Category Archives: nginx

Install tt-rss with nginx and Percona on Ubuntu 12.04

Starting with a base install of Ubuntu 12.04 with openssh installed

Install the Percona repo

import the Percona gpg key

sudo gpg --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
sudo gpg -a --export CD2EFD2A | sudo apt-key add -

now edit /etc/apt/sources.list and add these lines

# for percona
deb http://repo.percona.com/apt precise main
deb-src http://repo.percona.com/apt precise main

now install percona

sudo apt-get update
sudo apt-get install percona-server-common-5.5 percona-server-server-5.5 libmysqlclient18 libmysqlclient16

Now install the rest of the pre-reqs

sudo apt-get install nginx php5-mysql php5-xmlrpc php5-curl php5-cli php5-fpm php5-gd php5-mcrypt php-apc git

Stop nginx

sudo service nginx stop

Create the directory for tt-rss

sudo mkdir -p /var/www/tt-rss

Create a suitable config for nginx in sites-available and link it to sites-enabled

server {
        listen [::]:80;
        server_name tt-rss;
        server_name ttrss.domain.com;
        access_log  /var/log/nginx/tt-rss.access.log;
        error_log /var/log/nginx/tt-rss.error.log;
        root   /var/www/tt-rss;
 index index.php;
 client_max_body_size 20M;
 # while setting up I set an allow for the local network and deny all others, this prevents automatic logon to setup pages etc before default passwords have been set
        location / {
               # allow the local net
               allow   192.168.100.0/24;
               # deny everything else
               deny all;
                 }
 # Lock out access to some folders that contains files that should not be world readable (not fully tested)
 location ~* (include/|lock/|utils/|locale/|classes/*) {deny all; }
 location = / { } # Needed for index.* to work
 # location ~* \.(txt|css|js|png|gif|ico|jpg|svg)$ { } # Allow these file endings
        location ~ \.php$ {
                # Filter out arbitrary code execution
 fastcgi_index index.php;
                # location ~ \..*/.*\.php$ {return 404;}
                include fastcgi_params;
                fastcgi_pass  127.0.0.1:9000;
 fastcgi_param SCRIPT_FILENAME /var/www/rss/$fastcgi_script_name;
                }
 location ~* .(?:ico|css|js|gif|inc|txt|gz|xml|png|jpe?g) {
 expires max;
 access_log        off;
 log_not_found     off;
 }
}

Now grab the source and change the owndership

sudo git clone https://github.com/gothfox/Tiny-Tiny-RSS.git /var/www/tt-rss
sudo chown -R www-data:www-data /var/www/tt-rss

Create the database and the user

mysql -u root -p 
CREATE DATABASE tt-rss;
GRANT ALL ON tt-rss.* TO ttrss-user IDENTIFIED BY "Password";
quit

Import the schema

mysql -u root -p tt-rss < /var/www/tt-rss/schema/ttrss_schema_mysql.sql

Now start nginx and browse to the URL to complete the configuration

Once the configuration has been completed, create an executable upstart .conf script in /etc/init to update the feeds

description "tt-rss upstart script"
start on (runlevel [!2345] local-filesystems and net-device-up IFACE!=lo and started mysql)
stop on stopping mysql
respawn
respawn limit 2 1
setuid www-data
setgid www-data
 
exec /var/www/tt-rss/update_daemon2.php

Installing ownCloud 5 on Ubuntu 12.04 with nginx and percona

Starting with a base install of Ubuntu 12.04 server, install the pre-reqs, these include the reqs for LDAP auth and external storage on a SMB server

sudo apt-get install nginx php5-fpm php5 php5-json php5-gd curl php5-curl\
 libcurl3-gnutls libapr1 libaprutil1 libcurl3 libaprutil1-ldap libcap2\
 libltdl-dev libltdl7 libtool m4 php-pear php-xml-parser php5-cli\
 php5-dev shtool ssl-cert php5-ldap smbclient

stop the nginx and php5-fpm services

sudo service nginx stop
sudo service php5-fpm stop

create a directory for owncloud to exist in

sudo mkdir -p /var/www

get the latest source for owncloud from http://owncloud.org/support/install/

wget http://download.owncloud.org/community/owncloud-5.0.0.tar.bz2

untar the source

tar -xvf owncloud

move the source into place

sudo mv owncloud /var/www/

create a data directory for the data

sudo mkdir -p /var/www/owncloud-data

remove the default nginx config from site-enabled

sudo unlink /etc/nginx/sites-enabled/default

create a new file for sites available, something like this

sudo nano /etc/nginx/sites-available/owncloud

link the file to sites-enabled

sudo ln -s /etc/nginx/sites-available/owncloud /etc/nginx/sites-enabled/owncloud

edit php-fpm to use a unix socket instead of a TCP socket

sudo nano /etc/php5/fpm/pool.d/www.conf

comment out

listen = 127.0.0.1:9000

and add

listen = /var/run/php5-fpm.sock

Uncomment the permissions

listen.owner = www-data
listen.group = www-data
listen.mode = 0660

For the SSL certificate, this might be of use

I usually use Percona instead of the Ubuntu build of MySQL

import the Percona gpg key

sudo gpg --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
sudo gpg -a --export CD2EFD2A | sudo apt-key add -

now edit sources.list

sudo nano /etc/apt/sources.list

add these lines

# for percona
deb http://repo.percona.com/apt precise main
deb-src http://repo.percona.com/apt precise main

now install percona

sudo apt-get update
sudo apt-get install percona-server-common-5.5 percona-server-server-5.5 libmysqlclient18 libmysqlclient16

with the database server installed, now create the database

mysql -uroot -p
CREATE USER 'owncloud'@'localhost' IDENTIFIED BY 'password';
CREATE DATABASE IF NOT EXISTS owncloud;
GRANT ALL PRIVILEGES ON owncloud.* TO 'owncloud'@'localhost' IDENTIFIED BY 'password';

add the components for mysql

sudo apt-get install php5-mysql libaprutil1-dbd-mysql

create the config file to use the mysql server

sudo nano /var/www/owncloud/config/autoconfig.php

add the following lines

<?php
$AUTOCONFIG = array(
  "dbtype"        => "mysql",
  "dbname"        => "owncloud",
  "dbuser"        => "owncloud",
  "dbpass"        => "password",
  "dbhost"        => "localhost",
  "dbtableprefix" => "",
  "adminlogin"    => "Administrator",
  "adminpass"     => "Admin-password",
  "directory"     => "/var/www/owncloud-data",
);

reset the directory permissions

sudo chown -R www-data:www-data /var/www/owncloud
sudo chown -R www-data:www-data /var/www/owncloud-data
sudo chmod 777 /var/www/owncloud-data/

You should now be able to start the services

sudo service php5-fpm start
sudo service nginx start

and login to the application using the username and password from autoconfig.php