7.9 KiB
7.9 KiB
Installation of 4get in NGINX
NOTE: As the previous version stated, it is better to follow the Apache2 guide instead of the Nginx one.
NOTE: This is going to guess that you're using either a Arch-based system or a Debian-based system, although you can still follow it with minor issues.
- Login as root.
- Upgrade your system:
- On Arch-based, run
pacman -Syu. - On Debian-based, run
apt update, thenapt upgrade.
- On Arch-based, run
- Install the following dependencies:
git: So you can clone this repository.nginx: So you can run Nginx.php-fpm: This is what allows Nginx to run (and show) PHP files.php-imagick,imagemagick: Image manipulation.php-apcu: Caching module.php-curl,curl: Transferring data with URLs.php-mbstring: String utils.certbot,certbot-nginx: ACME client. Used to create SSL certificates.- In Arch-based distributions:
pacman -S nginx certbot php-imagick certbot-nginx imagemagick curl php-apcu git
- In Debian-based distributions:
apt install php-mbstring nginx certbot-nginx certbot php-imagick imagemagick php-curl curl php-apcu git
- In Arch-based distributions:
IMPORTANT:
php-curl,php-mbstringmight be a Debian-only package, but this needs further fact checking.
IMPORTANT: If having issues with
php-apcuorlibsodium, go to 1.
cdto/etc/nginxand make theconf.d/directory if it doesn't exist:- Again, this guesses you're logged in as root.
cd /etc/nginx ls -l conf.d/ # If ls shows conf.d, then it means it exists. # If it does not, run: mkdir conf.d- Make a file inside
conf.d/called4get.confand place the following content:- First run
touch conf.d/4get.confthennano conf.d/4get.confto open the nano editor: (Install it if it is not, or use another editor.)
server { access_log /dev/null; # Search log file. Do you really need to? error_log /dev/null; # Error log file. # Change this if you have 4get in another folder. root /var/www/4get; # Change 'yourdomain' to your domain. server_name www.yourdomain.com yourdomain.com; # Port to listen to. listen 80; location @php { try_files $uri.php $uri/index.php =404; # Change the unix socket address if it's different for you. fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; # Change this to `fastcgi_params` if you use a debian based distribution. include fastcgi.conf; fastcgi_intercept_errors on; } location / { try_files $uri @php; } location ~* ^(.*)\.php$ { return 301 $1; } }- The above is a very basic configuration and thus will need tweaking to your personal needs. It should still work as-is, though. A 'real world' example is present in 2.
- After saving the file, check that the
nginx.conffile inside the main directory includes files insideconf.d/:- It should be inside the the http block: (The following is an example! Don't just Copy and Paste it!)
http { include mime.types; include conf.d/*.conf; types_hash_max_size 4096; # ... } - Now, test your configuration with
nginx -t, if it says that everything is good, restart (or start) the Nginx daemon:- This depends on the init manager, most distributions use
systemd, but it's better practice to include most.
# systemd systemctl stop nginx systemctl start nginxt # or systemctl restart nginx # openrc rc-service nginx stop rc-service nginx start # or rc-service nginx restart # runit sv down nginx sv up nginx # or sv restart nginx # s6 s6-rc -d change nginx s6-rc -u change nginx # or s6-svc -r /run/service/nginx # dinit dinitctl stop nginx dinitctl start nginx # or dinitctl restart nginx - This depends on the init manager, most distributions use
- First run
- Clone the repository to
/var/www:git clone --depth 1 https://git.lolcat.ca/lolcat/4get 4get- It clones the repository with the depth of one commit (so it takes less time to download) and saves the cloned repository as '4get'.
- That should be it! There are some extra steps you can take, but it really just depends on you.
Encryption setup
- Generate a certificate for the domain you're using with:
- Note that
certbot-nginxis needed.
certbot --nginx --key-type ecdsa -d www.yourdomain.com -d yourdomain.com - Note that
- After that, certbot will deploy the certificate automatically to your 4get conf file; It should be ready to use from there.
Tor Setup
IMPORTANT: Tor onion addresses are very long compared to traditional domains, so, Before doing anything, edit
nginx.confand increaseserver_names_hash_bucket_sizeto your needs.
cdto/etc/nginx(if you haven't) and open yournginx.conffile.- Find the line containing
# server_names_hash_bucket_size 64;inside said file. - Uncomment the line and adjust the value; start with 64, but if you encounter issues, incrementally increase it (e.g., 128, 256) until it accommodates your configuration.
- Open (or duplicate the configuration) and edit it:
- Example configuration, again:
A real world example is present in 2.server { access_log /dev/null; # Search log file. Do you really need to? error_log /dev/null; # Error log file. # Change this if you have 4get in another folder. root /var/www/4get; # Change 'onionadress.onion' to your onion link. server_name onionadress.onion; # Port to listen to. listen 80; location @php { try_files $uri.php $uri/index.php =404; # Change the unix socket address if it's different for you. fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; # Change this to `fastcgi_params` if you use a debian based distribution. include fastcgi.conf; fastcgi_intercept_errors on; } location / { try_files $uri @php; } location ~* ^(.*)\.php$ { return 301 $1; } } - Once done, check the configuration with
nginx -t. If everything's fine and dandy, refer to the Tor guide to setup your onion site.
Other important things
- Configuration guide: Things to do after setup.
- Apache2 guide: Fallback to this if you couldn't get something to work, or you don't know something.
Known issues
-
lolcat/4get#40, If having issues with
libsodium, orphp-apcu. ↩︎ -
git.nadeko.net nadeko.net's 4get instance configuration. ↩︎