RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:lychee

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
servers:nginx:lychee [2023/06/27 07:26] Sean Rhoneservers:nginx:lychee [2023/06/27 12:48] Sean Rhone
Line 1: Line 1:
 ====== Information ====== ====== Information ======
  
-  * WordPress ((https://wordpress.org))+  * Lychee ((https://lycheeorg.github.io/))
   * [[Information:Realm of Espionage]]   * [[Information:Realm of Espionage]]
-  * https://blog.realmofespionage.xyz+  * https://media.realmofespionage.xyz
  
 ===== Prerequisites ===== ===== Prerequisites =====
Line 14: Line 14:
 ===== Notes ===== ===== Notes =====
  
-  * :!: Do not initiate any updates from the Admin/wp-admin web page as this may cause local file changes and break the automatic update service +  * :!: Somewhat WIP still
-  * TODO: https://docs.joomla.org/Special:MyLanguage/J4.x:Setting_Up_Your_Local_Environment+
  
 ====== Dependencies ====== ====== Dependencies ======
  
-  * https://wordpress.org/about/requirements+  * https://lycheeorg.github.io/docs/installation.html 
-  * https://make.wordpress.org/hosting/handbook/server-environment/+ 
 +  sudo dnf install php-bcmath php-gd php-pecl-imagick php-mbstring php-pdo php-mysqlnd perl-Image-ExifTool ffmpeg-free composer
  
 ====== Download Source ====== ====== Download Source ======
Line 26: Line 26:
 **** ****
  
-  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/WordPress/WordPress.git' '/var/www/blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sudo restorecon -F -I -R '/var/www/blog' && sync+  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/LycheeOrg/Lychee.git' '/var/www/media' && sudo chown -R 'nginx':'nginx' '/var/www/media' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/media(/.*)?' && sudo restorecon -F -I -R '/var/www/media&& sync 
 + 
 +====== PHP Dependencies ====== 
 + 
 +**** 
 + 
 +  cd '/var/www/media' && sudo -u 'nginx' COMPOSER_CACHE_DIR='/dev/null' composer install --no-dev && sync
  
 ====== Database ====== ====== Database ======
Line 32: Line 38:
   sudo mysql   sudo mysql
  
-  CREATE DATABASE wordpress;+  CREATE DATABASE lychee;
  
-  GRANT ALL PRIVILEGES ON wordpress.* to 'wordpress'@'localhost' IDENTIFIED BY 'x';+  GRANT ALL PRIVILEGES ON lychee.* to 'lychee'@'localhost' IDENTIFIED BY 'x';
  
   FLUSH PRIVILEGES;   FLUSH PRIVILEGES;
  
   EXIT   EXIT
 +
 +====== Lychee Config ======
 +
 +  * https://lycheeorg.github.io/docs/configuration.html
 +
 +  sudo -u 'nginx' -e '/var/www/media/.env'
 +
 +<code>
 +DB_CONNECTION="mysql"
 +DB_DATABASE="lychee"
 +DB_USERNAME="lychee"
 +DB_PASSWORD=x
 +DB_SOCKET="/var/lib/mysql/mysql.sock"</code>
  
 ====== nginx + PHP-FPM Configuration ====== ====== nginx + PHP-FPM Configuration ======
Line 44: Line 63:
 ===== PHP-FPM Socket ===== ===== PHP-FPM Socket =====
  
-  sudo -e '/etc/php-fpm.d/blog.conf' && sudo systemctl restart 'php-fpm'+  sudo -e '/etc/php-fpm.d/media.conf' && sudo systemctl restart 'php-fpm'
  
 <code> <code>
-[blog]+[media]
  
 ; User/Group ; User/Group
Line 54: Line 73:
  
 ; Socket ; Socket
-listen = /run/php-fpm/blog.sock+listen = /run/php-fpm/media.sock
 listen.acl_users = nginx listen.acl_users = nginx
 listen.allowed_clients = 127.0.0.1 listen.allowed_clients = 127.0.0.1
Line 72: Line 91:
 php_value[memory_limit] = "512M" php_value[memory_limit] = "512M"
 php_value[post_max_size] = "10M" php_value[post_max_size] = "10M"
-php_value[upload_max_filesize] = "10M"+php_value[upload_max_filesize] = "100M"
 php_value[max_file_uploads] = "100" php_value[max_file_uploads] = "100"
  
Line 82: Line 101:
 ===== FastCGI ===== ===== FastCGI =====
  
-  sudo -e '/etc/nginx/default.d/blog.conf'+  sudo -e '/etc/nginx/default.d/media.conf'
  
 <code> <code>
 # PHP-FPM # PHP-FPM
-location ~ \.(php|phar)(/.*)?+location = /index.php { 
-    fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;+    fastcgi_split_path_info ^(.+?\.php)(/.*)$
 + 
 +    fastcgi_param PHP_VALUE "post_max_size=100M 
 +        max_execution_time=200 
 +        upload_max_filesize=100M 
 +        memory_limit=512M";
  
     fastcgi_intercept_errors on;     fastcgi_intercept_errors on;
 +    fastcgi_param HTTP_PROXY "";
     fastcgi_index index.php;     fastcgi_index index.php;
     include fastcgi_params;     include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name
 +    fastcgi_param PATH /usr/local/bin:/usr/bin:/bin;
     fastcgi_param PATH_INFO $fastcgi_path_info;     fastcgi_param PATH_INFO $fastcgi_path_info;
-    fastcgi_pass unix:/run/php-fpm/blog.sock;+    fastcgi_pass unix:/run/php-fpm/media.sock;
 }</code> }</code>
  
 ===== Server Block ===== ===== Server Block =====
  
-  * :!: ''style-src'' in the CSP blocks a Google font URL from being loaded ((at least with the Twenty Seventeen theme; nothing appears broken, so looks good to me)) ((add ''fonts.googleapis.com'' after ''unsafe-inline'' in ''style-src'' to fix this))+  * https://lycheeorg.github.io/docs/installation.html#nginx
  
-  sudo -e '/etc/nginx/vhosts.d/blog.conf' && sudo systemctl reload 'nginx' && sync+  sudo -e '/etc/nginx/vhosts.d/media.conf' && sudo systemctl reload 'nginx' && sync
  
 <code> <code>
 server { server {
     listen '443' 'ssl' 'http2';     listen '443' 'ssl' 'http2';
-    server_name 'blog.realmofespionage.xyz'; +    server_name 'media.realmofespionage.xyz'; 
-    root '/var/www/blog';+    root '/var/www/media';
     index 'index.php';     index 'index.php';
  
-    include '/etc/nginx/default.d/blog.conf';+    include '/etc/nginx/default.d/media.conf';
     include '/etc/nginx/default.d/headers.conf';     include '/etc/nginx/default.d/headers.conf';
  
-    client_max_body_size '10M';+    client_max_body_size '100M';
  
     add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;     add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;
Line 120: Line 146:
 #    error_log  /var/log/nginx/media-error.log; #    error_log  /var/log/nginx/media-error.log;
  
-    location / +    if (!-e $request_filename) 
-        try_files $uri $uri/ /index.php?$args;+    
 +        rewrite ^/(.*)$ /index.php?/$1 last; 
 +        break;
     }     }
  
-    rewrite /wp-admin$ $scheme://$host$uri/ permanent; +    location ~ [^/]\.php(/|$) { 
- +        return 403;
-    location ~^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)+
-          access_log off; log_not_found off; expires max;+
     }     }
 +
 +    rewrite ^/(.+)/$ /$1 permanent;
 }</code> }</code>
  
 ====== Initial Setup ====== ====== Initial Setup ======
  
-  * https://blog.realmofespionage.xyz+  * https://media.realmofespionage.xyz
  
 ====== Settings ====== ====== Settings ======
Line 152: Line 180:
 Group=nginx Group=nginx
 Type=oneshot Type=oneshot
 +WorkingDirectory=/var/www/media
 +Environment="COMPOSER_CACHE_DIR=/dev/null"
 +ExecStartPre='/usr/bin/php' '/var/www/media/artisan' down
 ExecStart='/usr/bin/git' -C '/var/www/media' pull origin 'master' ExecStart='/usr/bin/git' -C '/var/www/media' pull origin 'master'
 +ExecStart='/usr/bin/composer' install --no-dev
 +ExecStart='/usr/bin/php' '/var/www/media/artisan' 'migrate' --force
 +ExecStartPost='/usr/bin/php' '/var/www/media/artisan' 'config:cache'
 +ExecStartPost='/usr/bin/php' '/var/www/media/artisan' 'up'
 ExecStartPost='/usr/bin/sync'</code> ExecStartPost='/usr/bin/sync'</code>
  
Line 361: Line 396:
 **** ****
  
-  cd '/var/www' && sudo tar -xvzf ~/'lychee-files-'*'.tar.gz' 'media' && sudo chown -R 'nginx':'nginx' '/var/www/media' && sudo restorecon -F -I -R '/var/www/media' && cd ~ && sync+  cd '/var/www' && sudo tar -xvzf ~/'lychee-files-'*'.tar.gz' 'media' && sudo chown -R 'nginx':'nginx' '/var/www/media' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/media(/.*)?' && sudo restorecon -F -I -R '/var/www/media' && cd ~ && sync
  
 ==== Drop Previous Database ==== ==== Drop Previous Database ====