servers:nginx:lychee
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
servers:nginx:lychee [2018/12/08 20:18] – [Server Block] Sean Rhone | servers:nginx:lychee [2023/06/27 12:48] (current) – Sean Rhone | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Information ====== | ||
+ | |||
+ | * Lychee ((https:// | ||
+ | * [[Information: | ||
+ | * https:// | ||
+ | |||
+ | ===== Prerequisites ===== | ||
+ | |||
+ | * [[distros: | ||
+ | * [[servers: | ||
+ | * [[servers: | ||
+ | * [[servers: | ||
+ | |||
+ | ===== Notes ===== | ||
+ | |||
+ | * :!: Somewhat WIP still | ||
+ | |||
+ | ====== Dependencies ====== | ||
+ | |||
+ | * https:// | ||
+ | |||
+ | sudo dnf install php-bcmath php-gd php-pecl-imagick php-mbstring php-pdo php-mysqlnd perl-Image-ExifTool ffmpeg-free composer | ||
+ | |||
+ | ====== Download Source ====== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo git clone --branch ' | ||
+ | |||
+ | ====== PHP Dependencies ====== | ||
+ | |||
+ | **** | ||
+ | |||
+ | cd '/ | ||
+ | |||
+ | ====== Database ====== | ||
+ | |||
+ | sudo mysql | ||
+ | |||
+ | CREATE DATABASE lychee; | ||
+ | |||
+ | GRANT ALL PRIVILEGES ON lychee.* to ' | ||
+ | |||
+ | FLUSH PRIVILEGES; | ||
+ | |||
+ | EXIT | ||
+ | |||
+ | ====== Lychee Config ====== | ||
+ | |||
+ | * https:// | ||
+ | |||
+ | sudo -u ' | ||
+ | |||
+ | < | ||
+ | DB_CONNECTION=" | ||
+ | DB_DATABASE=" | ||
+ | DB_USERNAME=" | ||
+ | DB_PASSWORD=x | ||
+ | DB_SOCKET="/ | ||
+ | |||
+ | ====== nginx + PHP-FPM Configuration ====== | ||
+ | |||
+ | ===== PHP-FPM Socket ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [media] | ||
+ | |||
+ | ; User/Group | ||
+ | user = nginx | ||
+ | group = nginx | ||
+ | |||
+ | ; Socket | ||
+ | listen = / | ||
+ | listen.acl_users = nginx | ||
+ | listen.allowed_clients = 127.0.0.1 | ||
+ | |||
+ | ; Process Management | ||
+ | pm = ondemand | ||
+ | pm.max_children = 4 | ||
+ | pm.process_idle_timeout = 30 | ||
+ | |||
+ | ; Fedora php.ini Defaults | ||
+ | php_value[session.save_handler] = " | ||
+ | php_value[session.save_path] = "/ | ||
+ | |||
+ | ; General | ||
+ | php_value[date.timezone] = " | ||
+ | php_value[max_execution_time] = " | ||
+ | php_value[memory_limit] = " | ||
+ | php_value[post_max_size] = " | ||
+ | php_value[upload_max_filesize] = " | ||
+ | php_value[max_file_uploads] = " | ||
+ | |||
+ | ; End</ | ||
+ | |||
+ | < | ||
+ | php_value[upload_tmp_dir] = "/ | ||
+ | |||
+ | ===== FastCGI ===== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | # PHP-FPM | ||
+ | location = /index.php { | ||
+ | fastcgi_split_path_info ^(.+? | ||
+ | |||
+ | fastcgi_param PHP_VALUE " | ||
+ | max_execution_time=200 | ||
+ | upload_max_filesize=100M | ||
+ | memory_limit=512M"; | ||
+ | |||
+ | fastcgi_intercept_errors on; | ||
+ | fastcgi_param HTTP_PROXY ""; | ||
+ | fastcgi_index index.php; | ||
+ | include fastcgi_params; | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | fastcgi_param PATH / | ||
+ | fastcgi_param PATH_INFO $fastcgi_path_info; | ||
+ | fastcgi_pass unix:/ | ||
+ | }</ | ||
+ | |||
+ | ===== Server Block ===== | ||
+ | |||
+ | * https:// | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | server { | ||
+ | listen ' | ||
+ | server_name ' | ||
+ | root '/ | ||
+ | index ' | ||
+ | |||
+ | include '/ | ||
+ | include '/ | ||
+ | |||
+ | client_max_body_size ' | ||
+ | |||
+ | add_header Content-Security-Policy " | ||
+ | |||
+ | # access_log | ||
+ | # error_log | ||
+ | |||
+ | if (!-e $request_filename) | ||
+ | { | ||
+ | rewrite ^/(.*)$ / | ||
+ | break; | ||
+ | } | ||
+ | |||
+ | location ~ [^/ | ||
+ | return 403; | ||
+ | } | ||
+ | |||
+ | rewrite ^/(.+)/$ /$1 permanent; | ||
+ | }</ | ||
+ | |||
+ | ====== Initial Setup ====== | ||
+ | |||
+ | * https:// | ||
+ | |||
+ | ====== Settings ====== | ||
+ | |||
+ | * Date Format: Y/m/d | ||
+ | |||
+ | ====== Services ====== | ||
+ | |||
+ | ===== Updater ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | User=nginx | ||
+ | Group=nginx | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | Environment=" | ||
+ | ExecStartPre='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | ExecStartPost='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ==== Timer ==== | ||
+ | |||
+ | * Every day at '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=Lychee Git Updater | ||
+ | After=network-online.target | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-* 04:00:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ===== Maintenance ===== | ||
+ | |||
+ | ==== Service ==== | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | User=nginx | ||
+ | Group=nginx | ||
+ | Type=oneshot | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | ==== Timer ==== | ||
+ | |||
+ | * '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=Lychee Maintenance | ||
+ | After=network-online.target | ||
+ | Wants=network-online.target | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-01 04:20:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ===== Backup ===== | ||
+ | |||
+ | ==== Files ==== | ||
+ | |||
+ | === Service === | ||
+ | |||
+ | mkdir -p ~/' | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStartPre='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | === Timer === | ||
+ | |||
+ | * '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=Lychee Files Backup | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-01 04:50:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ==== Database ==== | ||
+ | |||
+ | === Database Auth === | ||
+ | |||
+ | sudo -u ' | ||
+ | |||
+ | < | ||
+ | [mysqldump] | ||
+ | user=lychee | ||
+ | password=x</ | ||
+ | |||
+ | === Service === | ||
+ | |||
+ | mkdir -p ~/' | ||
+ | |||
+ | < | ||
+ | [Service] | ||
+ | Type=oneshot | ||
+ | WorkingDirectory=/ | ||
+ | ExecStartPre='/ | ||
+ | ExecStart='/ | ||
+ | ExecStart='/ | ||
+ | ExecStartPost='/ | ||
+ | |||
+ | === Timer === | ||
+ | |||
+ | * Every day at '' | ||
+ | |||
+ | sudo -e '/ | ||
+ | |||
+ | < | ||
+ | [Unit] | ||
+ | Description=Lychee Database Backup | ||
+ | After=mariadb.service | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar=*-*-* 04:15:00 | ||
+ | Persistent=true | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=timers.target</ | ||
+ | |||
+ | ====== Backup ====== | ||
+ | |||
+ | * Create backup archive on server and transfer to client computer | ||
+ | |||
+ | ===== Server ===== | ||
+ | |||
+ | ==== Stop Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl stop nginx php-fpm | ||
+ | |||
+ | ==== Backup Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | cd '/ | ||
+ | |||
+ | ==== Backup Database ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo mysqldump --defaults-extra-file='/ | ||
+ | |||
+ | ==== Start Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl start nginx php-fpm | ||
+ | |||
+ | ===== Client ===== | ||
+ | |||
+ | ==== Transfer Files To Client ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | scp espionage724@192.168.1.152: | ||
+ | |||
+ | ====== Restore ====== | ||
+ | |||
+ | ===== Client ===== | ||
+ | |||
+ | ==== Uncompress Database ==== | ||
+ | |||
+ | * This is only needed if restoring an **automated** database backup ((manual doesn' | ||
+ | |||
+ | gunzip ~/' | ||
+ | |||
+ | ==== Transfer Files To Server ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | scp ~/' | ||
+ | |||
+ | ==== Remove Files ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | rm -f ~/' | ||
+ | |||
+ | ===== Server ===== | ||
+ | |||
+ | ==== Stop Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl stop nginx php-fpm | ||
+ | |||
+ | ==== Remove Previous Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo rm -Rf '/ | ||
+ | |||
+ | ==== Restore Lychee Folder ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | cd '/ | ||
+ | |||
+ | ==== Drop Previous Database ==== | ||
+ | |||
+ | sudo mysql | ||
+ | |||
+ | DROP DATABASE lychee; | ||
+ | |||
+ | FLUSH TABLES; | ||
+ | |||
+ | EXIT | ||
+ | |||
+ | ==== Re-create Databases ==== | ||
+ | |||
+ | sudo mysql | ||
+ | |||
+ | CREATE DATABASE lychee; | ||
+ | |||
+ | EXIT | ||
+ | |||
+ | ==== Restore Database ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo mysql ' | ||
+ | |||
+ | ==== Reapply Permissions ==== | ||
+ | |||
+ | sudo mysql | ||
+ | |||
+ | GRANT ALL PRIVILEGES ON lychee.* to ' | ||
+ | |||
+ | FLUSH PRIVILEGES; | ||
+ | |||
+ | EXIT | ||
+ | |||
+ | ==== Start Services ==== | ||
+ | |||
+ | **** | ||
+ | |||
+ | sudo systemctl start nginx php-fpm | ||
+ | |||
+ | ==== Remove Backups ==== | ||
+ | |||
+ | * Verify that Lychee works before running | ||
+ | |||
+ | rm ~/' | ||
C:/www/wiki/data/pages/servers/nginx/lychee.txt · Last modified: 2023/06/27 12:48 by Sean Rhone