ç§ãã¡ã¯åžå Žãæ¡å€§ãç¶ããŸãã æè¿ãã®æ¹æ³ããäŒãããŸãããã
圌ãéžãã çç±ãšããã®ã€ã¡ãŒãžãã©ã®ããã«äœæããããã説æããŸãã
Drupal â ãã€ã¯ããµã€ããããã°ãã倧èŠæš¡ãªãœãŒã·ã£ã« ãããžã§ã¯ããŸã§ãããããçš®é¡ã® Web ãµã€ããäœæããããã®äŸ¿å©ã§åŒ·åãªãã©ãããã©ãŒã ãPHP ã§èšè¿°ãããããŒã¿ ã¹ãã¬ãŒãžãšããŠãªã¬ãŒã·ã§ãã« ããŒã¿ããŒã¹ã䜿çšãã Web ã¢ããªã±ãŒã·ã§ã³ã®åºç€ãšããŠã䜿çšãããŸãã
Drupal 9 ã«ã¯ãããŒãžã§ã³ 8.9 ã§å°å
¥ããããã¹ãŠã®æ©èœãå«ãŸããŠããŸãã ããŒãžã§ã³ 9 ãšããŒãžã§ã³ 8 ã®äž»ãªéãã¯ããã©ãããã©ãŒã ã 2021 幎 9 æ以éãã¢ããããŒããšã»ãã¥ãªãã£ä¿®æ£ãåãåãç¶ããããšã§ãã ããŒãžã§ã³ 8 ã§ã¯æŽæ°ããã»ã¹ãç°¡çŽ åãããããŒãžã§ã³ XNUMX ããã®ã¢ããã°ã¬ãŒã ããã»ã¹ãããã«ç°¡åã«ãªããŸãã
ãµãŒããŒèŠä»¶
Drupal ã䜿çšããã«ã¯ã2 GB RAM ãš 2 CPU ã³ã¢ã䜿çšããããšããå§ãããŸãã
Drupal ã®ã¡ã€ã³ ãã¡ã€ã«ã¯çŽ 100 MB ãå æããããã«ç»åãããŒã¿ããŒã¹ãããŒããè¿œå ã¢ãžã¥ãŒã«ãããã¯ã¢ãããä¿åããããã®ã¹ããŒã¹ãå¿ èŠã«ãªããŸããããã¯ãµã€ãã®ãµã€ãºã«ãã£ãŠç°ãªããŸãã
Drupal 9 ã«ã¯ãæå°éã®å¶éä»ã㧠PHP 7.4 以éãå¿
èŠã§ã (memory_limit
) 64 MB ã¡ã¢ãªã®å Žå; è¿œå ã¢ãžã¥ãŒã«ã䜿çšããå Žåã¯ã128 MB ãã€ã³ã¹ããŒã«ããããšããå§ãããŸãã
Drupal ã¯ãWeb ãµãŒããŒãšã㊠Apache ãŸã㯠Nginx ã䜿çšããããŒã¿ããŒã¹ãšã㊠MySQLãPostgreSQLããŸã㯠SQLite ã䜿çšã§ããŸãã
Nginx ãš MySQL ã䜿çšã㊠Drupal ãã€ã³ã¹ããŒã«ããŸãã
ã€ã³ã¹ããŒã«
ã€ã³ã¹ããŒã«ãããŠããããã±ãŒãžãææ°ããŒãžã§ã³ã«æŽæ°ããŸãããã
sudo dnf update -y
http/80 ããŒããš https/443 ããŒããžã®åä¿¡ãã©ãã£ãã¯ã«å¯Ÿããæ°žç¶çãªã¢ã¯ã»ã¹èš±å¯ãè¿œå ããŸãããã
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
æ°ãããã¡ã€ã¢ãŠã©ãŒã« ã«ãŒã«ãé©çšããŠã¿ãŸãããã
sudo systemctl reload firewalld
Nginx ãã€ã³ã¹ããŒã«ããŸãããã
sudo dnf install nginx -y
Nginx ãµãŒããŒãèµ·åããŠæå¹ã«ããŸãããã
sudo systemctl start nginx
sudo systemctl enable nginx
çŸåšã¡ã€ã³ã® Centos ãªããžããªã¯ PHP 7.2 ã䜿çšããŠãããããPHP 7.4 (Drupal 9 ã®æå°ããŒãžã§ã³) ã䜿çšã㊠REMI ãªããžããªãè¿œå ããŸãããã
ãããè¡ãã«ã¯ãEPEL ãªããžã㪠(REMI ãªããžããªã§å¿
èŠ) ãè¿œå ããŸãã
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
REMI ãªããžããªãè¿œå ããŸãããã
sudo dnf install -y https://rpms.remirepo.net/enterprise/remi-release-8.rpm
php:remi-7.4 ã¢ãžã¥ãŒã«ãæå¹ã«ã㊠php 7.4 ãã€ã³ã¹ããŒã«ããŸãããã
sudo dnf module enable php:remi-7.4 -y
php-fpm ãš php-cli ãã€ã³ã¹ããŒã«ããŸãã
sudo dnf install -y php-fpm php-cli
Drupal ãåäœããããã«å¿ èŠãª PHP ã¢ãžã¥ãŒã«ãã€ã³ã¹ããŒã«ããŸãããã
sudo dnf install -y php-mysqlnd php-date php-dom php-filter php-gd php-hash php-json php-pcre php-pdo php-session php-simplexml php-spl php-tokenizer php-xml
æšå¥šããã PHP mbstring opcache ã¢ãžã¥ãŒã«ãã€ã³ã¹ããŒã«ããŸãã
sudo dnf install -y php-mbstring php-opcache
MySQL ãµãŒããŒãã€ã³ã¹ããŒã«ããŸãããã
sudo dnf install mysql-server -y
MySQL ãµãŒããŒã®é»æºãå ¥ããŠèµ·åããŸãããã
sudo systemctl start mysqld
sudo systemctl enable mysqld
VDS çšã®ãã³ãã¬ãŒããäœæããŠãããããæéããããå¯èœæ§ããããããmysqld ã®èµ·åé 延ã 30 ç§è¿œå ããŸããããããªããšãæåã®ã·ã¹ãã èµ·åäžã«ãµãŒããŒã®èµ·åã«åé¡ãçºçããå¯èœæ§ããããŸãã
sudo sed -i '/Group=mysql/a
ExecStartPre=/bin/sleep 30
' /usr/lib/systemd/system/mysqld.service
/etc/php-fpm.d/www.conf ãå€æŽããŠãnginx ãå®è¡ããã°ââã«ãŒããšãŠãŒã¶ãŒãå€æŽããŸãããã
sudo sed -i --follow-symlinks 's/user = apache/user = nginx/g' /etc/php-fpm.d/www.conf
sudo sed -i --follow-symlinks 's/group = apache/group = nginx/g' /etc/php-fpm.d/www.conf
ããã«å¿ããŠãPHP ã»ãã·ã§ã³ ãã£ã¬ã¯ããªã®ææè ã nginx ã«å€æŽããŸãããã
sudo chown -R nginx. /var/lib/php/session
æ§æãã¡ã€ã« /etc/nginx/nginx.conf ããã³ã¡ã³ããå«ãè¡ãåé€ããŸããã (sed ã®äºéããªã¬ãŒããªããªãããã«)ã
sudo sed -i -e '/^[ t]*#/d' /etc/nginx/nginx.conf
gzip å§çž®èšå®ã /etc/nginx/nginx.conf ã«è¿œå ããŸã
sudo sed -i '/types_hash_max_size 2048;/a
gzip on;
gzip_static on;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/x-icon image/svg+xml application/x-font-ttf;
gzip_comp_level 9;
gzip_proxied any;
gzip_min_length 1000;
gzip_disable "msie6";
gzip_vary on;
' /etc/nginx/nginx.conf
ã€ã³ããã¯ã¹ ãã¡ã€ã«index.php ã®èšå®ã /etc/nginx/nginx.conf ã«è¿œå ããŸãããã
sudo sed -i '/ root /usr/share/nginx/html;/a
index index.php index.html index.htm;
' /etc/nginx/nginx.conf
ããã©ã«ããµãŒããŒã®èšå®ãè¿œå ããŸããã: php-fpm ãœã±ããçµç±ã® PHP åŠçãéçãã¡ã€ã«ã®ãã°ã®ç¡å¹åãæå¹æéã®å»¶é·ãfavicon.ico ãš robots.txt ã®ã¢ã¯ã»ã¹ãšãšã©ãŒ ãã°ã®ç¡å¹åã.ht ãžã®ã¢ã¯ã»ã¹ã®æåŠå šå¡çšã®ãã¡ã€ã«:
sudo sed -i '/ location / {/a
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~* ^.+.(js|css|png|jpg|jpeg|gif|ico|woff)$ {
access_log off;
expires max;
}
location ~ .php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /.ht {
deny all;' /etc/nginx/nginx.conf
certbot ã®ã€ã³ã¹ããŒã«ã«å¿ èŠãª wget ãã€ã³ã¹ããŒã«ããŸãã
sudo dnf install wget -y
certbot å®è¡å¯èœãã¡ã€ã«ããªããµã€ãããããŠã³ããŒãããŸãã
cd ~
wget https://dl.eff.org/certbot-auto
certbot ã /usr/local/bin/ ã«ç§»åããŸãã
mv certbot-auto /usr/local/bin/certbot-auto
ãããŠãææè ãšããŠã®æš©éã root ã«å²ãåœãŠãŸãããã
chown root /usr/local/bin/certbot-auto
chmod 0755 /usr/local/bin/certbot-auto
certbot ã®äŸåé¢ä¿ãã€ã³ã¹ããŒã«ãããã®æ®µéã§ãã®äœæ¥ãäžæããŸããã (åç: Yãc)ã
certbot-auto
ææ°ããŒãžã§ã³ã® Drupal 9 ãå«ãŸããã¢ãŒã«ã€ãããªããµã€ãããããŠã³ããŒãããŠã¿ãŸãããã
cd ~
wget https://www.drupal.org/download-latest/tar.gz
tar ãã€ã³ã¹ããŒã«ããŠã¢ãŒã«ã€ãã解åããŸãã
sudo dnf install tar -y
/usr/share/nginx/html/ ãã£ã¬ã¯ããªå ã®ããã©ã«ãã®ãã¡ã€ã«ãåé€ããŸãããã
rm -rf /usr/share/nginx/html/*
ãã¡ã€ã«ã Web ãµãŒã㌠ãã£ã¬ã¯ããªã«è§£åããŸãããã
tar xf tar.gz -C /usr/share/nginx/html/
ãã¡ã€ã«ããµããã£ã¬ã¯ããªãã Web ãµãŒããŒã®ã«ãŒã ãã£ã¬ã¯ããªã«ç§»åããŸãããã
mv /usr/share/nginx/html/drupal-9.0.7/* /usr/share/nginx/html/
ãµããã£ã¬ã¯ããªãåé€ããŸãããã
rm -rf /usr/share/nginx/html/drupal-9.0.7
ã€ã³ã¹ããŒã« ãã¡ã€ã«ãå«ãã¢ãŒã«ã€ããåé€ããŸãããã
rm -f ./tar.gz
nginx ãã¡ã€ã«ã®ææè ãå²ãåœãŠãŸãããã
chown -R nginx. /usr/share/nginx/html
ãã®æ®µéã§ã¯ããµãŒããŒããªãã«ããŠã¹ãããã·ã§ãããååŸããŸãã
shutdown -h now
ã¹ãããã·ã§ãããã VDS ãèµ·åããåŸã次ã®ã¹ã¯ãªãããå®è¡ã㊠MySQL ãµãŒããŒã®åæã»ããã¢ãããå®è¡ããŸãã
mysql_secure_installation
ãã¹ã¯ãŒãæ€èšŒæ©èœãæå¹ã«ããŠã¿ãŸãããã
Would you like to setup VALIDATE PASSWORD component? : y
MySQL root ãŠãŒã¶ãŒã®ãã¹ã¯ãŒããèšå®ããŸãããã
New password:
Re-enter new password:
å¿åãŠãŒã¶ãŒãåé€ããŸãããã
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
root ããªã¢ãŒãæ¥ç¶ã§ããªãããã«ããŸãããã
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
ãã¹ã ããŒã¿ããŒã¹ãåé€ããŸãããã
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
ç¹æš©ããŒãã«ããªããŒãããŠã¿ãŸãããã
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
ãã®åŸãã€ã³ã¹ããŒã«ãå®äºããã«ã¯ã次ã®å Žæã«ç§»åããŸãã
ãã®ã¢ãã¬ã¹ã« Drupal ã®ã€ã³ã¹ããŒã« ããŒãžã衚瀺ãããŸãã
䜿çšããèšèªãéžæããŸãããã äŸ: ãã·ã¢èªã ãä¿åããŠç¶è¡ããã¯ãªãã¯ããŸã
ã€ã³ã¹ããŒã« ãããã¡ã€ã«ãéžæããŸããã (ãã¢ã¯ã·ã¹ãã ã«æ £ããããã ãã«äœ¿çšãããŸã)ã ããã§ã¯ãæšæºããšããŸãã
次ã®ããŒãžã§ã¯ãããŒã¿ããŒã¹ã«ãdrupalããªã©ã®ååãä»ããŸãã mysql_secure_installation ã®å®è¡æã«ããŒã¿ããŒã¹ ãŠãŒã¶ãŒå root ãšãã¹ã¯ãŒããæå®ããŸãã ãä¿åããŠç¶è¡ããã¯ãªãã¯ããŸãã
翻蚳ã®ã€ã³ã¹ããŒã«ãšæŽæ°ãå®äºãããŸã§åŸ ã¡ãŸããã (ãã®ããã»ã¹ã«ã¯æ°åãããå ŽåããããŸã)ã
ãµã€ãã®ååãæå®ãããµã€ãã®é»åã¡ãŒã« (ã©ã®ãµã€ãã«ä»£ãã£ãŠéç¥ãéä¿¡ãããã)ããã°ã€ã³ããã¹ã¯ãŒããDrupal 管çè ã¢ã«ãŠã³ãã®é»åã¡ãŒã«ãèšå®ããŸãã å°åèšå®ã§åœãšã¿ã€ã ãŸãŒã³ãèšå®ããŸãã ãããŠãä¿åããŠç¶è¡ããã¯ãªãã¯ããŠã€ã³ã¹ããŒã«ãå®äºããŸãã
ãã®åŸãäœæãã Drupal 管çè ã®ãã°ã€ã³åãšãã¹ã¯ãŒãã䜿çšããŠã³ã³ãããŒã« ããã«ã«ç§»åã§ããŸãã
HTTPS ã®ã»ããã¢ãã (ãªãã·ã§ã³)
HTTPS ãæ§æããã«ã¯ãVDS ã«æå¹ãª DNS åãå¿ èŠã§ãã
/etc/nginx/nginx.conf
ãµãŒããŒã»ã¯ã·ã§ã³ã«ã¯ãµãŒããŒå (äŸ):
server_name domainname.ru;
nginx ãåèµ·åããŸãããã
service nginx restart
certbot ãèµ·åããŸãããã
sudo /usr/local/bin/certbot-auto --nginx
é»åã¡ãŒã«ãå ¥åããå©çšèŠçŽã«åæã (A)ããã¥ãŒã¹ã¬ã¿ãŒã賌èªãã (ãªãã·ã§ã³) (N)ã蚌ææžãçºè¡ãããã¡ã€ã³åãéžæããŸã (å šå¡ã«å ¥å)ã
ãã¹ãŠããšã©ãŒãªãå®äºãããšã蚌ææžã®çºè¡ãšãµãŒããŒæ§æã®æåã«é¢ããã¡ãã»ãŒãžã衚瀺ãããŸãã
Congratulations! You have successfully enabled ...
ãã以éãããŒã 80 ãžã®æ¥ç¶ã¯ 443 (https) ã«ãªãã€ã¬ã¯ããããŸãã
蚌ææžãèªåçã«æŽæ°ããã«ã¯ã/etc/crontab ã«è¿œå ããŸãã
# Cert Renewal
30 2 * * * root /usr/local/bin/certbot-auto renew --post-hook "nginx -s reload"
ãã©ã¹ããã ãã¹ã ã»ãã¥ãªãã£ã®ã»ããã¢ãã (æšå¥š)
ãã®èšå®ã¯ãbase_url ã®åçãªæ±ºå®ã«é¢é£ããåé¡ã®è§£æ±ºçãšããŠæå³ãããŠãããHTTP HOST ããããŒæ»æ (ãµã€ããä»ã®ãŠãŒã¶ãŒã§ãããšèªèããå Žå) ãé²ãããã«èšèšãããŠããŸãã
ãããè¡ãã«ã¯ãèšå®ãã¡ã€ã«ã§ãµã€ãã®ä¿¡é Œã§ãããã¡ã€ã³åãæå®ããå¿ èŠããããŸãã
ãã¡ã€ã«å
/usr/share/nginx/html/sites/default/settings.php
ã³ã¡ã³ãã解é€ããããå®éã®ãµã€ãåã®ãã¿ãŒã³ã䜿çšããŠèšå®ãè¿œå ããŠã¿ãŸãããã次ã«äŸã瀺ããŸãã
$settings['trusted_host_patterns'] = [
'^www.mydomain.ru$',
];
PHP APCu ã®ã€ã³ã¹ããŒã« (æšå¥š)
Drupal 㯠APCu - ä»£æ¿ PHP ãŠãŒã¶ãŒ ãã£ãã·ã¥ããµããŒãããŠãããããŒãžã§ã³ 8 ãš 9 ã§ã¯ã以åã®ããŒãžã§ã³ãããçæéã®ããŒã«ã« ãã£ãã·ã¥ãšã㊠APCu ãããã«æŽ»çšããŠããŸãã ããã©ã«ãã®ãã£ãã·ã¥ ãµã€ãº (32 MB) ã¯ã»ãšãã©ã®ãµã€ãã«é©ããŠããã512 MB ãè¶ ããããšã¯ã§ããŸããã
ã¢ã¯ãã£ãåããã«ã¯ãPHP APCu ã¢ãžã¥ãŒã«ãã€ã³ã¹ããŒã«ããŸãã
dnf -y install php-pecl-apcu
nginx ãš php-fpm ãåèµ·åããŸãã
service nginx restart
service php-fpm restart
ãã£ãã·ã¥ã«æšå¥šãããã¡ã¢ãª ãµã€ãºã§ãã·ã¢èªãš APCu ã䜿çšãããšãã³ã³ãããŒã« ããã«ã«ããã£ãã·ã¥ã«å²ãåœãŠãããã¡ã¢ãªã®ãµã€ãºãæšå¥šã®ãã®ãšç°ãªããšããèŠåã衚瀺ãããå ŽåããããŸãããå®éã«ã¯ãã¹ãŠãæ£ããåäœããŸãã誀ã£ãèŠåã¯æ¬¡ã®ã¢ããããŒãã§ä¿®æ£ãããå¯èœæ§ãé«ããªããŸãã
ãŸãã¯ãèŠåã«ãã£ãŠç®ãçããªã£ãå Žåã¯ã次ã®æ¹æ³ã䜿çšã§ããŸãã
ç»åãäœæããŠããã ãããšãå¯èœã§ãã
åå æ¹æ³ã«ã¯XNUMXã€ã®éžæè¢ããããŸãã
ç»åãèªåã§æºåãããšãæ®é«ã« 3000 ã«ãŒãã«ãè¿œå ãããŸã
ããã«æŠéã«çªå ¥ããæ¬ ããŠããã€ã¡ãŒãžãäœæããæºåãã§ããŠããå Žåã¯ããµãŒããŒã«è²»ããããšãã§ããå éšæ®é«ã« 3000 ã«ãŒãã«ãã¯ã¬ãžãããããŸãã
ç¬èªã®ã€ã¡ãŒãžãäœæããæ¹æ³:
- ã¢ã«ãŠã³ããäœæããŠãã ãã
ãªã³ã©ã€ã³ - ã€ã¡ãŒãžãäœæããŠãã¹ãããäºå®ã§ããããšããµããŒãã«ç¥ãããŠãã ãã
- 3000 ã«ãŒãã«ãã¯ã¬ãžããããã¹ãããã·ã§ãããäœæã§ããããã«ããŸãã
- ã¯ãªãŒã³ãªãªãã¬ãŒãã£ã³ã° ã·ã¹ãã ãæèŒããä»®æ³ãµãŒããŒã泚æãã
- ãã® VPS ã«ãœãããŠã§ã¢ãã€ã³ã¹ããŒã«ããŠèšå®ããŸã
- ãœãããŠã§ã¢å°å ¥ã®ããã®æé ãŸãã¯ã¹ã¯ãªãããäœæãã
- æ§æããããµãŒããŒã®ã¹ãããã·ã§ãããäœæãã
- ããµãŒã㌠ãã³ãã¬ãŒããããããããŠã³ ãªã¹ãã§ä»¥åã«äœæããã¹ãããã·ã§ãããéžæããŠãæ°ããä»®æ³ãµãŒããŒã泚æããŸãã
- ãµãŒããŒãæ£åžžã«äœæãããããæé 6 ã§åãåã£ãè³æããã¯ãã«ã« ãµããŒãã«è»¢éããŸãã
- ãšã©ãŒãçºçããå Žåã¯ããµããŒãã«çç±ã確èªããã»ããã¢ãããããçŽãããšãã§ããŸãã
ããžãã¹ãªãŒããŒåã: ãœãããŠã§ã¢ãæäŸããŠãã ãã
VPS äžã«å±éããŠäœ¿çšãããœãããŠã§ã¢éçºè
ã§ããã°ãããŒã±ãããã¬ã€ã¹ã«åå ãããããšãã§ããŸãã ããããæ°ãã顧客ããã©ãã£ãã¯ãèªç¥åºŠã®åäžãæ¯æŽããæ¹æ³ã§ãã
ã©ã®ç»åãæ¬ ããŠããããã³ã¡ã³ãã§æããŠãã ããã
ãããŠãããèªåãã¡ã§æºåããŸã
åºæïŒ habr.com