User Tools

Site Tools


servers:nginx:friendica

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
servers:nginx:friendica [2019/06/29 00:51]
Sean Rhone
servers:nginx:friendica [2020/04/24 12:10] (current)
Sean Rhone Ubuntu 20.04
Line 7: Line 7:
 ===== Prerequisites ===== ===== Prerequisites =====
  
-  * [[distros:fedora_server|Fedora Server]] +  * [[distros:ubuntu_server|Ubuntu Server]] ((Last tested on 20.04)) 
-  * [[servers:mariadb | MariaDB]] +  * [[servers:mariadb|MariaDB]] 
-  * [[servers:nginx_php_php-fpm | nginx + PHP + PHP-FPM]] +  * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]] 
-  * [[servers:nginx:lets_encrypt | Let's Encrypt]]+  * [[servers:nginx:lets_encrypt|Let's Encrypt]]
  
 ====== Download Source ====== ====== Download Source ======
Line 16: Line 16:
   * :!: ''develop'' branch was broken on 2019/06/28   * :!: ''develop'' branch was broken on 2019/06/28
  
-  sudo rm -Rf '/var/www/social' && sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica.git' '/var/www/social' && sudo rm -Rf '/var/www/social/addon' && sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica-addons.git' '/var/www/social/addon' && sudo chown -R 'nginx':'nginx' '/var/www/social' && sync +  sudo rm -Rf '/var/www/social' && sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica.git' '/var/www/social' && sudo rm -Rf '/var/www/social/addon' && sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica-addons.git' '/var/www/social/addon' && sudo chown -R 'www-data':'www-data' '/var/www/social' && sync
- +
-===== SELinux ===== +
- +
-  sudo semanage fcontext --deleteall "/var/www/social(/.*)?" +
- +
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/social(/.*)?" +
- +
-  sudo restorecon -R -v '/var/www/social' && sync+
  
 ====== PHP Dependencies ====== ====== PHP Dependencies ======
Line 30: Line 22:
 **** ****
  
-  cd '/var/www/social' && sudo -u 'nginx' COMPOSER_CACHE_DIR='/dev/null' '/var/www/social/bin/composer.phar' install --no-dev && sync+  cd '/var/www/social' && sudo -u 'www-data' COMPOSER_CACHE_DIR='/dev/null' '/var/www/social/bin/composer.phar' install --no-dev && sync
  
 ====== Database ====== ====== Database ======
  
-  mysql --user='root' --password+  sudo mysql
  
   CREATE DATABASE friendica;   CREATE DATABASE friendica;
Line 41: Line 33:
  
   FLUSH PRIVILEGES;   FLUSH PRIVILEGES;
 +
 +  EXIT
  
 ====== nginx + PHP-FPM Configuration ====== ====== nginx + PHP-FPM Configuration ======
Line 46: Line 40:
 ===== PHP-FPM Socket ===== ===== PHP-FPM Socket =====
  
-  sudo -e '/etc/php-fpm.d/social.conf' && sudo systemctl restart 'php-fpm'+  sudo -e '/etc/php/7.4/fpm/pool.d/social.conf' && sudo systemctl restart 'php7.4-fpm'
  
 <code> <code>
 [social] [social]
-user = nginx +user = www-data 
-group = nginx+group = www-data
  
-listen = /run/php-fpm/social.sock +listen = /run/php/social.sock 
-listen.owner = nginx +listen.owner = www-data 
-listen.group = nginx+listen.group = www-data
 listen.allowed_clients = 127.0.0.1 listen.allowed_clients = 127.0.0.1
  
Line 73: Line 67:
 php_value[max_file_uploads] = "100" php_value[max_file_uploads] = "100"
  
-php_value[session.save_handler] = files +php_value[session.save_handler] = "files" 
-php_value[session.save_path] = /var/lib/php/session +php_value[session.save_path] = "/var/lib/php/sessions" 
-php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache +php_value[soap.wsdl_cache_dir] = "/var/lib/php/wsdlcache" 
-php_value[opcache.file_cache] = /var/lib/php/opcache</code>+php_value[opcache.file_cache] = "/var/lib/php/opcache"</code>
  
 ===== FastCGI ===== ===== FastCGI =====
  
-  sudo -e '/etc/nginx/default.d/social.conf'+  sudo -e '/etc/nginx/snippets/social.conf'
  
 <code> <code>
Line 92: Line 86:
     fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;     fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
     fastcgi_param PATH_INFO $fastcgi_path_info;     fastcgi_param PATH_INFO $fastcgi_path_info;
-    fastcgi_pass unix:/run/php-fpm/social.sock;+    fastcgi_pass unix:/run/php/social.sock;
 }</code> }</code>
  
 ===== Server Block ===== ===== Server Block =====
  
-  sudo -e '/etc/nginx/conf.d/social.conf' && sudo systemctl reload 'nginx'+  sudo -e '/etc/nginx/sites-available/social.conf'
  
 <code> <code>
Line 106: Line 100:
     index 'index.php';     index 'index.php';
  
-    include '/etc/nginx/default.d/social.conf'; +    include '/etc/nginx/snippets/social.conf'; 
-    include '/etc/nginx/default.d/headers.conf';+    include '/etc/nginx/snippets/headers.conf';
  
     client_max_body_size '10M';     client_max_body_size '10M';
Line 133: Line 127:
     }     }
 }</code> }</code>
 +
 +==== Enable ====
 +
 +****
 +
 +  sudo rm -f '/etc/nginx/sites-enabled/social.conf' && sudo ln -s '/etc/nginx/sites-available/social.conf' '/etc/nginx/sites-enabled/social.conf' && sudo systemctl reload 'nginx' && sync
  
 ====== Initial Setup ====== ====== Initial Setup ======
Line 148: Line 148:
 <code> <code>
 [Service] [Service]
-User=nginx +User=www-data 
-Group=nginx+Group=www-data
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www/social WorkingDirectory=/var/www/social
 ExecStart='/usr/bin/php' '/var/www/social/bin/worker.php' ExecStart='/usr/bin/php' '/var/www/social/bin/worker.php'
-ExecStartPost='/usr/bin/sync'</code>+ExecStartPost='/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
  
   * Every 5 minutes   * Every 5 minutes
-  * :!: Refer to [[distros:fedora_server#selinux|SELinux notes]] to generate a profile for this 
  
   sudo -e '/etc/systemd/system/social-d.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-d.timer' --now   sudo -e '/etc/systemd/system/social-d.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-d.timer' --now
Line 178: Line 177:
  
 ==== Service ==== ==== Service ====
- 
-  * :!: Refer to [[distros:fedora_server#selinux|SELinux notes]] to generate a profile for this ((the composer step will likely be denied)) 
  
   sudo -e '/etc/systemd/system/social-up.service'   sudo -e '/etc/systemd/system/social-up.service'
Line 185: Line 182:
 <code> <code>
 [Service] [Service]
-User=nginx +User=www-data 
-Group=nginx+Group=www-data
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www/social WorkingDirectory=/var/www/social
Line 193: Line 190:
 ExecStart='/usr/bin/git' -C '/var/www/social/addon' pull origin 'master' ExecStart='/usr/bin/git' -C '/var/www/social/addon' pull origin 'master'
 ExecStart='/var/www/social/bin/composer.phar' install --no-dev ExecStart='/var/www/social/bin/composer.phar' install --no-dev
-ExecStartPost='/usr/bin/sync'</code>+ExecStartPost='/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
Line 222: Line 219:
 <code> <code>
 [Service] [Service]
-User=nginx +User=www-data 
-Group=nginx+Group=www-data
 Type=oneshot Type=oneshot
 ExecStart='/usr/bin/git' -C '/var/www/social' gc --aggressive --prune='all' ExecStart='/usr/bin/git' -C '/var/www/social' gc --aggressive --prune='all'
Line 229: Line 226:
 ExecStart='/usr/bin/git' -C '/var/www/social/addon' gc --aggressive --prune='all' ExecStart='/usr/bin/git' -C '/var/www/social/addon' gc --aggressive --prune='all'
 ExecStart='/usr/bin/git' -C '/var/www/social/addon' fsck --full --strict ExecStart='/usr/bin/git' -C '/var/www/social/addon' fsck --full --strict
-ExecStartPost='/usr/bin/sync'</code>+ExecStartPost='/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
Line 262: Line 259:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www WorkingDirectory=/var/www
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -cvzf "/home/CHANGEME/backups/friendica-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "social"' +ExecStart='/bin/bash' -c '"/bin/tar" -cvzf "/home/CHANGEME/backups/friendica-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "social"' 
-ExecStartPost='/usr/bin/sync'</code>+ExecStartPost='/bin/sync'</code>
  
 === Timer === === Timer ===
Line 302: Line 299:
 WorkingDirectory=/var/lib/mysql/tmp WorkingDirectory=/var/lib/mysql/tmp
 ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r '/var/lib/mysql/tmp/friendica.sql' ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r '/var/lib/mysql/tmp/friendica.sql'
-ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/friendica.sql' +ExecStart='/bin/gzip' -f '/var/lib/mysql/tmp/friendica.sql' 
-ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/friendica.sql.gz" "/home/CHANGEME/backups/friendica-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' +ExecStart='/bin/bash' -c '"/bin/mv" "/var/lib/mysql/tmp/friendica.sql.gz" "/home/CHANGEME/backups/friendica-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' 
-ExecStartPost='/usr/bin/sync'</code>+ExecStartPost='/bin/sync'</code>
  
 === Timer === === Timer ===
Line 334: Line 331:
 **** ****
  
-  sudo systemctl stop nginx php-fpm+  sudo systemctl stop nginx php7.4-fpm
  
 ==== Backup Folder ==== ==== Backup Folder ====
Line 346: Line 343:
 **** ****
  
-  sudo -u 'mysql' mysqldump --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r ~/'friendica-database-manual-'$(date +%Y-%m-%d)'.sql' && sync+  sudo mysqldump --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r ~/'friendica-database-manual-'$(date +%Y-%m-%d)'.sql' && sync
  
 ==== Start Services ==== ==== Start Services ====
Line 352: Line 349:
 **** ****
  
-  sudo systemctl start nginx php-fpm+  sudo systemctl start nginx php7.4-fpm
  
 ===== Client ===== ===== Client =====
Line 390: Line 387:
 **** ****
  
-  sudo systemctl stop nginx php-fpm+  sudo systemctl stop nginx php7.4-fpm
  
 ==== Remove Previous Folder ==== ==== Remove Previous Folder ====
Line 402: Line 399:
 **** ****
  
-  cd '/var/www' && sudo tar -xvzf ~/'friendica-files-'*'.tar.gz' 'social' && sudo chown -R 'nginx':'nginx' '/var/www/social' && cd ~ && sync +  cd '/var/www' && sudo tar -xvzf ~/'friendica-files-'*'.tar.gz' 'social' && sudo chown -R 'www-data':'www-data' '/var/www/social' && cd ~ && sync
- +
-==== SELinux ==== +
- +
-  sudo semanage fcontext --deleteall "/var/www/social(/.*)?" +
- +
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/social(/.*)?" +
- +
-  sudo restorecon -R -v '/var/www/social' && sync+
  
 ==== Drop Previous Database ==== ==== Drop Previous Database ====
  
-  mysql --user='root' --password+  sudo mysql
  
   DROP DATABASE friendica;   DROP DATABASE friendica;
  
   FLUSH TABLES;   FLUSH TABLES;
 +
 +  EXIT
  
 ==== Re-create Databases ==== ==== Re-create Databases ====
  
-  mysql --user='root' --password+  sudo mysql
  
   CREATE DATABASE friendica;   CREATE DATABASE friendica;
 +
 +  EXIT
  
 ==== Restore Database ==== ==== Restore Database ====
Line 430: Line 423:
 **** ****
  
-  mysql --user='root' --password 'friendica' < ~/'friendica-database-'*'.sql' && sync+  sudo mysql 'friendica' < ~/'friendica-database-'*'.sql' && sync
  
 ==== Reapply Permissions ==== ==== Reapply Permissions ====
  
-  mysql --user='root' --password+  sudo mysql
  
   GRANT ALL PRIVILEGES ON friendica.* to 'friendica'@'localhost' IDENTIFIED BY 'x';   GRANT ALL PRIVILEGES ON friendica.* to 'friendica'@'localhost' IDENTIFIED BY 'x';
  
   FLUSH PRIVILEGES;   FLUSH PRIVILEGES;
 +
 +  EXIT
  
 ==== Start Services ==== ==== Start Services ====
Line 444: Line 439:
 **** ****
  
-  sudo systemctl start nginx php-fpm+  sudo systemctl start nginx php7.4-fpm
  
 ==== Remove Backups ==== ==== Remove Backups ====
servers/nginx/friendica.1561783879.txt.gz · Last modified: 2019/06/29 00:51 by Sean Rhone