ArchLinux:Nginx: Difference between revisions

From Wiki³
No edit summary
Line 65: Line 65:
Add a new mysql user account.
Add a new mysql user account.
{{Console|1=MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO '{{cyanBold|kyau}}'@'localhost' IDENTIFIED BY '{{cyanBold|user_password}}' WITH GRANT OPTION;}}
{{Console|1=MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO '{{cyanBold|kyau}}'@'localhost' IDENTIFIED BY '{{cyanBold|user_password}}' WITH GRANT OPTION;}}
== {{Icon|notebook}} Configuration ==
== {{Icon|notebook}} PHP-FPM Configuration ==
First remove the default pool.
{{Console|1=sudo rm /etc/php/php-fpm.d/www.conf}}
Create the defaults for all pools.
{{Console|1=sudoedit /etc/php/php-fpm.d/defaults.inc}}
{{margin}}
{{Console|title=/etc/php/php-fpm.d/defaults.inc|prompt=false|1=user {{=}} http<br/>group {{=}} http<br/>listen {{=}} /run/php-fpm/php-fpm-$pool.sock<br/>listen.owner {{=}} http<br/>listen.group {{=}} http<br/>{{blackBold|; process configuration}}<br/>pm {{=}} dynamic<br/>pm.max_children {{=}} 5<br/>pm.start_servers {{=}} 2<br/>pm.min_spare_servers {{=}} 1<br/>pm.max_spare_servers {{=}} 3<br/>{{blackBold|; php.ini changes}}<br/>php_admin_flag[expose_php] {{=}} off<br/>php_admin_flag[log_errors] {{=}} on<br/>php_admin_flag[short_open_tag] {{=}} on<br/>php_admin_value[date.timezone] {{=}} America/Los_Angeles<br/>php_admin_value[error_log] {{=}} /nginx/logs/$pool/php.log<br/>php_admin_value[memory_limit] {{=}} 256M<br/>php_admin_value[post_max_size] {{=}} 2048M<br/>php_admin_value[session.save_path] {{=}} /tmp<br/>php_admin_value[upload_max_filesize] {{=}} 2048M}}
Enable global PHP extensions.
{{Console|1=sudoedit /etc/php/conf.d/defaults.ini}}
{{margin}}
{{Console|title=/etc/php/conf.d/defaults.ini|prompt=false|1=extension{{=}}bz2<br/>extension{{=}}exif<br/>extension{{=}}gd<br/>extension{{=}}gettext<br/>extension{{=}}gmp<br/>extension{{=}}iconv<br/>extension{{=}}intl<br/>extension{{=}}sodium<br/>extension{{=}}mysqli<br/>extension{{=}}odbc<br/>extension{{=}}pdo_mysql<br/>extension{{=}}pdo_odbc<br/>extension{{=}}pdo_sqlite<br/>extension{{=}}sockets<br/>extension{{=}}sqlite3<br/>{{blackBold|; opcache}}<br/>zend_extension{{=}}opcache<br/>opcache.enable {{=}} 1<br/>opcache.interned_strings_buffer {{=}} 8<br/>opcache.max_accelerated_files {{=}} 10000<br/>opcache.memory_consumption {{=}} 128<br/>opcache.save_comments {{=}} 1<br/>opcache.revalidate_freq {{=}} 1}}
Create a php-fpm pool for the domain being setup (use a different pool for each domain).
{{Console|1=sudoedit /etc/php/php-fpm.d/domain_com.conf}}
{{margin}}
{{Console|title=/etc/php/php-fpm.d/domain_com.conf|prompt=false|1={{blackBold|; $KYAULabs: domain_com.conf,v 1.0.0 2021/05/01 12:36:14 kyau Exp $}}<br/><br/>[domain_com]<br/>include {{=}} /etc/php/php-fpm.d/defaults.inc<br/>env[HOSTNAME] {{=}} domain.com<br/>env[PATH] {{=}} /usr/local/bin:/usr/bin:/bin<br/>env[TMP] {{=}} /tmp<br/>env[TMPDIR] {{=}} /tmp<br/>env[TEMP] {{=}} /tmp<br/><br/>{{blackBold|; vim: ft{{=}}dosini sw{{=}}4 ts{{=}}4 noet:}}}}




[[Category:Arch Linux]]
[[Category:Arch Linux]]

Revision as of 13:47, 1 May 2021

Icon Introduction

Icon NGINX

Beforehand be sure to determine weather the web server will be using MySQL (ie. MariaDB) or PostgreSQL.

Begin by installing NGINX, PHP and other required utilities.

# pikaur -S apache-tools composer curl minify nginx php-fpm sassc wget

Install all of the required PHP extensions.

# pikaur -S php-gd php-geoip php-imagick php-intl php-memcache php-odbc php-sqlite php-sodium xdebug

Next create the environment for the web server.

# sudo mkdir -p /nginx/conf.d /nginx/https /nginx/logs /nginx/sql /nginx/ssl /nginx/vhosts.d
 
# sudo chmod -R 770 /nginx
 
# sudo chmod 750 /nginx/sql
 
# sudo gpasswd -a username http

Icon Database

PostgreSQL

Using postgresql as a back-end will require the following setup and configuration.

# pikaur -S postgresql php-pgsql
 
# sudo chown postgres:postgres /nginx/sql
 
# sudo gpasswd -a username postgres

Swap over to the postgresql user account.

# sudo -iu postgres

Run the database initialization.

# initdb --locale en_US.UTF-8 -E UTF8 -D '/nginx/sql/data'

Return to the normal user account.

# exit

Modify the systemd service file to reflect the new data directory.

# sudo systemctl edit postgresql.service
 
filename: postgresql.service
Environment=PGROOT=/nginx/sql
PIDFile=/nginx/sql/postmaster.pid

Start and enable the systemd service.

# sudo systemctl enable --now postgresql.service

Swap back over to the postgresql user account.

# sudo -iu postgres

Create a new postgres user account.

# createuser -P --interactive
Enter name of role to add: username
Enter password for new role: ********
Enter it again: ********
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) y
Shall the new role be allowed to create more new roles? (y/n) n

MariaDB

Using mariadb as a back-end will require the following setup and configuration.

# pikaur -S mariadb
 
# sudo chown mysql:mysql /nginx/sql

Give the current logged in user access.

# sudo gpasswd -a username mysql

Create and initialize the data directory.

# mariadb-install-db --user=mysql --basedir=/usr --datadir=/nginx/sql
 
# sudoedit /etc/my.cnf.d/server.cnf
 
filename: /etc/my.cnf.d/server.cnf
[mysqld]
datadir=/nginx/sql

Start and enable the MySQL service.

# sudo systemctl enable --now mariadb.service

Secure the installation and set the root password.

# sudo mysql_secure_installation
IconThe default mysql root password is none

Connect to mysql using the root account and the password you previously set.

# sudo mysql -u root -p

Add a new mysql user account.

# MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'kyau'@'localhost' IDENTIFIED BY 'user_password' WITH GRANT OPTION;

Icon PHP-FPM Configuration

First remove the default pool.

# sudo rm /etc/php/php-fpm.d/www.conf

Create the defaults for all pools.

# sudoedit /etc/php/php-fpm.d/defaults.inc
 
filename: /etc/php/php-fpm.d/defaults.inc
user = http
group = http
listen = /run/php-fpm/php-fpm-$pool.sock
listen.owner = http
listen.group = http
; process configuration
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
; php.ini changes
php_admin_flag[expose_php] = off
php_admin_flag[log_errors] = on
php_admin_flag[short_open_tag] = on
php_admin_value[date.timezone] = America/Los_Angeles
php_admin_value[error_log] = /nginx/logs/$pool/php.log
php_admin_value[memory_limit] = 256M
php_admin_value[post_max_size] = 2048M
php_admin_value[session.save_path] = /tmp
php_admin_value[upload_max_filesize] = 2048M

Enable global PHP extensions.

# sudoedit /etc/php/conf.d/defaults.ini
 
filename: /etc/php/conf.d/defaults.ini
extension=bz2
extension=exif
extension=gd
extension=gettext
extension=gmp
extension=iconv
extension=intl
extension=sodium
extension=mysqli
extension=odbc
extension=pdo_mysql
extension=pdo_odbc
extension=pdo_sqlite
extension=sockets
extension=sqlite3
; opcache
zend_extension=opcache
opcache.enable = 1
opcache.interned_strings_buffer = 8
opcache.max_accelerated_files = 10000
opcache.memory_consumption = 128
opcache.save_comments = 1
opcache.revalidate_freq = 1

Create a php-fpm pool for the domain being setup (use a different pool for each domain).

# sudoedit /etc/php/php-fpm.d/domain_com.conf
 
filename: /etc/php/php-fpm.d/domain_com.conf
; $KYAULabs: domain_com.conf,v 1.0.0 2021/05/01 12:36:14 kyau Exp $

[domain_com]
include = /etc/php/php-fpm.d/defaults.inc
env[HOSTNAME] = domain.com
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

; vim: ft=dosini sw=4 ts=4 noet: