RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:lychee

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:nginx:lychee [2023/06/27 07:26] Sean Rhoneservers:nginx:lychee [2023/06/27 12:48] (current) Sean Rhone
Line 1: Line 1:
 ====== Information ====== ====== Information ======
  
-  * WordPress ((https://wordpress.org))+  * Lychee ((https://lycheeorg.github.io/))
   * [[Information:Realm of Espionage]]   * [[Information:Realm of Espionage]]
-  * https://blog.realmofespionage.xyz+  * https://media.realmofespionage.xyz
  
 ===== Prerequisites ===== ===== Prerequisites =====
Line 14: Line 14:
 ===== Notes ===== ===== Notes =====
  
-  * :!: Do not initiate any updates from the Admin/wp-admin web page as this may cause local file changes and break the automatic update service +  * :!: Somewhat WIP still
-  * TODO: https://docs.joomla.org/Special:MyLanguage/J4.x:Setting_Up_Your_Local_Environment+
  
 ====== Dependencies ====== ====== Dependencies ======
  
-  * https://wordpress.org/about/requirements+  * https://lycheeorg.github.io/docs/installation.html 
-  * https://make.wordpress.org/hosting/handbook/server-environment/+ 
 +  sudo dnf install php-bcmath php-gd php-pecl-imagick php-mbstring php-pdo php-mysqlnd perl-Image-ExifTool ffmpeg-free composer
  
 ====== Download Source ====== ====== Download Source ======
Line 26: Line 26:
 **** ****
  
-  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/WordPress/WordPress.git' '/var/www/blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sudo restorecon -F -I -R '/var/www/blog' && sync+  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/LycheeOrg/Lychee.git' '/var/www/media' && sudo chown -R 'nginx':'nginx' '/var/www/media' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/media(/.*)?' && sudo restorecon -F -I -R '/var/www/media&& sync 
 + 
 +====== PHP Dependencies ====== 
 + 
 +**** 
 + 
 +  cd '/var/www/media' && sudo -u 'nginx' COMPOSER_CACHE_DIR='/dev/null' composer install --no-dev && sync
  
 ====== Database ====== ====== Database ======
Line 32: Line 38:
   sudo mysql   sudo mysql
  
-  CREATE DATABASE wordpress;+  CREATE DATABASE lychee;
  
-  GRANT ALL PRIVILEGES ON wordpress.* to 'wordpress'@'localhost' IDENTIFIED BY 'x';+  GRANT ALL PRIVILEGES ON lychee.* to 'lychee'@'localhost' IDENTIFIED BY 'x';
  
   FLUSH PRIVILEGES;   FLUSH PRIVILEGES;
  
   EXIT   EXIT
 +
 +====== Lychee Config ======
 +
 +  * https://lycheeorg.github.io/docs/configuration.html
 +
 +  sudo -u 'nginx' -e '/var/www/media/.env'
 +
 +<code>
 +DB_CONNECTION="mysql"
 +DB_DATABASE="lychee"
 +DB_USERNAME="lychee"
 +DB_PASSWORD=x
 +DB_SOCKET="/var/lib/mysql/mysql.sock"</code>
  
 ====== nginx + PHP-FPM Configuration ====== ====== nginx + PHP-FPM Configuration ======
Line 44: Line 63:
 ===== PHP-FPM Socket ===== ===== PHP-FPM Socket =====
  
-  sudo -e '/etc/php-fpm.d/blog.conf' && sudo systemctl restart 'php-fpm'+  sudo -e '/etc/php-fpm.d/media.conf' && sudo systemctl restart 'php-fpm'
  
 <code> <code>
-[blog]+[media]
  
 ; User/Group ; User/Group
Line 54: Line 73:
  
 ; Socket ; Socket
-listen = /run/php-fpm/blog.sock+listen = /run/php-fpm/media.sock
 listen.acl_users = nginx listen.acl_users = nginx
 listen.allowed_clients = 127.0.0.1 listen.allowed_clients = 127.0.0.1
Line 72: Line 91:
 php_value[memory_limit] = "512M" php_value[memory_limit] = "512M"
 php_value[post_max_size] = "10M" php_value[post_max_size] = "10M"
-php_value[upload_max_filesize] = "10M"+php_value[upload_max_filesize] = "100M"
 php_value[max_file_uploads] = "100" php_value[max_file_uploads] = "100"
  
Line 82: Line 101:
 ===== FastCGI ===== ===== FastCGI =====
  
-  sudo -e '/etc/nginx/default.d/blog.conf'+  sudo -e '/etc/nginx/default.d/media.conf'
  
 <code> <code>
 # PHP-FPM # PHP-FPM
-location ~ \.(php|phar)(/.*)?+location = /index.php { 
-    fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;+    fastcgi_split_path_info ^(.+?\.php)(/.*)$
 + 
 +    fastcgi_param PHP_VALUE "post_max_size=100M 
 +        max_execution_time=200 
 +        upload_max_filesize=100M 
 +        memory_limit=512M";
  
     fastcgi_intercept_errors on;     fastcgi_intercept_errors on;
 +    fastcgi_param HTTP_PROXY "";
     fastcgi_index index.php;     fastcgi_index index.php;
     include fastcgi_params;     include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name
 +    fastcgi_param PATH /usr/local/bin:/usr/bin:/bin;
     fastcgi_param PATH_INFO $fastcgi_path_info;     fastcgi_param PATH_INFO $fastcgi_path_info;
-    fastcgi_pass unix:/run/php-fpm/blog.sock;+    fastcgi_pass unix:/run/php-fpm/media.sock;
 }</code> }</code>
  
 ===== Server Block ===== ===== Server Block =====
  
-  * :!: ''style-src'' in the CSP blocks a Google font URL from being loaded ((at least with the Twenty Seventeen theme; nothing appears broken, so looks good to me)) ((add ''fonts.googleapis.com'' after ''unsafe-inline'' in ''style-src'' to fix this))+  * https://lycheeorg.github.io/docs/installation.html#nginx
  
-  sudo -e '/etc/nginx/vhosts.d/blog.conf' && sudo systemctl reload 'nginx' && sync+  sudo -e '/etc/nginx/vhosts.d/media.conf' && sudo systemctl reload 'nginx' && sync
  
 <code> <code>
 server { server {
     listen '443' 'ssl' 'http2';     listen '443' 'ssl' 'http2';
-    server_name 'blog.realmofespionage.xyz'; +    server_name 'media.realmofespionage.xyz'; 
-    root '/var/www/blog';+    root '/var/www/media';
     index 'index.php';     index 'index.php';
  
-    include '/etc/nginx/default.d/blog.conf';+    include '/etc/nginx/default.d/media.conf';
     include '/etc/nginx/default.d/headers.conf';     include '/etc/nginx/default.d/headers.conf';
  
-    client_max_body_size '10M';+    client_max_body_size '100M';
  
     add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;     add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;
Line 120: Line 146:
 #    error_log  /var/log/nginx/media-error.log; #    error_log  /var/log/nginx/media-error.log;
  
-    location / +    if (!-e $request_filename) 
-        try_files $uri $uri/ /index.php?$args;+    
 +        rewrite ^/(.*)$ /index.php?/$1 last; 
 +        break;
     }     }
  
-    rewrite /wp-admin$ $scheme://$host$uri/ permanent; +    location ~ [^/]\.php(/|$) { 
- +        return 403;
-    location ~^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)+
-          access_log off; log_not_found off; expires max;+
     }     }
 +
 +    rewrite ^/(.+)/$ /$1 permanent;
 }</code> }</code>
  
 ====== Initial Setup ====== ====== Initial Setup ======
  
-  * https://blog.realmofespionage.xyz+  * https://media.realmofespionage.xyz
  
 ====== Settings ====== ====== Settings ======
Line 152: Line 180:
 Group=nginx Group=nginx
 Type=oneshot Type=oneshot
 +WorkingDirectory=/var/www/media
 +Environment="COMPOSER_CACHE_DIR=/dev/null"
 +ExecStartPre='/usr/bin/php' '/var/www/media/artisan' down
 ExecStart='/usr/bin/git' -C '/var/www/media' pull origin 'master' ExecStart='/usr/bin/git' -C '/var/www/media' pull origin 'master'
 +ExecStart='/usr/bin/composer' install --no-dev
 +ExecStart='/usr/bin/php' '/var/www/media/artisan' 'migrate' --force
 +ExecStartPost='/usr/bin/php' '/var/www/media/artisan' 'config:cache'
 +ExecStartPost='/usr/bin/php' '/var/www/media/artisan' 'up'
 ExecStartPost='/usr/bin/sync'</code> ExecStartPost='/usr/bin/sync'</code>
  
Line 361: Line 396:
 **** ****
  
-  cd '/var/www' && sudo tar -xvzf ~/'lychee-files-'*'.tar.gz' 'media' && sudo chown -R 'nginx':'nginx' '/var/www/media' && sudo restorecon -F -I -R '/var/www/media' && cd ~ && sync+  cd '/var/www' && sudo tar -xvzf ~/'lychee-files-'*'.tar.gz' 'media' && sudo chown -R 'nginx':'nginx' '/var/www/media' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/media(/.*)?' && sudo restorecon -F -I -R '/var/www/media' && cd ~ && sync
  
 ==== Drop Previous Database ==== ==== Drop Previous Database ====
/var/www/wiki/data/pages/servers/nginx/lychee.txt · Last modified: 2023/06/27 12:48 by Sean Rhone