Форум программистов, компьютерный форум, киберфорум
IRIP
Войти
Регистрация
Восстановить пароль
Оценить эту запись

Настройка php-fpm + nginx доменов на vestacp

Запись от IRIP размещена 12.03.2020 в 09:40
Обновил(-а) IRIP 15.03.2020 в 09:33

В продолжение темы, и чтобы закрыть этот вопрос для себя (оставив заметку)...

В прошлом посте я приобрел дешевый vps, установил ubuntu 18, и настроил работу связки php7.4-fpm + nginx

В этом посте выложу листинги для настройки конфигов.
они оптимизированы для работы wordpress и instantcms 2


1. В VESTACP создаю пользователя, создаю домен пользователю.
1.1 Обязательно прописываю SSL и только потом приступаю к настройке.

2. Перехожу
/etc/php/php7.4/fpm/pool.d/

2.1 Выбираю .conf созданного домена, и дописываю в него

оригинал:
Код:
[test.site]
listen = 127.0.0.1:9003
listen.allowed_clients = 127.0.0.1

user = profit
group = profit

pm = ondemand
pm.max_children = 4
pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status

php_admin_value[upload_tmp_dir] = /home/profit/tmp
php_admin_value[session.save_path] = /home/profit/tmp

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /home/profit/tmp
env[TMPDIR] = /home/profit/tmp
env[TEMP] = /home/profit/tmp
меняю на:
Код:
[test.site]
;listen = 127.0.0.1:9003
listen.allowed_clients = 127.0.0.1

listen = /var/run/php/test-site.sock
listen.owner = www-data
listen.group = www-data
listen.mode = 0660

user = profit
group = profit

pm = ondemand
pm.max_children = 4
pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status

php_admin_value[upload_tmp_dir] = /home/profit/tmp
php_admin_value[session.save_path] = /home/profit/tmp

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /home/profit/tmp
env[TMPDIR] = /home/profit/tmp
env[TEMP] = /home/profit/tmp

3. Перехожу по
/home/profit/conf/web/test.site.nginx.conf

оригинал:
Оригинальный test.site.nginx.conf

Код:
server {
    listen      192.168.0.1:80;
    server_name test.site www.test.site;
    root        /home/profit/web/test.site/public_html;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/test.site.log combined;
    access_log  /var/log/nginx/domains/test.site.bytes bytes;
    error_log   /var/log/nginx/domains/test.site.error.log error;

    location / {

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass    127.0.0.1:9003;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
        }
    }

    error_page  403 /error/404.html;
    error_page  404 /error/404.html;
    error_page  500 502 503 504 /error/50x.html;

    location /error/ {
        alias   /home/profit/web/test.site/document_errors/;
    }

    location ~* "/\.(htaccess|htpasswd)$" {
        deny    all;
        return  404;
    }

    location /vstats/ {
        alias   /home/profit/web/test.site/stats/;
        include /home/profit/conf/web/test.site.auth*;
    }

    include     /etc/nginx/conf.d/phpmyadmin.inc*;
    include     /etc/nginx/conf.d/phppgadmin.inc*;
    include     /etc/nginx/conf.d/webmail.inc*;

    include     /home/profit/conf/web/nginx.test.site.conf*;
}


меняю на:
С изменениями test.site.nginx.conf

Код:
server {
        listen      192.168.0.1:80;     
        server_name www.test.site;
        return 301 https://test.site$request_uri;
}

server {
    listen      192.168.0.1:80;
    server_name test.site;
    root        /home/profit/web/test.site/public_html;
    return 301 https://test.site$request_uri;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/test.site.log combined;
    access_log  /var/log/nginx/domains/test.site.bytes bytes;
    error_log   /var/log/nginx/domains/test.site.error.log error;

    location / {

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass unix:/var/run/php/test-site.sock;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
        }
    }

    error_page  403 /error/404.html;
    error_page  404 /error/404.html;
    error_page  500 502 503 504 /error/50x.html;

    location /error/ {
        alias   /home/profit/web/test.site/document_errors/;
    }

    location ~* "/\.(htaccess|htpasswd)$" {
        deny    all;
        return  404;
    }

    location /vstats/ {
        alias   /home/profit/web/test.site/stats/;
        include /home/profit/conf/web/test.site.auth*;
    }

    include     /etc/nginx/conf.d/phpmyadmin.inc*;
    include     /etc/nginx/conf.d/phppgadmin.inc*;
    include     /etc/nginx/conf.d/webmail.inc*;

    include     /home/profit/conf/web/nginx.test.site.conf*;
}


* само собой, ip адрес у вас будет свой, как и пути


Код:
service nginx restart && service php7.4-fpm restart

Далее тоже самое проделываю с ssl.conf

оригинал test.site.nginx.ssl.conf
Код:
server {
    listen      192.168.0.1:443 ssl;
    server_name test.site www.test.site;
    root        /home/profit/web/test.site/public_html;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/test.site.log combined;
    access_log  /var/log/nginx/domains/test.site.bytes bytes;
    error_log   /var/log/nginx/domains/test.site.error.log error;

    ssl_certificate      /home/profit/conf/web/ssl.test.site.pem;
    ssl_certificate_key  /home/profit/conf/web/ssl.test.site.key;

    location / {

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass    127.0.0.1:9003;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
        }
    }

    error_page  403 /error/404.html;
    error_page  404 /error/404.html;
    error_page  500 502 503 504 /error/50x.html;

    location /error/ {
        alias   /home/profit/web/test.site/document_errors/;
    }

    location ~* "/\.(htaccess|htpasswd)$" {
        deny    all;
        return  404;
    }

    location /vstats/ {
        alias   /home/profit/web/test.site/stats/;
        include /home/profit/conf/web/test.site.auth*;
    }

    include     /etc/nginx/conf.d/phpmyadmin.inc*;
    include     /etc/nginx/conf.d/phppgadmin.inc*;
    include     /etc/nginx/conf.d/webmail.inc*;

    include     /home/profit/conf/web/snginx.test.site.conf*;
}



с изменениями:
Кликните здесь для просмотра всего текста
Код:
server {
        listen      192.168.0.1:443 ssl;     
        server_name www.test.site;
        return 301 https://test.site$request_uri;

    ssl_certificate      /home/profit/conf/web/ssl.test.site.pem;
    ssl_certificate_key  /home/profit/conf/web/ssl.test.site.key;

}

server {
    listen      192.168.0.1:443 ssl;
    server_name test.site;
    root        /home/profit/web/test.site/public_html;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/test.site.log combined;
    access_log  /var/log/nginx/domains/test.site.bytes bytes;
    error_log   /var/log/nginx/domains/test.site.error.log error;

    ssl_certificate      /home/profit/conf/web/ssl.test.site.pem;
    ssl_certificate_key  /home/profit/conf/web/ssl.test.site.key;

    add_header X-Cache $upstream_cache_status;
    set $skip_cache 0;
    fastcgi_ignore_headers Cache-Control Expires Set-Cookie;    
    fastcgi_cache_use_stale error timeout invalid_header http_500;

    # POST requests and urls with a query string should always go to PHP
    if ($request_method = POST) {
        set $skip_cache 1;
    }
    if ($query_string != "") {
        set $skip_cache 1;
    }
    # Don't cache uris containing the following segments
    if ($request_uri ~* "/admin/|index.php|sitemap(_index)?.xml|/store.*|/cart.*|/my-account.*|/checkout.*|/addons.*|/ideas.*|/wishlist.*") {
        set $skip_cache 1;
    }
    # Don't use the cache for cookied logged in users or recent commenters
    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart") {
        set $skip_cache 1;
    }

    location / {
 
        location ~ [^/]\.php(/|$) {
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }
            
            fastcgi_pass   unix:/var/run/php/test-site.sock;
            fastcgi_index   index.php;
            fastcgi_split_path_info ^(.+\.php)(.*)$;
            include         /etc/nginx/fastcgi_params;

            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_cache_bypass $skip_cache;
            fastcgi_no_cache $skip_cache;
            fastcgi_cache_valid 60m;
            fastcgi_read_timeout 6000;
            fastcgi_connect_timeout 6000;
            fastcgi_send_timeout 6000;
            proxy_read_timeout 6000;
            proxy_connect_timeout 6000;
            proxy_send_timeout 6000;
            send_timeout 6000;

        }

        location / {
            try_files $uri $uri/ /index.php?$query_string;
        }

        location ~ ^/cache {
            deny all;
            location ~ \.(js|css|xml)$ {
                allow all;
            }
        }

        location ~ ^/system/ {
          deny all;
        }

        location ~ ^/filters/ {
          deny all;
        }

        location ~ ^/languages/ {
          deny all;
        }

        location ~ ^/cache/ {
          deny all;
        }

        location ~* /static/.*\.(php|php3|php4|php5|php6|phps|phtml)$ {
          deny all;
        }

        location ~* /templates/.*\.(tpl|txt|php|php3|php4|php5|php6|phps|phtml)$ {
          deny all;
        }

        location ~* /upload/.*\.(php|php3|php4|php5|php6|phps|phtml)$ {
          deny all;
        }

        location ~* /wysiwyg/.*\.(php|php3|php4|php5|php6|phps|phtml)$ {
          deny all;
        }

        location /credits.txt {
          deny all;
        }

        location /readme.txt {
          deny all;
        }

        location ~ ^/license.(.*).txt$ {
          deny all;
        }

        location ~ /\. {
          deny all;
        }

        location /sitemap {
          rewrite ^/sitemap(.*).xml$ /cache/static/sitemaps/sitemap$1.xml;
        }

    }

    error_page  403 /error/404.html;
    error_page  404 /error/404.html;
    error_page  500 502 503 504 /error/50x.html;

    location /error/ {
        alias   /home/profit/web/test.site/document_errors/;
    }

    location ~* "/\.(htaccess|htpasswd)$" {
        deny    all;
        return  404;
    }

    location /vstats/ {
        alias   /home/profit/web/test.site/stats/;
        include /home/profit/conf/web/test.site.auth*;
    }

    include     /etc/nginx/conf.d/phpmyadmin.inc*;
    include     /etc/nginx/conf.d/phppgadmin.inc*;
    include     /etc/nginx/conf.d/webmail.inc*;

    include     /home/profit/conf/web/snginx.test.site.conf*;
}


это действие нужно для того, чтобы перенаправить весь трафик с www на без www
и на https



Код:
service nginx restart && service php7.4-fpm restart
Размещено в Без категории
Просмотров 121 Комментарии 1
Всего комментариев 1
Комментарии
  1. Старый комментарий
    Аватар для IRIP
    1234 тест
    Запись от IRIP размещена 12.03.2020 в 11:41 IRIP вне форума
    Обновил(-а) IRIP 27.03.2020 в 13:58
 
КиберФорум - форум программистов, компьютерный форум, программирование
Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2020, vBulletin Solutions, Inc.