Support #433
Updated by Daniel Curtis over 9 years ago
Here is a procedure to install a FreeBSD with Nginx, MariaDB and PHP server stack. If any version of the packages needs to be changed, replace the versions in the commands accordingly.
* Before installation of the components, make sure everything is up to date using the following command:
<pre>
pkg update && pkg upgrade
</pre>
* Edit the @/etc/hosts@ file and add the following line:
> 192.168.1.1 www.example.com
h2. Nginx – Installation and Configuration
* Install Nginx
<pre>
pkg install nginx
</pre>
* Add the following line to @/etc/rc.conf@:
> echo 'nginx_enable="YES"' >> /etc/rc.conf
* Start nginx:
<pre>
service nginx start
</pre>
h2. MariaDB – Installation and Configuration
* Install MariaDB 5.5 server and client
<pre>
pkg install mariadb55-{server,client}
</pre>
* Configure the MariaDB server
<pre>
cp /usr/local/share/mysql/my-small.cnf /usr/local/etc/my.cnf
</pre>
#* *my-small.cnf* - for systems with up to 64 Mb of RAM.
#* *my-medium.cnf* - for systems with up to 128 Mb of RAM (ideal for web servers).
#* *my-large.cnf* - for systems with 512 Mb of RAM (dedicated MySQL servers).
#* *my-huge.cnf* - for systems with 1-2 Gb of RAM (datacentres etc.).
* Add the following line to the file @/etc/rc.conf@:
<pre>
echo 'mysql_enable="YES"' >> /etc/rc.conf
</pre>
* Start MariaDB
<pre>
service mysql-server start
</pre>
* Set password for mysql using the following command
<pre>
mysqladmin -uroot password
</pre>
h3. Configure MariaDB
* Use the following command:
<pre>
cp /usr/local/share/mysql/my-small.cnf /usr/local/etc/my.cnf
</pre>
* Restart mysql using the following commands:
<pre>
service mysql-server restart
</pre>
h2. PHP – Installation and Configuration
* Install PHP5 and other supporting packages:
<pre>
pkg install php5
</pre>
#* Install PHP extensions:
<pre>
pkg install php5-extensions
</pre>
#* Install MySQL support for PHP:
<pre>
pkg install php5-mysql php5-mysqli php5-pdo_mysql
</pre>
#* Install the php5-session package
<pre>
pkg install php5-session
</pre>
*NOTE*: There are many more PHP modules, to search for more PHP modules run:
<pre>
pkg search php5
</pre>
*NOTE*: PHP capabilities can be further extended by using PECL packages, to search for more PECL packages run:
<pre>
pkg search pecl
</pre>
* Configure the default PHP settings
<pre>
cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
</pre>
h3. Configure PHP-FPM
* Edit @/usr/local/etc/php-fpm.conf@:
<pre>
vi /usr/local/etc/php-fpm.conf
</pre>
#* Make the following changes:
> events.mechanism = kqueue
> listen = /var/run/php-fpm.sock
> listen.owner = www
> listen.group = www
> listen.mode = 0666
* Enable PHP-FPM in @/etc/rc.conf@:
<pre>
echo 'php_fpm_enable="YES"' >> /etc/rc.conf
</pre>
* Start PHP-FPM:
<pre>
service php-fpm start
</pre>
h3. Configure Nginx for PHP-FPM:
* Create a directory for a PHP web application or site:
<pre>
mkdir /usr/local/www/www.example.com
</pre>
* Edit @/usr/local/etc/nginx/nginx.conf@:
vi /usr/local/etc/nginx/nginx.conf
#* Add the following inside the @server{ }@ block:
<pre>
http {
...
server {
...
listen 80;
server_name localhost;
root /usr/local/www/www.example.com;
access_log /var/log/www.example.com-access.log;
error_log /var/log/www.example.com-error.log
location / {
index index.php index.html index.htm;
}
# For all PHP requests, pass them on to PHP-FPM via FastCGI
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME /usr/local/www/www.example.com$fastcgi_script_name; /usr/local/www/nginx$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include fastcgi_params; # include extra FCGI params
}
...
}
...
}
</pre>
The PHP support in FreeBSD is extremely modular so the base install is very limited. It is very easy to add support using the _lang/php5-extensions_ port. This port provides a menu driven interface to PHP extension installation. Alternatively, individual extensions can be installed using the appropriate port.
* Restart nginx:
<pre>
service nginx restart
</pre>
h3. Install the Phusion Passenger module
* Reinstall Nginx with Passenger support
<pre>
portsnap fetch extract
cd /usr/ports/www/nginx
make config
make install clean
rehash
mkdir /usr/local/etc/nginx/conf.d
</pre>
NOTE: Make sure to enable [X]PASSENGER when running @make config@
* Configuring Nginx and Passenger
Edit the @/usr/local/etc/nginx/nginx.conf@ file to match:
<pre>
user www www;
## Change to match number of CPU cores
worker_processes 1;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
passenger_root /usr/local/lib/ruby/gems/1.9/gems/passenger-4.0.29;
passenger_ruby /usr/local/bin/ruby;
passenger_max_pool_size 15;
passenger_pool_idle_time 300;
#passenger_spawn_method direct; # Uncomment on Ruby 1.8 for ENC to work
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
# Load config files from the /etc/nginx/conf.d directory
include /usr/local/etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name www.example.com;
passenger_enabled on;
passenger_user www;
passenger_group www;
access_log /var/log/nginx/dashboard_access.log;
root /usr/local/www/rubyapp/public;
}
server {
listen 443 ssl;
server_name www.example.com;
passenger_enabled on;
passenger_set_cgi_param HTTP_X_CLIENT_DN $ssl_client_s_dn;
passenger_set_cgi_param HTTP_X_CLIENT_VERIFY $ssl_client_verify;
passenger_user www;
passenger_group www;
access_log /var/log/nginx/puppet_access.log;
root /usr/local/www/rubyapp/public;
ssl_certificate /var/puppet/ssl/certs/www.example.com.pem;
ssl_certificate_key /var/puppet/ssl/private_keys/www.example.com.pem;
ssl_crl /var/puppet/ssl/ca/ca_crl.pem;
ssl_client_certificate /var/puppet/ssl/certs/ca.pem;
ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA;
ssl_prefer_server_ciphers on;
ssl_verify_client optional;
ssl_verify_depth 1;
ssl_session_cache shared:SSL:128m;
ssl_session_timeout 5m;
}
}
</pre>
h3. Install and configure phpMyAdmin
* Install phpmyadmin:
<pre>
pkg install phpmyadmin
</pre>
* Setup phpMyAdmin for nginx by adding the following to the server{ } block in /usr/local/etc/nginx/nginx.conf:
<pre>
## phpMyAdmin
location ^~ /phpmyadmin {
access_log off;
rewrite ^ /phpMyAdmin/ permanent;
}
location /phpMyAdmin {
root /usr/local/www/phpMyAdmin;
index index.php index.html;
## Only Allow connections from localhost
allow 127.0.0.1;
deny all;
location ~ ^/phpMyAdmin/(.*\.php)$ {
root /usr/local/www/phpMyAdmin;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME /usr/local/www/phpMyAdmin$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include fastcgi_params; # include extra FCGI params
}
}
</pre>
Now its time to configure phpMyAdmin. Do this by creating the file @/usr/local/www/phpMyAdmin/config.inc.php@, the basic configuration file for phpMyAdmin. Traditionally, users have manually created or modified @/usr/local/www/phpMyAdmin/config.inc.php@, but now phpMyAdmin includes a nice setup script, making it much easier to create this file with the settings you want.
* Start by creating the directory /usr/local/www/phpMyAdmin/config and make it writable by the phpMyAdmin setup script:
<pre>
mkdir /usr/local/www/phpMyAdmin/config
chmod o+w /usr/local/www/phpMyAdmin/config
</pre>
* Then make @/usr/local/www/phpMyAdmin/config.inc.php@ readable by the phpMyAdmin setup script:
<pre>
chmod o+r /usr/local/www/phpMyAdmin/config.inc.php
</pre>
* Now open your web browser and navigate to http://www.example.com/phpmyadmin/setup where you will see the phpMyAdmin setup _Overview_ page.
* Select *New Server* and then select the *Authentication* tab.
*# Under the *Authentication type* choose +http+ from the drop-down list (using HTTP-Auth to sign-in into phpMyAdmin will avoid storing login/password credentials directly in config.inc.php)
*# And remove +root+ from the *User for config auth*.
* Now select *Apply* and you will be returned you to the Overview page where you should see a new server listed.
* Select *Save* again in the Overview page to save your configuration as @/usr/local/www/phpMyAdmin/config/config.inc.php@.
* Now let’s move that file up one directory to @/usr/local/www/phpMyAdmin@ where phpMyAdmin can make use of it.
<pre>
mv /usr/local/www/phpMyAdmin/config/config.inc.php /usr/local/www/phpMyAdmin
</pre>
* Now let’s try out phpMyAdmin to make sure it works. Point your web browser to http://www.example.com/phpmyadmin where you will be presented with a pop-up box requesting you to log in.
Use “root” and the MySQL password you set up previously, then you should be directed to the phpMyAdmin administration page.
* We no longer need the /usr/local/www/phpMyAdmin/config directory so let’s remove it, and the read permission we added previously to /usr/local/www/phpMyAdmin/config.inc.php:
<pre>
rm -r /usr/local/www/phpMyAdmin/config
chmod o-r /usr/local/www/phpMyAdmin/config.inc.php
</pre>
* And wrap up by restarting the Apache and MySQL servers:
<pre>
service apache24 restart
service mysql-server restart
</pre>
h2. *(Extra)* Easily deploying web applications
Now that the Nginx, MariaDB, PHP stack is operational, web applications can be run from this server. This can be done a number of ways, like using VHosts. However, if you want a single web application dedicated for the server, then FreeBSD already has a number of PHP/MySQL web applications in either the ports tree or pkg that allow for easy installation and upgrading.
* Start by creating a database using phpMyAdmin, or command line.
h3. Deploy a web application
The following is a list of useful open source web applications that I use:
* Install ownCloud
<pre>
rm /usr/local/www/apache24/data
pkg install owncloud
chown -R www:www /usr/local/www/owncloud/
ln -s /usr/local/www/owncloud /usr/local/www/apache24/data
</pre>
* Install WordPress
<pre>
rm /usr/local/www/apache24/data
pkg install wordpress
chown -R www:www /usr/local/www/wordpress/
ln -s /usr/local/www/wordpress /usr/local/www/apache24/data
</pre>
* Install Magento
<pre>
rm /usr/local/www/apache24/data
pkg install magento
chown -R www:www /usr/local/www/magento/
ln -s /usr/local/www/magento /usr/local/www/apache24/data
</pre>
* Install Piwik
<pre>
rm /usr/local/www/apache24/data
pkg install piwik
chown -R www:www /usr/local/www/piwik/
ln -s /usr/local/www/piwik /usr/local/www/apache24/data
</pre>
* Install Redmine (Not PHP; read Passenger install above)
<pre>
rm /usr/local/www/apache24/data
pkg install redmine
chown -R www:www /usr/local/www/redmine/
ln -s /usr/local/www/redmine/public /usr/local/www/apache24/data
</pre>
h2. Resources
http://forums.freebsd.org/viewtopic.php?t=30268