The aim of this post is to document the installation of Nginx, MySQL, PHP, APC and Memcache specifically to work as a web application server for hosting a FuelPHP application.
First of all I will assume that you have already installed the base OS, configured an IP address and logged into your server using the ‘root’ account, if you don’t want to use your ‘root’ account for this installation, make sure you add ‘sudo’ to the start of all the nessacery commands to gain the appropriate permissions to carry out the installations etc.
Update or install the ports tree
The very first thing to do, is quickly update the server’s port tree you can do this like so:
portsnap fetch update
Or if you don’t currently have them installed, run the following command:-
portsnap fetch extract update
Install Nano
Ok so first up, I’m quickly going to install Nano, its my preferred editor of choice so I quickly run the following commands:-
cd /usr/ports/editors/nano make install clean ln -s /usr/local/bin/nano /usr/bin/nano rehash
There we go, we now have Nano installed, if you prefer using the default editor (Vi) then thats fine and you can skip the above step!
Installing nginx
Ok, so the basic install is rather easy, lets quickly run the following commands:-
cd /usr/ports/www/nginx make config-recursive make install clean
Now you’ll see a blue ‘configuration’ screen appear, you can choose to leave the defaults if you wish or select additonal modules, I will be using an SSL certificate so I also checked HTTPS (SSL) support.
Once that has been installed we need to add it to the rc.conf and start the service like so:
echo 'nginx_enable="YES"' >> /etc/rc.conf /usr/local/etc/rc.d/nginx start
If you browse to your web server using a web browser you should now see the default nginx homepage. – Great stuff!
We’ll move on now but we’ll be back soon to make some config changes to nginx but for now we’ll go and install some other packages.
Install PHP
Now we’ll install the latest version of PHP 5.3, so now we run the following commands:-
cd /usr/ports/lang/php53 make config-recursive make install clean
Make sure you select FPM at the configuration screen, you can also de-select SUHOSIN if you wish, I only really feel this is worth having if your using PHP in a shared hosting environment this server however will be running a single web application with no other system users so I do not see the benefit of having this installed too.
You can now install some PHP extensions which you may find come in handy, as I’m using FuelPHP, the recommended PHP extensions are as follows:-
- fileinfo
- mbstring
- mcrypt
- mysql (or pgsql if you prefer to use Postgres instead of MySQL!)
- mysqli
- pdo_mysql (again, pdo_pgsql if you prefer to use Postgres)
I also generally like to install a few other extensions as they can be most useful for other applications that I may want to install on the server at a later date. So I’ll also choose the following at the configuration screen:-
- bz2
- curl
- openssl
- gd
- zip
So I’ll run the following commands now and ensure that I select the required modules at the configuration screen before then running a make install clean to have then installed and ready for FuelPHP to use.
cd /usr/ports/lang/php53-extensions make config-recursive make install clean
Now that should take a few minutes and you may get additional configuration screens appear eg. for curl, you can just accept the defaults if you wish.
Now we need to copy one of the example PHP.ini file examples so we can make any custom changes that we may need etc.
cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
Its a good idea while we’re installing the server to turn on the error reporting, this will make troubleshooting much easier while we’re installing, we can turn this off once we’ve finished installing and configuring our server etc.
Install MySQL
MySQL is a very popular database engine and is utilised by FuelPHP, some people may prefer Postgres over MySQL and FuelPHP does support that too but in this tutorial I’m using MySQL so I’ll now demonstrate how this is installed.
Lets install MySQL as follows:-
cd /usr/ports/databases/mysql55-server make BUILD_OPTIMIZED=yes BUILD_STATIC=yes
You can leave all the options as default and then continue with the installation using:
make install clean
We now need to add the MySQL daemon to the list of start-up services we do this like so:
echo 'mysql_enable="YES"' >> /etc/rc.conf /usr/local/etc/rc.d/mysql-server start
As this point its a good idea to reset your ‘root’ password too as currently there is not one set!
Configure PHP-FPM
PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites.
We’ll now install and configure like so:-
Using your text editor open up the PHP-FPM configuration file like so:-
nano /usr/local/etc/php-fpm.conf
Now make the following changes, where I’ve prefix lines with ‘-‘ these should be replaced with the line directly below it prefixed with ‘+’
-; events.mechanism = epoll +events.mechanism = kqueue ... -listen = 127.0.0.1:9000 +listen = /var/run/php-fpm.sock ... -;listen.owner = www -;listen.group = www -;listen.mode = 0666 +listen.owner = www +listen.group = www +listen.mode = 0666
Now we need to enable PHP-FPM in the rc.conf like so:-
echo 'php_fpm_enable="YES"' >> /etc/rc.conf
Now we can start PHP-FPM like so:-
/usr/local/etc/rc.d/php-fpm start
That it, PHP-FPM is now configured and ready to be used on our new application server.
Custom FuelPHP settings for nginx
It much quicker here if I just give you my nginx.conf file to get FuelPHP working, you’ll notice in the PHP file I’ve also added the environmental variable FUEL_ENV and set it to ‘production’ you can change that if you so wish to ‘staging’ obviously depending on how you intend on using your server.
So download, and copy my nginx.conf file to your server and make the required changes, eg. change the folder root and server_name directives to match your personal set-up.
Save the file and then restart nginx!
/usr/local/etc/rc.d/nginx start
Later on in this post I will be adding extra settings to the nginx.conf file so we’ll be making extra changes shortly but its a great starting place and you don’t need to edit that file any longer if you don’t wish to add SSL support etc.
Deploying your FuelPHP application to your new ‘production’ server
What I did was copied up my entire FuelPHP application into my standard user account home directory in a folder called ‘app’, on the server I then su -s (switched to root) and then copied the files to the new application hosting directory like so:
cp -r /home/adminuser/app/ /usr/local/www/yourwebsite/
Until you’ve reconfigured your database connection parameters for your FuelPHP application you’ll more than likely just be shown a blank screen (unless you turn on PHP error reporting) as the FuelPHP application cannot yet access your database.
Now its time to deploy your database, so we need to create a new database in MySQL of which will host your database, you can do so like this:-
mysql -uroot
Then run the following:-
CREATE DATABASE `databasenamehere`;
Then exit the MySQL client by typing:
exit
Now take an SQL dump of your database on your development machine, copy it over to your server and then run the follow command:-
mysql -uroot < /usr/home/adminuser/sqldump.sql
Your database should now be running on your server.
Next we need to create some additional directories if they don’t already exist on your server, do so now:-
mkdir /usr/local/www/yourwebsite/fuel/app/cache mkdir /usr/local/www/yourwebsite/fuel/app/tmp
Now we can use ‘oil’ to ensure that the required FuelPHP application files have the correct permissions set and if not will set them for us, run the following commands:-
cd /usr/local/www/yourwebsite php oil r install
You should see a list of success messages indicating that it has found and applied to correct permissions some of the FuelPHP directories!
Great, we’re nearly there!
Its worth mentioning here that when I first attempted to deploy it I had troubles the logs in /usr/local/www/yourwebsite/fuel/app/logs was showing the following error:-
–> Fuel\Core\Fuel::init – The configured locale en_US is not installed on your system.
To resolve this, I made FuelPHP use the system default locale, by adding a ‘locale’ => ”, element to the config.php file, this then seemed to fix the issue.
Now make sure that you have a valid db.php file in /usr/local/www/yourwebsite/fuel/app/config/production – If you don’t currently have one setup, you can copy across your ‘development’ one and amend as required like so:-
cd /usr/local/www/yourwebsite/fuel/app/config/development cp db.php ../production/db.php nano ../production/db.php
That’s the deployment pretty much done now!
Install APC
I’ve already documented the installation of APC for FreeBSD 9.0 in another post and can be view/followed here.
Install Memcache
I’ve already documented the installation of Memcache for FreeBSD 9.0 in another post and can be view/followed here.
Obtaining an SSL certificate
I decided to by my SSL certificate through 123-reg, I don’t need insurance and I’m not sending credit card details or anything like that so I just bought a bog standard SSL certificate, part of this process is creating the KEY and CSR files (Certificate signing request).
Using the instructions over at 123-reg, I created key and certificate signing request like so:-
openssl genrsa -des3 -out www.mydomain.com.key 2048 openssl req -new -key www.mydomain.com.key -out www.mydomain.com.csr
You will then be asked for some information, as the the instructions of the 123-reg site, details should be filled out as per this help page.
Once you have followed the instructions on their site, you should then create your certificate by creating a new account with 123-reg and following their instructions.
Once you have received your certificate from 123-reg you can then continue on to the next step!
You can obviously create a self-signed certificate for your server but this will be ‘untrusted’ and browsers will complain when your visitors visit your site… at just over £10 a year the SSL certificate provided by 123-reg is a bargin in my opinion.
Configuring nginx with an SSL certificate
Unlike Apache, in my personal opinion adding an SSL certificate to nginx is a breeze with just a few simple lines of code:-
You should now add the following lines to your nginx configuration file (under the ‘server’ section):-
listen 443; ssl on; ssl_certificate /etc/ssl/your_domain_name.crt; #(or .pem) ssl_certificate_key /etc/ssl/your_domain_name.key;
The recommended way to enable SSL in nginx from versions later than 0.7.14 is to add the ssl flag to the listen directive like so:-
listen 443 default ssl; ssl_certificate /etc/ssl/your_domain_name.crt; #(or .pem) ssl_certificate_key /etc/ssl/your_domain_name.key;
As we are using nginx 1.2.6 I’ve used this ‘recommended’ method instead!
Obviously your certificate files may be placed somewhere else on the file system or named something else, these files should also be chmod’d 600 for security reasons. Once you’re done simply restart nginx for the changes to take effect like so:-
/usr/local/etc/rc.d/nginx restart
Redirecting all non-https traffic to use HTTPS
This step is optional but I thought I’d post it up here too as I’m using this to force ALL traffic to use SSL on my new applicaiton, you can do this by adding the following line to the main nginx.conf file:-
location /{
rewrite ^ https://www.yourwebsite.com$request_uri permanent;
}
Once you’ve save the file changes, remember to restart nginx for the changes to take effect!!