Created Setting up Drupal 7 (markdown)

2018-01-14 15:19:21 +02:00 · 2018-01-14 15:19:21 +02:00 · 211b80a433
parent 904b236347
commit 211b80a433
1 changed files with 252 additions and 0 deletions
--- a/Setting-up-Drupal-7.md
+++ b/Setting-up-Drupal-7.md
@ -0,0 +1,252 @@
 In this guide we are setting up *Drupal 7* with *php-fpm* and *Nginx*
 ## Prerequisites
 * A DNS record:
   ```
   cms.example.com.	69	IN	A	2.2.2.2
   ```
 * A Debian 9.3 (stretch) instance (ami-b9fa4cc1)
 * Make the hostname persistent on the instance, by creating the file */etc/cloud/cloud.cfg.d/99_hostname.cfg*:
    ```
    #cloud-config
    hostname: cms
    fqdn: cms.example.com
    ```
 ## Installing dependencies
 **NOTE:The following commands are executed under a privileged *admin* user, unless otherwise stated.**
 ```
 $ sudo apt -y install php-apcu php-pear php7.0-fpm php7.0-cli php7.0-gd php7.0-mysql php7.0-xml php7.0-mbstring php7.0-curl nginx
 ```
 ## Install Drupal 7
 Create a user for the website and switch to it:
 ```
 $ sudo useradd -s /bin/bash -d /srv/webadmin -m webadmin
 $ sudo su - webadmin
 ```
 Download Drupal 7:
 ```
 $ wget https://ftp.drupal.org/files/projects/drupal-7.56.tar.gz
 ```
 Extract Drupal 7
 ```
 $ tar xvzf drupal-7.56.tar.gz 
 ```
 Rename the destination folder to *cms*:
 ```
 $ mv drupal-7.56/ cms
 ```
 ## Setup Nginx
 Exit back to the *admin* user and prepare the CMS Virtualhost (Create the */etc/nginx/sites-available/cms* file):
 ```
 server {
        server_name cms.example.com;
        root /srv/webadmin/cms;
        access_log /var/log/nginx/cms.example.com.access.log;
        error_log  /var/log/nginx/cms.example.com.error.log info;
        index index.php;
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }
        # This matters if you use drush
        location = /backup {
                deny all;
        }
        # Very rarely should these ever be accessed outside of your lan
        location ~* \.(txt|log)$ {
                allow 127.0.0.1;
                deny all;
        }
        location ~ \..*/.*\.php {
                return 403;
        }
        location / {
                # This is cool because no php is touched for static content
                try_files $uri $uri/ @rewrite;
                expires max;
        }
        location @rewrite {
                # Some modules enforce no slash (/) at the end of the URL
                # Else this rewrite block wouldn&#39;t be needed (GlobalRedirect)
                rewrite ^/(.*)$ /index.php?q=$1;
        }
        location ~ \.php$ {
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_intercept_errors on;
                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        }
 }
 ```
 Enable the *cms* virtualhost and disable the *default* (switch back to the *admin* user):
 ```
 $ cd /etc/nginx/sites-enabled/
 $ sudo ln -s ../sites-available/cms
 $ sudo rm default
 ```
 Verify the configuration:
 ```
 $ sudo nginx -t
 nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
 nginx: configuration file /etc/nginx/nginx.conf test is successful
 ```
 The configuration is free from syntax errors. We can go ahead and restart *Nginx*and *PHP-FPM* :
 ```
 $ sudo systemctl restart nginx.service php7.0-fpm.service
 ```
 ## Enable HTTPS with Let's Encrypt
 Install *Certbot*:
 ```
 $ sudo apt -y install python-certbot-nginx
 ```
 Generate the certificate:
 ```
 sudo certbot --authenticator standalone --installer nginx -d cms.theo-andreou.org --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"
 ```
 **NOTE: under normal conditions the following command should work (and without restarting *Nginx*, but the Nginx authenticator has been disabled because of a [security bug](https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983):**
 ```
 $ certbot run --nginx -d cms.example.com # Currently not working because of a letsencrypt bug
 ```
 Use these settings in the prompt:
 * Enter Email Address: **admin@example.com**
 * ToS: **Agree**
 * HTTPS Access: **Secure**
 Certificate auto-renewal is already included in the *python-certbot-nginx* package. That is true for Debian but not Ubuntu:
 ```
 $ cat /etc/cron.d/certbot
 # /etc/cron.d/certbot: crontab entries for the certbot package
 #
 # Upstream recommends attempting renewal twice a day
 #
 # Eventually, this will be an opportunity to validate certificates
 # haven't been revoked, etc.  Renewal will only occur if expiration
 # is within 30 days.
 SHELL=/bin/sh
 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(3600))' && certbot -q renew
 ```
 ## Setup a MariaDB database
 Install *MariaDB*:
 ```
 $ sudo apt -y install mariadb-server
 ```
 Now create the Drupal database:
 ```
 $ sudo mysql
 MariaDB [(none)]> CREATE DATABASE cms CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci;
 MariaDB [(none)]> GRANT ALL PRIVILEGES ON cms.* TO 'cmsuser'@'localhost' IDENTIFIED BY 'MyDrupalDBPass';
 MariaDB [(none)]> FLUSH PRIVILEGES;
 ```
 ## Setup Drupal 7
 We need some preparations before we proceed with the setup.
 First create the *sites/default/files* directory (as the *admin* user):
 ```
 $ cd /srv/webadmin/cms/
 $ sudo mkdir sites/default/files
 $ sudo chown www-data:webadmin sites/default/files
 ```
 Then create the *sites/default/default.settings.php* file:
 ```
 $ sudo cp sites/default/default.settings.php sites/default/settings.php
 $ sudo chown www-data:webadmin sites/default/settings.php
 ```
 Now visit this website to setup *Drupal*:
 https://cms.example.com/install.php
 Select the following options:
 * Select an installation profile: **Standard**
 * Choose language: **English**
 * Verify requirements
    You will be redirected to the next step if all is OK. Otherwise you will need to fix your setup.
 * Database configuration:
    * Database name: **cms**
    * Database username: **cmsuser**
    * Database password: **MyDrupalDBPass**
 * Configure site:
    * Site name: **cms.example.com**
    * Site e-mail address: **cms@example.com**
    * Username: **cmsadmin**
    * E-mail address: **admin@example.com**
    * Password: **MyDrupalAdminPass**
    * Confirm Password: **MyDrupalAdminPass**
    * Default country: **Your country here**
    * Default Timezone: **Your Timezone here**
    * Check for updates automatically: **Enabled**
    * Receive e-mail notifications: **Enabled**
 If everything is correct you will be greeted with a "Congratulations, you installed Drupal!" after you press the **Save and continue** button.
 You can visit your newly installed Drupal CMS here:
 https://cms.example.com
 References
 ----------
 * https://www.drupal.org/node/1030854
 * http://blog.celogeek.com/201209/202/how-to-configure-nginx-php-fpm-drupal-7-0/
 * https://www.drupal.org/node/244924