From 39724043fe48fcad1529d95a0dec1918d47b3cd5 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 25 Nov 2021 14:20:16 +0100 Subject: [PATCH 1/6] Fixed php session save permission problem --- CMS/Backend/Fpm-Pool.conf-unconfigured | 1 + CMS/Backend/conf.sh | 2 ++ .../Fpm-Pool.conf-unconfigured | 1 + CMS/frontcontroller/conf.sh | 1 + CMS/nextcloud/Fpm-Pool.conf-unconfigured | 2 ++ CMS/nextcloud/conf.sh | 1 + CMS/none/Fpm-Pool.conf-unconfigured | 2 ++ CMS/none/conf.sh | 1 + CMS/wordpress/Fpm-Pool.conf-unconfigured | 2 ++ CMS/wordpress/conf.sh | 1 + Scripts/Php-EnableSessionsToRam.sh | 25 +++++++++++++++++++ SubModules/php-fpm/conf.sh | 4 +++ SubModules/php-fpm/preconf.sh | 2 +- 13 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 Scripts/Php-EnableSessionsToRam.sh diff --git a/CMS/Backend/Fpm-Pool.conf-unconfigured b/CMS/Backend/Fpm-Pool.conf-unconfigured index 84305a2..646dd38 100644 --- a/CMS/Backend/Fpm-Pool.conf-unconfigured +++ b/CMS/Backend/Fpm-Pool.conf-unconfigured @@ -5,6 +5,7 @@ listen = /var/run/php/phpPHPver-fpm-Backend.sock listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system +php_value[session.save_path] = /var/lib/php/sessions php_admin_value[opcache.enable] = 0 php_admin_value[max_input_vars] = 5000 php_admin_value[upload_max_filesize] = 256M diff --git a/CMS/Backend/conf.sh b/CMS/Backend/conf.sh index d06ab41..63cafdd 100644 --- a/CMS/Backend/conf.sh +++ b/CMS/Backend/conf.sh @@ -3,6 +3,8 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/Backen sed -i 's/PHPver/'$phpver'/' "$phpPoolDir"/Backend.conf groupadd Backend useradd -g Backend Backend +usermod -a -G www-data Backend + #PHPMyAdmin configuration touch /var/log/PhpMyAdmin/PhpMyAdmin_auth.log chown Backend:Backend -R /usr/share/phpmyadmin diff --git a/CMS/frontcontroller/Fpm-Pool.conf-unconfigured b/CMS/frontcontroller/Fpm-Pool.conf-unconfigured index 565f728..c4ac1bc 100644 --- a/CMS/frontcontroller/Fpm-Pool.conf-unconfigured +++ b/CMS/frontcontroller/Fpm-Pool.conf-unconfigured @@ -6,6 +6,7 @@ listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log +php_value[session.save_path] = /var/lib/php/sessions ; OPCACHE SETTINGS php_admin_value[opcache.memory_consumption] = 256 diff --git a/CMS/frontcontroller/conf.sh b/CMS/frontcontroller/conf.sh index e05a832..f193ca0 100644 --- a/CMS/frontcontroller/conf.sh +++ b/CMS/frontcontroller/conf.sh @@ -27,6 +27,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/frontc sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" +usermod -a -G www-data "$sitename" systemctl reload $phpFPMService diff --git a/CMS/nextcloud/Fpm-Pool.conf-unconfigured b/CMS/nextcloud/Fpm-Pool.conf-unconfigured index df062c8..83335ca 100644 --- a/CMS/nextcloud/Fpm-Pool.conf-unconfigured +++ b/CMS/nextcloud/Fpm-Pool.conf-unconfigured @@ -6,6 +6,8 @@ listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,system php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log +php_value[session.save_path] = /var/lib/php/sessions + ; OPCACHE SETTINGS php_admin_value[opcache.memory_consumption] = 256 php_admin_value[opcache.enable] = 0 diff --git a/CMS/nextcloud/conf.sh b/CMS/nextcloud/conf.sh index c27fa16..6d5ddae 100644 --- a/CMS/nextcloud/conf.sh +++ b/CMS/nextcloud/conf.sh @@ -3,6 +3,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/nextcl sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/g' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" +usermod -a -G www-data "$sitename" mkdir -p /var/www/"$domain"/html/data #Getting Nextcloud diff --git a/CMS/none/Fpm-Pool.conf-unconfigured b/CMS/none/Fpm-Pool.conf-unconfigured index b0770ee..6167957 100644 --- a/CMS/none/Fpm-Pool.conf-unconfigured +++ b/CMS/none/Fpm-Pool.conf-unconfigured @@ -6,6 +6,8 @@ listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log +php_value[session.save_path] = /var/lib/php/sessions + ; OPCACHE SETTINGS php_admin_value[opcache.memory_consumption] = 256 php_admin_value[opcache.enable] = 0 diff --git a/CMS/none/conf.sh b/CMS/none/conf.sh index 146ec4d..0ad8337 100644 --- a/CMS/none/conf.sh +++ b/CMS/none/conf.sh @@ -12,6 +12,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/F sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" +usermod -a -G www-data "$sitename" systemctl reload $phpFPMService fi diff --git a/CMS/wordpress/Fpm-Pool.conf-unconfigured b/CMS/wordpress/Fpm-Pool.conf-unconfigured index 108526b..8c4b872 100644 --- a/CMS/wordpress/Fpm-Pool.conf-unconfigured +++ b/CMS/wordpress/Fpm-Pool.conf-unconfigured @@ -6,6 +6,8 @@ listen.owner = www-data listen.group = www-data php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log php_admin_value[disable_functions] = exec,passthru,shell_exec,system +php_value[session.save_path] = /var/lib/php/sessions + ; OPCACHE SETTINGS php_admin_value[opcache.memory_consumption] = 256 php_admin_value[opcache.enable] = 0 diff --git a/CMS/wordpress/conf.sh b/CMS/wordpress/conf.sh index 7e11d10..9f8db54 100644 --- a/CMS/wordpress/conf.sh +++ b/CMS/wordpress/conf.sh @@ -37,6 +37,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/wordpr sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/g' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" +usermod -a -G www-data "$sitename" systemctl reload $phpFPMService diff --git a/Scripts/Php-EnableSessionsToRam.sh b/Scripts/Php-EnableSessionsToRam.sh new file mode 100644 index 0000000..0951df0 --- /dev/null +++ b/Scripts/Php-EnableSessionsToRam.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +####################################################### +# @description: # +# Setup the PHP session folder as a Ramdisk / tmpfs # +# This will store session info in memory # +# # +# @author: Bram Prieshof # +####################################################### + +#sysCheck +if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi +if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi +source /etc/ICTM/phpvar.list + +#Stop php service +systemctl stop $phpFPMService +#Reset php session folder +rm -rf /var/lib/php/sessions +mkdir -p /var/lib/php/sessions +#Create memdisk/Tmpfs and mount it +echo "tmpfs /var/lib/php/sessions tmpfs size=32m,uid=$(id -u www-data),gid=$(id -g www-data),mode=0773 0 0" >> /etc/fstab +mount -a +#start php service +systemctl stop $phpFPMService \ No newline at end of file diff --git a/SubModules/php-fpm/conf.sh b/SubModules/php-fpm/conf.sh index 32f44be..4cbbcb7 100644 --- a/SubModules/php-fpm/conf.sh +++ b/SubModules/php-fpm/conf.sh @@ -15,6 +15,10 @@ sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' "$phpMainConf" sed -i 's/post_max_size = 8/post_max_size = 64/g' "$phpMainConf" +#Php session to disk +chown www-data:www-data /var/lib/php/sessions +chmod 1773 /var/lib/php/sessions + if [ "$shortdist" = "el8" ]; then # Centos Mysql config echo "pdo_mysql.default_socket = '/var/run/mysqld/mysqld.sock'" >> /etc/opt/remi/php${phpver//.}/php.d/60-mysql_sock.ini diff --git a/SubModules/php-fpm/preconf.sh b/SubModules/php-fpm/preconf.sh index 79fe42c..ed060e4 100644 --- a/SubModules/php-fpm/preconf.sh +++ b/SubModules/php-fpm/preconf.sh @@ -12,7 +12,7 @@ elif [ "$shortdist" = "el8" ]; then phpMainConf=/etc/opt/remi/php${phpver//.}/php.ini phpFPMService=php${phpver//.}-php-fpm #Creating Socket directory - mkdir -p /var/run/php + mkdir -p /var/run/php /var/lib/php/sessions fi #Setting php version branch -- 2.49.1 From 296a68dc2e10b195636562ac89f0e19250a58b19 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Nov 2021 19:56:32 +0100 Subject: [PATCH 2/6] CMS:Nextcloud, fixed first-run video --- CMS/nextcloud/Nginx-unconfigured | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMS/nextcloud/Nginx-unconfigured b/CMS/nextcloud/Nginx-unconfigured index 68dee3f..d9cca6d 100644 --- a/CMS/nextcloud/Nginx-unconfigured +++ b/CMS/nextcloud/Nginx-unconfigured @@ -77,7 +77,7 @@ location ~ \.(?:css|js|woff2?|svg|gif|map)$ { access_log off; } -location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { +location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { try_files $uri /index.php$request_uri; access_log off; } -- 2.49.1 From 459d61b348f74fdf6b4db41d0e24c738828ff072 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 20 Jan 2022 14:40:33 +0100 Subject: [PATCH 3/6] PhpUpdater: Fixed mistake and cleaned up promts --- PhpUpdater.sh | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/PhpUpdater.sh b/PhpUpdater.sh index f8188b2..d4dd556 100644 --- a/PhpUpdater.sh +++ b/PhpUpdater.sh @@ -16,7 +16,6 @@ elif [ "$shortdist" = "deb10" ]|| [ "$shortdist" = "deb11" ]; then apt update if ! ls /var/lib/apt/lists/packages.sury.org_php*_Packages > /dev/null 2>&1 ; then echo 'PHP(Sury) repo not installed' && echo 'Install using: curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=php bash' && exit ; fi RepoVersion=`grep -h '^Package: php' /var/lib/apt/lists/packages.sury.org*_Packages| cut -f1 -d"-" | sort | tail -1| sed -e 's/Package: php//'` -fi elif [ "$shortdist" = "el8" ]; then dnf check-update --refresh RepoVersion=`dnf list php* | awk '{print $1; }' | cut -f1 -d"-"| tail -1 |sed 's/php//' | sed 's/./&./1'` @@ -30,17 +29,16 @@ msg () { fi } -msg "Current php version: $phpver" if [ $IMODE = n ]; then # Legacy/Main Menu PKGD="debconf-apt-progress -- apt purge -y" #Menu - if (whiptail --title "Set new php version?" --yesno "Install php version $RepoVersion ?" 8 78); then + if (whiptail --title "Php Upgrader" --yesno " Current php version is $phpver, and $RepoVersion the is latest available version" --yes-button "Yes, upgrade to this version" --no-button "No, i want to choose" 8 100); then newphpver=$RepoVersion else - newphpver=$(whiptail --inputbox "Please enter the version to install" --nocancel --title "Custom" 8 39 3>&1 1>&2 2>&3) + newphpver=$(whiptail --inputbox "Please enter the version to install" --nocancel --title "Php Upgrader" 8 50 3>&1 1>&2 2>&3) fi fi @@ -50,7 +48,7 @@ if [ $IMODE = l ]; then #Menu while true; do - read -p "Set phpversion to version $RepoVersion ? -> yes/no?" yn + read -p "Current php version is $phpver, and $RepoVersion the is latest available version -> Yes, upgrade to this version/No, i want to choose? " yn case $yn in [Yy]* ) newphpver=$RepoVersion break;; @@ -95,7 +93,7 @@ if [ $IMODE = l ]; then if [ $IMODE = n ]; then #Purge - if (whiptail --title "Set new php version?" --yesno "Remove php $phpver ?" 8 78); then + if (whiptail --title "Php Upgrader" --yesno "Remove old php version ($phpver) ?" 8 78); then PhpPurge=1 $PKGP -y $phpPkgName* else @@ -108,7 +106,7 @@ fi if [ $IMODE = l ]; then #Purge while true; do - read -p "Remove php $phpver ? -> yes/no?" yn + read -p "Remove old php version ($phpver) ? -> yes/no?" yn case $yn in [Yy]* ) PhpPurge=1 ; $PKGP $phpPkgName* break;; -- 2.49.1 From e583fa73575e4324f749e29dcbd026273cda2448 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 16 Feb 2022 21:59:50 +0000 Subject: [PATCH 4/6] CMS-Nextcloud: update opchache config php pool --- CMS/nextcloud/Fpm-Pool.conf-unconfigured | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CMS/nextcloud/Fpm-Pool.conf-unconfigured b/CMS/nextcloud/Fpm-Pool.conf-unconfigured index 83335ca..f07220a 100644 --- a/CMS/nextcloud/Fpm-Pool.conf-unconfigured +++ b/CMS/nextcloud/Fpm-Pool.conf-unconfigured @@ -16,6 +16,8 @@ php_admin_value[opcache.max_accelerated_files] = 50000 php_admin_value[opcache.max_wasted_percentage] = 5 php_admin_value[opcache.revalidate_freq] = 0 php_admin_value[opcache.validate_timestamps] = 1 +php_admin_value[opcache.interned_strings_buffer] = 64 + ; PERFORMANCE LIMITS php_admin_value[max_input_vars] = 1000 -- 2.49.1 From 9222904ab2d4e20ac947756fa3ba874bf30966e3 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 21 Apr 2022 14:39:14 +0200 Subject: [PATCH 5/6] CMS-Nextcloud: Update nginx config for beter Talk compatibility --- CMS/nextcloud/Nginx-unconfigured | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/CMS/nextcloud/Nginx-unconfigured b/CMS/nextcloud/Nginx-unconfigured index d9cca6d..515f0bf 100644 --- a/CMS/nextcloud/Nginx-unconfigured +++ b/CMS/nextcloud/Nginx-unconfigured @@ -20,7 +20,7 @@ gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; -gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; +gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; location = /robots.txt { allow all; @@ -67,7 +67,7 @@ location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { index index.php; } -location ~ \.(?:css|js|woff2?|svg|gif|map)$ { +location ~ \.(?:css|js|svg|gif|png|jpg|ico|wasm|tflite|map)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463"; add_header Referrer-Policy "no-referrer" always; @@ -75,6 +75,15 @@ location ~ \.(?:css|js|woff2?|svg|gif|map)$ { add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; access_log off; + location ~ \.wasm$ { + default_type application/wasm; + } +} + +location ~ \.woff2?$ { + try_files $uri /index.php$request_uri; + expires 7d; + access_log off; } location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { -- 2.49.1 From be98df66a93d525327f2c3394436c98be3880873 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 21 Apr 2022 15:17:28 +0200 Subject: [PATCH 6/6] Main: Updated way DB names are generated Switch from geting folder count in /var/www to using SiteCount variable stored in /etc/ICTM/sites.count, installer.sh has static 1, AppendCMS gets the file an increments it by one. Fallback is build in for systems without sites.count --- AppendCMS.sh | 6 ++++++ CMS/frontcontroller/conf.sh | 5 ++--- CMS/nextcloud/conf.sh | 5 ++--- CMS/wordpress/conf.sh | 5 ++--- installer.sh | 3 ++- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 8e38cea..620229d 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -30,6 +30,11 @@ fi rm /tmp/pkg.list > $OUTPUT 2>&1 source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) +#SiteCount +if [ ! -f "/etc/ICTM/sites.count" ]; then SiteCount=`expr $(ls -l /var/www | grep -c ^d) - 1` ; else source /etc/ICTM/sites.count; fi +if [ -z ${SiteCount+x} ] ; then SiteCount=`expr $(ls -l /var/www | grep -c ^d) - 1` ; fi +SiteCount=$(($SiteCount+1)) + #Setting Menulist to webserver declare -n CMSL="$webserv"CMSL declare -n options="$webserv"Options @@ -174,6 +179,7 @@ CMS="${CMS//:}" && CMS="${CMS,,}" ##-----------------## touch /etc/ICTM/sites/"$sitename" +echo "SiteCount=$SiteCount" > /etc/ICTM/sites.count ##-----------## diff --git a/CMS/frontcontroller/conf.sh b/CMS/frontcontroller/conf.sh index f193ca0..d035e87 100644 --- a/CMS/frontcontroller/conf.sh +++ b/CMS/frontcontroller/conf.sh @@ -1,7 +1,6 @@ #Creating DB -db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` -db_name="fc_$db_suffix" -db_user="fc_$db_suffix" +db_name="fc_$SiteCount" +db_user="fc_$SiteCount" db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' $OUTPUT 2>&1 #Creating DB -db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` -db_name="nextcloud_$db_suffix" -db_user="nextcloud_$db_suffix" +db_name="nextcloud_$SiteCount" +db_user="nextcloud_$SiteCount" db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' $OUTPUT 2>&1 mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" > $OUTPUT 2>&1 diff --git a/CMS/wordpress/conf.sh b/CMS/wordpress/conf.sh index 9f8db54..af7807f 100644 --- a/CMS/wordpress/conf.sh +++ b/CMS/wordpress/conf.sh @@ -6,9 +6,8 @@ if [ ! -f /usr/local/bin/wp ]; then fi #Creating DB -db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` -db_name="wp_$db_suffix" -db_user="wp_$db_suffix" +db_name="wp_$SiteCount" +db_user="wp_$SiteCount" db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' > /etc/ICTM/mainvar.list done - touch /etc/ICTM/sites/"$sitename" +echo "SiteCount=$SiteCount" > /etc/ICTM/sites.count ##----------## # Addons # -- 2.49.1