Compare commits
No commits in common. "d427a48ed45edcaea91c2fd22a59b4f5b2a06674" and "6eabc3edf4a8344e0f508cc1f7f881f5f00dc0fa" have entirely different histories.
d427a48ed4
...
6eabc3edf4
165
docs/nginx.md
165
docs/nginx.md
|
@ -1,67 +1,27 @@
|
||||||
<h1 align=center>Installation of 4get in NGINX</h1>
|
# Install on NGINX
|
||||||
|
|
||||||
<div align=right>
|
>I do NOT recommend following this guide, only follow this if you *really* need to use nginx. I recommend you use the apache2 steps instead.
|
||||||
|
|
||||||
> NOTE: As the previous version stated, it is better to follow the <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/apache2.md">Apache2 guide</a> instead of the Nginx one.
|
Login as root.
|
||||||
|
|
||||||
> NOTE: This is going to guess that you're using either a <abbr title="(Arch Linux, Artix Linux, Endeavouros, etc...) ">Arch-based system</abbr> or a <abbr title="(Debian, Ubuntu, Devuan, etc...)">Debian-based system</abbr>, although you can still follow it with minor issues.
|
Create a file in `/etc/nginx/sites-avaliable/` called `4get.conf` or any name you want and put this into the file:
|
||||||
|
|
||||||
</div>
|
|
||||||
|
|
||||||
1. Login as root.
|
|
||||||
2. Upgrade your system:
|
|
||||||
* On Arch-based, run `pacman -Syu`.
|
|
||||||
* On Debian-based, run `apt update`, then `apt upgrade`.
|
|
||||||
3. Install the following dependencies:
|
|
||||||
* `git`: So you can clone <a href="https://git.lolcat.ca/lolcat/4get">this</a> repository.
|
|
||||||
* `nginx`: So you can run Nginx.
|
|
||||||
* `php-fpm`: This is what allows Nginx to run *(and show)* PHP files.
|
|
||||||
* `php-imagick`, `imagemagick`: Image manipulation.
|
|
||||||
* `php-apcu`: Caching module.
|
|
||||||
* `php-curl`, `curl`: Transferring data with URLs.
|
|
||||||
* `php-mbstring`: String utils.
|
|
||||||
* `certbot`, `certbot-nginx`: ACME client. Used to create SSL certificates.
|
|
||||||
* In Arch-based distributions:
|
|
||||||
* `pacman -S nginx certbot php-imagick certbot-nginx imagemagick curl php-apcu git`
|
|
||||||
* In Debian-based distributions:
|
|
||||||
* `apt install php-mbstring nginx certbot-nginx certbot php-imagick imagemagick php-curl curl php-apcu git`
|
|
||||||
|
|
||||||
<div align=right>
|
|
||||||
|
|
||||||
> IMPORTANT: `php-curl`, `php-mbstring` might be a Debian-only package, but this needs further fact checking.
|
|
||||||
|
|
||||||
> IMPORTANT: If having issues with `php-apcu` or `libsodium`, go to [^1].
|
|
||||||
|
|
||||||
</div>
|
|
||||||
|
|
||||||
4. `cd` to `/etc/nginx` and make the `conf.d/` directory if it doesn't exist:
|
|
||||||
* Again, this guesses you're logged in as root.
|
|
||||||
```sh
|
|
||||||
cd /etc/nginx
|
|
||||||
ls -l conf.d/ # If ls shows conf.d, then it means it exists.
|
|
||||||
# If it does not, run:
|
|
||||||
mkdir conf.d
|
|
||||||
```
|
```
|
||||||
5. Make a file inside `conf.d/` called `4get.conf` and place the following content:
|
|
||||||
* First run `touch conf.d/4get.conf` then `nano conf.d/4get.conf` to open the nano editor: *(Install it if it is not, or use another editor.)*
|
|
||||||
```sh
|
|
||||||
server {
|
server {
|
||||||
access_log /dev/null; # Search log file. Do you really need to?
|
# DO YOU REALLY NEED TO LOG SEARCHES?
|
||||||
error_log /dev/null; # Error log file.
|
access_log /dev/null;
|
||||||
|
error_log /dev/null;
|
||||||
# Change this if you have 4get in another folder.
|
# Change this if you have 4get in other folder.
|
||||||
root /var/www/4get;
|
root /var/www/4get;
|
||||||
# Change 'yourdomain' to your domain.
|
# Change yourdomain by your domain lol
|
||||||
server_name www.yourdomain.com yourdomain.com;
|
server_name www.yourdomain.com yourdomain.com;
|
||||||
# Port to listen to.
|
|
||||||
listen 80;
|
|
||||||
|
|
||||||
location @php {
|
location @php {
|
||||||
try_files $uri.php $uri/index.php =404;
|
try_files $uri.php $uri/index.php =404;
|
||||||
# Change the unix socket address if it's different for you.
|
# Change the unix socket address if it's different for you.
|
||||||
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
||||||
fastcgi_index index.php;
|
fastcgi_index index.php;
|
||||||
# Change this to `fastcgi_params` if you use a debian based distribution.
|
# Change this to `fastcgi_params` if you use a debian based distro.
|
||||||
include fastcgi.conf;
|
include fastcgi.conf;
|
||||||
fastcgi_intercept_errors on;
|
fastcgi_intercept_errors on;
|
||||||
}
|
}
|
||||||
|
@ -74,96 +34,56 @@
|
||||||
return 301 $1;
|
return 301 $1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
listen 80;
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
* The above is a very basic configuration and thus will need tweaking to your personal needs. It should still work as-is, though. A 'real world' example is present in [^2].
|
|
||||||
* After saving the file, check that the `nginx.conf` file inside the main directory includes files inside `conf.d/`:
|
That is a very basic config so you will need to adapt it to your needs in case you have a more complicated nginx configuration. Anyways, you can see a real world example [here](https://git.zzls.xyz/Fijxu/etc-configs/src/branch/selfhost/nginx/sites-available/4get.zzls.xyz.conf)
|
||||||
* It should be inside the the http block: *(The following is an example! Don't just Copy and Paste it!)*
|
|
||||||
|
After you save the file you will need to do a symlink of the `4get.conf` file to `/etc/nignx/sites-enabled/`, you can do it with this command:
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
http {
|
ln -s /etc/nginx/sites-available/4get.conf /etc/nginx/sites-available/4get.conf
|
||||||
include mime.types;
|
|
||||||
include conf.d/*.conf;
|
|
||||||
types_hash_max_size 4096;
|
|
||||||
# ...
|
|
||||||
}
|
|
||||||
```
|
```
|
||||||
* Now, test your configuration with `nginx -t`, if it says that everything is good, restart *(or start)* the Nginx daemon:
|
|
||||||
* This depends on the init manager, most distributions use `systemd`, but it's better practice to include most.
|
|
||||||
```sh
|
|
||||||
# systemd
|
|
||||||
systemctl stop nginx
|
|
||||||
systemctl start nginxt
|
|
||||||
# or
|
|
||||||
systemctl restart nginx
|
|
||||||
|
|
||||||
# openrc
|
Now test the nginx config with `nginx -t`, if it says that everything is good, restart nginx using `systemctl restart nginx`
|
||||||
rc-service nginx stop
|
|
||||||
rc-service nginx start
|
|
||||||
# or
|
|
||||||
rc-service nginx restart
|
|
||||||
|
|
||||||
# runit
|
# Encryption setup
|
||||||
sv down nginx
|
|
||||||
sv up nginx
|
|
||||||
# or
|
|
||||||
sv restart nginx
|
|
||||||
|
|
||||||
# s6
|
Generate a certificate for the domain using:
|
||||||
s6-rc -d change nginx
|
|
||||||
s6-rc -u change nginx
|
|
||||||
# or
|
|
||||||
s6-svc -r /run/service/nginx
|
|
||||||
|
|
||||||
# dinit
|
|
||||||
dinitctl stop nginx
|
|
||||||
dinitctl start nginx
|
|
||||||
# or
|
|
||||||
dinitctl restart nginx
|
|
||||||
```
|
|
||||||
6. Clone the repository to `/var/www`:
|
|
||||||
* `git clone --depth 1 https://git.lolcat.ca/lolcat/4get 4get` - It clones the repository with the depth of one commit *(so it takes less time to download)* and saves the cloned repository as '4get'.
|
|
||||||
7. That should be it! There are some extra steps you can take, but it really just depends on you.
|
|
||||||
|
|
||||||
<h2 align=center>Encryption setup</h2>
|
|
||||||
|
|
||||||
1. Generate a certificate for the domain you're using with:
|
|
||||||
* Note that `certbot-nginx` is needed.
|
|
||||||
```sh
|
```sh
|
||||||
certbot --nginx --key-type ecdsa -d www.yourdomain.com -d yourdomain.com
|
certbot --nginx --key-type ecdsa -d www.yourdomain.com -d yourdomain.com
|
||||||
```
|
```
|
||||||
2. After that, certbot will deploy the certificate automatically to your 4get conf file; It should be ready to use from there.
|
(Remember to install the nginx certbot plugin!!!)
|
||||||
|
|
||||||
<h2 align=center>Tor Setup</h2>
|
After doing that certbot should deploy the certificate automatically into your 4get nginx config file. It should be ready to use at that point.
|
||||||
|
|
||||||
<div align=right>
|
# Tor setup on NGINX
|
||||||
|
|
||||||
> IMPORTANT: Tor onion addresses are very long compared to traditional domains, so, Before doing anything, edit `nginx.conf` and increase <abbr title="This setting in your Nginx configuration controls the internal data structure used to manage multiple server names (hostnames) associated with your web server. Each hostname requires a certain amount of memory within this structure. If the size is insufficient, Nginx will encounter errors."><code>server_names_hash_bucket_size</code></abbr> to your needs.
|
Important Note: Tor onion addresses are significantly longer than traditional domain names. Before proceeding with Nginx configuration, ensure you increase the `server_names_hash_bucket_size` value in your `nginx.conf` file. This setting in your Nginx configuration controls the internal data structure used to manage multiple server names (hostnames) associated with your web server. Each hostname requires a certain amount of memory within this structure. If the size is insufficient, Nginx will encounter errors.
|
||||||
|
|
||||||
</div>
|
1. Open your `nginx.conf` file (that is under `/etc/nginx/nginx.conf`).
|
||||||
|
2. Find the line containing `# server_names_hash_bucket_size 64;`.
|
||||||
|
3. Uncomment the line and adjust the value. Start with 64, but if you encounter issues, incrementally increase it (e.g., 128, 256) until it accommodates your configuration.
|
||||||
|
|
||||||
1. `cd` to `/etc/nginx` *(if you haven't)* and open your `nginx.conf` file.
|
Open your current 4get NGINX config (that is under `/etc/nginx/sites-available/`) and append this to the end of the file:
|
||||||
2. Find the line containing `# server_names_hash_bucket_size 64;` inside said file.
|
|
||||||
3. Uncomment the line and adjust the value; start with 64, but if you encounter issues, incrementally increase it *(e.g., 128, 256)* until it accommodates your configuration.
|
```
|
||||||
4. Open *(or duplicate the configuration)* and edit it:
|
|
||||||
* Example configuration, again:
|
|
||||||
```sh
|
|
||||||
server {
|
server {
|
||||||
access_log /dev/null; # Search log file. Do you really need to?
|
access_log /dev/null;
|
||||||
error_log /dev/null; # Error log file.
|
error_log /dev/null;
|
||||||
|
|
||||||
# Change this if you have 4get in another folder.
|
|
||||||
root /var/www/4get;
|
|
||||||
# Change 'onionadress.onion' to your onion link.
|
|
||||||
server_name onionadress.onion;
|
|
||||||
# Port to listen to.
|
|
||||||
listen 80;
|
listen 80;
|
||||||
|
server_name <youronionaddress>;
|
||||||
|
root /var/www/4get;
|
||||||
|
|
||||||
location @php {
|
location @php {
|
||||||
try_files $uri.php $uri/index.php =404;
|
try_files $uri.php $uri/index.php =404;
|
||||||
# Change the unix socket address if it's different for you.
|
# Change the unix socket address if it's different for you.
|
||||||
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
||||||
fastcgi_index index.php;
|
fastcgi_index index.php;
|
||||||
# Change this to `fastcgi_params` if you use a debian based distribution.
|
# Change this to `fastcgi_params` if you use a debian based distro.
|
||||||
include fastcgi.conf;
|
include fastcgi.conf;
|
||||||
fastcgi_intercept_errors on;
|
fastcgi_intercept_errors on;
|
||||||
}
|
}
|
||||||
|
@ -175,20 +95,9 @@
|
||||||
location ~* ^(.*)\.php$ {
|
location ~* ^(.*)\.php$ {
|
||||||
return 301 $1;
|
return 301 $1;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
A real world example is present in [^2].
|
|
||||||
5. Once done, check the configuration with `nginx -t`. If everything's fine and dandy, refer to <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/tor.md">the Tor guide</a> to setup your onion site.
|
|
||||||
|
|
||||||
<h2 align=center>Other important things</h2>
|
Obviously replace `<youronionaddress>` by the onion address of `/var/lib/tor/4get/hostname` and then check if the nginx config is valid with `nginx -t` if yes, then restart the nginx service and try opening the onion address into the Tor Browser. You can see a real world example [here](https://git.zzls.xyz/Fijxu/etc-configs/src/branch/selfhost/nginx/sites-available/4get.zzls.xyz.conf)
|
||||||
|
|
||||||
1. <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/configure.md">Configuration guide</a>: Things to do after setup.
|
Once you did the above, refer to <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/tor.md">this tor guide</a> to setup your onionsite.
|
||||||
2. <a href="https://git.lolcat.ca/lolcat/4get/src/branch/master/docs/apache2.md">Apache2 guide</a>: Fallback to this if you couldn't get something to work, or you don't know something.
|
|
||||||
|
|
||||||
<h2 align=center>Known issues</h2>
|
|
||||||
|
|
||||||
1. https://git.lolcat.ca/lolcat/4get/issues
|
|
||||||
|
|
||||||
[^1]: lolcat/4get#40, If having issues with `libsodium`, or `php-apcu`.
|
|
||||||
[^2]: <a href="https://git.nadeko.net/Fijxu/etc-configs/src/branch/selfhost/nginx/conf.d/4get.conf">git.nadeko.net</a> nadeko.net's 4get instance configuration.
|
|
||||||
|
|
|
@ -1,40 +0,0 @@
|
||||||
:root
|
|
||||||
{
|
|
||||||
--accent : #f79e98;
|
|
||||||
--1d2021 : #180d0c;
|
|
||||||
--282828 : #180d0c;
|
|
||||||
--3c3836 : #251615;
|
|
||||||
--504945 : #251615;
|
|
||||||
--928374 : var(--accent);
|
|
||||||
--a89984 : #d8c5c4;
|
|
||||||
--bdae93 : #d8c5c4;
|
|
||||||
--8ec07c : var(--accent);
|
|
||||||
--ebdbb2 : #d8c5c4;
|
|
||||||
--comment: #928374;
|
|
||||||
--default: #DCC9BC;
|
|
||||||
--keyword: #F07342;
|
|
||||||
--string : var(--accent);
|
|
||||||
--green : #959A6B;
|
|
||||||
--yellow : #E39C45;
|
|
||||||
--red : #CF223E;
|
|
||||||
--white : var(--a89984);
|
|
||||||
--black : var(--1d2021);
|
|
||||||
--hover : #b18884
|
|
||||||
}
|
|
||||||
|
|
||||||
a.link, a { color: var(--accent); text-decoration: none; }
|
|
||||||
.searchbox { width: 23%; }
|
|
||||||
.filters filter select { color: #E39C45; }
|
|
||||||
.web .separator::before { color: var(--white) }
|
|
||||||
.searchbox input[type="text"]::placeholder { color: var(--white); }
|
|
||||||
a.link:hover
|
|
||||||
{
|
|
||||||
color: var(--hover);
|
|
||||||
text-shadow: 0 0 .2rem var(--hover);
|
|
||||||
}
|
|
||||||
.code-inline
|
|
||||||
{ border-color: var(--default); font-family: monospace;}
|
|
||||||
.home #center a
|
|
||||||
{ color: var(--accent); }
|
|
||||||
.home .subtext
|
|
||||||
{ color: var(--white); }
|
|
Loading…
Reference in New Issue