servers:nginx:gnu_social
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
servers:nginx:gnu_social [2019/01/15 04:24] – [Server Block] Sean Rhone | servers:nginx:gnu_social [2019/01/15 04:36] (current) – Sean Rhone | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Information ====== | ||
+ | * GNU social ((https:// | ||
+ | * [[Information: | ||
+ | * https:// | ||
+ | |||
+ | ===== Prerequisites ===== | ||
+ | |||
+ | * [[distros: | ||
+ | * [[servers: | ||
+ | * [[servers: | ||
+ | * [[servers: | ||
+ | |||
+ | ===== Notes ===== | ||
+ | |||
+ | * Don't use **updateurls.php** script ((messes up group URLs; TODO: Re-verify this)) | ||
+ | * There was a timeout when trying to upload an image over VPN; maybe increase script upload time like in MediaGoblin? | ||
+ | * | ||
+ | |||
+ | ====== Dependencies ====== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo apt install gettext | ||
+ | |||
+ | ====== Download Source ====== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo git clone -b ' | ||
+ | |||
+ | ====== Database ====== | ||
+ | |||
+ | sudo mysql | ||
+ | |||
+ | CREATE DATABASE gnusocial; | ||
+ | |||
+ | GRANT ALL PRIVILEGES ON gnusocial.* to ' | ||
+ | |||
+ | FLUSH PRIVILEGES; | ||
+ | |||
+ | ====== nginx + PHP-FPM Configuration ====== | ||
+ | |||
+ | ===== PHP-FPM Socket ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [social] | ||
+ | user = www-data | ||
+ | group = www-data | ||
+ | |||
+ | listen = / | ||
+ | listen.owner = www-data | ||
+ | listen.group = www-data | ||
+ | listen.allowed_clients = 127.0.0.1 | ||
+ | |||
+ | pm = dynamic | ||
+ | pm.max_children = 8 | ||
+ | pm.start_servers = 3 | ||
+ | pm.min_spare_servers = 2 | ||
+ | pm.max_spare_servers = 4 | ||
+ | |||
+ | php_value[date.timezone] = " | ||
+ | php_value[upload_tmp_dir] = "/ | ||
+ | |||
+ | php_value[max_execution_time] = " | ||
+ | php_value[memory_limit] = " | ||
+ | php_value[post_max_size] = " | ||
+ | php_value[upload_max_filesize] = " | ||
+ | php_value[max_file_uploads] = " | ||
+ | |||
+ | ===== FastCGI ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | location ~ \.php$ { | ||
+ | include / | ||
+ | try_files $fastcgi_script_name =404; | ||
+ | fastcgi_pass unix:/ | ||
+ | fastcgi_index index.php; | ||
+ | fastcgi_buffers 16 16k; | ||
+ | fastcgi_buffer_size 32k; | ||
+ | fastcgi_intercept_errors on; | ||
+ | }</ | ||
+ | |||
+ | ===== Server Block ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | server { | ||
+ | listen ' | ||
+ | server_name ' | ||
+ | root '/ | ||
+ | index ' | ||
+ | |||
+ | include '/ | ||
+ | include '/ | ||
+ | |||
+ | client_max_body_size ' | ||
+ | |||
+ | add_header Content-Security-Policy " | ||
+ | |||
+ | #access_log / | ||
+ | #error_log / | ||
+ | |||
+ | location / { | ||
+ | try_files $uri $uri/ @gnusocial; | ||
+ | } | ||
+ | |||
+ | location @gnusocial { | ||
+ | rewrite ^(.*)$ / | ||
+ | } | ||
+ | }</ | ||
+ | |||
+ | ==== Enable Server Block ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo rm -f '/ | ||
+ | |||
+ | ====== Initial Setup ====== | ||
+ | |||
+ | * https:// | ||
+ | |||
+ | ====== Settings ====== | ||
+ | |||
+ | * Uncomment '' | ||
+ | |||
+ | sudo -H -u ' | ||
+ | |||
+ | $config[' | ||
+ | |||
+ | # Queue Daemon | ||
+ | $config[' | ||
+ | $config[' | ||
+ | $config[' | ||
+ | GNUsocial:: | ||
+ | | ||
+ | # Mail System | ||
+ | $config[' | ||
+ | $config[' | ||
+ | $config[' | ||
+ | $config[' | ||
+ | $config[' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ); | ||
+ | | ||
+ | # Other Settings | ||
+ | $config[' | ||
+ | $config[' | ||
+ | $config[' | ||
+ | addPlugin(' | ||
+ | |||
+ | ====== Content ====== | ||
+ | |||
+ | ==== License ==== | ||
+ | |||
+ | * Creative Commons Attribution-ShareAlike 4.0 International | ||
+ | * https:// | ||
+ | * https:// | ||
+ | |||
+ | sudo -u ' | ||
+ | |||
+ | ==== Logo ==== | ||
+ | |||
+ | * https:// | ||
+ | * TODO: Re-create the logo since the image host is dead, and never rely on 3rd-party hosts again :p | ||
+ | |||
+ | sudo -u ' | ||
+ | |||
+ | ====== Webfinger ====== | ||
+ | |||
+ | * :!: This URL must report something and not 404; else any remote interactions to the instance won't work | ||
+ | |||
+ | * https:// | ||
+ | |||
+ | ====== Services ====== | ||
+ | |||
+ | ===== Queue Daemon ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=GNU social Queue Daemon | ||
+ | After=network-online.target mariadb.service | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Service] | ||
+ | Type=forking | ||
+ | User=www-data | ||
+ | Group=www-data | ||
+ | WorkingDirectory=/ | ||
+ | ExecStart='/ | ||
+ | ExecStop='/ | ||
+ | Restart=always | ||
+ | RestartSec=5 | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target</ | ||
+ | |||
+ | ===== Restarter ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | Type=oneshot | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ==== Timer ==== | ||
+ | |||
+ | * Every day at '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=GNU social Queue Daemon Restarter | ||
+ | After=network-online.target social-up.service | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-* 02:10:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ===== Updater ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | User=www-data | ||
+ | Group=www-data | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStartPre='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ==== Timer ==== | ||
+ | |||
+ | * Every day at '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=GNU social Maintenance and Git Updater | ||
+ | After=network-online.target | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-* 02:00:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ===== Maintenance ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | User=www-data | ||
+ | Group=www-data | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ==== Timer ==== | ||
+ | |||
+ | * '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=GNU social Maintenance | ||
+ | After=network-online.target | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-01 02:20:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ===== Backup ===== | ||
+ | |||
+ | * This backs up an archive to the local disk and [[distros: | ||
+ | |||
+ | ==== Files ==== | ||
+ | |||
+ | === Service === | ||
+ | |||
+ | mkdir -p ~/' | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | === Timer === | ||
+ | |||
+ | * '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=GNU social Files Backup | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-01 02:50:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ==== Database ==== | ||
+ | |||
+ | === Database Auth === | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [mysqldump] | ||
+ | user=gnusocial | ||
+ | password=x</ | ||
+ | |||
+ | === Service === | ||
+ | |||
+ | mkdir -p ~/' | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStartPre='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | === Timer === | ||
+ | |||
+ | * Every day at '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=GNU social Database Backup | ||
+ | After=mariadb.service | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-* 02:15:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ====== Backup ====== | ||
+ | |||
+ | * Create backup archive on server and transfer to client computer | ||
+ | |||
+ | ===== Server ===== | ||
+ | |||
+ | ==== Stop Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl stop nginx php7.2-fpm social-d | ||
+ | |||
+ | ==== Backup Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | cd '/ | ||
+ | |||
+ | ==== Backup Database ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo mysqldump --defaults-extra-file='/ | ||
+ | |||
+ | ==== Start Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl start nginx php7.2-fpm social-d | ||
+ | |||
+ | ===== Client ===== | ||
+ | |||
+ | ==== Transfer Files To Client ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | scp espionage724@192.168.1.153: | ||
+ | |||
+ | ====== Restore ====== | ||
+ | |||
+ | ===== Client ===== | ||
+ | |||
+ | ==== Uncompress Database ==== | ||
+ | |||
+ | * This is only needed if restoring an **automated** database backup ((manual doesn' | ||
+ | |||
+ | gunzip ~/' | ||
+ | |||
+ | ==== Transfer Files To Server ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | scp ~/' | ||
+ | |||
+ | ==== Remove Files ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | rm -f ~/' | ||
+ | |||
+ | ===== Server ===== | ||
+ | |||
+ | ==== Stop Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl stop nginx php7.2-fpm social-d | ||
+ | |||
+ | ==== Remove Previous Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo rm -Rf '/ | ||
+ | |||
+ | ==== Restore GNU social Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | cd '/ | ||
+ | |||
+ | ==== Drop Previous Database ==== | ||
+ | |||
+ | sudo mysql | ||
+ | |||
+ | DROP DATABASE gnusocial; | ||
+ | |||
+ | FLUSH TABLES; | ||
+ | |||
+ | ==== Re-create Databases ==== | ||
+ | |||
+ | sudo mysql | ||
+ | |||
+ | CREATE DATABASE gnusocial; | ||
+ | |||
+ | ==== Restore Database ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo mysql ' | ||
+ | |||
+ | ==== Reapply Permissions ==== | ||
+ | |||
+ | sudo mysql | ||
+ | |||
+ | GRANT ALL PRIVILEGES ON gnusocial.* to ' | ||
+ | |||
+ | FLUSH PRIVILEGES; | ||
+ | |||
+ | ==== Start Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl start nginx php7.2-fpm social-d | ||
+ | |||
+ | ==== Remove Backups ==== | ||
+ | |||
+ | * Verify that GNU social works before running | ||
+ | |||
+ | rm ~/' |