RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:piwigo

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:nginx:piwigo [2023/09/01 16:59] Sean Rhoneservers:nginx:piwigo [2024/08/13 22:17] (current) – removed Sean Rhone
Line 1: Line 1:
-====== Information ====== 
- 
-  * Piwigo ((https://piwigo.org/)) 
-  * Bootstrap Darkroom Theme ((https://github.com/Piwigo/piwigo-bootstrap-darkroom)) 
-  * master Branches ((https://github.com/Piwigo/Piwigo/tree/master)) ((https://github.com/Piwigo/piwigo-bootstrap-darkroom/tree/master)) 
-  * [[Information:Realm of Espionage]] 
-  * https://media.realmofespionage.xyz 
- 
-===== Prerequisites ===== 
- 
-  * [[distros:opensuse_tumbleweed_server|openSUSE Tumbleweed]] 
-  * [[servers:mariadb|MariaDB]] 
-  * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]] 
-  * [[servers:nginx:lets_encrypt|Let's Encrypt]] 
- 
-====== Dependencies ====== 
- 
-  * https://piwigo.org/guides/install/requirements 
-  * https://github.com/Piwigo/piwigo-videojs/wiki/How-to-add-videos 
-  * https://github.com/Piwigo/piwigo-videojs/wiki/Synchronize#requirement 
- 
-  * Check for updated versions for ''ffmpeg'' and ''libopenh264'' 
- 
-  sudo zypper install poppler-tools php8-exif mediainfo libfdk-aac2 libvorbis0 libvpx8 exiftool ffmpeg-6 libopenh264-7 
- 
-====== Download Source ====== 
- 
-  * Also includes the [[https://github.com/Piwigo/piwigo-bootstrap-darkroom|Bootstrap Darkroom]] theme 
- 
-  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/Piwigo/Piwigo.git' '/srv/www/media' && sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/Piwigo/piwigo-bootstrap-darkroom.git' '/srv/www/media/themes/bootstrap_darkroom' && sudo chown -R 'nginx':'nginx' '/srv/www/media' && sync 
- 
-====== Database ====== 
- 
-  sudo mysql 
- 
-  CREATE DATABASE piwigo; 
- 
-  GRANT ALL PRIVILEGES ON piwigo.* to 'piwigo'@'localhost' IDENTIFIED BY 'x'; 
- 
-  FLUSH PRIVILEGES; 
- 
-  EXIT 
- 
-====== nginx + PHP-FPM Configuration ====== 
- 
-===== PHP-FPM Socket ===== 
- 
-  sudo -e '/etc/php8/fpm/php-fpm.d/media.conf' && sudo systemctl restart 'php-fpm' 
- 
-<code> 
-[media] 
- 
-; User/Group 
-user = nginx 
-group = nginx 
- 
-; Socket 
-listen = 127.0.0.1:9004 
-listen.acl_users = nginx 
-listen.allowed_clients = 127.0.0.1 
- 
-; Process Management 
-pm = ondemand 
-pm.max_children = 4 
-pm.process_idle_timeout = 30 
- 
-; openSUSE TW php.ini Defaults 
-php_value[session.save_path] = /var/lib/php8/sessions 
- 
-; General 
-php_value[date.timezone] = "America/New_York" 
-php_value[max_execution_time] = "200" 
-php_value[memory_limit] = "512M" 
-php_value[post_max_size] = "100M" 
-php_value[upload_max_filesize] = "20M" 
-php_value[max_file_uploads] = "100" 
- 
-; End</code> 
- 
-===== FastCGI ===== 
- 
-  sudo -e '/etc/nginx/default.d/media.conf' 
- 
-<code> 
-# PHP-FPM 
-location ~ \.(php|phar)(/.*)?$ { 
-    fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$; 
- 
-    fastcgi_intercept_errors on; 
-    fastcgi_index index.php; 
-    include fastcgi_params; 
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name; 
-    fastcgi_param PATH_INFO $fastcgi_path_info; 
-    fastcgi_pass 127.0.0.1:9004; 
-}</code> 
- 
-===== Server Block ===== 
- 
-  * The ''default-src'' Piwigo URL allows Theme preview images to load, but isn't mandatory 
- 
-  sudo -e '/etc/nginx/vhosts.d/media.conf' && sudo systemctl reload 'nginx' && sync 
- 
-<code> 
-server { 
-    listen '443' 'ssl' 'http2'; 
-    server_name 'media.realmofespionage.xyz'; 
-    root '/srv/www/media'; 
-    index 'index.php'; 
- 
-    include '/etc/nginx/default.d/media.conf'; 
-    include '/etc/nginx/default.d/headers.conf'; 
- 
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'" always; 
-#    add_header Content-Security-Policy "default-src 'self' https://piwigo.org/ext/upload/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'" always; 
-#    access_log  /var/log/nginx/media-access.log; 
-#    error_log  /var/log/nginx/media-error.log; 
- 
-    location / { 
-        index index.php; 
-        try_files $uri $uri/ @rewrite; 
-    } 
- 
-    location @rewrite { 
-        rewrite ^/picture((/|$).*)$ /picture.php$1 last; 
-        rewrite ^/index((/|$).*)$ /index.php$1 last; 
-        rewrite ^/i((/|$).*)$ /i.php$1 last; 
-    } 
- 
-}</code> 
- 
-====== Initial Setup ====== 
- 
-  * https://media.realmofespionage.xyz 
- 
-====== Settings ====== 
- 
-  * :!: Using a long password with symbols passed set-up fine, but failed to log-in later; use less-complex password 
-  * :!: Use a relay or bogus email address during account creation to protect against potential spam ((the webmaster URL in the footer shows the email in plaintext and looks tasty to bots)) 
-  * :!: Disable ''Allow user registration'' immediately under Configuration -> Options -> General -> Permissions 
-  * :!: Seemingly have to enable ''Activate comments'' in order to prevent broken CSS on the bottom of image pages, but can uncheck ''Comments for all'' so that nobody public can leave comments 
-  * Activate Boostrap Darkroom theme 
- 
-===== Page Banner ===== 
- 
-<code> 
-<p>Tech, hardware, food, nature, and gaming pictures and videos!</p></code> 
- 
-===== config.inc.php ===== 
- 
-  * [[https://piwigo.org/forum/viewtopic.php?pid=159584#p159584|nginx Rewrite source]] 
-  * [[https://piwigo.org/forum/viewtopic.php?pid=179504#p179504|Video Uploading source]] 
-  * [[https://github.com/Piwigo/Piwigo/blob/master/include/config_default.inc.php|More Settings]] 
- 
-  sudo -e '/srv/www/media/local/config/config.inc.php' && sudo chown 'nginx':'nginx' '/srv/www/media/local/config/config.inc.php' 
- 
-<code> 
-<?php 
- 
-// nginx Rewrite 
-$conf['question_mark_in_urls'] = false; 
-$conf['php_extension_in_urls'] = false; 
- 
-// Minimal Logging 
-$conf['log_level'] = 'EMERGENCY'; 
- 
-// Header Links 
-$conf['links'] = array( 
-  'https://realmofespionage.xyz' => 'Realm of Espionage', 
-  'https://wiki.realmofespionage.xyz' => 'RoE | Wiki', 
-  'https://social.realmofespionage.xyz/profile/espionage724' => 'RoE | Social', 
-  'https://blog.realmofespionage.xyz' => 'RoE | Blog', 
-  'https://wiki.realmofespionage.xyz/personal:social_media' => 'Webmaster Info', 
-  'https://wiki.realmofespionage.xyz/servers:nginx:piwigo' => 'Instance Configuration Notes', 
-  ); 
- 
-// Video Uploading 
-$conf['upload_form_all_types'] = true; 
-$conf['file_ext'] = array_merge( 
-  $conf['picture_ext'], 
-  array('tiff', 'tif', 'mpg','zip','avi','mp3','ogg','pdf','webm','mp4') 
-  ); 
- 
-// End 
-?></code> 
- 
-====== Services ====== 
- 
-===== Updater ===== 
- 
-==== Service ==== 
- 
-  sudo -e '/etc/systemd/system/media-up.service' 
- 
-<code> 
-[Service] 
-User=nginx 
-Group=nginx 
-Type=oneshot 
-WorkingDirectory=/srv/www/media 
-ExecStart='/usr/bin/git' -C '/srv/www/media' pull origin 'master' 
-ExecStart='/usr/bin/git' -C '/srv/www/media/themes/bootstrap_darkroom' pull origin 'master' 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-==== Timer ==== 
- 
-  * Every day at ''05:00:00'' 
- 
-  sudo -e '/etc/systemd/system/media-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'media-up.timer' --now && sudo systemctl start 'media-up' && sudo systemctl status 'media-up' -l 
- 
-<code> 
-[Unit] 
-Description=Piwigo Updater 
-After=network-online.target 
-Wants=network-online.target 
- 
-[Timer] 
-OnCalendar=*-*-* 05:00:00 
-Persistent=true 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-===== Maintenance ===== 
- 
-==== Service ==== 
- 
-  sudo -e '/etc/systemd/system/media-m.service' 
- 
-<code> 
-[Service] 
-User=nginx 
-Group=nginx 
-Type=oneshot 
-ExecStart='/usr/bin/git' -C '/srv/www/media' gc --aggressive --prune='all' 
-ExecStart='/usr/bin/git' -C '/srv/www/media' fsck --full --strict 
-ExecStart='/usr/bin/git' -C '/srv/www/media/themes/bootstrap_darkroom' gc --aggressive --prune='all' 
-ExecStart='/usr/bin/git' -C '/srv/www/media/themes/bootstrap_darkroom' fsck --full --strict 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-==== Timer ==== 
- 
-  * ''01'' day of every month at ''05:20:00'' 
- 
-  sudo -e '/etc/systemd/system/media-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'media-m.timer' --now 
- 
-<code> 
-[Unit] 
-Description=Piwigo Maintenance 
-After=network-online.target 
-Wants=network-online.target 
- 
-[Timer] 
-OnCalendar=*-*-01 05:20:00 
-Persistent=true 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-===== Backup ===== 
- 
-==== Files ==== 
- 
-=== Service === 
- 
-  mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/media-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/media-fb.service' 
- 
-<code> 
-[Service] 
-Type=oneshot 
-WorkingDirectory=/srv/www 
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/piwigo-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "media"' 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-=== Timer === 
- 
-  * ''01'' day of every month at ''05:50:00'' 
- 
-  sudo -e '/etc/systemd/system/media-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'media-fb.timer' --now && sudo systemctl start 'media-fb' && sudo systemctl status 'media-fb' -l 
- 
-<code> 
-[Unit] 
-Description=Piwigo Files Backup 
- 
-[Timer] 
-OnCalendar=*-*-01 05:50:00 
-Persistent=true 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-==== Database ==== 
- 
-=== Database Auth === 
- 
-  sudo mkdir -p '/var/lib/mysql/auth' && sudo -e '/var/lib/mysql/auth/piwigo' && sudo chown -R 'mysql':'mysql' '/var/lib/mysql/auth/piwigo' && sudo chmod '600' '/var/lib/mysql/auth/piwigo' && sync 
- 
-<code> 
-[mysqldump] 
-user=piwigo 
-password=x</code> 
- 
-=== Service === 
- 
-  mkdir -p ~/'backups' && sudo mkdir -p '/var/lib/mysql/tmp' && sudo -e '/etc/systemd/system/media-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/media-db.service' 
- 
-<code> 
-[Service] 
-Type=oneshot 
-WorkingDirectory=/var/lib/mysql/tmp 
-ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysql/auth/piwigo' --single-transaction 'piwigo' -r '/var/lib/mysql/tmp/piwigo.sql' 
-ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/piwigo.sql' 
-ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/piwigo.sql.gz" "/home/CHANGEME/backups/piwigo-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' 
-ExecStartPost='/usr/bin/sync'</code> 
- 
-=== Timer === 
- 
-  * Every day at ''05:15:00'' 
- 
-  sudo -e '/etc/systemd/system/media-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'media-db.timer' --now && sudo systemctl start 'media-db' && sudo systemctl status 'media-db' -l 
- 
-<code> 
-[Unit] 
-Description=Piwigo Database Backup 
-After=mariadb.service 
- 
-[Timer] 
-OnCalendar=*-*-* 05:15:00 
-Persistent=true 
- 
-[Install] 
-WantedBy=timers.target</code> 
- 
-====== Backup ====== 
- 
-  * Create backup archive on server and transfer to client computer 
- 
-===== Server ===== 
- 
-==== Stop Services ==== 
- 
-**** 
- 
-  sudo systemctl stop nginx php-fpm 
- 
-==== Backup Folder ==== 
- 
-**** 
- 
-  cd '/srv/www' && sudo tar -cvzf ~/'piwigo-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'media' && cd ~ && sync 
- 
-==== Backup Database ==== 
- 
-**** 
- 
-  sudo mysqldump --defaults-extra-file='/var/lib/mysqlauth/piwigo' --single-transaction 'piwigo' -r ~/'piwigo-database-manual-'$(date +%Y-%m-%d)'.sql' && sync 
- 
-==== Start Services ==== 
- 
-**** 
- 
-  sudo systemctl start nginx php-fpm 
- 
-===== Client ===== 
- 
-==== Transfer Files To Client ==== 
- 
-**** 
- 
-  scp espionage724@192.168.1.152:~/'piwigo-files-'*'.tar.gz' espionage724@192.168.1.152:~/'piwigo-database-'*'.sql' ~/'Downloads' && sync 
- 
-====== Restore ====== 
- 
-===== Client ===== 
- 
-==== Uncompress Database ==== 
- 
-  * This is only needed if restoring an **automated** database backup ((manual doesn't gzip)) 
- 
-  gunzip ~/'Downloads/piwigo-database-'*'.sql.gz' 
- 
-==== Transfer Files To Server ==== 
- 
-**** 
- 
-  scp ~/'Downloads/piwigo-files-'*'.tar.gz' ~/'Downloads/piwigo-database-'*'.sql' espionage724@192.168.1.152:~ 
- 
-==== Remove Files ==== 
- 
-**** 
- 
-  rm -f ~/'Downloads/piwigo-files-'*'.tar.gz' ~/'Downloads/piwigo-database-'*'.sql' && sync 
- 
-===== Server ===== 
- 
-==== Stop Services ==== 
- 
-**** 
- 
-  sudo systemctl stop nginx php-fpm 
- 
-==== Remove Previous Folder ==== 
- 
-**** 
- 
-  sudo rm -Rf '/srv/www/media' 
- 
-==== Restore Piwigo Folder ==== 
- 
-**** 
- 
-  cd '/srv/www' && sudo tar -xvzf ~/'piwigo-files-'*'.tar.gz' 'media' && sudo chown -R 'nginx':'nginx' '/srv/www/media' && cd ~ && sync 
- 
-==== Drop Previous Database ==== 
- 
-  sudo mysql 
- 
-  DROP DATABASE piwigo; 
- 
-  FLUSH TABLES; 
- 
-  EXIT 
- 
-==== Re-create Databases ==== 
- 
-  sudo mysql 
- 
-  CREATE DATABASE piwigo; 
- 
-  EXIT 
- 
-==== Restore Database ==== 
- 
-**** 
- 
-  sudo mysql 'piwigo' < ~/'piwigo-database-'*'.sql' && sync 
- 
-==== Reapply Permissions ==== 
- 
-  sudo mysql 
- 
-  GRANT ALL PRIVILEGES ON piwigo.* to 'piwigo'@'localhost' IDENTIFIED BY 'x'; 
- 
-  FLUSH PRIVILEGES; 
- 
-  EXIT 
- 
-==== Start Services ==== 
- 
-**** 
- 
-  sudo systemctl start nginx php-fpm 
- 
-==== Remove Backups ==== 
- 
-  * Verify that Piwigo works before running 
- 
-  rm ~/'piwigo-files-'*'.tar.gz' ~/'piwigo-database-'*'.sql' && sync 
  
/srv/www/wiki/data/attic/servers/nginx/piwigo.1693601979.txt.gz · Last modified: (external edit)