RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:wordpress

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
servers:nginx:wordpress [2019/12/15 10:31] – [PHP-FPM Socket] Sean Rhoneservers:nginx:wordpress [2023/09/13 03:35] – [Timer] Sean Rhone
Line 7: Line 7:
 ===== Prerequisites ===== ===== Prerequisites =====
  
-  * [[distros:ubuntu_server|Ubuntu Server]]+  * [[distros:fedora_server|Fedora Server]]
   * [[servers:mariadb|MariaDB]]   * [[servers:mariadb|MariaDB]]
   * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]   * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]
Line 14: Line 14:
 ===== Notes ===== ===== Notes =====
  
-  * :!: Do not initiate any updates from the Admin/wp-admin web page as this may cause local file changes and break the automatic update service+  * :!: Do not initiate any updates from the Admin/wp-admin web page as this may cause local file changes and break [[#updater|the automatic update service]] 
 + 
 +====== Dependencies ====== 
 + 
 +  * https://wordpress.org/about/requirements/ 
 +  * https://make.wordpress.org/hosting/handbook/server-environment/#php-extensions 
 + 
 +  sudo dnf install php-mysqlnd php-xml php-pecl-igbinary php-imagick php-intl php-mbstring php-pecl-zip php-sodium php-bcmath php-gd php-process
  
 ====== Download Source ====== ====== Download Source ======
Line 20: Line 27:
 **** ****
  
-  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/WordPress/WordPress.git' '/var/www/blog' && sudo chown -R 'www-data':'www-data' '/var/www/blog' && sync+  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/WordPress/WordPress.git' '/var/www/blog' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/blog(/.*)?' && sudo restorecon -F -I -R '/var/www/blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sync
  
 ====== Database ====== ====== Database ======
  
-  sudo mysql+  sudo mariadb
  
   CREATE DATABASE wordpress;   CREATE DATABASE wordpress;
Line 38: Line 45:
 ===== PHP-FPM Socket ===== ===== PHP-FPM Socket =====
  
-  sudo -e '/etc/php/7.2/fpm/pool.d/blog.conf' && sudo systemctl restart 'php7.2-fpm'+  sudo -e '/etc/php-fpm.d/blog.conf' && sudo systemctl restart 'php-fpm'
  
 <code> <code>
 [blog] [blog]
-user = www-data 
-group = www-data 
  
-listen = /run/php/blog.sock +; User/Group 
-listen.owner www-data +user = nginx 
-listen.group = www-data+group = nginx 
 + 
 +; Socket 
 +listen = /run/php-fpm/blog.sock 
 +listen.acl_users nginx
 listen.allowed_clients = 127.0.0.1 listen.allowed_clients = 127.0.0.1
  
-pm = dynamic +; Process Management 
-pm.max_children = 8 +pm = ondemand 
-pm.start_servers +pm.max_children = 4 
-pm.min_spare_servers = 2 +pm.process_idle_timeout 30
-pm.max_spare_servers = 4+
  
-php_value[date.timezone] = "America/New_York+; Fedora php.ini Defaults 
-php_value[upload_tmp_dir] = "/tmp"+php_value[session.save_handler] = "files
 +php_value[session.save_path] = "/var/lib/php/session"
  
 +; General
 +php_value[date.timezone] = "America/New_York"
 php_value[max_execution_time] = "200" php_value[max_execution_time] = "200"
 php_value[memory_limit] = "512M" php_value[memory_limit] = "512M"
Line 65: Line 76:
 php_value[max_file_uploads] = "100" php_value[max_file_uploads] = "100"
  
-php_value[session.save_handler] = "files" +; End</code> 
-php_value[session.save_path] = "/var/lib/php/sessions" + 
-php_value[soap.wsdl_cache_dir] = "/var/lib/php/wsdlcache" +<code> 
-php_value[opcache.file_cache] = "/var/lib/php/opcache"</code>+php_value[upload_tmp_dir] = "/tmp"</code>
  
 ===== FastCGI ===== ===== FastCGI =====
  
-  sudo -e '/etc/nginx/snippets/blog.conf'+  sudo -e '/etc/nginx/default.d/blog.conf'
  
 <code> <code>
Line 78: Line 89:
 location ~ \.(php|phar)(/.*)?$ { location ~ \.(php|phar)(/.*)?$ {
     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
- 
     fastcgi_intercept_errors on;     fastcgi_intercept_errors on;
     fastcgi_index index.php;     fastcgi_index index.php;
     include fastcgi_params;     include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     fastcgi_param PATH_INFO $fastcgi_path_info;     fastcgi_param PATH_INFO $fastcgi_path_info;
-    fastcgi_pass unix:/run/php/blog.sock;+    fastcgi_pass unix:/run/php-fpm/blog.sock;
 }</code> }</code>
  
 ===== Server Block ===== ===== Server Block =====
  
-  * :!''style-src'' in the CSP blocks a Google font URL from being loaded ((at least with the Twenty Seventeen theme; nothing appears broken, so looks good to me)) ((add ''fonts.googleapis.com'' after ''unsafe-inline'' in ''style-src'' to fix this))+  * 2023/09/12CSPs disabled; TODORe-figure out CSPs
  
-  sudo -e '/etc/nginx/sites-available/blog.conf'+  sudo -e '/etc/nginx/vhosts.d/blog.conf' && sudo systemctl reload 'nginx' && sync
  
 <code> <code>
Line 100: Line 110:
     index 'index.php';     index 'index.php';
  
-    include '/etc/nginx/snippets/blog.conf'; +    include '/etc/nginx/default.d/blog.conf'; 
-    include '/etc/nginx/snippets/headers.conf';+    include '/etc/nginx/default.d/headers.conf';
  
     client_max_body_size '10M';     client_max_body_size '10M';
  
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;+#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;
  
-#    access_log  /var/log/nginx/blog-access.log; +#    access_log  /var/log/nginx/media-access.log; 
-#    error_log  /var/log/nginx/blog-error.log;+#    error_log  /var/log/nginx/media-error.log;
  
     location / {     location / {
Line 120: Line 130:
     }     }
 }</code> }</code>
- 
-==== Enable ==== 
- 
-**** 
- 
-  sudo rm -f '/etc/nginx/sites-enabled/blog.conf' && sudo ln -s '/etc/nginx/sites-available/blog.conf' '/etc/nginx/sites-enabled/blog.conf' && sudo systemctl reload 'nginx' && sync 
  
 ====== Initial Setup ====== ====== Initial Setup ======
Line 145: Line 149:
 <code> <code>
 [Service] [Service]
-User=www-data +User=nginx 
-Group=www-data+Group=nginx
 Type=oneshot Type=oneshot
 ExecStart='/usr/bin/git' -C '/var/www/blog' pull origin 'master' ExecStart='/usr/bin/git' -C '/var/www/blog' pull origin 'master'
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
Line 178: Line 182:
 <code> <code>
 [Service] [Service]
-User=www-data +User=nginx 
-Group=www-data+Group=nginx
 Type=oneshot Type=oneshot
 ExecStart='/usr/bin/git' -C '/var/www/blog' gc --aggressive --prune='all' ExecStart='/usr/bin/git' -C '/var/www/blog' gc --aggressive --prune='all'
 ExecStart='/usr/bin/git' -C '/var/www/blog' fsck --full --strict ExecStart='/usr/bin/git' -C '/var/www/blog' fsck --full --strict
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 ==== Timer ==== ==== Timer ====
  
-  * ''01'' day of every month at ''04:20:00''+  * ''01'' day of every month at ''04:20:00'' ((8-)))
  
-  sudo -e '/etc/systemd/system/blog-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-m.timer' --now+  sudo -e '/etc/systemd/system/blog-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-m.timer' --now && sudo systemctl start 'blog-m' && sudo systemctl status 'blog-m' -l
  
 <code> <code>
Line 216: Line 220:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www WorkingDirectory=/var/www
-ExecStart='/bin/bash' -c '"/bin/tar" -cvzf "/home/CHANGEME/backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "blog"' +ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "blog"' 
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 === Timer === === Timer ===
Line 240: Line 244:
 === Database Auth === === Database Auth ===
  
-  sudo -'mysql' -e '/var/lib/mysql/auth/wordpress' && sudo chmod '600' '/var/lib/mysql/auth/wordpress'+  sudo mkdir -'/var/lib/mysql/auth&& sudo -e '/var/lib/mysql/auth/wordpress' && sudo chown -R 'mysql':'mysql' '/var/lib/mysql/auth/wordpress' && sudo chmod '600' '/var/lib/mysql/auth/wordpress' && sync
  
 <code> <code>
-[mysqldump]+[mariadb-dump]
 user=wordpress user=wordpress
 password=x</code> password=x</code>
Line 249: Line 253:
 === Service === === Service ===
  
-  mkdir -p ~/'backups' && sudo -u 'mysql' mkdir -p '/var/lib/mysql/tmp' && sudo -e '/etc/systemd/system/blog-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/blog-db.service'+  mkdir -p ~/'backups' && sudo mkdir -p '/var/lib/mysql/tmp' && sudo -e '/etc/systemd/system/blog-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/blog-db.service'
  
 <code> <code>
Line 255: Line 259:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/lib/mysql/tmp WorkingDirectory=/var/lib/mysql/tmp
-ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r '/var/lib/mysql/tmp/wordpress.sql' +ExecStartPre='/usr/bin/mariadb-dump' --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r '/var/lib/mysql/tmp/wordpress.sql' 
-ExecStart='/bin/gzip' -f '/var/lib/mysql/tmp/wordpress.sql' +ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/wordpress.sql' 
-ExecStart='/bin/bash' -c '"/bin/mv" "/var/lib/mysql/tmp/wordpress.sql.gz" "/home/CHANGEME/backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' +ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/wordpress.sql.gz" "/home/CHANGEME/backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' 
-ExecStartPost='/bin/sync'</code>+ExecStartPost='/usr/bin/sync'</code>
  
 === Timer === === Timer ===
Line 288: Line 292:
 **** ****
  
-  sudo systemctl stop nginx php7.2-fpm+  sudo systemctl stop nginx php-fpm
  
 ==== Backup Folder ==== ==== Backup Folder ====
Line 300: Line 304:
 **** ****
  
-  sudo mysqldump --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r ~/'wordpress-database-manual-'$(date +%Y-%m-%d)'.sql' && sync+  sudo mariadb-dump --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r ~/'wordpress-database-manual-'$(date +%Y-%m-%d)'.sql' && sync
  
 ==== Start Services ==== ==== Start Services ====
Line 306: Line 310:
 **** ****
  
-  sudo systemctl start nginx php7.2-fpm+  sudo systemctl start nginx php-fpm
  
 ===== Client ===== ===== Client =====
Line 314: Line 318:
 **** ****
  
-  scp espionage724@192.168.1.153:~/'wordpress-files-'*'.tar.gz' espionage724@192.168.1.153:~/'wordpress-database-'*'.sql' ~/'Downloads' && sync+  scp espionage724@192.168.1.152:~/'wordpress-files-'*'.tar.gz' espionage724@192.168.1.152:~/'wordpress-database-'*'.sql' ~/'Downloads' && sync
  
 ====== Restore ====== ====== Restore ======
Line 330: Line 334:
 **** ****
  
-  scp ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql' espionage724@192.168.1.153:~+  scp ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql' espionage724@192.168.1.152:~
  
 ==== Remove Files ==== ==== Remove Files ====
Line 344: Line 348:
 **** ****
  
-  sudo systemctl stop nginx php7.2-fpm+  sudo systemctl stop nginx php-fpm
  
 ==== Remove Previous Folder ==== ==== Remove Previous Folder ====
Line 356: Line 360:
 **** ****
  
-  cd '/var/www' && sudo tar -xvzf ~/'wordpress-files-'*'.tar.gz' 'blog' && sudo chown -R 'www-data':'www-data' '/var/www/blog' && cd ~ && sync+  cd '/var/www' && sudo tar -xvzf ~/'wordpress-files-'*'.tar.gz' 'blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/blog(/.*)?' && sudo restorecon -F -I -R '/var/www/blog' && cd ~ && sync
  
 ==== Drop Previous Database ==== ==== Drop Previous Database ====
  
-  sudo mysql+  sudo mariadb
  
   DROP DATABASE wordpress;   DROP DATABASE wordpress;
Line 370: Line 374:
 ==== Re-create Databases ==== ==== Re-create Databases ====
  
-  sudo mysql+  sudo mariadb
  
   CREATE DATABASE wordpress;   CREATE DATABASE wordpress;
Line 380: Line 384:
 **** ****
  
-  sudo mysql 'wordpress' < ~/'wordpress-database-'*'.sql' && sync+  sudo mariadb 'wordpress' < ~/'wordpress-database-'*'.sql' && sync
  
 ==== Reapply Permissions ==== ==== Reapply Permissions ====
  
-  sudo mysql+  sudo mariadb
  
   GRANT ALL PRIVILEGES ON wordpress.* to 'wordpress'@'localhost' IDENTIFIED BY 'x';   GRANT ALL PRIVILEGES ON wordpress.* to 'wordpress'@'localhost' IDENTIFIED BY 'x';
Line 396: Line 400:
 **** ****
  
-  sudo systemctl start nginx php7.2-fpm+  sudo systemctl start nginx php-fpm
  
 ==== Remove Backups ==== ==== Remove Backups ====
Line 403: Line 407:
  
   rm ~/'wordpress-files-'*'.tar.gz' ~/'wordpress-database-'*'.sql' && sync   rm ~/'wordpress-files-'*'.tar.gz' ~/'wordpress-database-'*'.sql' && sync
 +
/var/www/wiki/data/pages/servers/nginx/wordpress.txt · Last modified: 2024/02/01 10:03 by Sean Rhone