diff options
-rw-r--r-- | .SRCINFO | 29 | ||||
-rw-r--r-- | PKGBUILD | 64 | ||||
-rw-r--r-- | aegir.install | 36 | ||||
-rw-r--r-- | nginx.conf | 20 | ||||
-rw-r--r-- | nginx.svc.conf | 3 | ||||
-rw-r--r-- | php.ini | 27 | ||||
-rw-r--r-- | service | 12 | ||||
-rw-r--r-- | stop-when-unneeded.conf | 2 | ||||
-rw-r--r-- | sudoers | 2 |
9 files changed, 175 insertions, 20 deletions
@@ -1,16 +1,35 @@ pkgbase = aegir - pkgdesc = Aegir systemd target for a dedicated Aegir VPS. - pkgver = 0.1 + pkgdesc = Configuration for a dedicated Aegir server. + pkgver = 7.x_3.0_alpha2 pkgrel = 1 url = http://aegirproject.org + install = aegir.install arch = any license = GPL - depends = systemd + depends = aegir-provision depends = aegir-hostmaster + depends = cron + depends = nginx + depends = php-fpm + depends = php-gd + depends = rsync + depends = mariadb + depends = sudo + depends = smtp-forwarder + depends = unzip + options = emptydirs source = aegir.target - source = stop-when-unneeded.conf + source = php.ini + source = nginx.conf + source = nginx.svc.conf + source = service + source = sudoers md5sums = 80773e4278e09b14cc6843e346540a9d - md5sums = 7e34786351f538d2db0bd2d3e64db43f + md5sums = 6c534cc2a9bea282b9895f099c902ca2 + md5sums = 7edbcc6b449a2f09ed93f88b77f300a5 + md5sums = 75535f9870f06c540f513262a9b7b1ab + md5sums = 4889b3de48732ec149a71aeb72039455 + md5sums = 1736705ac5a1c2982ce5b4eee09b0831 pkgname = aegir @@ -1,25 +1,63 @@ # Maintainer: James An <james@jamesan.ca> pkgname=aegir -pkgver=0.1 +pkgver=7.x_3.0_alpha2 pkgrel=1 -pkgdesc="Aegir systemd target for a dedicated Aegir VPS." +pkgdesc="Configuration for a dedicated Aegir server." arch=('any') url='http://aegirproject.org' license=('GPL') -depends=('systemd' 'aegir-hostmaster') -source=( - aegir.target - stop-when-unneeded.conf +depends=( + 'aegir-provision' + 'aegir-hostmaster' + 'cron' + 'nginx' + 'php-fpm' + 'php-gd' + 'rsync' + 'mariadb' + 'sudo' + 'smtp-forwarder' + 'unzip' ) -md5sums=( - 80773e4278e09b14cc6843e346540a9d - 7e34786351f538d2db0bd2d3e64db43f +options=(emptydirs) +install=$pkgname.install +source=( + 'aegir.target' + 'php.ini' + 'nginx.conf' + 'nginx.svc.conf' + 'service' + 'sudoers' ) +md5sums=('80773e4278e09b14cc6843e346540a9d' + '6c534cc2a9bea282b9895f099c902ca2' + '7edbcc6b449a2f09ed93f88b77f300a5' + '75535f9870f06c540f513262a9b7b1ab' + '4889b3de48732ec149a71aeb72039455' + '1736705ac5a1c2982ce5b4eee09b0831') package() { - install -Dm755 aegir.target "${pkgdir}/usr/lib/systemd/system/aegir.target" - for service in aegir mysqld nginx php-fpm; do - install -Dm755 stop-when-unneeded.conf "${pkgdir}/usr/lib/systemd/system/${service}.service.d/stop-when-unneeded.conf" - done + msg2 'Adding config files' + install -dm750 "$pkgdir/etc/sudoers.d" + install -Dm440 sudoers "$pkgdir/etc/sudoers.d/$pkgname" + install -Dm644 nginx.conf "$pkgdir/etc/nginx/$pkgname.conf" + install -Dm644 php.ini "$pkgdir/etc/php/conf.d/$pkgname.ini" + + msg2 'Adding systemd files' + install -Dm644 nginx.svc.conf "$pkgdir/usr/lib/systemd/system/nginx.service.d/$pkgname.conf" + install -Dm644 service "$pkgdir/usr/lib/systemd/system/$pkgname.service" + + msg2 'Creating aegir directory structure' + mkdir -pm700 "$pkgdir/var/lib/aegir/config/server_master/nginx/"{platform,post,pre,subdir,platform,vhost}".d" + mkdir -pm755 "$pkgdir/var/lib/aegir/"{backups,clients,config{,/{includes,self,server_localhost,server_master{,/nginx}}}} + mkdir -pm755 "$pkgdir/var/lib/aegir/"{.drush/cache,platforms} + ln -sr server_master/nginx.conf "$pkgdir/var/lib/aegir/config/nginx.conf" + ln -sr nginx_vhost_common.conf "$pkgdir/var/lib/aegir/config/includes/nginx_advanced_include.conf" + ln -sr nginx_vhost_common.conf "$pkgdir/var/lib/aegir/config/includes/nginx_simple_include.conf" + + install -Dm644 <( ) "$pkgdir/var/spool/cron/http" + install -Dm644 aegir.target "$pkgdir/usr/lib/systemd/system/aegir.target" + + chown -R http:http "$pkgdir/var/lib/$pkgname" "$pkgdir/var/spool/cron/http" } diff --git a/aegir.install b/aegir.install new file mode 100644 index 000000000000..996fb8b16b91 --- /dev/null +++ b/aegir.install @@ -0,0 +1,36 @@ +post_install() { + post_upgrade + + echo ">>> 1. Ensure this machine's hostname is a FQDN that resolves one of its IP addresses:" + echo " $ ip addr | grep inet | sed --regexp-extended 's/ *inet6? ([^\\/]*).*/\1/' | \\" + echo " grep --quiet $(resolveip $(hostname) | cut --fields=6 --delimiter=' ') && echo Success!" + echo ">>> 2. Ensure the http user and group exist (i.e. uid=gid=33):" + echo " $ test \$(id --user http) -eq 33 -a \$(id --group http) -eq 33 && echo Success!" + echo ">>> 3. Setup the MySQL instance (by running mysql_secure_installation, or the following shell commands):" + echo " # systemctl start mysqld" + echo " $ mysql --user=root --execute=\"" + echo " DELETE FROM mysql.user WHERE User='';" + echo " DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" + echo " DROP DATABASE IF EXISTS test;" + echo " DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';" + echo " FLUSH PRIVILEGES;\"" + echo ">>> 4. (opt) Create a aegir MySQL user:" + echo " $ mysql --user=root \\" + echo " --execute=\"GRANT ALL PRIVILEGES ON *.* TO 'aegir'@'%' IDENTIFIED BY 'passwd' WITH GRANT OPTION;\"" + echo ">>> 5. Install hostmaster as the aegir user through its drush provision command:" + echo " # su aegir -c \\" + echo " \"drush hostmaster-install --yes --web_group=http --http_service_type=nginx \\" + echo " --root=/var/lib/aegir/hostmaster --aegir_db_user=aegir --aegir_db_pass=passwd \\" + echo " --aegir_host=\$(hostname) --client_email=aegir@\$(hostname) \$(hostname)\"" + echo ">>> 6. Connect nginx to the Unix socket used by php-fpm:" + echo " # su aegir -c \"sed -i 's/127.0.0.1:9000/unix:\\/run\\/php-fpm\\/php-fpm.sock/' /var/lib/aegir/config/includes/nginx_vhost_common.conf\"" + echo ">>> 7. Start the entire web stack:" + echo " # systemctl start mysqld nginx php-fpm" + echo ">>> 8. (opt) Enable and start the hosting queue daemon:" + echo " # su aegir -c \"drush @hostmaster pm-enable hosting_queued\" && systemctl start aegir" +} + +post_upgrade() { + getent group aegir || groupadd --non-unique --gid $(id --group http) aegir + getent passwd aegir || useradd --non-unique --uid $(id --user http) --gid $(id --group http) --home-dir /var/lib/aegir aegir +} diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 000000000000..99731557e5d2 --- /dev/null +++ b/nginx.conf @@ -0,0 +1,20 @@ +user http; +worker_processes 1; + +error_log stderr; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + + sendfile on; + keepalive_timeout 65; + gzip on; + + include /var/lib/aegir/config/nginx.conf; +} diff --git a/nginx.svc.conf b/nginx.svc.conf new file mode 100644 index 000000000000..0e3604838aa6 --- /dev/null +++ b/nginx.svc.conf @@ -0,0 +1,3 @@ +[Service] +ExecStart= +ExecStart=/usr/bin/nginx -c /etc/nginx/aegir.conf diff --git a/php.ini b/php.ini new file mode 100644 index 000000000000..b56096037bb9 --- /dev/null +++ b/php.ini @@ -0,0 +1,27 @@ +; +; Error handling +; +display_errors = stderr +error_reporting = E_ALL | E_NOTICE | E_STRICT + +; +; Required extensions +; +extension = gd.so +extension = mysqli.so +extension = openssl.so +extension = pdo_mysql.so +extension = phar.so + +; +; Required config tweaks +; +mbstring.http_input = pass +mbstring.http_output = pass +open_basedir = + +; +; Configurable settings +; +date.timezone = UTC +memory_limit = 192M diff --git a/service b/service new file mode 100644 index 000000000000..70e5a2573ccb --- /dev/null +++ b/service @@ -0,0 +1,12 @@ +[Unit] +Description=Aegir queue daemon +After=mysqld.service php-fpm.service nginx.service + +[Service] +Type=simple +ExecStart=/usr/bin/drush --quiet @hostmaster hosting-queued +User=aegir +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/stop-when-unneeded.conf b/stop-when-unneeded.conf deleted file mode 100644 index 4c73820ed0fe..000000000000 --- a/stop-when-unneeded.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Unit] -StopWhenUnneeded=true diff --git a/sudoers b/sudoers new file mode 100644 index 000000000000..b82c973f96c0 --- /dev/null +++ b/sudoers @@ -0,0 +1,2 @@ +Defaults:http !requiretty +http ALL=NOPASSWD: /usr/bin/nginx |