CMS Made Simple的Caddy配置

这篇文章介绍了通过Caddy使用CMS Made Simple的配置。

CMS Made Simple 需要满足这样一些最低要求

本示例使用如下架构:

  • Ubuntu 16.04 Server
  • PHP version 7.0
  • MariaDB

安装Caddy

安装caddy,更换用户名。

给caddy创建一个专用目录:

  1. mkdir ~/caddy

下载Caddyfile并且更换为你的域名。

下载caddy@.service,更换为PHP文件使用的用户名,邮箱地址也换成你的,并且添加到/etc/systemd/system/caddy@.service

安装caddy。如果有需要,也可以选择hugo或者git等插件,把~/caddy目录切换成你的用户名。

  1. curl https://getcaddy.com | bash -s ipfilter,ratelimit
  2. sudo setcap cap_net_bind_service=+ep /usr/local/bin/caddy
  3. sudo systemctl daemon-reload
  4. sudo systemctl stop caddy@username
  5. sudo systemctl start caddy@username
  6. sudo systemctl enable caddy@username

安装PHP和MariaDB

在Ubuntu系统,我们可以使用下面的命令来安装:

  1. sudo apt update
  3. sudo apt install php7.0-common php7.0-cli php7.0-curl php7.0-fpm php7.0-gd \
  4. php7.0-gd php7.0-json php7.0-mbstring php7.0-mysql php7.0-mysql \
  5. php7.0-opcache php7.0-readline php7.0-xml mariadb-server

安装MariaDB并且创建数据库。

  1. # 1) sudo to root
  2. sudo su
  4. # 2) Go through steps securing your database. Add root password for your database.
  5. mysql_secure_installation
  7. # 3) Start MariaDB database CLI, use root password you created at previous step
  8. mysql -hlocalhost -uroot -p
  10. # 4) Set your whole database to use UTF-8.
  11. SET character_set_server = 'utf8';
  13. # 5) Set database result ordering. Yours could be different.
  14. SET collation_server = 'utf8_swedish_ci';
  16. # 6) Create database for CMS Made Simple. You could name differently.
  17. CREATE DATABASE simple;
  19. # 7) Create user for that database, and add password. Change to your own.
  20. CREATE USER 'simple'@'localhost' IDENTIFIED BY 'password';
  22. # 8) Give previously created user access to datatabase
  23. GRANT ALL PRIVILEGES ON simple.* to 'simple'@'localhost';
  25. # 9) Take these new settings to be used immediately, and exit.
  26. FLUSH PRIVILEGES;
  27. exit

更换/etc/php/7.0/fpm/php.ini的配置为你需要的参数:

  1. ; Maximum upload filesize
  2. upload_max_filesize = 2G
  3. ; Maximum post size, may contain multiple files
  4. post_max_size = 4G
  5. max_file_uploads = 20
  6. max_execution_time = 120
  7. max_input_time = 60
  8. memory_limit = 128M
  9. ; Disable showing errors
  10. error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED

这个php.ini文件禁用了pnctl功能,因为安全原因,在Ubuntu系统下是默认被禁用的。所以虽然有的扩展需要它,我也没有启用它。

  1. disable_functions = pcntl...

更换/etc/php/7.0/fpm/pool.d/www.conf的用户为你的CMS Made Simple文件对应的用户:

  1. user = username
  2. group = username
  3. listen.owner = username
  4. listen.group = username

安装CMS Made Simple

下载最新的CMS Made Simple的PHP安装文件

添加到~/caddy/example.com/public/cmsms-[VERSION]-install.php

https://example.com/cmsms-[VERSION]-install.php使用安装向导安装它。

在配置中加入URL转发功能:

  1. cd ~/caddy/example.com/public/
  2. sudo nano config.php
  3. # Add this line to bottom:
  4. $config['url_rewriting'] = 'mod_rewrite';

你可以将下面的内容保存成reload-caddy.sh脚本,将域名改成你自己的,将caddy@username中的username改成php文件对应的用户:

  1. #!/bin/bash
  2. sudo systemctl daemon-reload
  3. sudo systemctl stop caddy@username
  4. sudo systemctl stop php7.0-fpm
  5. sudo systemctl start php7.0-fpm
  6. sudo systemctl start caddy@username
  7. # Delete CMS Made Simple cache files
  8. rm ~/caddy/example.com/public/tmp/cache/*
  9. rm ~/caddy/example.com/public/tmp/templates_c/*
  10. And make it executeable:
  12. chmod +x ./reload-caddy.sh

在需要的时候就可以运行了:

  1. ./reload-caddy.sh

Caddyfile

  1. example.com {
  2.     root /home/username/caddy/example.com/public
  3.     fastcgi / /var/run/php/php7.0-fpm.sock php
  5.     rewrite {
  6.         to {path} {path}/ /index.php?page={uri_escaped}
  7.     }
  8. }

caddy@service脚本

  1. ; see `man systemd.unit` for configuration details
  2. ; the man section also explains *specifiers* `%x`
  4. [Unit]
  5. Description=Caddy HTTP/2 web server %I
  6. Documentation=https://caddyserver.com/docs
  7. After=network-online.target
  8. Wants=network-online.target
  9. Wants=systemd-networkd-wait-online.service
  11. [Service]
  12. ; run user and group for caddy
  13. User=username
  14. Group=username
  15. ExecStart=/usr/local/bin/caddy -conf=/home/username/caddy/Caddyfile -agree -email="firstname.lastname@example.com"
  16. Restart=on-failure
  17. StartLimitInterval=86400
  18. StartLimitBurst=5
  19. RestartSec=10
  20. ExecReload=/bin/kill -USR1 $MAINPID
  21. ; limit the number of file descriptors, see `man systemd.exec` for more limit settings
  22. LimitNOFILE=1048576
  23. LimitNPROC=64
  24. ; create a private temp folder that is not shared with other processes
  25. PrivateTmp=true
  26. PrivateDevices=true
  27. ProtectSystem=full
  28. CapabilityBoundingSet=CAP_NET_BIND_SERVICE
  29. AmbientCapabilities=CAP_NET_BIND_SERVICE
  30. NoNewPrivileges=true
  32. [Install]
  33. WantedBy=multi-user.target