RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:friendica

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:nginx:friendica [2023/09/02 08:10] Sean Rhoneservers:nginx:friendica [2024/02/01 08:29] (current) Sean Rhone
Line 7: Line 7:
 ===== Prerequisites ===== ===== Prerequisites =====
  
-  * [[distros:opensuse_tumbleweed_server|openSUSE Tumbleweed]]+  * [[distros:fedora_server|Fedora Server]]
   * [[servers:mariadb|MariaDB]]   * [[servers:mariadb|MariaDB]]
   * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]   * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]
Line 14: Line 14:
 ====== Dependencies ====== ====== Dependencies ======
  
-****+  https://friendi.ca/resources/requirements/
  
-  sudo zypper install php8-posix php8-gmp openssl php8-pcntl php8-xdebug+  sudo dnf install php-gd php-pdo php-mbstring php-mysqlnd php-xml php-pecl-zip php-process php-gmp php-pecl-xdebug3
  
 ====== Download Source ====== ====== Download Source ======
Line 22: Line 22:
 **** ****
  
-  sudo git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica.git' '/srv/www/social' && sudo git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica-addons.git' '/srv/www/social/addon' && sudo chown -R 'nginx':'nginx' '/srv/www/social' && sync+  sudo git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica.git' '/var/www/social' && sudo git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica-addons.git' '/var/www/social/addon' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/social(/.*)?' && sudo restorecon -F -I -R '/var/www/social' && sudo chown -R 'nginx':'nginx' '/var/www/social' && sync
  
 ====== PHP Dependencies ====== ====== PHP Dependencies ======
Line 30: Line 30:
   sudo su 'nginx' -s '/bin/bash'   sudo su 'nginx' -s '/bin/bash'
  
-  cd '/srv/www/social' && COMPOSER_CACHE_DIR='/dev/null' '/srv/www/social/bin/composer.phar' install && sync+  cd '/var/www/social' && COMPOSER_CACHE_DIR='/dev/null' php '/var/www/social/bin/composer.phar' install && sync
  
 ====== Database ====== ====== Database ======
  
-  sudo mysql+  sudo mariadb
  
   CREATE DATABASE friendica;   CREATE DATABASE friendica;
Line 48: Line 48:
 ===== PHP-FPM Socket ===== ===== PHP-FPM Socket =====
  
-  sudo -e '/etc/php8/fpm/php-fpm.d/social.conf' && sudo systemctl restart 'php-fpm'+  sudo -e '/etc/php-fpm.d/social.conf' && sudo systemctl restart 'php-fpm'
  
 <code> <code>
Line 58: Line 58:
  
 ; Socket ; Socket
-listen = 127.0.0.1:9005+listen = /run/php-fpm/social.sock
 listen.acl_users = nginx listen.acl_users = nginx
 listen.allowed_clients = 127.0.0.1 listen.allowed_clients = 127.0.0.1
Line 67: Line 67:
 pm.process_idle_timeout = 30 pm.process_idle_timeout = 30
  
-openSUSE TW php.ini Defaults +Fedora php.ini Defaults 
-php_value[session.save_path] = "/var/lib/php8/sessions"+php_value[session.save_handler] = "files" 
 +php_value[session.save_path] = "/var/lib/php/session"
  
 ; General ; General
Line 90: Line 91:
 location ~ \.(php|phar)(/.*)?$ { location ~ \.(php|phar)(/.*)?$ {
     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
- 
     fastcgi_intercept_errors on;     fastcgi_intercept_errors on;
-    fastcgi_index  index.php; +    fastcgi_index index.php; 
-    include        fastcgi_params; +    include fastcgi_params; 
-    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name; +    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name; 
-    fastcgi_param  PATH_INFO $fastcgi_path_info; +    fastcgi_param PATH_INFO $fastcgi_path_info; 
-    fastcgi_pass 127.0.0.1:9005;+    fastcgi_pass unix:/run/php-fpm/social.sock;
 }</code> }</code>
  
Line 105: Line 105:
 location ~* \.php$ { location ~* \.php$ {
 #    fastcgi_intercept_errors on; #    fastcgi_intercept_errors on;
-#    fastcgi_param  PATH_INFO $fastcgi_path_info; +#    fastcgi_param PATH_INFO $fastcgi_path_info; 
-    fastcgi_pass 127.0.0.1:9005;+    fastcgi_pass unix:/run/php-fpm/social.sock;
     fastcgi_buffers 8 16k;     fastcgi_buffers 8 16k;
     fastcgi_buffer_size 32k;     fastcgi_buffer_size 32k;
Line 120: Line 120:
  
 ===== Server Block ===== ===== Server Block =====
 +
 +  * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs
  
   sudo -e '/etc/nginx/vhosts.d/social.conf' && sudo systemctl reload 'nginx' && sync   sudo -e '/etc/nginx/vhosts.d/social.conf' && sudo systemctl reload 'nginx' && sync
Line 127: Line 129:
     listen '443' 'ssl' 'http2';     listen '443' 'ssl' 'http2';
     server_name 'social.realmofespionage.xyz';     server_name 'social.realmofespionage.xyz';
-    root '/srv/www/social';+    root '/var/www/social';
     index 'index.php';     index 'index.php';
  
Line 135: Line 137:
     client_max_body_size '10M';     client_max_body_size '10M';
  
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' blob:" always;+#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' blob:" always;
  
 #    access_log  /var/log/nginx/social-access.log; #    access_log  /var/log/nginx/social-access.log;
Line 157: Line 159:
     }     }
 }</code> }</code>
- 
-==== Test ==== 
- 
-<code> 
-    if (!-e $request_filename) { 
-        rewrite ^(.*)$ /index.php?pagename=$1; 
-    } 
- 
-    client_max_body_size 50M; 
-    client_body_buffer_size 128k; 
- 
-  location ^~ /.well-known/ { 
-    allow all; 
-   if (!-e $request_filename) { 
-     rewrite ^(.*)$ /index.php?pagename=$1; 
-   } 
-  }</code> 
  
 ====== Initial Setup ====== ====== Initial Setup ======
Line 183: Line 168:
   sudo su 'nginx' -s '/bin/bash'   sudo su 'nginx' -s '/bin/bash'
  
-  cd '/srv/www/social/' && '/srv/www/social/bin/console' autoinstall --dbhost 'localhost' --dbport '3365' --dbuser 'friendica' --dbdata 'friendica' --url 'https://social.realmofespionage.xyz' --dbpass 'x' --admin 'x'+  cd '/var/www/social/' && '/var/www/social/bin/console' autoinstall --dbhost 'localhost' --dbport '3365' --dbuser 'friendica' --dbdata 'friendica' --url 'https://social.realmofespionage.xyz' --dbpass 'x' --admin 'x'
  
 ===== Website ===== ===== Website =====
Line 192: Line 177:
 ===== User ===== ===== User =====
  
-  * :!: ''x'' is the **nickname** chosen at website registration+  * :!: ''x'' is the **nickname** chosen at website registration, lower-case
  
   sudo su 'nginx' -s '/bin/bash'   sudo su 'nginx' -s '/bin/bash'
  
-  cd '/srv/www/social/' && '/srv/www/social/bin/console' user password x+  cd '/var/www/social/' && '/var/www/social/bin/console' user password x
  
 ====== Settings ====== ====== Settings ======
Line 203: Line 188:
  
   * Navigation bar background color: ''3d8bff''   * Navigation bar background color: ''3d8bff''
-  * Navigation bar icon color: ''ffffff'+  * Navigation bar icon color: ''ffffff''
   * Link color: ''3d8bff''   * Link color: ''3d8bff''
   * Set the background color: ''dedede''   * Set the background color: ''dedede''
Line 225: Line 210:
 Group=nginx Group=nginx
 Type=oneshot Type=oneshot
-WorkingDirectory=/srv/www/social +WorkingDirectory=/var/www/social 
-ExecStart='/usr/bin/php' '/srv/www/social/bin/worker.php'+ExecStart='/usr/bin/php' '/var/www/social/bin/worker.php'
 ExecStartPost='/usr/bin/sync'</code> ExecStartPost='/usr/bin/sync'</code>
  
Line 233: Line 218:
   * Every 5 minutes   * Every 5 minutes
  
-  sudo -e '/etc/systemd/system/social-d.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-d.timer' --now+  sudo -e '/etc/systemd/system/social-d.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-d.timer' --now && sudo systemctl start 'social-d' && sudo systemctl status 'social-d' -l
  
 <code> <code>
Line 259: Line 244:
 Group=nginx Group=nginx
 Type=oneshot Type=oneshot
-WorkingDirectory=/srv/www/social+WorkingDirectory=/var/www/social
 Environment="COMPOSER_CACHE_DIR=/dev/null" Environment="COMPOSER_CACHE_DIR=/dev/null"
-ExecStart='/usr/bin/git' -C '/srv/www/social' pull origin 'develop' +ExecStart='/usr/bin/git' -C '/var/www/social' pull origin 'develop' 
-ExecStart='/usr/bin/git' -C '/srv/www/social/addon' pull origin 'develop' +ExecStart='/usr/bin/git' -C '/var/www/social/addon' pull origin 'develop' 
-ExecStart='/srv/www/social/bin/composer.phar' install+ExecStart='/usr/bin/php' '/var/www/social/bin/composer.phar' install
 ExecStartPost='/usr/bin/sync'</code> ExecStartPost='/usr/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
  
-  * Every day at ''02:00:00''+  * Every day at ''03:00:00''
  
   sudo -e '/etc/systemd/system/social-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-up.timer' --now && sudo systemctl start 'social-up' && sudo systemctl status 'social-up' -l   sudo -e '/etc/systemd/system/social-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-up.timer' --now && sudo systemctl start 'social-up' && sudo systemctl status 'social-up' -l
Line 279: Line 264:
  
 [Timer] [Timer]
-OnCalendar=*-*-* 02:00:00+OnCalendar=*-*-* 03:00:00
 Persistent=true Persistent=true
  
Line 296: Line 281:
 Group=nginx Group=nginx
 Type=oneshot Type=oneshot
-ExecStart='/usr/bin/git' -C '/srv/www/social' gc --aggressive --prune='all' +ExecStart='/usr/bin/git' -C '/var/www/social' gc --aggressive --prune='all' 
-ExecStart='/usr/bin/git' -C '/srv/www/social' fsck --full --strict +ExecStart='/usr/bin/git' -C '/var/www/social' fsck --full --strict 
-ExecStart='/usr/bin/git' -C '/srv/www/social/addon' gc --aggressive --prune='all' +ExecStart='/usr/bin/git' -C '/var/www/social/addon' gc --aggressive --prune='all' 
-ExecStart='/usr/bin/git' -C '/srv/www/social/addon' fsck --full --strict+ExecStart='/usr/bin/git' -C '/var/www/social/addon' fsck --full --strict
 ExecStartPost='/usr/bin/sync'</code> ExecStartPost='/usr/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
  
-  * ''01'' day of every month at ''02:20:00''+  * ''01'' day of every month at ''03:20:00''
  
-  sudo -e '/etc/systemd/system/social-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-m.timer' --now+  sudo -e '/etc/systemd/system/social-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-m.timer' --now && sudo systemctl start 'social-m' && sudo systemctl status 'social-up' -l
  
 <code> <code>
Line 315: Line 300:
  
 [Timer] [Timer]
-OnCalendar=*-*-01 02:20:00+OnCalendar=*-*-01 03:20:00
 Persistent=true Persistent=true
  
Line 332: Line 317:
 [Service] [Service]
 Type=oneshot Type=oneshot
-WorkingDirectory=/srv/www+WorkingDirectory=/var/www
 ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/friendica-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "social"' ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/friendica-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "social"'
 ExecStartPost='/usr/bin/sync'</code> ExecStartPost='/usr/bin/sync'</code>
Line 338: Line 323:
 === Timer === === Timer ===
  
-  * ''01'' day of every month at ''02:50:00''+  * ''01'' day of every month at ''03:35:00''
  
   sudo -e '/etc/systemd/system/social-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-fb.timer' --now && sudo systemctl start 'social-fb' && sudo systemctl status 'social-fb' -l   sudo -e '/etc/systemd/system/social-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-fb.timer' --now && sudo systemctl start 'social-fb' && sudo systemctl status 'social-fb' -l
Line 347: Line 332:
  
 [Timer] [Timer]
-OnCalendar=*-*-01 02:50:00+OnCalendar=*-*-01 03:35:00
 Persistent=true Persistent=true
  
Line 360: Line 345:
  
 <code> <code>
-[mysqldump]+[mariadb-dump]
 user=friendica user=friendica
 password=x</code> password=x</code>
Line 372: Line 357:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/lib/mysql/tmp WorkingDirectory=/var/lib/mysql/tmp
-ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r '/var/lib/mysql/tmp/friendica.sql'+ExecStartPre='/usr/bin/mariadb-dump' --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r '/var/lib/mysql/tmp/friendica.sql'
 ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/friendica.sql' ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/friendica.sql'
 ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/friendica.sql.gz" "/home/CHANGEME/backups/friendica-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/friendica.sql.gz" "/home/CHANGEME/backups/friendica-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"'
Line 379: Line 364:
 === Timer === === Timer ===
  
-  * Every day at ''02:15:00''+  * Every day at ''03:45:00''
  
   sudo -e '/etc/systemd/system/social-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-db.timer' --now && sudo systemctl start 'social-db' && sudo systemctl status 'social-db' -l   sudo -e '/etc/systemd/system/social-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-db.timer' --now && sudo systemctl start 'social-db' && sudo systemctl status 'social-db' -l
Line 389: Line 374:
  
 [Timer] [Timer]
-OnCalendar=*-*-* 02:15:00+OnCalendar=*-*-* 03:45:00
 Persistent=true Persistent=true
  
Line 411: Line 396:
 **** ****
  
-  cd '/srv/www' && sudo tar -cvzf ~/'friendica-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'social' && cd ~ && sync+  cd '/var/www' && sudo tar -cvzf ~/'friendica-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'social' && cd ~ && sync
  
 ==== Backup Database ==== ==== Backup Database ====
Line 417: Line 402:
 **** ****
  
-  sudo mysqldump --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r ~/'friendica-database-manual-'$(date +%Y-%m-%d)'.sql' && sync+  sudo mariadb-dump --defaults-extra-file='/var/lib/mysql/auth/friendica' --single-transaction 'friendica' -r ~/'friendica-database-manual-'$(date +%Y-%m-%d)'.sql' && sync
  
 ==== Start Services ==== ==== Start Services ====
Line 467: Line 452:
 **** ****
  
-  sudo rm -Rf '/srv/www/social'+  sudo rm -Rf '/var/www/social'
  
-==== Restore friendica Folder ====+==== Restore Friendica Folder ====
  
 **** ****
  
-  cd '/srv/www' && sudo tar -xvzf ~/'friendica-files-'*'.tar.gz' 'social' && sudo chown -R 'nginx':'nginx' '/srv/www/social' && cd ~ && sync+  cd '/var/www' && sudo tar -xvzf ~/'friendica-files-'*'.tar.gz' 'social' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/social(/.*)?' && sudo restorecon -F -I -R '/var/www/social' && sudo chown -R 'nginx':'nginx' '/var/www/social' && cd ~ && sync
  
 ==== Drop Previous Database ==== ==== Drop Previous Database ====
  
-  sudo mysql+  sudo mariadb
  
   DROP DATABASE friendica;   DROP DATABASE friendica;
Line 487: Line 472:
 ==== Re-create Databases ==== ==== Re-create Databases ====
  
-  sudo mysql+  sudo mariadb
  
   CREATE DATABASE friendica;   CREATE DATABASE friendica;
Line 497: Line 482:
 **** ****
  
-  sudo mysql 'friendica' < ~/'friendica-database-'*'.sql' && sync+  sudo mariadb 'friendica' < ~/'friendica-database-'*'.sql' && sync
  
 ==== Reapply Permissions ==== ==== Reapply Permissions ====
  
-  sudo mysql+  sudo mariadb
  
   GRANT ALL PRIVILEGES ON friendica.* to 'friendica'@'localhost' IDENTIFIED BY 'x';   GRANT ALL PRIVILEGES ON friendica.* to 'friendica'@'localhost' IDENTIFIED BY 'x';
Line 517: Line 502:
 ==== Remove Backups ==== ==== Remove Backups ====
  
-  * Verify that friendica works before running+  * Verify that Friendica works before running
  
   rm ~/'friendica-files-'*'.tar.gz' ~/'friendica-database-'*'.sql' && sync   rm ~/'friendica-files-'*'.tar.gz' ~/'friendica-database-'*'.sql' && sync
  
/var/www/wiki/data/attic/servers/nginx/friendica.1693656646.txt.gz · Last modified: 2023/09/02 08:10 by Sean Rhone