Differences

This shows you the differences between two versions of the page.

--- servers:nginx:piwigo [2018/12/08 18:22]
Sean Rhone [Files]
+++ servers:nginx:piwigo [2018/12/08 18:31] (current)
Sean Rhone [Server Block]
@@ Line 1: / Line 1: @@
+====== Information ======
+  * Piwigo ((https://piwigo.org/)) ((https://github.com/Piwigo))
+  * [[Information:Realm of Espionage]]
+  * https://media.realmofespionage.xyz
+===== Prerequisites =====
+  * [[distros:ubuntu_server | Ubuntu Server]]
+  * [[servers:mariadb | MariaDB]]
+  * [[servers:nginx_php_php-fpm | nginx + PHP + PHP-FPM]]
+  * [[servers:nginx:lets_encrypt | Let's Encrypt]]
+====== Dependencies ======
+****
+  sudo apt install exiftool ffmpeg libjpeg-turbo-progs poppler-utils
+====== Download Source ======
+****
+  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/Piwigo/Piwigo.git' '/var/www/media' && sudo chown -R 'www-data':'www-data' '/var/www/media' && sync
+====== Database ======
+  sudo mysql
+  CREATE DATABASE piwigo;
+  GRANT ALL PRIVILEGES ON piwigo.* to 'piwigo'@'localhost' IDENTIFIED BY 'x';
+  FLUSH PRIVILEGES;
+====== nginx + PHP-FPM Configuration ======
+===== PHP-FPM Socket =====
+  sudo -e '/etc/php/7.2/fpm/pool.d/media.conf' && sudo systemctl restart 'php7.2-fpm'
+<code>
+[media]
+user = www-data
+group = www-data
+listen = /run/php/media.sock
+listen.owner = www-data
+listen.group = www-data
+listen.allowed_clients = 127.0.0.1
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+php_value[upload_max_filesize] = "20M"
+php_value[date.timezone] = "America/New_York"
+php_value[upload_tmp_dir] = "/tmp"
+php_value[max_execution_time] = "200"
+php_value[post_max_size] = "100M"
+php_value[memory_limit] = "256M"</code>
+===== FastCGI =====
+  sudo -e '/etc/nginx/snippets/media.conf'
+<code>
+location ~ \.php$ {
+    fastcgi_split_path_info ^(.+\.php)(/.+)$;
+    try_files $fastcgi_script_name =404;
+    set $path_info $fastcgi_path_info;
+    fastcgi_param PATH_INFO $path_info;
+    fastcgi_index index.php;
+    include /etc/nginx/fastcgi.conf;
+    fastcgi_intercept_errors on;
+    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+    fastcgi_param HTTPS on;
+    fastcgi_pass unix:/run/php/media.sock;
+}</code>
+===== Server Block =====
+  sudo -e '/etc/nginx/sites-available/media.conf'
+<code>
+server {
+    listen '443' 'ssl' 'http2';
+    server_name 'media.realmofespionage.xyz';
+    root '/var/www/media';
+    index 'index.php';
+    include '/etc/nginx/snippets/media.conf';
+    include '/etc/nginx/snippets/restrictions.conf';
+    include '/etc/nginx/snippets/headers.conf';
+    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'" always;
+    #access_log /var/log/nginx/media-access.log;
+    #error_log /var/log/nginx/media-error.log;
+    location / {
+        index index.php;
+        try_files $uri $uri/ @rewrite;
+    }
+}</code>
+==== Enable Server Block ====
+****
+  sudo rm -f '/etc/nginx/sites-enabled/media.conf' && sudo ln -s '/etc/nginx/sites-available/media.conf' '/etc/nginx/sites-enabled' && sudo systemctl reload 'nginx'
+====== Initial Setup ======
+  * https://media.realmofespionage.xyz
+====== Settings ======
+  * TODO
+====== Services ======
+===== Updater =====
+==== Service ====
+  sudo -e '/etc/systemd/system/media-up.service'
+<code>
+[Service]
+User=www-data
+Group=www-data
+Type=oneshot
+WorkingDirectory=/var/www/media
+ExecStart='/usr/bin/git' -C '/var/www/media' pull origin 'master'
+ExecStartPost='/bin/sync'</code>
+==== Timer ====
+  * Every day at ''05:00:00''
+  sudo -e '/etc/systemd/system/media-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'media-up.timer' --now && sudo systemctl start 'media-up' && sudo systemctl status 'media-up' -l
+<code>
+[Unit]
+Description=Piwigo Git Updater
+After=network-online.target
+Wants=network-online.target
+[Timer]
+OnCalendar=*-*-* 05:00:00
+Persistent=true
+[Install]
+WantedBy=timers.target</code>
+===== Maintenance =====
+==== Service ====
+  sudo -e '/etc/systemd/system/media-m.service'
+<code>
+[Service]
+User=www-data
+Group=www-data
+Type=oneshot
+ExecStart='/usr/bin/git' -C '/var/www/media' gc --aggressive --prune='all'
+ExecStart='/usr/bin/git' -C '/var/www/media' fsck --full --strict
+ExecStartPost='/bin/sync'</code>
+==== Timer ====
+  * ''01'' day of every month at ''05:20:00''
+  sudo -e '/etc/systemd/system/media-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'media-m.timer' --now
+<code>
+[Unit]
+Description=Piwigo Maintenance
+After=network-online.target
+Wants=network-online.target
+[Timer]
+OnCalendar=*-*-01 05:20:00
+Persistent=true
+[Install]
+WantedBy=timers.target</code>
+===== Backup =====
+  * This backs up an archive to the local disk and [[distros:ubuntu_server#nas_backups | to a NAS]]
+==== Files ====
+=== Service ===
+  mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/media-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/media-fb.service'
+  [Service]
+  Type=oneshot
+  WorkingDirectory=/var/www
+  ExecStart='/bin/bash' -c '"/bin/tar" -cvzf "/home/CHANGEME/backups/piwigo-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "media"'
+  ExecStartPost='/bin/sync'
+=== Timer ===
+  * ''01'' day of every month at ''05:50:00''
+  sudo -e '/etc/systemd/system/media-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'media-fb.timer' --now && sudo systemctl start 'media-fb' && sudo systemctl status 'media-fb' -l
+<code>
+[Unit]
+Description=Piwigo Files Backup
+[Timer]
+OnCalendar=*-*-01 05:50:00
+Persistent=true
+[Install]
+WantedBy=timers.target</code>
+==== Database ====
+=== Database Auth ===
+  sudo -e '/var/lib/mysqlauth/piwigo' && sudo chmod '600' '/var/lib/mysqlauth/piwigo'
+  [mysqldump]
+  user=piwigo
+  password=x
+=== Service ===
+  mkdir -p ~/'backups' && sudo mkdir -p '/var/lib/mysqltmp' && sudo -e '/etc/systemd/system/media-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/media-db.service'
+  [Service]
+  Type=oneshot
+  WorkingDirectory=/var/lib/mysqltmp
+  ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysqlauth/piwigo' --single-transaction 'piwigo' -r '/var/lib/mysqltmp/piwigo.sql'
+  ExecStart='/bin/gzip' -f '/var/lib/mysqltmp/piwigo.sql'
+  ExecStart='/bin/bash' -c '"/bin/mv" "/var/lib/mysqltmp/piwigo.sql.gz" "/home/CHANGEME/backups/piwigo-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"'
+  ExecStartPost='/bin/sync'
+=== Timer ===
+  * Every day at ''05:15:00''
+  sudo -e '/etc/systemd/system/media-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'media-db.timer' --now && sudo systemctl start 'media-db' && sudo systemctl status 'media-db' -l
+<code>
+[Unit]
+Description=Piwigo Database Backup
+After=mariadb.service
+[Timer]
+OnCalendar=*-*-* 05:15:00
+Persistent=true
+[Install]
+WantedBy=timers.target</code>
+====== Backup ======
+  * Create backup archive on server and transfer to client computer
+===== Server =====
+==== Stop Services ====
+****
+  sudo systemctl stop nginx php7.2-fpm
+==== Backup Folder ====
+****
+  cd '/var/www' && sudo tar -cvzf ~/'piwigo-files-manual-'$(date +%Y-%m-%d)'.tar.gz' 'media' && cd ~ && sync
+==== Backup Database ====
+****
+  sudo mysqldump --defaults-extra-file='/var/lib/mysqlauth/piwigo' --single-transaction 'piwigo' -r ~/'piwigo-database-manual-'$(date +%Y-%m-%d)'.sql' && sync
+==== Start Services ====
+****
+  sudo systemctl start nginx php7.2-fpm
+===== Client =====
+==== Transfer Files To Client ====
+****
+  scp espionage724@192.168.1.153:~/'piwigo-files-'*'.tar.gz' espionage724@192.168.1.153:~/'piwigo-database-'*'.sql' ~/'Downloads' && sync
+====== Restore ======
+===== Client =====
+==== Uncompress Database ====
+  * This is only needed if restoring an **automated** database backup ((manual doesn't gzip))
+  gunzip ~/'Downloads/piwigo-database-'*'.sql.gz'
+==== Transfer Files To Server ====
+****
+  scp ~/'Downloads/piwigo-files-'*'.tar.gz' ~/'Downloads/piwigo-database-'*'.sql' espionage724@192.168.1.153:~
+==== Remove Files ====
+****
+  rm -f ~/'Downloads/piwigo-files-'*'.tar.gz' ~/'Downloads/piwigo-database-'*'.sql' && sync
+===== Server =====
+==== Stop Services ====
+****
+  sudo systemctl stop nginx php7.2-fpm
+==== Remove Previous Folder ====
+****
+  sudo rm -Rf '/var/www/media'
+==== Restore Piwigo Folder ====
+****
+  cd '/var/www' && sudo tar -xvzf ~/'piwigo-files-'*'.tar.gz' 'media' && sudo chown -R 'www-data':'www-data' '/var/www/media' && cd ~ && sync
+==== Drop Previous Database ====
+  sudo mysql
+  DROP DATABASE piwigo;
+  FLUSH TABLES;
+==== Re-create Databases ====
+  sudo mysql
+  CREATE DATABASE piwigo;
+==== Restore Database ====
+****
+  sudo mysql 'piwigo' < ~/'piwigo-database-'*'.sql' && sync
+==== Reapply Permissions ====
+  sudo mysql
+  GRANT ALL PRIVILEGES ON piwigo.* to 'piwigo'@'localhost' IDENTIFIED BY 'x';
+  FLUSH PRIVILEGES;
+==== Start Services ====
+****
+  sudo systemctl start nginx php7.2-fpm
+==== Remove Backups ====
+  * Verify that Piwigo works before running
+  rm ~/'piwigo-files-'*'.tar.gz' ~/'piwigo-database-'*'.sql' && sync

RoE | Wiki

User Tools

Site Tools

Differences

Page Tools