RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:friendica

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:nginx:friendica [2023/09/12 14:43] – openSUSE TW -> Fedora Server (partial) Sean Rhoneservers:nginx:friendica [2024/08/13 22:20] (current) – removed Sean Rhone
Line 1: Line 1:
-====== Information ====== 
- 
-  * Friendica ((https://friendi.ca/)) ((https://github.com/friendica/friendica)) 
-  * [[Information:Realm of Espionage]] 
-  * https://social.realmofespionage.xyz 
- 
-===== Prerequisites ===== 
- 
-  * [[distros:fedora_server|Fedora Server]] 
-  * [[servers:mariadb|MariaDB]] 
-  * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]] 
-  * [[servers:nginx:lets_encrypt|Let's Encrypt]] 
- 
-====== Dependencies ====== 
- 
-===== Old openSUSE ===== 
- 
-**** 
- 
-  sudo zypper install php8-posix php8-gmp openssl php8-pcntl php8-xdebug 
- 
-====== Download Source ====== 
- 
-**** 
- 
-  sudo git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica.git' '/var/www/social' && sudo git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica-addons.git' '/var/www/social/addon' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/social(/.*)?' && sudo restorecon -F -I -R '/var/www/social' && sudo chown -R 'nginx':'nginx' '/var/www/social' && sync 
- 
-====== PHP Dependencies ====== 
- 
-  * [[https://github.com/friendica/friendica/blob/develop/doc/Install.md|Install.md]] when mentioning the ''develop'' branch doesn't include ''--no-dev'', so presumably those packages are needed? 
- 
-  sudo su 'nginx' -s '/bin/bash' 
- 
-  cd '/var/www/social' && COMPOSER_CACHE_DIR='/dev/null' '/var/www/social/bin/composer.phar' install && sync 
- 
-====== Database ====== 
- 
-  sudo mysql 
- 
-  CREATE DATABASE friendica; 
- 
-  GRANT ALL PRIVILEGES ON friendica.* to 'friendica'@'localhost' IDENTIFIED BY 'x'; 
- 
-  FLUSH PRIVILEGES; 
- 
-  EXIT 
- 
-====== nginx + PHP-FPM Configuration ====== 
- 
-===== PHP-FPM Socket ===== 
- 
-  sudo -e '/etc/php-fpm.d/social.conf' && sudo systemctl restart 'php-fpm' 
- 
-<code> 
-[social] 
- 
-; User/Group 
-user = nginx 
-group = nginx 
- 
-; Socket 
-listen = /run/php-fpm/social.sock 
-listen.acl_users = nginx 
-listen.allowed_clients = 127.0.0.1 
- 
-; Process Management 
-pm = ondemand 
-pm.max_children = 4 
-pm.process_idle_timeout = 30 
- 
-; Fedora php.ini Defaults 
-php_value[session.save_handler] = "files" 
-php_value[session.save_path] = "/var/lib/php/session" 
- 
-; General 
-php_value[date.timezone] = "America/New_York" 
-php_value[max_execution_time] = "200" 
-php_value[memory_limit] = "512M" 
-php_value[post_max_size] = "10M" 
-php_value[upload_max_filesize] = "10M" 
-php_value[max_file_uploads] = "100" 
-php_value[register_argc_argv] = "On" 
-php_value[upload_tmp_dir] = "/tmp" 
- 
-; End</code> 
- 
-===== FastCGI ===== 
- 
-  sudo -e '/etc/nginx/default.d/social.conf' 
- 
-<code> 
-# PHP-FPM 
-location ~ \.(php|phar)(/.*)?$ { 
-    fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$; 
-    fastcgi_intercept_errors on; 
-    fastcgi_index index.php; 
-    include fastcgi_params; 
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name; 
-    fastcgi_param PATH_INFO $fastcgi_path_info; 
-    fastcgi_pass unix:/run/php-fpm/social.sock; 
-}</code> 
- 
-==== Test ==== 
- 
-<code> 
-# PHP-FPM 
-location ~* \.php$ { 
-#    fastcgi_intercept_errors on; 
-#    fastcgi_param PATH_INFO $fastcgi_path_info; 
-    fastcgi_pass unix:/run/php-fpm/social.sock; 
-    fastcgi_buffers 8 16k; 
-    fastcgi_buffer_size 32k; 
-    fastcgi_connect_timeout 60; 
-    fastcgi_send_timeout 300; 
-    fastcgi_read_timeout 300; 
-    fastcgi_split_path_info ^(.+?\.php)(/.*)$; 
-    try_files $uri =404; 
-    fastcgi_index index.php; 
-    include fastcgi_params; 
-    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
-}</code> 
- 
-===== Server Block ===== 
- 
-  * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs 
- 
-  sudo -e '/etc/nginx/vhosts.d/social.conf' && sudo systemctl reload 'nginx' && sync 
- 
-<code> 
-server { 
-    listen '443' 'ssl' 'http2'; 
-    server_name 'social.realmofespionage.xyz'; 
-    root '/var/www/social'; 
-    index 'index.php'; 
- 
-    include '/etc/nginx/default.d/social.conf'; 
-    include '/etc/nginx/default.d/headers.conf'; 
- 
-    client_max_body_size '10M'; 
- 
-#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' blob:" always; 
- 
-#    access_log  /var/log/nginx/social-access.log; 
-#    error_log  /var/log/nginx/social-error.log; 
- 
-    location / { 
-        try_files $uri /index.php?pagename=$uri&$args; 
-    } 
- 
-    location ^~ /.well-known/ { 
-        allow all; 
-        rewrite ^ /index.php?pagename=$uri; 
-    } 
- 
-    location ~* \.(tpl|md|tgz|log|out)$ { 
-        deny all; 
-    } 
- 
-    location ~ /\. { 
-        deny all; 
-    } 
-}</code> 
- 
-====== Initial Setup ====== 
- 
-===== Initialize ===== 
- 
-  * :!: Change ''dbpass'', and ''admin'' to email 
- 
-  sudo su 'nginx' -s '/bin/bash' 
- 
-  cd '/var/www/social/' && '/var/www/social/bin/console' autoinstall --dbhost 'localhost' --dbport '3365' --dbuser 'friendica' --dbdata 'friendica' --url 'https://social.realmofespionage.xyz' --dbpass 'x' --admin 'x' 
- 
-===== Website ===== 
- 
-  * https://social.realmofespionage.xyz 
-  * :!: Be sure the email matches what was used on the above command 
- 
-===== User ===== 
- 
-  * :!: ''x'' is the **nickname** chosen at website registration, lower-case 
- 
-  sudo su 'nginx' -s '/bin/bash' 
- 
-  cd '/var/www/social/' && '/var/www/social/bin/console' user password x 
- 
-====== Settings ====== 
- 
-===== frio Theme ===== 
- 
-  * Navigation bar background color: ''3d8bff'' 
-  * Navigation bar icon color: ''ffffff'' 
-  * Link color: ''3d8bff'' 
-  * Set the background color: ''dedede'' 
-  * Login page background color: ''484848'' 
- 
-  * Copy or paste schemestring: 
- 
-<code>{"nav_bg":"#3d8bff","nav_icon_color":"#ffffff","link_color":"#3d8bff","background_color":"#dedede","background_image":"","contentbg_transp":"100","login_bg_image":"","login_bg_color":"#484848"}</code> 
- 
-====== Services ====== 
- 
-===== Worker ===== 
- 
-==== Service ==== 
- 
-  sudo -e '/etc/systemd/system/social-d.service' 
- 
-<code> 
-[Service] 
-User=nginx 
-Group=nginx 
-Type=oneshot 
-WorkingDirectory=/var/www/social 
-ExecStart='/usr/bin/php' '/var/www/social/bin/worker.php' 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-==== Timer ==== 
- 
-  * Every 5 minutes 
- 
-  sudo -e '/etc/systemd/system/social-d.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-d.timer' --now 
- 
-<code> 
-[Unit] 
-Description=friendica Worker Daemon 
-After=network-online.target 
-Wants=network-online.target 
- 
-[Timer] 
-OnBootSec=5m 
-OnUnitActiveSec=5m 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-==== SELinux Test ==== 
- 
-**** 
- 
-  sudo semanage fcontext --add --type 'bin_t' '/var/www/social/bin/worker.php' 
- 
-===== Updater ===== 
- 
-==== Service ==== 
- 
-  sudo -e '/etc/systemd/system/social-up.service' 
- 
-<code> 
-[Service] 
-User=nginx 
-Group=nginx 
-Type=oneshot 
-WorkingDirectory=/var/www/social 
-Environment="COMPOSER_CACHE_DIR=/dev/null" 
-ExecStart='/usr/bin/git' -C '/var/www/social' pull origin 'develop' 
-ExecStart='/usr/bin/git' -C '/var/www/social/addon' pull origin 'develop' 
-ExecStart='/var/www/social/bin/composer.phar' install 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-==== Timer ==== 
- 
-  * Every day at ''02:00:00'' 
- 
-  sudo -e '/etc/systemd/system/social-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-up.timer' --now && sudo systemctl start 'social-up' && sudo systemctl status 'social-up' -l 
- 
-<code> 
-[Unit] 
-Description=friendica Updater 
-After=network-online.target 
-Wants=network-online.target 
- 
-[Timer] 
-OnCalendar=*-*-* 02:00:00 
-Persistent=true 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-===== Maintenance ===== 
- 
-==== Service ==== 
- 
-  sudo -e '/etc/systemd/system/social-m.service' 
- 
-<code> 
-[Service] 
-User=nginx 
-Group=nginx 
-Type=oneshot 
-ExecStart='/usr/bin/git' -C '/var/www/social' gc --aggressive --prune='all' 
-ExecStart='/usr/bin/git' -C '/var/www/social' fsck --full --strict 
-ExecStart='/usr/bin/git' -C '/var/www/social/addon' gc --aggressive --prune='all' 
-ExecStart='/usr/bin/git' -C '/var/www/social/addon' fsck --full --strict 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-==== Timer ==== 
- 
-  * ''01'' day of every month at ''02:20:00'' 
- 
-  sudo -e '/etc/systemd/system/social-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-m.timer' --now 
- 
-<code> 
-[Unit] 
-Description=friendica Maintenance 
-After=network-online.target 
-Wants=network-online.target 
- 
-[Timer] 
-OnCalendar=*-*-01 02:20:00 
-Persistent=true 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-===== Backup ===== 
- 
-==== Files ==== 
- 
-=== Service === 
- 
-  mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/social-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/social-fb.service' 
- 
-<code> 
-[Service] 
-Type=oneshot 
-WorkingDirectory=/var/www 
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/friendica-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "social"' 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-=== Timer === 
- 
-  * ''01'' day of every month at ''02:50:00'' 
- 
-  sudo -e '/etc/systemd/system/social-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-fb.timer' --now && sudo systemctl start 'social-fb' && sudo systemctl status 'social-fb' -l 
- 
-<code> 
-[Unit] 
-Description=friendica Files Backup 
- 
-[Timer] 
-OnCalendar=*-*-01 02:50:00 
-Persistent=true 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-==== Database ==== 
- 
-=== Database Auth === 
- 
-  sudo mkdir -p '/var/lib/mysql/auth' && sudo -e '/var/lib/mysql/auth/friendica' && sudo chown -R 'mysql':'mysql' '/var/lib/mysql/auth/friendica' && sudo chmod '600' '/var/lib/mysql/auth/friendica' && sync 
- 
-<code> 
-[mysqldump] 
-user=friendica 
-password=x</code> 
- 
-=== Service === 
- 
-  mkdir -p ~/'backups' && sudo mkdir -p '/var/lib/mysql/tmp' && sudo -e '/etc/systemd/system/social-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/social-db.service' 
- 
-<code> 
-[Service] 
-Type=oneshot 
-WorkingDirectory=/var/lib/mysql/tmp 
-ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r '/var/lib/mysql/tmp/friendica.sql' 
-ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/friendica.sql' 
-ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/friendica.sql.gz" "/home/CHANGEME/backups/friendica-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-=== Timer === 
- 
-  * Every day at ''02:15:00'' 
- 
-  sudo -e '/etc/systemd/system/social-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-db.timer' --now && sudo systemctl start 'social-db' && sudo systemctl status 'social-db' -l 
- 
-<code> 
-[Unit] 
-Description=friendica Database Backup 
-After=mariadb.service 
- 
-[Timer] 
-OnCalendar=*-*-* 02:15:00 
-Persistent=true 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-====== Backup ====== 
- 
-  * Create backup archive on server and transfer to client computer 
- 
-===== Server ===== 
- 
-==== Stop Services ==== 
- 
-**** 
- 
-  sudo systemctl stop nginx php-fpm 
- 
-==== Backup Folder ==== 
- 
-**** 
- 
-  cd '/var/www' && sudo tar -cvzf ~/'friendica-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'social' && cd ~ && sync 
- 
-==== Backup Database ==== 
- 
-**** 
- 
-  sudo mysqldump --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r ~/'friendica-database-manual-'$(date +%Y-%m-%d)'.sql' && sync 
- 
-==== Start Services ==== 
- 
-**** 
- 
-  sudo systemctl start nginx php-fpm 
- 
-===== Client ===== 
- 
-==== Transfer Files To Client ==== 
- 
-**** 
- 
-  scp espionage724@192.168.1.152:~/'friendica-files-'*'.tar.gz' espionage724@192.168.1.152:~/'friendica-database-'*'.sql' ~/'Downloads' && sync 
- 
-====== Restore ====== 
- 
-===== Client ===== 
- 
-==== Uncompress Database ==== 
- 
-  * This is only needed if restoring an **automated** database backup ((manual doesn't gzip)) 
- 
-  gunzip ~/'Downloads/friendica-database-'*'.sql.gz' 
- 
-==== Transfer Files To Server ==== 
- 
-**** 
- 
-  scp ~/'Downloads/friendica-files-'*'.tar.gz' ~/'Downloads/friendica-database-'*'.sql' espionage724@192.168.1.152:~ 
- 
-==== Remove Files ==== 
- 
-**** 
- 
-  rm -f ~/'Downloads/friendica-files-'*'.tar.gz' ~/'Downloads/friendica-database-'*'.sql' && sync 
- 
-===== Server ===== 
- 
-==== Stop Services ==== 
- 
-**** 
- 
-  sudo systemctl stop nginx php-fpm 
- 
-==== Remove Previous Folder ==== 
- 
-**** 
- 
-  sudo rm -Rf '/var/www/social' 
- 
-==== Restore Friendica Folder ==== 
- 
-**** 
- 
-  cd '/var/www' && sudo tar -xvzf ~/'friendica-files-'*'.tar.gz' 'social' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/social(/.*)?' && sudo restorecon -F -I -R '/var/www/social' && sudo chown -R 'nginx':'nginx' '/var/www/social' && cd ~ && sync 
- 
-==== Drop Previous Database ==== 
- 
-  sudo mysql 
- 
-  DROP DATABASE friendica; 
- 
-  FLUSH TABLES; 
- 
-  EXIT 
- 
-==== Re-create Databases ==== 
- 
-  sudo mysql 
- 
-  CREATE DATABASE friendica; 
- 
-  EXIT 
- 
-==== Restore Database ==== 
- 
-**** 
- 
-  sudo mysql 'friendica' < ~/'friendica-database-'*'.sql' && sync 
- 
-==== Reapply Permissions ==== 
- 
-  sudo mysql 
- 
-  GRANT ALL PRIVILEGES ON friendica.* to 'friendica'@'localhost' IDENTIFIED BY 'x'; 
- 
-  FLUSH PRIVILEGES; 
- 
-  EXIT 
- 
-==== Start Services ==== 
- 
-**** 
- 
-  sudo systemctl start nginx php-fpm 
- 
-==== Remove Backups ==== 
- 
-  * Verify that Friendica works before running 
- 
-  rm ~/'friendica-files-'*'.tar.gz' ~/'friendica-database-'*'.sql' && sync 
  
/usr/local/www/wiki/data/attic/servers/nginx/friendica.1694544205.txt.gz · Last modified: (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki