WORK IN PROGRESS
Well it’s time again to setup a new hosting box and as time goes by I’m goint to try out something new again. So up until now it was set into stone that I would use Debian as the OS but I got more and more fed up with old and outdated packages/versions. I looked for alternatives and well I ended up choosing freebsd over ubuntu server and centos because of ZFS!! ZFS is the server filesystem to rule em all!!! I won’t go into the details why but if you’re interested I greatly suggest taking a look. Freebsd 10 makes it fairly easy to setup the system with zfs as root file system. Well next will be installing a admin panel to make hosting some websites easier. So this tutorial is about setting up a webstack with:
-nginx -MySQL 5.6 -php 5.5 using php-fpm -postfix/dovecot
so lets start!
Install all our needed packages
(I use pkg-ng for this)
pkg install mysql56-server nginx postfix dovecot openssl wget php55 php5-mysqli php55-pdo_mysql php55-pdo_sqlite php55-bcmath php55-posix php55-filter php55-xml php55-json php55-mbstring php55-mcrypt php55-phar php55-gd php55-gettext php55-fileinfo php55-bz2 php55-zip php55-xmlreader php55-zlib php55-xsl php55-xmlwriter php55-pcntl php55-imap php55-calendar php55-soap php55-tokenizer php55-simplexml php55-pcntl php55-extensions postfix dovecot
okay now edit /etc/rc.conf and add the following
php_fpm_enable="YES" nginx_enable="YES" mysql_enable="YES"
then copy the php.ini to the correct location with
cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
a quick look with „ps -faux“ show’s that php-fpm is running fine… good so faar
MySQL
disable the strict mode since froxlor doesen’t work with that one yet 🙁
#open /usr/local/my.cnf #change the last line to sql_mode=NO_ENGINE_SUBSTITUTION
now start up our mysql server
/usr/local/etc/rc.d/mysql-server onestart
now change the password for the MySQL root user
mysql -u root # Set new root passwords UPDATE mysql.user SET Password = PASSWORD('mysecretrootpassword') WHERE User = 'root'; FLUSH PRIVILEGES; #remove anonymous accounts DROP USER ''@'localhost'; DROP USER ''@'<MYHOSTNAME>'; # you can find that out by viewing the users table with "SELECT User, Host, Password FROM mysql.user;"
Nginx
open up in your favorit editor
/usr/local/etc/nginx/nginx.conf
and put the following in it
user www www; # put this one to the number of cores avaiable to the system worker_processes 1; pid /var/run/nginx.pid; events { # in my tests this one came up to be a good number for a single core box with 4G of RAM worker_connections 1500; # multi_accept on; } http { ## # Basic Settings ## include /usr/local/etc/nginx/mime.types; default_type application/octet-stream; server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; ## # Buffer + Timeouts ## sendfile on; tcp_nopush on; tcp_nodelay on; types_hash_max_size 2048; send_timeout 2; keepalive_timeout 30; ## # Cache Settings ## open_file_cache max=5000 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 2; open_file_cache_errors on; # ssl optimizations ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; # tell clients to use https after they have connected once (thanks @Moxie) add_header Strict-Transport-Security max-age=31536000; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)" gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_buffers 16 8k; gzip_http_version 1.1; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /usr/local/etc/nginx/conf.d/*.conf; include /usr/local/etc/nginx/sites-enabled/*; }
Now create the missing directories
mkdir /usr/local/etc/nginx/conf.d mkdir /usr/local/etc/nginx/sites-enabled mkdir /var/log/nginx
now create the nginx config for the panel
/usr/local/etc/nginx/conf.d/froxlor.conf
and insert
server { listen 80 default; server_name <my.panel.domain>; access_log /var/log/nginx/access-froxlor.log; root /usr/local/www/froxlor; location / { index index.php index.html index.htm; } location ~ \.php$ { # fix for http://forum.nginx.org/read.php?2,88845,page=3 if (!-f $request_filename) { return 404; } fastcgi_index index.php; include /usr/local/etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:9000; } location ~ /\.ht { deny all; } }
if you get a
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok nginx: [emerg] mkdir() "/var/tmp/nginx/client_body_temp" failed (2: No such file or directory) nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed
Don’t worry, that’s normal since nginx wasn’t started yet and the directory wasn’t created yet =) but our’s syntax is ok so all is good! ok let’s get us some admin panel!
# change directory cd /usr/local/www/ # download latest froxlor version wget http://files.froxlor.org/releases/froxlor-latest.tar.gz # the content should go in to the folder /var/www/froxlor # note: the archive contains the folder 'froxlor' already! tar xvfz froxlor-latest.tar.gz # remove archive rm froxlor-latest.tar.gz #change owner of the directory chown -R www:www /usr/local/www/froxlor/ chmod 755 /usr/local/www/froxlor
now restart php-fpm and nginx and hope we didn’t fuck up something :O
/usr/local/etc/rc.d/php-fpm restart /usr/local/etc/rc.d/nginx restart
Browse to your froxlor installation and if everything went fine you should see the Froxlor webpage! Proceed with the Froxlor installation as asked! After the successful install let’s configure the panel since I don’t like the default path froxlor uses and to adhere FreeBSD convention user installed stuff should be placed in /usr/local/
mkdir -p /usr/local/customers/webs/ mkdir -p /usr/local/customers/logs/ mkdir -p /usr/local/customers/mail/ mkdir -p /usr/local/customers/tmp/ mkdir -p /usr/local/etc/php-fpm.d/ mkdir -p /usr/local/php-fpm/ pw groupadd froxlorlocal pw useradd froxlorlocal -g froxlorlocal -s/sbin/nologin -d/dev/null chown -R froxlorlocal:froxlorlocal /usr/local/www/froxlor
Now Login to the admin panel and navigate to
Settings -> System settings
and set the Home directory to
/usr/local/customers/webs/
hit save and then open up
Settings -> Webserver settings
Change Webserver vHost configuration file/dirname to
/usr/local/etc/nginx/sites-enabled/
Webserver diroptions configuration file/dirname to
/usr/local/etc/nginx/sites-enabled/
Webserver htpasswd dirname to
/usr/local/etc/nginx/froxlor-htpasswd/
Logfiles directory to
/usr/local/customers/logs/
Webserver reload command to
/usr/local/etc/rc.d/nginx restart
Path to fastcgi_params file to
/usr/local/etc/nginx/fastcgi_params
again, save the settings. If you wan’t to enable SSL then you should set Configure the allowed SSL ciphers to
ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
and get yourself a valid SSL certificate (I recommend StartSSL) which provides them for free. Next step is configuring pfp-fpm and to do this enable php-fpm in the Setting panel, hit save and then klick on Settings to the right of php-fpm Configuration directory of php-fpm
/usr/local/etc/php-fpm.d/
Configuration Alias-directory of php-fpm
/usr/local/php-fpm/
Temp directory
/usr/local/customers/tmp/
Global PEAR directories
/usr/local/share/php/
FastCGI IPC directory
/var/run/
php-fpm restart command
/usr/local/etc/rc.d/php-fpm restart
Process manager control (pm)
dynamic
The number of child processes
50
The number of child processes created on startup
2
The desired minimum number of idle server processes
5
The desired maximum number of idle server processes
5
Requests per child before respawning
150
Configure fpm to actually load the config files from Froxlor
open up
/usr/local/etc/php-fpm.conf
and put the pollowing at the end of the file
;;;;;;;;;;;;;;;;;;;; ; Pool Definitions ; ;;;;;;;;;;;;;;;;;;;; ; Multiple pools of child processes may be started with different listening ; ports and different management options. The name of the pool will be ; used in logs and stats. There is no limitation on the number of pools which ; FPM can handle. Your system will tell you anyway :) ; To configure the pools it is recommended to have one .conf file per ; pool in the following directory: include=/usr/local/etc/php-fpm.d/*.conf
Postfix & Dovecot
pw groupadd vmail -g 2000 pw useradd vmail -u 2000 -g 2000 -s/sbin/nologin -d/dev/null mkdir -p /usr/local/customers/mail/ chown -R vmail:vmail /usr/local/customers/mail/ chmod 0750 /usr/local/customers/mail/
Thanks) It’s really cool!
Endlich mal ein HowTo das funktioniert! Danke an den Ersteller.
MfG
Proteus
Kein Thema, sehr gerne =)
Warum „PKG“ ist kompilieren nicht besser?
Nicht wirklich. Wenn man den marginalen performance unterschied betrachtet und den aufwand sieht ist es nonsens da was selber zu kompilen (IMHO).