install:openbsd
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
install:openbsd [2020-05-10 00:41] – OpenBSD is somewhat different and manual. More detail required. bwalzer | install:openbsd [2023-09-09 14:11] (current) – Include a better httpd(8) configuration fiwswe | ||
---|---|---|---|
Line 3: | Line 3: | ||
=====Installation from the package===== | =====Installation from the package===== | ||
- | To install [[: | + | To install [[: |
~$ doas pkg_add dokuwiki | ~$ doas pkg_add dokuwiki | ||
- | The package | + | The package |
+ | Note: The package '' | ||
+ | # chown www / | ||
+ | |||
+ | |||
+ | :!: Note: The currently available OpenBSD ports '' | ||
+ | # chown www / | ||
+ | This bug will probably be fixed in newer versions of the ports. | ||
=====Manual installation===== | =====Manual installation===== | ||
- | The package doesn' | + | The package doesn' |
- | First install PHP and a dependency: | + | First install PHP and a dependency |
- | ~$ pkg_add php php-gd | + | ~$ doas pkg_add php php-gd |
- | You should be able to choose the newest version of PHP. We will use 7.3 for this example. | + | You should be able to choose the newest version of PHP. We will use 8.0 for this example. |
- | To enable the PHP GD package add the symbolic link: | ||
- | ~$ ln -s /etc/php-7.3.sample/gd.ini /etc/php-7.3/ | + | To enable the installed PHP package add the symbolic links as root: |
+ | |||
+ | # cd /etc/php-8.0.sample | ||
+ | # for i in *; do ln -sf ../php-8.0.sample/$i ../php-8.0/; done | ||
Start up the PHP FPM daemon: | Start up the PHP FPM daemon: | ||
- | ~$ rcctl start php73_fpm | + | ~$ doas rcctl start php80_fpm |
- | + | ||
+ | ==== Add the daemon to the list of things started up at boot ==== | ||
+ | |||
+ | Old method\\ | ||
Add the daemon to the list of things started up at boot in the / | Add the daemon to the list of things started up at boot in the / | ||
- | | + | |
Once you have PHP working you can go through the generic [[:: | Once you have PHP working you can go through the generic [[:: | ||
Line 41: | Line 53: | ||
listen on egress port 80 | listen on egress port 80 | ||
listen on 127.0.0.1 port 80 | listen on 127.0.0.1 port 80 | ||
+ | |||
+ | location "/ | ||
+ | location "/ | ||
+ | location "/ | ||
+ | location "/ | ||
+ | location "/ | ||
+ | location "/ | ||
+ | location "/ | ||
location "/ | location "/ | ||
- | root { "/ | + | root "/ |
+ | request | ||
fastcgi socket "/ | fastcgi socket "/ | ||
} | } | ||
location "/ | location "/ | ||
directory index index.php | directory index index.php | ||
- | root { "/ | + | root "/ |
+ | request | ||
} | } | ||
- | } | + | } |
</ | </ | ||
- | Alternative | + | Note: The above is a very generic minimal |
+ | A slightly better configuration which would be accessible using the url '' | ||
<code autoconf> | <code autoconf> | ||
- | server "default" { | + | # Redirect HTTP requests to HTTPS and handle ACME certificate verification |
- | listen on egress | + | # requests. |
- | root "/ | + | server "wiki.example.com" { |
- | directory index doku.php | + | listen on * port 80 |
- | + | ||
- | # Set according to upload_max_filesize and post_max_size in php.ini | + | # Add other hostnames here if you have multiple virtual hosts that |
- | | + | # require the same functionality. No need to write extra server {} |
- | + | # blocks for them. | |
- | location "*.php" | + | # alias " |
- | location "/ | + | |
- | location "/ | + | block return 301 " |
- | location "/ | + | |
- | location "/ | + | location "/ |
- | location "/ | + | pass |
- | } | + | root "/ |
+ | request strip 2 | ||
+ | } | ||
+ | } | ||
+ | |||
+ | # This is the server for hosting a DokuWiki website. | ||
+ | server " | ||
+ | # Always use HTTPS so that login credentials are encrypted. | ||
+ | listen on * tls port 443 | ||
+ | |||
+ | tls { | ||
+ | # Adjust these paths for the ones your certificate uses. | ||
+ | certificate "/ | ||
+ | key "/ | ||
+ | } | ||
+ | |||
+ | # If you are using the default DokuWiki as installed from the | ||
+ | # OpenBSD dokuwiki port then this is your root directory. If | ||
+ | # you are using a manual installation, | ||
+ | root "/ | ||
+ | |||
+ | # Make sure that https://< | ||
+ | # https://< | ||
+ | directory index doku.php | ||
+ | |||
+ | # Block some things. | ||
+ | # Note: The first matching location statement wins. Thus the | ||
+ | # order is important. | ||
+ | location "*~" { block } | ||
+ | location | ||
+ | location "/ | ||
+ | location "/ | ||
+ | location "/ | ||
+ | location "/ | ||
+ | location "/ | ||
+ | |||
+ | # If nothing was blocked then handle PHP scripts. | ||
+ | location " | ||
+ | # If you are running multiple versions of php-fpm | ||
+ | # you may need to adjust the socket path. | ||
+ | fastcgi socket "/ | ||
+ | } | ||
+ | } | ||
</ | </ | ||
+ | |||
+ | Don't forget to check your configuration using '' | ||
+ | ~$ doas rcctl start httpd | ||
+ | |||
+ | To enable httpd(8) at boot time use: | ||
+ | ~$ doas rcctl enable httpd | ||
+ | |||
+ | And for completeness, | ||
+ | ~$ doas httpd -n | ||
+ | ~$ doas rcctl reload httpd | ||
+ | or | ||
+ | ~$ doas httpd -n | ||
+ | ~$ doas rcctl restart httpd | ||
=====Allowing outgoing http connections===== | =====Allowing outgoing http connections===== | ||
Line 77: | Line 156: | ||
The OpenBSD web server chroot is fairly restrictive by default. If you want to use things like automatic extension downloading you will need to open things up a bit. This should allow outgoing http and https connections. As root (creating any needed directories on the way): | The OpenBSD web server chroot is fairly restrictive by default. If you want to use things like automatic extension downloading you will need to open things up a bit. This should allow outgoing http and https connections. As root (creating any needed directories on the way): | ||
- | | + | |
- | | + | # mknod / |
- | | + | |
+ | # cp / | ||
+ | | ||
+ | # cp / | ||
+ | # mkdir / | ||
+ | # cp / | ||
+ | Then restart the php daemon: | ||
+ | ~$ doas rcctl start php80_fpm |
install/openbsd.1589064111.txt.gz · Last modified: 2020-05-10 00:41 by bwalzer