Merge pull request #63 from niiknow/master

Build 1.4.3
niiknow · Oct 27, 2018 · 5ce9482 · 5ce9482
2 parents 8168a84 + d09baa2
commit 5ce9482
Show file tree

Hide file tree

Showing 5 changed files with 177 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -4,11 +4,12 @@ The ultimate control panel with docker (thanks lagun4ik for a great start)
 What's included?
 * ubuntu 16.04 lts + Vesta 0.9.8-23
 * nginx (proxy) -> apache2 -> php-fcgi - high performance and flexible implementation
-* added ability to also run php-fpm
 * ssh/sftp, letsencrypt, memcached, redis, MariaDB 10.2, postgresql 9.6, nodejs 8.x, golang 1.11, openvpn, mongodb, couchdb, .net core 2.1 runtime
 * folder redirection for data persistence and automatic daily backup provided by VestaCP
 * DNS, named, dovecot/roundcube, spamassassin, clamav, etc... -- disabled by default
 * vesta panel SSL (LE-issued) for mail and control panel - provide $HOSTNAME environment variable
+* added ability to also run [php-fpm](https://github.com/niiknow/vestacp/blob/master/docs/php-fpm.md)
+![](https://raw.githubusercontent.com/niiknow/vestacp/master/docs/images/php-fpm.png?raw=true)
 
 Run this image:
 ```
@@ -50,13 +51,11 @@ FTP was not installed on purpose because it's not secure.  Use SFTP instead on t
 - [x] phpmyadmin, phppgadmin
 - [x] Redis, Memcached
 - [x] nodejs, golang
-- [x] MariaDB/MySQL, Postgresql, Mongodb
+- [x] MariaDB/MySQL, PostgreSql, Mongodb
 - [x] add incron to monitor and immediately backup /etc/{passwd,shadow,gshadow,group}
 - [x] nginx pagespeed module
-- [x] multiple php{7.1,7.2} fcgi and fpm templates
 - [x] redirect awstats
-- [ ] java, dotnet
-- [ ] openvpn
+- [x] multiple php{7.1,7.2} fcgi and fpm templates
 
 ### your todo
 - [ ] I recommend the following:

diff --git a/docs/php-fpm.md b/docs/php-fpm.md
@@ -0,0 +1,168 @@
+# php-pfm templates
+There are two config to the php-fpm templates: fpm and nginx.  On the nginx side, you have two options: `php-fpm` or `custom`
+
+![](https://raw.githubusercontent.com/niiknow/vestacp/master/docs/images/php-fpm.png?raw=true)
+
+## nginx
+`php-fpm` template is optimize for majority of framework including concrete5, laravel, and/or wordpress.  Outside of that, you have use the `custom` template.  See some examples below.
+
+- - -
+`custom` template with [ActiveCollab](https://activecollab.com/)
+1. Choose `custom` as your nginx template and php7xfpm template for APACHE2.  Don't worry, it's not really Apache2.  It's is fpm config just re-using the same UI as APACHE2.
+2. Add a file: `/home/{user}/web/{website.example.com}/private/custom.conf`
+
+```
+    index       proxy.php;
+    access_log  /var/log/apache2/domains/{website.example.com}.log combined;
+    access_log  /var/log/apache2/domains/{website.example.com}.bytes bytes;
+
+    root "/home/{user}/web/{website.example.com}/public_html/public";
+
+    if (!-e $request_filename) {
+        rewrite ^/assets/(.*)$ /assets/$1 last;
+        rewrite ^/avatars/(.*)$ /avatars/$1 last;
+        rewrite ^/wallpapers/(.*)$ /wallpapers/$1 last;
+        rewrite ^/verify-existence$ /verify.php last;
+        rewrite ^/proxy.php$ /proxy.php last;
+        rewrite ^/api/v([0-9]*)/(.*)$ /api.php?path_info=$2&api_version=$1 last;
+        rewrite ^$ /router.php last;
+        rewrite ^(.*) /router.php?path_info=$1 last;
+    }
+
+    location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ \.php$ {
+        # force https-redirects if not http
+        if ($scheme = http) {
+           return 301 https://$server_name$request_uri;
+        }
+
+        fastcgi_pass unix:/var/run/vesta-php-fpm-{website.example.com}.sock;
+        include /etc/nginx/fastcgi_params;
+
+        # overriding default
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+
+        fastcgi_intercept_errors on;
+        if (!-e $request_filename) {
+            rewrite ^(.*) /router.php?path_info=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   /home/{user}/web/{website.example.com}/document_errors/;
+    }
+
+    include /etc/nginx/location_optmz_php.conf;
+
+    disable_symlinks if_not_owner from=/home/{user}/web/{website.example.com};
+
+```
+
+Remember to replace `{user}` and `{website.example.com}` with appropriate/valid value.
+
+- - -
+**Note**: `custom` template can be use with anything, not just for PHP.
+
+`custom` template for [Gogs](https://gogs.io/) (self-hosted git written in Golang) or any kind of service that you want to nginx proxy_pass such as service running with nodejs, dotnet, etc...
+
+1. Choose `custom` as your nginx template and `default` for APACHE2.
+2. Add a file: `/home/{user}/web/{website.example.com}/private/custom.conf`
+
+```
+location / {
+   # force https-redirects if not http
+   if ($scheme = http) {
+      return 301 https://$server_name$request_uri;
+   }
+
+   proxy_pass      http://127.0.0.1:10080;
+}
+
+location /error/ {
+   alias   /home/{user}/web/{website.example.com}/document_errors/;
+}
+
+location @fallback {
+   proxy_pass      http://127.0.0.1:10080;
+}
+
+include /etc/nginx/location_optmz_php.conf;
+```
+
+This assume that you're running Gogs Web on port 10080 so we proxy that port.  Your gogs `app.ini` may look like so:
+
+```
+$ cat app.ini
+APP_NAME = Your Git Service
+RUN_USER = {user}
+RUN_MODE = prod
+
+[database]
+DB_TYPE  = sqlite3
+HOST     = none
+NAME     = none
+USER     = none
+PASSWD   = 
+SSL_MODE = disable
+PATH     = /home/{user}/gogs/data/gogs.db
+
+[repository]
+ROOT = /home/{user}/gogs-repos
+
+[server]
+DOMAIN           = git.example.com
+HTTP_PORT        = 10080
+ROOT_URL         = https://git.example.com/
+DISABLE_SSH      = false
+START_SSH_SERVER = true
+SSH_DOMAIN       = %(DOMAIN)s
+SSH_LISTEN_HOST  = 0.0.0.0
+SSH_PORT         = 22
+SSH_LISTEN_PORT  = 10022
+OFFLINE_MODE     = false
+CERT_FILE        = custom/https/cert.pem
+KEY_FILE         = custom/https/key.pem
+ENABLE_GZIP      = true
+LANDING_PAGE     = home
+
+[mailer]
+ENABLED          = true
+HELO_HOSTNAME    = git.example.com
+HOST             = smtp.gmail.com:587
+USER             = [email protected]
+PASSWD           = your-email-password
+
+[service]
+REGISTER_EMAIL_CONFIRM = false
+ENABLE_NOTIFY_MAIL     = true
+DISABLE_REGISTRATION   = false
+ENABLE_CAPTCHA         = true
+REQUIRE_SIGNIN_VIEW    = true
+
+[picture]
+DISABLE_GRAVATAR        = false
+ENABLE_FEDERATED_AVATAR = false
+
+[session]
+PROVIDER = file
+
+[log]
+MODE      = file
+LEVEL     = Info
+ROOT_PATH = /home/{user}/gogs/log
+
+[security]
+INSTALL_LOCK = true
+SECRET_KEY   = 32AdfjlkksjdfA
+```
+
+- - -
+
diff --git a/rootfs/etc/my_init.d/startup.sh b/rootfs/etc/my_init.d/startup.sh
@@ -55,8 +55,8 @@ fi
 
 # auto ssl on start
 if [ -f /bin/vesta-auto-ssl.sh ]; then
-	echo "[i] running /bin/vesta-auto-ssl.sh"
-	bash /bin/vesta-auto-ssl.sh
+    echo "[i] running /bin/vesta-auto-ssl.sh"
+    bash /bin/vesta-auto-ssl.sh
 fi
 
 if [ ! -z "$MYPASS" ]; then

diff --git a/rootfs/sysprepz/admin/bin/vesta-auto-ssl.sh b/rootfs/sysprepz/admin/bin/vesta-auto-ssl.sh
@@ -1,11 +1,10 @@
 #!/bin/bash
 
-domain="$HOSTNAME"
-
 # get environment variables
 source /etc/container_environment.sh
 
 VESTA_PATH='/usr/local/vesta'
+domain=`/bin/hostname --fqdn`
 user='admin'
 
 # only run if hostname is valid, regex check if it has a period

diff --git a/rootfs/sysprepz/nginx-templates/php-fpm.tpl b/rootfs/sysprepz/nginx-templates/php-fpm.tpl
@@ -16,7 +16,7 @@ server {
     root        $site;
 
     location / {
-        # allow for custom handling or forcing ssl if necessary
+        # allow for custom handling
         include %docroot%/sngin*.conf;
 
         try_files $uri $uri/ /index.php$is_args$args;
@@ -46,7 +46,7 @@ server {
         fastcgi_cache_bypass $no_cache;
         fastcgi_no_cache $no_cache;
     }
-
+    
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;