pliczki śmietniczki, .vimrc .profile itp

.vimrc

syntax on " podswietlanie skladni
set autoindent " auto-wciecia
set background=dark " ciemne tlo
set backspace=2 " backspace usuwa wszystko
set history=50 " ilosc polecen w historii
set hlsearch " podswietlenie wyszukiwanego ciagu
set termencoding=iso8859-2 " kodowanie terminala
set fileencoding=iso8859-2 " kodowanie plik
set encoding=iso8859-2 " kodowanie
filetype plugin on " rozpoznawanie plik
filetype indent on
set ts=4 " tab stop
set sw=4 " shift width (przy autoindent)
set textwidth=2048 " szerokosc tekstu
"set nu " numerki lini
set guifont=Courier\ New\ 9 " czcionka
set lcs=tab:>.,eol:$ " pokazywanie znakow niedrukowalnych
set whichwrap+=<,>,[,] " po czym .~O▒.~]ama.~O▒.~] dlugie linie
set gdefault " /g domyslnie przy s///
set showcmd " pokazywanie wpisywanych komend
set wildmenu " pokazanie (bash-like) przy tab
set incsearch " pokazywanie tego co sie wpisuje przy /
set statusline=%<%f\ (%{&encoding})\ %h%m%r%=%-14.(%l,%c%V%)\ %P
set laststatus=2 " zawsze pokazujemy statusline
set fileencodings^=iso8859-2 " Prefer ISO-8859-2 :)

.profile

PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/sbin:/usr/local/bin
export PATH
: ${HOME='/root'}
export HOME
umask 022
export HISTFILE="$HOME/.history"
alias df='df -h'
alias ls='colorls -G'
alias tcpdump='tcpdump -n -e -ttt -i pflog0'
alias vi='vim'
alias top='top -s 1'
alias l='ls -lash'

case "$-" in
*i*) # interactive shell
if [ -x /usr/bin/tset ]; then
if [ X"$XTERM_VERSION" = X"" ]; then
eval `/usr/bin/tset -sQ '-munknown:?vt220' $TERM`
else
eval `/usr/bin/tset -IsQ '-munknown:?vt220' $TERM`
fi
fi
;;
esac
export PKG_PATH=ftp://ftp.eu.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(uname -m)/

PS1="\e[32;1m\][ \u@\h:\w] \[\e[0m\]"

 

 

 

 

 

httpd + php7.2 + mariadb + wordpress na OpenBSD 6.4

OpenBSD 6.4 ma wbudowany serwer www httpd który domyślnie działa w chroot i naprawdę jest leciutki a tymbardziej prosty w konfiguracji.  Piękne rozwiązanie dlatego warto dodać do niego php’a i jakiś silnik bazodanowy. Wybór padł na php72 i mariadb-server .
Zaczynamy od dodania pehapa

[ root@obsd:~] pkg_add php-7.2.10 php-curl-7.2.10 php-gd-7.2.10 php-mysqli-7.2.10
quirks-3.16 signed on 2018-10-13T13:42:51Z
php-7.2.10:femail-1.0p1: ok
php-7.2.10:femail-chroot-1.0p3: ok
php-7.2.10:xz-5.2.4: ok
php-7.2.10:libxml-2.9.8p0: ok
php-7.2.10: ok
php-curl-7.2.10:nghttp2-1.33.0: ok
php-curl-7.2.10:curl-7.61.1: ok
php-curl-7.2.10: ok
php-gd-7.2.10:jpeg-2.0.0v0: ok
php-gd-7.2.10: ok
php-mysqli-7.2.10: ok
Running tags: ok
The following new rcscripts were installed: /etc/rc.d/php72_fpm
See rcctl(8) for details.
New and changed readme(s):
/usr/local/share/doc/pkg-readmes/femail-chroot
/usr/local/share/doc/pkg-readmes/php-7.2

W katalogu /etc/php-7.2.sample/ są rozserzenia php które musimy przekopiować bądź podlinkować (jak kto woli) do /etc/php-7.2/

[ root@obsd:~] cp /etc/php-7.2.sample/* /etc/php-7.2/

Sprawdzamy uruchomienie php’a

[ root@obsd:~] /etc/rc.d/php72_fpm check
php72_fpm(failed)

hmm… 🙂
no to sprawdzamy gdzie leży problem

[ root@obsd:~] rcctl -d start php72_fpm
doing _rc_parse_conf
doing _rc_quirks
php72_fpm_flags empty, using default ><
doing _rc_parse_conf /var/run/rc.d/php72_fpm
doing _rc_quirks
doing rc_check
php72_fpm
doing rc_start
doing _rc_wait start
doing rc_check
[17-Apr-2019 20:45:28] WARNING: Nothing matches the include pattern '/etc/php-fpm.d/*.conf' from /etc/php-fpm.conf at line 125.
[17-Apr-2019 20:45:28] ERROR: No pool defined. at least one pool section must be specified in config file
[17-Apr-2019 20:45:28] ERROR: failed to post process the configuration
[17-Apr-2019 20:45:28] ERROR: FPM initialization failed
doing _rc_rm_runfile
(failed)

I wszystko jasne, chodzi o to, żę w pliku/etc/php-fpm.conf zadeklarowana jest konfiguracja dla innych plików konfiguracyjnych

include=/etc/php-fpm.d/*.conf

a przy instalacji php72 nie jest tworzony katalog /etc/php-fpm.d/ z domyślną konfiguracją. Musimy to zrobić ręcznie.

[ root@obsd:~] mkdir /etc/php-fpm.d/
[ root@obsd:~] touch /etc/php-fpm.d/default.conf

Do /etc/php-fpm.d/default.conf wklejamy poniższą konfigurację

;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;

[www]
user = www
group = www
listen = /var/www/run/php-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0660
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
chroot = /var/www/

Sprawdzamy

[ root@obsd:~] rcctl -d start php72_fpm
doing _rc_parse_conf
doing _rc_quirks
php72_fpm_flags empty, using default ><
doing _rc_parse_conf /var/run/rc.d/php72_fpm
doing _rc_quirks
doing rc_check
php72_fpm
doing rc_start
doing _rc_wait start
doing rc_check
doing _rc_write_runfile
(ok)

Gites majones

Kolejny krok to silnik bazodanowy

[ root@obsd:~] pkg_add mariadb-server
quirks-3.16 signed on 2018-10-13T13:42:51Z
mariadb-server-10.0.36p0v1:mariadb-client-10.0.36v1: ok
mariadb-server-10.0.36p0v1:p5-Math-Base-Convert-0.08p0: ok
mariadb-server-10.0.36p0v1:p5-Module-Runtime-0.016: ok
mariadb-server-10.0.36p0v1:p5-Params-Util-1.07p1: ok
mariadb-server-10.0.36p0v1:p5-Clone-0.38: ok
mariadb-server-10.0.36p0v1:p5-SQL-Statement-1.407: ok
mariadb-server-10.0.36p0v1:p5-Net-Daemon-0.48p0: ok
mariadb-server-10.0.36p0v1:p5-PlRPC-0.2020: ok
mariadb-server-10.0.36p0v1:p5-FreezeThaw-0.5001: ok
mariadb-server-10.0.36p0v1:p5-MLDBM-2.05: ok
mariadb-server-10.0.36p0v1:p5-DBI-1.641: ok
mariadb-server-10.0.36p0v1:p5-DBD-mysql-4.042p0: ok
mariadb-server-10.0.36p0v1: ok
The following new rcscripts were installed: /etc/rc.d/mysqld
See rcctl(8) for details.
New and changed readme(s):
/usr/local/share/doc/pkg-readmes/mariadb-server

Kolejna rzecz to trzeba zainicjować bazy

[ root@obsd:~] mysql_install_db
Installing MariaDB/MySQL system tables in '/var/mysql' ...
190417 20:56:46 [Note] /usr/local/libexec/mysqld (mysqld 10.0.36-MariaDB) starting as process 66188 ...
190417 20:56:46 [Note] InnoDB: innodb_empty_free_list_algorithm has been changed to legacy because of small buffer pool size. In order to use backoff, increase buffer pool at least up to 20MB.

190417 20:56:46 [Note] InnoDB: Using mutexes to ref count buffer pool pages
190417 20:56:46 [Note] InnoDB: The InnoDB memory heap is disabled
190417 20:56:46 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
190417 20:56:46 [Note] InnoDB: GCC builtin __atomic_thread_fence() is used for memory barrier
190417 20:56:46 [Note] InnoDB: Compressed tables use zlib 1.2.3
190417 20:56:46 [Note] InnoDB: Not using CPU crc32 instructions
190417 20:56:46 [Note] InnoDB: Initializing buffer pool, size = 128.0M
190417 20:56:46 [Note] InnoDB: Completed initialization of buffer pool
190417 20:56:46 [Note] InnoDB: The first specified data file ./ibdata1 did not exist: a new database to be created!
190417 20:56:46 [Note] InnoDB: Setting file ./ibdata1 size to 12 MB
190417 20:56:46 [Note] InnoDB: Database physically writes the file full: wait...
190417 20:56:47 [Note] InnoDB: Setting log file ./ib_logfile101 size to 48 MB
190417 20:56:49 [Note] InnoDB: Setting log file ./ib_logfile1 size to 48 MB
190417 20:56:51 [Note] InnoDB: Renaming log file ./ib_logfile101 to ./ib_logfile0
190417 20:56:51 [Warning] InnoDB: New log files created, LSN=45781
190417 20:56:51 [Note] InnoDB: Doublewrite buffer not found: creating new
190417 20:56:51 [Note] InnoDB: Doublewrite buffer created
190417 20:56:51 [Note] InnoDB: 128 rollback segment(s) are active.
190417 20:56:51 [Warning] InnoDB: Creating foreign key constraint system tables.
190417 20:56:51 [Note] InnoDB: Foreign key constraint system tables created
190417 20:56:51 [Note] InnoDB: Creating tablespace and datafile system tables.
190417 20:56:51 [Note] InnoDB: Tablespace and datafile system tables created.
190417 20:56:51 [Note] InnoDB: Waiting for purge to start
190417 20:56:51 [Note] InnoDB: Percona XtraDB (http://www.percona.com) 5.6.39-83.1 started; log sequence number 0
190417 20:56:51 [Warning] Failed to load slave replication state from table mysql.gtid_slave_pos: 1146: Table 'mysql.gtid_slave_pos' doesn't exist
190417 20:56:52 [Note] InnoDB: FTS optimize thread exiting.
190417 20:56:52 [Note] InnoDB: Starting shutdown...
190417 20:56:52 [Note] InnoDB: Waiting for page_cleaner to finish flushing of buffer pool
190417 20:56:54 [Note] InnoDB: Shutdown completed; log sequence number 1616697
OK
Filling help tables...
190417 20:56:54 [Note] /usr/local/libexec/mysqld (mysqld 10.0.36-MariaDB) starting as process 23494 ...
190417 20:56:54 [Note] InnoDB: innodb_empty_free_list_algorithm has been changed to legacy because of small buffer pool size. In order to use backoff, increase buffer pool at least up to 20MB.

190417 20:56:54 [Note] InnoDB: Using mutexes to ref count buffer pool pages
190417 20:56:54 [Note] InnoDB: The InnoDB memory heap is disabled
190417 20:56:54 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
190417 20:56:54 [Note] InnoDB: GCC builtin __atomic_thread_fence() is used for memory barrier
190417 20:56:54 [Note] InnoDB: Compressed tables use zlib 1.2.3
190417 20:56:54 [Note] InnoDB: Not using CPU crc32 instructions
190417 20:56:54 [Note] InnoDB: Initializing buffer pool, size = 128.0M
190417 20:56:54 [Note] InnoDB: Completed initialization of buffer pool
190417 20:56:54 [Note] InnoDB: Highest supported file format is Barracuda.
190417 20:56:54 [Note] InnoDB: 128 rollback segment(s) are active.
190417 20:56:54 [Note] InnoDB: Waiting for purge to start
190417 20:56:54 [Note] InnoDB: Percona XtraDB (http://www.percona.com) 5.6.39-83.1 started; log sequence number 1616697
190417 20:56:55 [Note] InnoDB: FTS optimize thread exiting.
190417 20:56:55 [Note] InnoDB: Starting shutdown...
190417 20:56:55 [Note] InnoDB: Waiting for page_cleaner to finish flushing of buffer pool
190417 20:56:56 [Note] InnoDB: Shutdown completed; log sequence number 1616707
OK

PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !
To do so, start the server, then issue the following commands:

'/usr/local/bin/mysqladmin' -u root password 'new-password'
'/usr/local/bin/mysqladmin' -u root -h obsd.lan password 'new-password'

Alternatively you can run:
'/usr/local/bin/mysql_secure_installation'

which will also give you the option of removing the test
databases and anonymous user created by default. This is
strongly recommended for production servers.

See the MariaDB Knowledgebase at http://mariadb.com/kb or the
MySQL manual for more instructions.

You can start the MariaDB daemon with:
/etc/rc.d/mysqld start

Please report any problems at http://mariadb.org/jira

The latest information about MariaDB is available at http://mariadb.org/.
You can find additional information about the MySQL part at:
http://dev.mysql.com
Consider joining MariaDB's strong and vibrant community:
https://mariadb.org/get-involved/

tum pidum, dodajemy  mysqld do startu systemu i uruchamiamy.

[ root@obsd:~] rcctl enable mysqld
[ root@obsd:~] /etc/rc.d/mysqld start
mysqld
(ok)

Pozostało nam uruchomić mysql_secure_installation w celu nadania hasła i odpowiedzeniu na kila pytań:

  • Możesz ustawić hasło dla kont root.
  • Możesz usunąć konta root, które dostępne jest spoza lokalnego hosta.
  • Możesz usunąć konta użytkowników anonimowych.
  • Możesz usunąć testową bazę danych, do której domyślnie dostęp mają anonimowi użytkownicy.
[ root@obsd:~] mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Sprawdzamy czy my możeny się zalogować

[ root@obsd:~] mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 10.0.36-MariaDB OpenBSD port: mariadb-server-10.0.36p0v1

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>exit
Bye

Ważna informacja!
Domyślnie mariadb sock ma w /var/run/mysql/mysql.sock.
a nasz httpd działa w chroot. Trzeba zmienić lokalizację gniazda tak żeby mariadb była dostępna w schrootowanym środowisku httpd.
W tym celu edytujemy /etc/my.cnf i poprawiamy wpis:

[ root@obsd:~] vi /etc/my.cnf

socket = /var/www/var/run/mysql/mysql.sock

Oraz stworzyć katalog pod gniazdo i nadać uprawnienia.

[ root@obsd:~] mkdir -p /var/www/var/run/mysql/
[ root@obsd:~] chown _mysql._mysql /var/www/var/run/mysql/
[ root@obsd:~]  /etc/rc.d/mysqld restart
mysqld(ok)
mysqld(ok)

Pora na skonfigurowanie httpd.
httpd działa w chroot a domyślnym katalogiem jest /var/www dlatego nie podajemy pełnej ścieżki /var/www/htdocs/obsd.eu.org

[ root@obsd:~] cp /etc/examples/httpd.conf /etc/
[ root@obsd:~] mkdir /var/www/htdocs/obsd.eu.org
[ root@obsd:~] chown www.www /var/www/htdocs/obsd.eu.org
[ root@obsd:~] vi /etc/httpd.conf
types {
include "/usr/share/misc/mime.types"
}
ext_addr="*"
server "obsd.eu.org" {
listen on * port 80
root "/htdocs/obsd.eu.org"
directory index index.php
location "*.php*" {
fastcgi socket "/run/php-fpm.sock"
log style combined
log { access "access-obsd.log", error "error-obsd.log" }
}
}

Aktywujemy usługę

[ root@obsd:~] rcctl enable httpd
[ root@obsd:~] rcctl start httpd
httpd(ok)

Następnie zabieram się za wordpress’a czyli pobieramy, rozpakowywujemy, przenosimy pliki do docelowego miejsca i sprzątamy śmieci.

[ root@obsd:~] cd /var/www/htdocs/obsd.eu.org/
[ root@obsd:/var/www/htdocs/obsd.eu.org] wget https://wordpress.org/latest.zip
[ root@obsd:/var/www/htdocs/obsd.eu.org] unzip latest.zip
[ root@obsd:/var/www/htdocs/obsd.eu.org] mv wordpress/* .
[ root@obsd:/var/www/htdocs/obsd.eu.org] rm -rf wordpress/
[ root@obsd:/var/www/htdocs/obsd.eu.org] mv wp-config-sample.php wp-config.php

Teraz musimy przygotować użytkownika i bazę sql.

[ root@obsd:/var/www/htdocs/obsd.eu.org] mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 10.0.36-MariaDB OpenBSD port: mariadb-server-10.0.36p0v1

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>


MariaDB [(none)]> CREATE DATABASE wpdb;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> CREATE USER wpuser@localhost IDENTIFIED BY 'T4jnEH4s1o';
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON wpdb.* TO wpuser@localhost ;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit
Bye

Edytujemy wp-config.php i wstawiamy dane.

Pozostawje nam odpalić przeglądarkę i dokończyć instalacje wordpress’a.


Wydawać by się mogło, że wszystko pięknie poszło ale niestey nie 🙂
Mianowicie po zalogowaniu się do panelu administracyjnego i przechodząc np. do Plugins -> Installed Plugins otrzymujemy komunikat:

"An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums."


Dlaczego tak sie dzieje?
Żadne tam źle skonfigurowane czy nie nieaktualne biblioteki ssl.
Żadne tam słabe łącze.
Żadne tam wstawianie do /etc/hosts
198.143.164.251 api.wordpress.org
198.143.164.250 downloads.wordpress.org

Choć z tym ostatnim to było blisko 🙂
W OpemBSD httpd dziła w chroot, tak?


[ root@obsd:~] mkdir /var/www/etc
[ root@obsd:~] cp /etc/resolv.conf /var/www/etc/

 Tadamm…..

To na tyle, myślę, że komuś się to przyda 🙂