Differences

This shows you the differences between two versions of the page.

--- servers:nginx:gnu_social [2019/01/15 05:36] – external edit 127.0.0.1
+++ servers:nginx:gnu_social [2024/08/13 22:19] (current) – removed Sean Rhone
@@ Line 1: / Line 1: @@
-====== Information ======
-  * GNU social ((https://gnu.io/social)) ((https://git.gnu.io/gnu/gnu-social))
-  * [[Information:Realm of Espionage]]
-  * https://social.realmofespionage.xyz
-===== Prerequisites =====
-  * [[distros:ubuntu_server | Ubuntu Server]]
-  * [[servers:mariadb | MariaDB]]
-  * [[servers:nginx_php_php-fpm | nginx + PHP + PHP-FPM]]
-  * [[servers:nginx:lets_encrypt | Let's Encrypt]]
-===== Notes =====
-  * Don't use **updateurls.php** script ((messes up group URLs; TODO: Re-verify this))
-  * There was a timeout when trying to upload an image over VPN; maybe increase script upload time like in MediaGoblin? TODO: Figure this out
-  *
-====== Dependencies ======
-****
-  sudo apt install gettext
-====== Download Source ======
-****
-  sudo git clone -b 'nightly' 'https://git.gnu.io/gnu/gnu-social.git' '/var/www/social' --depth '1' && sudo chown -R 'www-data':'www-data' '/var/www/social' && sync
-====== Database ======
-  sudo mysql
-  CREATE DATABASE gnusocial;
-  GRANT ALL PRIVILEGES ON gnusocial.* to 'gnusocial'@'localhost' IDENTIFIED BY 'x';
-  FLUSH PRIVILEGES;
-====== nginx + PHP-FPM Configuration ======
-===== PHP-FPM Socket =====
-  sudo -e '/etc/php/7.2/fpm/pool.d/social.conf' && sudo systemctl restart 'php7.2-fpm'
-<code>
-[social]
-user = www-data
-group = www-data
-listen = /run/php/social.sock
-listen.owner = www-data
-listen.group = www-data
-listen.allowed_clients = 127.0.0.1
-pm = dynamic
-pm.max_children = 8
-pm.start_servers = 3
-pm.min_spare_servers = 2
-pm.max_spare_servers = 4
-php_value[date.timezone] = "America/New_York"
-php_value[upload_tmp_dir] = "/tmp"
-php_value[max_execution_time] = "200"
-php_value[memory_limit] = "512M"
-php_value[post_max_size] = "10M"
-php_value[upload_max_filesize] = "10M"
-php_value[max_file_uploads] = "100"</code>
-===== FastCGI =====
-  sudo -e '/etc/nginx/snippets/social.conf'
-<code>
-location ~ \.php$ {
-    include /etc/nginx/fastcgi.conf;
-    try_files $fastcgi_script_name =404;
-    fastcgi_pass unix:/run/php/social.sock
-    fastcgi_index index.php;
-    fastcgi_buffers 16 16k;
-    fastcgi_buffer_size 32k;
-    fastcgi_intercept_errors on;
-}</code>
-===== Server Block =====
-  sudo -e '/etc/nginx/sites-available/social.conf'
-<code>
-server {
-    listen '443' 'ssl' 'http2';
-    server_name 'social.realmofespionage.xyz';
-    root '/var/www/social';
-    index 'index.php';
-    include '/etc/nginx/snippets/social.conf';
-    include '/etc/nginx/snippets/headers.conf';
-    client_max_body_size '10M';
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'" always;
-    #access_log /var/log/nginx/social-access.log;
-    #error_log /var/log/nginx/social-error.log;
-    location / {
-        try_files $uri $uri/ @gnusocial;
-    }
-    location @gnusocial {
-        rewrite ^(.*)$ /index.php?p=$1 last;
-    }
-}</code>
-==== Enable Server Block ====
-****
-  sudo rm -f '/etc/nginx/sites-enabled/social.conf' && sudo ln -s '/etc/nginx/sites-available/social.conf' '/etc/nginx/sites-enabled' && sudo systemctl reload 'nginx'
-====== Initial Setup ======
-  * https://social.realmofespionage.xyz/install.php
-====== Settings ======
-  * Uncomment ''schemacheck''
-  sudo -H -u 'www-data' -e '/var/www/social/config.php' && sudo -H -u 'www-data' php '/var/www/social/scripts/checkschema.php'
-  $config['db']['schemacheck'] = 'script';
-  # Queue Daemon
-  $config['queue']['daemon'] = true;
-  $config['queue']['enabled'] = true;
-  $config['queue']['subsystem'] = 'db';
-  GNUsocial::delPlugin('OpportunisticQM');
-  # Mail System
-  $config['mail']['domain'] = 'realmofespionage.xyz';
-  $config['mail']['notifyfrom'] = '"RoE | Social" <social@realmofespionage.xyz>';
-  $config['mail']['backend'] = 'smtp';
-  $config['mail']['debug'] = true;
-  $config['mail']['params'] = array(
-  'host' => 'smtp.sendgrid.net',
-  'port' => 587,
-  'auth' => true,
-  'username' => 'Espionage724',
-  'password' => 'x'
-  );
-  # Other Settings
-  $config['db']['schemacheck'] = 'script';
-  $config['performance']['high'] = true;
-  $config['thumbnail']['maxsize'] = 3000;
-  addPlugin('MobileProfile');
-====== Content ======
-==== License ====
-  * Creative Commons Attribution-ShareAlike 4.0 International
-  * https://creativecommons.org/licenses/by-sa/4.0
-  * https://social.realmofespionage.xyz/cc-by-sa-40.png
-  sudo -u 'www-data' wget -O '/var/www/social/cc-by-sa-40.png' 'https://licensebuttons.net/l/by-sa/4.0/80x15.png'
-==== Logo ====
-  * https://social.realmofespionage.xyz/roe-social-logo.png
-  * TODO: Re-create the logo since the image host is dead, and never rely on 3rd-party hosts again :p
-  sudo -u 'www-data' wget -O '/var/www/social/roe-social-logo.png' 'https://i.sli.mg/ThdC4x.png'
-====== Webfinger ======
-  * :!: This URL must report something and not 404; else any remote interactions to the instance won't work
-  * https://social.realmofespionage.xyz/.well-known/host-meta
-====== Services ======
-===== Queue Daemon =====
-==== Service ====
-  sudo -e '/etc/systemd/system/social-d.service' && sudo systemctl daemon-reload && sudo systemctl enable 'social-d' --now && sudo systemctl status 'social-d' -l
-<code>
-[Unit]
-Description=GNU social Queue Daemon
-After=network-online.target mariadb.service
-Wants=network-online.target
-[Service]
-Type=forking
-User=www-data
-Group=www-data
-WorkingDirectory=/var/www/social
-ExecStart='/var/www/social/scripts/startdaemons.sh'
-ExecStop='/var/www/social/scripts/stopdaemons.sh'
-Restart=always
-RestartSec=5
-[Install]
-WantedBy=multi-user.target</code>
-===== Restarter =====
-==== Service ====
-  sudo -e '/etc/systemd/system/social-re.service'
-<code>
-[Service]
-Type=oneshot
-ExecStart='/bin/systemctl' stop 'social-d'
-ExecStartPost='/bin/sync'
-ExecStartPost='/bin/systemctl' start 'social-d'</code>
-==== Timer ====
-  * Every day at ''02:10:00''
-  sudo -e '/etc/systemd/system/social-re.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-re.timer' --now
-<code>
-[Unit]
-Description=GNU social Queue Daemon Restarter
-After=network-online.target social-up.service
-Wants=network-online.target
-[Timer]
-OnCalendar=*-*-* 02:10:00
-Persistent=true
-[Install]
-WantedBy=timers.target</code>
-===== Updater =====
-==== Service ====
-  sudo -e '/etc/systemd/system/social-up.service'
-<code>
-[Service]
-User=www-data
-Group=www-data
-Type=oneshot
-WorkingDirectory=/var/www/social
-ExecStartPre='/usr/bin/git' -C '/var/www/social' pull origin 'nightly'
-ExecStart='/usr/bin/php' '/var/www/social/scripts/upgrade.php'
-ExecStart='/usr/bin/php' '/var/www/social/scripts/clean_file_table.php' -y
-ExecStart='/usr/bin/php' '/var/www/social/scripts/clean_profiles.php' -y
-ExecStart='/usr/bin/php' '/var/www/social/scripts/clean_thumbnails.php' -y
-ExecStart='/usr/bin/php' '/var/www/social/scripts/delete_orphan_files.php' -y
-ExecStart='/usr/bin/php' '/var/www/social/scripts/fixup_deletions.php'
-ExecStart='/usr/bin/php' '/var/www/social/scripts/remove_duplicate_file_urls.php' -y
-ExecStart='/usr/bin/php' '/var/www/social/scripts/update_po_templates.php'
-ExecStart='/usr/bin/php' '/var/www/social/scripts/updateurls.php'
-ExecStart='/usr/bin/php' '/var/www/social/scripts/checkschema.php'
-ExecStartPost='/bin/sync'</code>
-==== Timer ====
-  * Every day at ''02:00:00''
-  sudo -e '/etc/systemd/system/social-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-up.timer' --now && sudo systemctl start 'social-up' && sudo systemctl status 'social-up' -l
-<code>
-[Unit]
-Description=GNU social Maintenance and Git Updater
-After=network-online.target
-Wants=network-online.target
-[Timer]
-OnCalendar=*-*-* 02:00:00
-Persistent=true
-[Install]
-WantedBy=timers.target</code>
-===== Maintenance =====
-==== Service ====
-  sudo -e '/etc/systemd/system/social-m.service'
-<code>
-[Service]
-User=www-data
-Group=www-data
-Type=oneshot
-WorkingDirectory=/var/www/social
-ExecStart='/usr/bin/git' -C '/var/www/social' gc --aggressive --prune='all'
-ExecStart='/usr/bin/git' -C '/var/www/social' fsck --full --strict
-ExecStartPost='/bin/sync'</code>
-==== Timer ====
-  * ''01'' day of every month at ''02:20:00''
-  sudo -e '/etc/systemd/system/social-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-m.timer' --now
-<code>
-[Unit]
-Description=GNU social Maintenance
-After=network-online.target
-Wants=network-online.target
-[Timer]
-OnCalendar=*-*-01 02:20:00
-Persistent=true
-[Install]
-WantedBy=timers.target</code>
-===== Backup =====
-  * This backs up an archive to the local disk and [[distros:ubuntu_server#nas_backups | to a NAS]]
-==== Files ====
-=== Service ===
-  mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/social-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/social-fb.service'
-<code>
-[Service]
-Type=oneshot
-WorkingDirectory=/var/www
-ExecStart='/bin/bash' -c '"/bin/tar" -cvzf "/home/CHANGEME/backups/gnusocial-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "social"'
-ExecStartPost='/bin/sync'</code>
-=== Timer ===
-  * ''01'' day of every month at ''02:50:00''
-  sudo -e '/etc/systemd/system/social-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-fb.timer' --now && sudo systemctl start 'social-fb' && sudo systemctl status 'social-fb' -l
-<code>
-[Unit]
-Description=GNU social Files Backup
-[Timer]
-OnCalendar=*-*-01 02:50:00
-Persistent=true
-[Install]
-WantedBy=timers.target</code>
-==== Database ====
-=== Database Auth ===
-  sudo -e '/var/lib/mysqlauth/gnusocial' && sudo chmod '600' '/var/lib/mysqlauth/gnusocial'
-<code>
-[mysqldump]
-user=gnusocial
-password=x</code>
-=== Service ===
-  mkdir -p ~/'backups' && sudo mkdir -p '/var/lib/mysqltmp' && sudo -e '/etc/systemd/system/social-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/social-db.service'
-<code>
-[Service]
-Type=oneshot
-WorkingDirectory=/var/lib/mysqltmp
-ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysqlauth/gnusocial' --single-transaction 'gnusocial' -r '/var/lib/mysqltmp/gnusocial.sql'
-ExecStart='/bin/gzip' -f '/var/lib/mysqltmp/gnusocial.sql'
-ExecStart='/bin/bash' -c '"/bin/mv" "/var/lib/mysqltmp/gnusocial.sql.gz" "/home/CHANGEME/backups/gnusocial-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"'
-ExecStartPost='/bin/sync'</code>
-=== Timer ===
-  * Every day at ''02:15:00''
-  sudo -e '/etc/systemd/system/social-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'social-db.timer' --now && sudo systemctl start 'social-db' && sudo systemctl status 'social-db' -l
-<code>
-[Unit]
-Description=GNU social Database Backup
-After=mariadb.service
-[Timer]
-OnCalendar=*-*-* 02:15:00
-Persistent=true
-[Install]
-WantedBy=timers.target</code>
-====== Backup ======
-  * Create backup archive on server and transfer to client computer
-===== Server =====
-==== Stop Services ====
-****
-  sudo systemctl stop nginx php7.2-fpm social-d
-==== Backup Folder ====
-****
-  cd '/var/www' && sudo tar -cvzf ~/'gnusocial-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'social' && cd ~ && sync
-==== Backup Database ====
-****
-  sudo mysqldump --defaults-extra-file='/var/lib/mysqlauth/gnusocial' --single-transaction 'gnusocial' -r ~/'gnusocial-database-manual-'$(date +%Y-%m-%d)'.sql' && sync
-==== Start Services ====
-****
-  sudo systemctl start nginx php7.2-fpm social-d
-===== Client =====
-==== Transfer Files To Client ====
-****
-  scp espionage724@192.168.1.153:~/'gnusocial-files-'*'.tar.gz' espionage724@192.168.1.153:~/'gnusocial-database-'*'.sql' ~/'Downloads' && sync
-====== Restore ======
-===== Client =====
-==== Uncompress Database ====
-  * This is only needed if restoring an **automated** database backup ((manual doesn't gzip))
-  gunzip ~/'Downloads/gnusocial-database-'*'.sql.gz'
-==== Transfer Files To Server ====
-****
-  scp ~/'Downloads/gnusocial-files-'*'.tar.gz' ~/'Downloads/gnusocial-database-'*'.sql' espionage724@192.168.1.153:~
-==== Remove Files ====
-****
-  rm -f ~/'Downloads/gnusocial-files-'*'.tar.gz' ~/'Downloads/gnusocial-database-'*'.sql' && sync
-===== Server =====
-==== Stop Services ====
-****
-  sudo systemctl stop nginx php7.2-fpm social-d
-==== Remove Previous Folder ====
-****
-  sudo rm -Rf '/var/www/social'
-==== Restore GNU social Folder ====
-****
-  cd '/var/www' && sudo tar -xvzf ~/'gnusocial-files-'*'.tar.gz' 'social' && sudo chown -R 'www-data':'www-data' '/var/www/social' && cd ~ && sync
-==== Drop Previous Database ====
-  sudo mysql
-  DROP DATABASE gnusocial;
-  FLUSH TABLES;
-==== Re-create Databases ====
-  sudo mysql
-  CREATE DATABASE gnusocial;
-==== Restore Database ====
-****
-  sudo mysql 'gnusocial' < ~/'gnusocial-database-'*'.sql' && sync
-==== Reapply Permissions ====
-  sudo mysql
-  GRANT ALL PRIVILEGES ON gnusocial.* to 'gnusocial'@'localhost' IDENTIFIED BY 'x';
-  FLUSH PRIVILEGES;
-==== Start Services ====
-****
-  sudo systemctl start nginx php7.2-fpm social-d
-==== Remove Backups ====
-  * Verify that GNU social works before running
-  rm ~/'gnusocial-files-'*'.tar.gz' ~/'gnusocial-database-'*'.sql' && sync