RoE | Wiki

User Tools

Site Tools

Trace:
servers:nginx:wordpress

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:nginx:wordpress [2019/06/28 22:48] Sean Rhoneservers:nginx:wordpress [2024/02/01 10:03] (current) Sean Rhone
Line 8: Line 8:
  
   * [[distros:fedora_server|Fedora Server]]   * [[distros:fedora_server|Fedora Server]]
-  * [[servers:mariadb | MariaDB]] +  * [[servers:mariadb|MariaDB]] 
-  * [[servers:nginx_php_php-fpm | nginx + PHP + PHP-FPM]] +  * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]] 
-  * [[servers:nginx:lets_encrypt | Let's Encrypt]]+  * [[servers:nginx:lets_encrypt|Let's Encrypt]]
  
 ===== Notes ===== ===== Notes =====
  
-  * :!: Do not initiate any updates from the Admin/wp-admin web page as this may cause local file changes and break the automatic update service+  * :!: Do not initiate any updates from the Admin/wp-admin web page as this may cause local file changes and break [[#updater|the automatic update service]]
  
-====== Download Source ======+====== Dependencies ======
  
-****+  https://wordpress.org/about/requirements/ 
 +  https://make.wordpress.org/hosting/handbook/server-environment/#php-extensions
  
-  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/WordPress/WordPress.git' '/var/www/blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sync+  sudo dnf install php-mysqlnd php-xml php-pecl-igbinary php-imagick php-intl php-mbstring php-pecl-zip php-sodium php-bcmath php-gd php-process
  
-===== SELinux =====+====== Download Source ======
  
-  sudo semanage fcontext --deleteall "/var/www/blog(/.*)?" +****
- +
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/blog(/.*)?"+
  
-  sudo restorecon -R -'/var/www/blog' && sync+  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/WordPress/WordPress.git' '/var/www/blog' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/blog(/.*)?' && sudo restorecon -F -I -R '/var/www/blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sync
  
 ====== Database ====== ====== Database ======
  
-  mysql --user='root' --password+  sudo mariadb
  
   CREATE DATABASE wordpress;   CREATE DATABASE wordpress;
Line 39: Line 38:
  
   FLUSH PRIVILEGES;   FLUSH PRIVILEGES;
 +
 +  EXIT
  
 ====== nginx + PHP-FPM Configuration ====== ====== nginx + PHP-FPM Configuration ======
Line 48: Line 49:
 <code> <code>
 [blog] [blog]
 +
 +; User/Group
 user = nginx user = nginx
 group = nginx group = nginx
  
 +; Socket
 listen = /run/php-fpm/blog.sock listen = /run/php-fpm/blog.sock
-listen.owner = nginx +listen.acl_users = nginx
-listen.group = nginx+
 listen.allowed_clients = 127.0.0.1 listen.allowed_clients = 127.0.0.1
  
-pm = dynamic +; Process Management 
-pm.max_children = 8 +pm = ondemand 
-pm.start_servers +pm.max_children = 4 
-pm.min_spare_servers = 2 +pm.process_idle_timeout 30
-pm.max_spare_servers = 4+
  
-php_value[date.timezone] = "America/New_York+; Fedora php.ini Defaults 
-php_value[upload_tmp_dir] = "/tmp"+php_value[session.save_handler] = "files
 +php_value[session.save_path] = "/var/lib/php/session"
  
 +; General
 +php_value[date.timezone] = "America/New_York"
 php_value[max_execution_time] = "200" php_value[max_execution_time] = "200"
 php_value[memory_limit] = "512M" php_value[memory_limit] = "512M"
Line 71: Line 76:
 php_value[max_file_uploads] = "100" php_value[max_file_uploads] = "100"
  
-php_value[session.save_handler] = files +; End</code> 
-php_value[session.save_path] = /var/lib/php/session + 
-php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache +<code> 
-php_value[opcache.file_cache] = /var/lib/php/opcache</code>+php_value[upload_tmp_dir] = "/tmp"</code>
  
 ===== FastCGI ===== ===== FastCGI =====
Line 84: Line 89:
 location ~ \.(php|phar)(/.*)?$ { location ~ \.(php|phar)(/.*)?$ {
     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
- 
     fastcgi_intercept_errors on;     fastcgi_intercept_errors on;
     fastcgi_index index.php;     fastcgi_index index.php;
     include fastcgi_params;     include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     fastcgi_param PATH_INFO $fastcgi_path_info;     fastcgi_param PATH_INFO $fastcgi_path_info;
     fastcgi_pass unix:/run/php-fpm/blog.sock;     fastcgi_pass unix:/run/php-fpm/blog.sock;
Line 95: Line 99:
 ===== Server Block ===== ===== Server Block =====
  
-  * :!''style-src'' in the CSP blocks a Google font URL from being loaded ((at least with the Twenty Seventeen theme; nothing appears broken, so looks good to me)) ((add ''fonts.googleapis.com'' after ''unsafe-inline'' in ''style-src'' to fix this))+  * 2023/09/12CSPs disabled; TODORe-figure out CSPs
  
-  sudo -e '/etc/nginx/conf.d/blog.conf' && sudo systemctl reload 'nginx'+  sudo -e '/etc/nginx/vhosts.d/blog.conf' && sudo systemctl reload 'nginx' && sync
  
 <code> <code>
Line 111: Line 115:
     client_max_body_size '10M';     client_max_body_size '10M';
  
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;+#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: s.w.org" always;
  
-#    access_log  /var/log/nginx/blog-access.log; +#    access_log  /var/log/nginx/media-access.log; 
-#    error_log  /var/log/nginx/blog-error.log;+#    error_log  /var/log/nginx/media-error.log;
  
     location / {     location / {
Line 187: Line 191:
 ==== Timer ==== ==== Timer ====
  
-  * ''01'' day of every month at ''04:20:00''+  * ''01'' day of every month at ''04:20:00'' ((8-)))
  
-  sudo -e '/etc/systemd/system/blog-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-m.timer' --now+  sudo -e '/etc/systemd/system/blog-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-m.timer' --now && sudo systemctl start 'blog-m' && sudo systemctl status 'blog-m' -l
  
 <code> <code>
Line 216: Line 220:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/www WorkingDirectory=/var/www
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -cvzf "/home/CHANGEME/backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "blog"'+ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/wordpress-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "blog"'
 ExecStartPost='/usr/bin/sync'</code> ExecStartPost='/usr/bin/sync'</code>
  
 === Timer === === Timer ===
  
-  * ''01'' day of every month at ''04:50:00''+  * ''01'' day of every month at ''04:35:00''
  
   sudo -e '/etc/systemd/system/blog-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-fb.timer' --now && sudo systemctl start 'blog-fb' && sudo systemctl status 'blog-fb' -l   sudo -e '/etc/systemd/system/blog-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-fb.timer' --now && sudo systemctl start 'blog-fb' && sudo systemctl status 'blog-fb' -l
Line 230: Line 234:
  
 [Timer] [Timer]
-OnCalendar=*-*-01 04:50:00+OnCalendar=*-*-01 04:35:00
 Persistent=true Persistent=true
  
Line 240: Line 244:
 === Database Auth === === Database Auth ===
  
-  sudo -'mysql' -e '/var/lib/mysql/auth/wordpress' && sudo chmod '600' '/var/lib/mysql/auth/wordpress'+  sudo mkdir -'/var/lib/mysql/auth&& sudo -e '/var/lib/mysql/auth/wordpress' && sudo chown -R 'mysql':'mysql' '/var/lib/mysql/auth/wordpress' && sudo chmod '600' '/var/lib/mysql/auth/wordpress' && sync
  
 <code> <code>
-[mysqldump]+[mariadb-dump]
 user=wordpress user=wordpress
 password=x</code> password=x</code>
Line 249: Line 253:
 === Service === === Service ===
  
-  mkdir -p ~/'backups' && sudo -u 'mysql' mkdir -p '/var/lib/mysql/tmp' && sudo -e '/etc/systemd/system/blog-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/blog-db.service'+  mkdir -p ~/'backups' && sudo mkdir -p '/var/lib/mysql/tmp' && sudo -e '/etc/systemd/system/blog-db.service' && sudo sed -i 's/'CHANGEME'/'$USER'/g' '/etc/systemd/system/blog-db.service'
  
 <code> <code>
Line 255: Line 259:
 Type=oneshot Type=oneshot
 WorkingDirectory=/var/lib/mysql/tmp WorkingDirectory=/var/lib/mysql/tmp
-ExecStartPre='/usr/bin/mysqldump' --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r '/var/lib/mysql/tmp/wordpress.sql'+ExecStartPre='/usr/bin/mariadb-dump' --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r '/var/lib/mysql/tmp/wordpress.sql'
 ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/wordpress.sql' ExecStart='/usr/bin/gzip' -f '/var/lib/mysql/tmp/wordpress.sql'
 ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/wordpress.sql.gz" "/home/CHANGEME/backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"' ExecStart='/usr/bin/bash' -c '"/usr/bin/mv" "/var/lib/mysql/tmp/wordpress.sql.gz" "/home/CHANGEME/backups/wordpress-database-auto-"$$(date +%%Y-%%m-%%d)".sql.gz"'
Line 262: Line 266:
 === Timer === === Timer ===
  
-  * Every day at ''04:15:00''+  * Every day at ''04:45:00''
  
   sudo -e '/etc/systemd/system/blog-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-db.timer' --now && sudo systemctl start 'blog-db' && sudo systemctl status 'blog-db' -l   sudo -e '/etc/systemd/system/blog-db.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'blog-db.timer' --now && sudo systemctl start 'blog-db' && sudo systemctl status 'blog-db' -l
Line 272: Line 276:
  
 [Timer] [Timer]
-OnCalendar=*-*-* 04:15:00+OnCalendar=*-*-* 04:45:00
 Persistent=true Persistent=true
  
Line 300: Line 304:
 **** ****
  
-  sudo -u 'mysql' mysqldump --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r ~/'wordpress-database-manual-'$(date +%Y-%m-%d)'.sql' && sync+  sudo mariadb-dump --defaults-extra-file='/var/lib/mysql/auth/wordpress' --single-transaction 'wordpress' -r ~/'wordpress-database-manual-'$(date +%Y-%m-%d)'.sql' && sync
  
 ==== Start Services ==== ==== Start Services ====
Line 314: Line 318:
 **** ****
  
-  scp espionage724@192.168.1.153:~/'wordpress-files-'*'.tar.gz' espionage724@192.168.1.153:~/'wordpress-database-'*'.sql' ~/'Downloads' && sync+  scp espionage724@192.168.1.152:~/'wordpress-files-'*'.tar.gz' espionage724@192.168.1.152:~/'wordpress-database-'*'.sql' ~/'Downloads' && sync
  
 ====== Restore ====== ====== Restore ======
Line 330: Line 334:
 **** ****
  
-  scp ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql' espionage724@192.168.1.153:~+  scp ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql' espionage724@192.168.1.152:~
  
 ==== Remove Files ==== ==== Remove Files ====
Line 336: Line 340:
 **** ****
  
-  rm -f ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql.gz' && sync+  rm -f ~/'Downloads/wordpress-files-'*'.tar.gz' ~/'Downloads/wordpress-database-'*'.sql' && sync
  
 ===== Server ===== ===== Server =====
Line 356: Line 360:
 **** ****
  
-  cd '/var/www' && sudo tar -xvzf ~/'wordpress-files-'*'.tar.gz' 'blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && cd ~ && sync +  cd '/var/www' && sudo tar -xvzf ~/'wordpress-files-'*'.tar.gz' 'blog' && sudo chown -R 'nginx':'nginx' '/var/www/blog' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/blog(/.*)?' && sudo restorecon --I -R '/var/www/blog' && cd ~ && sync
- +
-==== SELinux ==== +
- +
-  sudo semanage fcontext --deleteall "/var/www/blog(/.*)?" +
- +
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/blog(/.*)?+
- +
-  sudo restorecon --'/var/www/blog' && sync+
  
 ==== Drop Previous Database ==== ==== Drop Previous Database ====
  
-  mysql --user='root' --password+  sudo mariadb
  
   DROP DATABASE wordpress;   DROP DATABASE wordpress;
  
   FLUSH TABLES;   FLUSH TABLES;
 +
 +  EXIT
  
 ==== Re-create Databases ==== ==== Re-create Databases ====
  
-  mysql --user='root' --password+  sudo mariadb
  
   CREATE DATABASE wordpress;   CREATE DATABASE wordpress;
 +
 +  EXIT
  
 ==== Restore Database ==== ==== Restore Database ====
Line 384: Line 384:
 **** ****
  
-  mysql --user='root' --password 'wordpress' < ~/'wordpress-database-'*'.sql' && sync+  sudo mariadb 'wordpress' < ~/'wordpress-database-'*'.sql' && sync
  
 ==== Reapply Permissions ==== ==== Reapply Permissions ====
  
-  mysql --user='root' --password+  sudo mariadb
  
   GRANT ALL PRIVILEGES ON wordpress.* to 'wordpress'@'localhost' IDENTIFIED BY 'x';   GRANT ALL PRIVILEGES ON wordpress.* to 'wordpress'@'localhost' IDENTIFIED BY 'x';
  
   FLUSH PRIVILEGES;   FLUSH PRIVILEGES;
 +
 +  EXIT
  
 ==== Start Services ==== ==== Start Services ====
Line 405: Line 407:
  
   rm ~/'wordpress-files-'*'.tar.gz' ~/'wordpress-database-'*'.sql' && sync   rm ~/'wordpress-files-'*'.tar.gz' ~/'wordpress-database-'*'.sql' && sync
 +
/var/www/wiki/data/attic/servers/nginx/wordpress.1561776480.txt.gz · Last modified: 2019/06/28 22:48 by Sean Rhone