servers:nginx:piwigo
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
servers:nginx:piwigo [2018/12/08 18:31] – [Server Block] Sean Rhone | servers:nginx:piwigo [2024/02/01 11:45] (current) – [Page Banner] Sean Rhone | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Information ====== | ||
+ | |||
+ | * Piwigo ((https:// | ||
+ | * Bootstrap Darkroom Theme ((https:// | ||
+ | * '' | ||
+ | * [[Information: | ||
+ | * https:// | ||
+ | |||
+ | ===== Prerequisites ===== | ||
+ | |||
+ | * [[distros: | ||
+ | * [[servers: | ||
+ | * [[servers: | ||
+ | * [[servers: | ||
+ | |||
+ | ====== Dependencies ====== | ||
+ | |||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | |||
+ | sudo dnf install php-mysqlnd php-imagick php-gd perl-Image-ExifTool mediainfo ffmpeg-free libvorbis poppler-utils | ||
+ | |||
+ | ====== Download Source ====== | ||
+ | |||
+ | * Also includes the [[https:// | ||
+ | |||
+ | sudo git clone --branch ' | ||
+ | |||
+ | ====== Database ====== | ||
+ | |||
+ | sudo mariadb | ||
+ | |||
+ | CREATE DATABASE piwigo; | ||
+ | |||
+ | GRANT ALL PRIVILEGES ON piwigo.* to ' | ||
+ | |||
+ | FLUSH PRIVILEGES; | ||
+ | |||
+ | EXIT | ||
+ | |||
+ | ====== nginx + PHP-FPM Configuration ====== | ||
+ | |||
+ | ===== PHP-FPM Socket ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [media] | ||
+ | |||
+ | ; User/Group | ||
+ | user = nginx | ||
+ | group = nginx | ||
+ | |||
+ | ; Socket | ||
+ | listen = / | ||
+ | listen.acl_users = nginx | ||
+ | listen.allowed_clients = 127.0.0.1 | ||
+ | |||
+ | ; Process Management | ||
+ | pm = ondemand | ||
+ | pm.max_children = 4 | ||
+ | pm.process_idle_timeout = 30 | ||
+ | |||
+ | ; Fedora php.ini Defaults | ||
+ | php_value[session.save_handler] = " | ||
+ | php_value[session.save_path] = "/ | ||
+ | |||
+ | ; General | ||
+ | php_value[date.timezone] = " | ||
+ | php_value[max_execution_time] = " | ||
+ | php_value[memory_limit] = " | ||
+ | php_value[post_max_size] = " | ||
+ | php_value[upload_max_filesize] = " | ||
+ | php_value[max_file_uploads] = " | ||
+ | |||
+ | ; End</ | ||
+ | |||
+ | ===== FastCGI ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | # PHP-FPM | ||
+ | location ~ \.(php|phar)(/ | ||
+ | fastcgi_split_path_info ^(.+\.(?: | ||
+ | fastcgi_intercept_errors on; | ||
+ | fastcgi_index index.php; | ||
+ | include fastcgi_params; | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | fastcgi_param PATH_INFO $fastcgi_path_info; | ||
+ | fastcgi_pass unix:/ | ||
+ | }</ | ||
+ | |||
+ | ===== Server Block ===== | ||
+ | |||
+ | * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | server { | ||
+ | listen ' | ||
+ | server_name ' | ||
+ | root '/ | ||
+ | index ' | ||
+ | |||
+ | include '/ | ||
+ | include '/ | ||
+ | |||
+ | # add_header Content-Security-Policy " | ||
+ | # add_header Content-Security-Policy " | ||
+ | # access_log | ||
+ | # error_log | ||
+ | |||
+ | location / { | ||
+ | index index.php; | ||
+ | try_files $uri $uri/ @rewrite; | ||
+ | } | ||
+ | |||
+ | location @rewrite { | ||
+ | rewrite ^/ | ||
+ | rewrite ^/ | ||
+ | rewrite ^/ | ||
+ | } | ||
+ | |||
+ | }</ | ||
+ | |||
+ | ====== Initial Setup ====== | ||
+ | |||
+ | * https:// | ||
+ | |||
+ | ====== Settings ====== | ||
+ | |||
+ | * :!: Using a long password with symbols passed setup fine, but failed to log-in later; use less-complex password | ||
+ | * :!: Use a relay or bogus email address during account creation to protect against potential spam ((the webmaster URL in the footer shows the email in plaintext and looks tasty to bots)) | ||
+ | * :!: Disable '' | ||
+ | * Seemingly have to enable '' | ||
+ | * Activate Boostrap Darkroom theme | ||
+ | |||
+ | ===== Page Banner ===== | ||
+ | |||
+ | **** | ||
+ | |||
+ | < | ||
+ | < | ||
+ | |||
+ | ===== config.inc.php ===== | ||
+ | |||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | sudo -u ' | ||
+ | |||
+ | < | ||
+ | <?php | ||
+ | |||
+ | // nginx Rewrite | ||
+ | $conf[' | ||
+ | $conf[' | ||
+ | |||
+ | // Minimal Logging | ||
+ | $conf[' | ||
+ | |||
+ | // Header Links | ||
+ | $conf[' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ); | ||
+ | |||
+ | // Video Uploading | ||
+ | $conf[' | ||
+ | $conf[' | ||
+ | $conf[' | ||
+ | array(' | ||
+ | ); | ||
+ | |||
+ | // End | ||
+ | ?></ | ||
+ | |||
+ | ====== Services ====== | ||
+ | |||
+ | ===== Updater ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | User=nginx | ||
+ | Group=nginx | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ==== Timer ==== | ||
+ | |||
+ | * Every day at '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=Piwigo Updater | ||
+ | After=network-online.target | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-* 05:00:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ===== Maintenance ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | User=nginx | ||
+ | Group=nginx | ||
+ | Type=oneshot | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ==== Timer ==== | ||
+ | |||
+ | * '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=Piwigo Maintenance | ||
+ | After=network-online.target | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-01 05:20:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ===== Backup ===== | ||
+ | |||
+ | ==== Files ==== | ||
+ | |||
+ | === Service === | ||
+ | |||
+ | mkdir -p ~/' | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | === Timer === | ||
+ | |||
+ | * '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=Piwigo Files Backup | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-01 05:35:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ==== Database ==== | ||
+ | |||
+ | === Database Auth === | ||
+ | |||
+ | sudo mkdir -p '/ | ||
+ | |||
+ | < | ||
+ | [mariadb-dump] | ||
+ | user=piwigo | ||
+ | password=x</ | ||
+ | |||
+ | === Service === | ||
+ | |||
+ | mkdir -p ~/' | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStartPre='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | === Timer === | ||
+ | |||
+ | * Every day at '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=Piwigo Database Backup | ||
+ | After=mariadb.service | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-* 05:45:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ====== Backup ====== | ||
+ | |||
+ | * Create backup archive on server and transfer to client computer | ||
+ | |||
+ | ===== Server ===== | ||
+ | |||
+ | ==== Stop Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl stop nginx php-fpm | ||
+ | |||
+ | ==== Backup Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | cd '/ | ||
+ | |||
+ | ==== Backup Database ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo mariadb-dump --defaults-extra-file='/ | ||
+ | |||
+ | ==== Start Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl start nginx php-fpm | ||
+ | |||
+ | ===== Client ===== | ||
+ | |||
+ | ==== Transfer Files To Client ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | scp espionage724@192.168.1.152: | ||
+ | |||
+ | ====== Restore ====== | ||
+ | |||
+ | ===== Client ===== | ||
+ | |||
+ | ==== Uncompress Database ==== | ||
+ | |||
+ | * This is only needed if restoring an **automated** database backup ((manual doesn' | ||
+ | |||
+ | gunzip ~/' | ||
+ | |||
+ | ==== Transfer Files To Server ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | scp ~/' | ||
+ | |||
+ | ==== Remove Files ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | rm -f ~/' | ||
+ | |||
+ | ===== Server ===== | ||
+ | |||
+ | ==== Stop Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl stop nginx php-fpm | ||
+ | |||
+ | ==== Remove Previous Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo rm -Rf '/ | ||
+ | |||
+ | ==== Restore Piwigo Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | cd '/ | ||
+ | |||
+ | ==== Drop Previous Database ==== | ||
+ | |||
+ | sudo mariadb | ||
+ | |||
+ | DROP DATABASE piwigo; | ||
+ | |||
+ | FLUSH TABLES; | ||
+ | |||
+ | EXIT | ||
+ | |||
+ | ==== Re-create Databases ==== | ||
+ | |||
+ | sudo mariadb | ||
+ | |||
+ | CREATE DATABASE piwigo; | ||
+ | |||
+ | EXIT | ||
+ | |||
+ | ==== Restore Database ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo mariadb ' | ||
+ | |||
+ | ==== Reapply Permissions ==== | ||
+ | |||
+ | sudo mariadb | ||
+ | |||
+ | GRANT ALL PRIVILEGES ON piwigo.* to ' | ||
+ | |||
+ | FLUSH PRIVILEGES; | ||
+ | |||
+ | EXIT | ||
+ | |||
+ | ==== Start Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl start nginx php-fpm | ||
+ | |||
+ | ==== Remove Backups ==== | ||
+ | |||
+ | * Verify that Piwigo works before running | ||
+ | |||
+ | rm ~/' | ||