +===== Website =====
  
   * https://social.realmofespionage.xyz   * https://social.realmofespionage.xyz
 +  * :!: Be sure the email matches what was used on the above command
 +
 +===== User =====
 +
 +  * :!: ''x'' is the **nickname** chosen at website registration, lower-case
 +
 +  sudo su 'nginx' -s '/bin/bash'
 +
 +  cd '/var/www/social/' && '/var/www/social/bin/console' user password x
 +
 +====== Settings ======
 +
 +===== frio Theme =====
 +
 +  * Navigation bar background color: ''3d8bff''
 +  * Navigation bar icon color: ''ffffff''
 +  * Link color: ''3d8bff''
 +  * Set the background color: ''dedede''
 +  * Login page background color: ''484848''
 +
 +  * Copy or paste schemestring:
 +
 +<code>{"nav_bg":"#3d8bff","nav_icon_color":"#ffffff","link_color":"#3d8bff","background_color":"#dedede","background_image":"","contentbg_transp":"100","login_bg_image":"","login_bg_color":"#484848"}</code>
  
 ====== Services ====== ====== Services ======
Line 148: Line 207:
 <code> <code>
 [Service] [Service]
-User=www-data +User=nginx 
-Group=www-data+Group=nginx
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www/social WorkingDirectory=/var/www/social
 ExecStart='/usr/bin/php' '/var/www/social/bin/worker.php' ExecStart='/usr/bin/php' '/var/www/social/bin/worker.php'
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
Line 173: Line 232:
 [Install] [Install]
 WantedBy=timers.target</code> WantedBy=timers.target</code>
 +
 +==== SELinux Test ====
 +
 +****
 +
 +  sudo semanage fcontext --add --type 'bin_t' '/var/www/social/bin/worker.php'
 +
 +  sudo semanage fcontext --add --type 'bin_t' '/var/www/social/bin/composer.phar'
  
 ===== Updater ===== ===== Updater =====
Line 182: Line 249:
 <code> <code>
 [Service] [Service]
-User=www-data +User=nginx 
-Group=www-data+Group=nginx
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www/social WorkingDirectory=/var/www/social
 Environment="COMPOSER_CACHE_DIR=/dev/null" Environment="COMPOSER_CACHE_DIR=/dev/null"
-ExecStart='/usr/bin/git' -C '/var/www/social' pull origin 'master+ExecStart='/usr/bin/git' -C '/var/www/social' pull origin 'develop
-ExecStart='/usr/bin/git' -C '/var/www/social/addon' pull origin 'master+ExecStart='/usr/bin/git' -C '/var/www/social/addon' pull origin 'develop
-ExecStart='/var/www/social/bin/composer.phar' install --no-dev +ExecStart='/usr/bin/php' '/var/www/social/bin/composer.phar' install 
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
Line 219: Line 286:
 <code> <code>
 [Service] [Service]
-User=www-data +User=nginx 
-Group=www-data+Group=nginx
 Type=oneshot Type=oneshot
 ExecStart='/usr/bin/git' -C '/var/www/social' gc --aggressive --prune='all' ExecStart='/usr/bin/git' -C '/var/www/social' gc --aggressive --prune='all'
Line 226: Line 293:
 ExecStart='/usr/bin/git' -C '/var/www/social/addon' gc --aggressive --prune='all' ExecStart='/usr/bin/git' -C '/var/www/social/addon' gc --aggressive --prune='all'
 ExecStart='/usr/bin/git' -C '/var/www/social/addon' fsck --full --strict ExecStart='/usr/bin/git' -C '/var/www/social/addon' fsck --full --strict
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
Line 259: Line 326:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www WorkingDirectory=/var/www
-ExecStart='/bin/bash' -c '"/bin/tar" -cvzf "/home/CHANGEME/backups/friendica-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "social"' +ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/friendica-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "social"' 
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 === Timer === === Timer ===
Line 283: Line 350:
 === Database Auth === === Database Auth ===
  
-  sudo -'mysql' -e '/var/lib/mysql/auth/friendica' && sudo chmod '600' '/var/lib/mysql/auth/friendica'+  sudo mkdir -'/var/lib/mysql/auth&& sudo -e '/var/lib/mysql/auth/friendica' && sudo chown -R 'mysql':'mysql' '/var/lib/mysql/auth/friendica' && sudo chmod '600' '/var/lib/mysql/auth/friendica' && sync
  
 <code> <code>
-[mysqldump]+[mariadb-dump]
 user=friendica user=friendica
 password=x</code> password=x</code>
Line 298: Line 365:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/lib/mysql/tmp WorkingDirectory=/var/lib/mysql/tmp
-ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r '/var/lib/mysql/tmp/friendica.sql' +ExecStartPre='/usr/bin/mariadb-dump' --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r '/var/lib/mysql/tmp/friendica.sql' 
-ExecStart='/bin/gzip' -f '/var/lib/mysql/tmp/friendica.sql' +ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/friendica.sql' 
-ExecStart='/bin/bash' -c '"/bin/mv" "/var/lib/mysql/tmp/friendica.sql.gz" "/home/CHANGEME/backups/friendica-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' +ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/friendica.sql.gz" "/home/CHANGEME/backups/friendica-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' 
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 === Timer === === Timer ===
Line 331: Line 398:
 **** ****
  
-  sudo systemctl stop nginx php7.2-fpm+  sudo systemctl stop nginx php-fpm
  
 ==== Backup Folder ==== ==== Backup Folder ====
Line 343: Line 410:
 **** ****
  
-  sudo mysqldump --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r ~/'friendica-database-manual-'$(date +%Y-%m-%d)'.sql' && sync+  sudo mariadb-dump --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r ~/'friendica-database-manual-'$(date +%Y-%m-%d)'.sql' && sync
  
 ==== Start Services ==== ==== Start Services ====
Line 349: Line 416:
 **** ****
  
-  sudo systemctl start nginx php7.2-fpm+  sudo systemctl start nginx php-fpm
  
 ===== Client ===== ===== Client =====
Line 357: Line 424:
 **** ****
  
-  scp espionage724@192.168.1.153:~/'friendica-files-'*'.tar.gz' espionage724@192.168.1.153:~/'friendica-database-'*'.sql' ~/'Downloads' && sync+  scp espionage724@192.168.1.152:~/'friendica-files-'*'.tar.gz' espionage724@192.168.1.152:~/'friendica-database-'*'.sql' ~/'Downloads' && sync
  
 ====== Restore ====== ====== Restore ======
Line 373: Line 440:
 **** ****
  
-  scp ~/'Downloads/friendica-files-'*'.tar.gz' ~/'Downloads/friendica-database-'*'.sql' espionage724@192.168.1.153:~+  scp ~/'Downloads/friendica-files-'*'.tar.gz' ~/'Downloads/friendica-database-'*'.sql' espionage724@192.168.1.152:~
  
 ==== Remove Files ==== ==== Remove Files ====
Line 387: Line 454:
 **** ****
  
-  sudo systemctl stop nginx php7.2-fpm+  sudo systemctl stop nginx php-fpm
  
 ==== Remove Previous Folder ==== ==== Remove Previous Folder ====
Line 395: Line 462:
   sudo rm -Rf '/var/www/social'   sudo rm -Rf '/var/www/social'
  
-==== Restore friendica Folder ====+==== Restore Friendica Folder ====
  
 **** ****
  
-  cd '/var/www' && sudo tar -xvzf ~/'friendica-files-'*'.tar.gz' 'social' && sudo chown -R 'www-data':'www-data' '/var/www/social' && cd ~ && sync+  cd '/var/www' && sudo tar -xvzf ~/'friendica-files-'*'.tar.gz' 'social' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/social(/.*)?' && sudo restorecon -F -I -R '/var/www/social' && sudo chown -R 'nginx':'nginx' '/var/www/social' && cd ~ && sync
  
 ==== Drop Previous Database ==== ==== Drop Previous Database ====
  
-  sudo mysql+  sudo mariadb
  
   DROP DATABASE friendica;   DROP DATABASE friendica;
Line 413: Line 480:
 ==== Re-create Databases ==== ==== Re-create Databases ====
  
-  sudo mysql+  sudo mariadb
  
   CREATE DATABASE friendica;   CREATE DATABASE friendica;
Line 423: Line 490:
 **** ****
  
-  sudo mysql 'friendica' < ~/'friendica-database-'*'.sql' && sync+  sudo mariadb 'friendica' < ~/'friendica-database-'*'.sql' && sync
  
 ==== Reapply Permissions ==== ==== Reapply Permissions ====
  
-  sudo mysql+  sudo mariadb
  
   GRANT ALL PRIVILEGES ON friendica.* to 'friendica'@'localhost' IDENTIFIED BY 'x';   GRANT ALL PRIVILEGES ON friendica.* to 'friendica'@'localhost' IDENTIFIED BY 'x';
Line 439: Line 506:
 **** ****
  
-  sudo systemctl start nginx php7.2-fpm+  sudo systemctl start nginx php-fpm
  
 ==== Remove Backups ==== ==== Remove Backups ====
  
-  * Verify that friendica works before running+  * Verify that Friendica works before running
  
   rm ~/'friendica-files-'*'.tar.gz' ~/'friendica-database-'*'.sql' && sync   rm ~/'friendica-files-'*'.tar.gz' ~/'friendica-database-'*'.sql' && sync
 +
/var/www/wiki/data/pages/servers/nginx/friendica.txt · Last modified: 2024/02/01 08:29 by Sean Rhone