Compare commits

..

No commits in common. "d427a48ed45edcaea91c2fd22a59b4f5b2a06674" and "6eabc3edf4a8344e0f508cc1f7f881f5f00dc0fa" have entirely different histories.

2 changed files with 90 additions and 221 deletions

View File

@ -1,67 +1,27 @@
<h1 align=center>Installation of 4get in NGINX</h1> # Install on NGINX
<div align=right> >I do NOT recommend following this guide, only follow this if you *really* need to use nginx. I recommend you use the apache2 steps instead.
> NOTE: As the previous version stated, it is better to follow the <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/apache2.md">Apache2 guide</a> instead of the Nginx one. Login as root.
> NOTE: This is going to guess that you're using either a <abbr title="(Arch Linux, Artix Linux, Endeavouros, etc...) ">Arch-based system</abbr> or a <abbr title="(Debian, Ubuntu, Devuan, etc...)">Debian-based system</abbr>, although you can still follow it with minor issues. Create a file in `/etc/nginx/sites-avaliable/` called `4get.conf` or any name you want and put this into the file:
</div>
1. Login as root.
2. Upgrade your system:
* On Arch-based, run `pacman -Syu`.
* On Debian-based, run `apt update`, then `apt upgrade`.
3. Install the following dependencies:
* `git`: So you can clone <a href="https://git.lolcat.ca/lolcat/4get">this</a> repository.
* `nginx`: So you can run Nginx.
* `php-fpm`: This is what allows Nginx to run *(and show)* PHP files.
* `php-imagick`, `imagemagick`: Image manipulation.
* `php-apcu`: Caching module.
* `php-curl`, `curl`: Transferring data with URLs.
* `php-mbstring`: String utils.
* `certbot`, `certbot-nginx`: ACME client. Used to create SSL certificates.
* In Arch-based distributions:
* `pacman -S nginx certbot php-imagick certbot-nginx imagemagick curl php-apcu git`
* In Debian-based distributions:
* `apt install php-mbstring nginx certbot-nginx certbot php-imagick imagemagick php-curl curl php-apcu git`
<div align=right>
> IMPORTANT: `php-curl`, `php-mbstring` might be a Debian-only package, but this needs further fact checking.
> IMPORTANT: If having issues with `php-apcu` or `libsodium`, go to [^1].
</div>
4. `cd` to `/etc/nginx` and make the `conf.d/` directory if it doesn't exist:
* Again, this guesses you're logged in as root.
```sh
cd /etc/nginx
ls -l conf.d/ # If ls shows conf.d, then it means it exists.
# If it does not, run:
mkdir conf.d
``` ```
5. Make a file inside `conf.d/` called `4get.conf` and place the following content:
* First run `touch conf.d/4get.conf` then `nano conf.d/4get.conf` to open the nano editor: *(Install it if it is not, or use another editor.)*
```sh
server { server {
access_log /dev/null; # Search log file. Do you really need to? # DO YOU REALLY NEED TO LOG SEARCHES?
error_log /dev/null; # Error log file. access_log /dev/null;
error_log /dev/null;
# Change this if you have 4get in another folder. # Change this if you have 4get in other folder.
root /var/www/4get; root /var/www/4get;
# Change 'yourdomain' to your domain. # Change yourdomain by your domain lol
server_name www.yourdomain.com yourdomain.com; server_name www.yourdomain.com yourdomain.com;
# Port to listen to.
listen 80;
location @php { location @php {
try_files $uri.php $uri/index.php =404; try_files $uri.php $uri/index.php =404;
# Change the unix socket address if it's different for you. # Change the unix socket address if it's different for you.
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php; fastcgi_index index.php;
# Change this to `fastcgi_params` if you use a debian based distribution. # Change this to `fastcgi_params` if you use a debian based distro.
include fastcgi.conf; include fastcgi.conf;
fastcgi_intercept_errors on; fastcgi_intercept_errors on;
} }
@ -74,96 +34,56 @@
return 301 $1; return 301 $1;
} }
listen 80;
} }
``` ```
* The above is a very basic configuration and thus will need tweaking to your personal needs. It should still work as-is, though. A 'real world' example is present in [^2].
* After saving the file, check that the `nginx.conf` file inside the main directory includes files inside `conf.d/`: That is a very basic config so you will need to adapt it to your needs in case you have a more complicated nginx configuration. Anyways, you can see a real world example [here](https://git.zzls.xyz/Fijxu/etc-configs/src/branch/selfhost/nginx/sites-available/4get.zzls.xyz.conf)
* It should be inside the the http block: *(The following is an example! Don't just Copy and Paste it!)*
After you save the file you will need to do a symlink of the `4get.conf` file to `/etc/nignx/sites-enabled/`, you can do it with this command:
```sh ```sh
http { ln -s /etc/nginx/sites-available/4get.conf /etc/nginx/sites-available/4get.conf
include mime.types;
include conf.d/*.conf;
types_hash_max_size 4096;
# ...
}
``` ```
* Now, test your configuration with `nginx -t`, if it says that everything is good, restart *(or start)* the Nginx daemon:
* This depends on the init manager, most distributions use `systemd`, but it's better practice to include most.
```sh
# systemd
systemctl stop nginx
systemctl start nginxt
# or
systemctl restart nginx
# openrc Now test the nginx config with `nginx -t`, if it says that everything is good, restart nginx using `systemctl restart nginx`
rc-service nginx stop
rc-service nginx start
# or
rc-service nginx restart
# runit # Encryption setup
sv down nginx
sv up nginx
# or
sv restart nginx
# s6 Generate a certificate for the domain using:
s6-rc -d change nginx
s6-rc -u change nginx
# or
s6-svc -r /run/service/nginx
# dinit
dinitctl stop nginx
dinitctl start nginx
# or
dinitctl restart nginx
```
6. Clone the repository to `/var/www`:
* `git clone --depth 1 https://git.lolcat.ca/lolcat/4get 4get` - It clones the repository with the depth of one commit *(so it takes less time to download)* and saves the cloned repository as '4get'.
7. That should be it! There are some extra steps you can take, but it really just depends on you.
<h2 align=center>Encryption setup</h2>
1. Generate a certificate for the domain you're using with:
* Note that `certbot-nginx` is needed.
```sh ```sh
certbot --nginx --key-type ecdsa -d www.yourdomain.com -d yourdomain.com certbot --nginx --key-type ecdsa -d www.yourdomain.com -d yourdomain.com
``` ```
2. After that, certbot will deploy the certificate automatically to your 4get conf file; It should be ready to use from there. (Remember to install the nginx certbot plugin!!!)
<h2 align=center>Tor Setup</h2> After doing that certbot should deploy the certificate automatically into your 4get nginx config file. It should be ready to use at that point.
<div align=right> # Tor setup on NGINX
> IMPORTANT: Tor onion addresses are very long compared to traditional domains, so, Before doing anything, edit `nginx.conf` and increase <abbr title="This setting in your Nginx configuration controls the internal data structure used to manage multiple server names (hostnames) associated with your web server. Each hostname requires a certain amount of memory within this structure. If the size is insufficient, Nginx will encounter errors."><code>server_names_hash_bucket_size</code></abbr> to your needs. Important Note: Tor onion addresses are significantly longer than traditional domain names. Before proceeding with Nginx configuration, ensure you increase the `server_names_hash_bucket_size` value in your `nginx.conf` file. This setting in your Nginx configuration controls the internal data structure used to manage multiple server names (hostnames) associated with your web server. Each hostname requires a certain amount of memory within this structure. If the size is insufficient, Nginx will encounter errors.
</div> 1. Open your `nginx.conf` file (that is under `/etc/nginx/nginx.conf`).
2. Find the line containing `# server_names_hash_bucket_size 64;`.
3. Uncomment the line and adjust the value. Start with 64, but if you encounter issues, incrementally increase it (e.g., 128, 256) until it accommodates your configuration.
1. `cd` to `/etc/nginx` *(if you haven't)* and open your `nginx.conf` file. Open your current 4get NGINX config (that is under `/etc/nginx/sites-available/`) and append this to the end of the file:
2. Find the line containing `# server_names_hash_bucket_size 64;` inside said file.
3. Uncomment the line and adjust the value; start with 64, but if you encounter issues, incrementally increase it *(e.g., 128, 256)* until it accommodates your configuration. ```
4. Open *(or duplicate the configuration)* and edit it:
* Example configuration, again:
```sh
server { server {
access_log /dev/null; # Search log file. Do you really need to? access_log /dev/null;
error_log /dev/null; # Error log file. error_log /dev/null;
# Change this if you have 4get in another folder.
root /var/www/4get;
# Change 'onionadress.onion' to your onion link.
server_name onionadress.onion;
# Port to listen to.
listen 80; listen 80;
server_name <youronionaddress>;
root /var/www/4get;
location @php { location @php {
try_files $uri.php $uri/index.php =404; try_files $uri.php $uri/index.php =404;
# Change the unix socket address if it's different for you. # Change the unix socket address if it's different for you.
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php; fastcgi_index index.php;
# Change this to `fastcgi_params` if you use a debian based distribution. # Change this to `fastcgi_params` if you use a debian based distro.
include fastcgi.conf; include fastcgi.conf;
fastcgi_intercept_errors on; fastcgi_intercept_errors on;
} }
@ -175,20 +95,9 @@
location ~* ^(.*)\.php$ { location ~* ^(.*)\.php$ {
return 301 $1; return 301 $1;
} }
} }
``` ```
A real world example is present in [^2].
5. Once done, check the configuration with `nginx -t`. If everything's fine and dandy, refer to <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/tor.md">the Tor guide</a> to setup your onion site.
<h2 align=center>Other important things</h2> Obviously replace `<youronionaddress>` by the onion address of `/var/lib/tor/4get/hostname` and then check if the nginx config is valid with `nginx -t` if yes, then restart the nginx service and try opening the onion address into the Tor Browser. You can see a real world example [here](https://git.zzls.xyz/Fijxu/etc-configs/src/branch/selfhost/nginx/sites-available/4get.zzls.xyz.conf)
1. <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/configure.md">Configuration guide</a>: Things to do after setup. Once you did the above, refer to <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/tor.md">this tor guide</a> to setup your onionsite.
2. <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/apache2.md">Apache2 guide</a>: Fallback to this if you couldn't get something to work, or you don't know something.
<h2 align=center>Known issues</h2>
1. https://git.lolcat.ca/lolcat/4get/issues
[^1]: lolcat/4get#40, If having issues with `libsodium`, or `php-apcu`.
[^2]: <a href="https://git.nadeko.net/Fijxu/etc-configs/src/branch/selfhost/nginx/conf.d/4get.conf">git.nadeko.net</a> nadeko.net's 4get instance configuration.

View File

@ -1,40 +0,0 @@
:root
{
--accent : #f79e98;
--1d2021 : #180d0c;
--282828 : #180d0c;
--3c3836 : #251615;
--504945 : #251615;
--928374 : var(--accent);
--a89984 : #d8c5c4;
--bdae93 : #d8c5c4;
--8ec07c : var(--accent);
--ebdbb2 : #d8c5c4;
--comment: #928374;
--default: #DCC9BC;
--keyword: #F07342;
--string : var(--accent);
--green : #959A6B;
--yellow : #E39C45;
--red : #CF223E;
--white : var(--a89984);
--black : var(--1d2021);
--hover : #b18884
}
a.link, a { color: var(--accent); text-decoration: none; }
.searchbox { width: 23%; }
.filters filter select { color: #E39C45; }
.web .separator::before { color: var(--white) }
.searchbox input[type="text"]::placeholder { color: var(--white); }
a.link:hover
{
color: var(--hover);
text-shadow: 0 0 .2rem var(--hover);
}
.code-inline
{ border-color: var(--default); font-family: monospace;}
.home #center a
{ color: var(--accent); }
.home .subtext
{ color: var(--white); }