diff --git a/conf/nginx-top.conf b/conf/nginx-top.conf new file mode 100644 index 00000000..12aed60b --- /dev/null +++ b/conf/nginx-top.conf @@ -0,0 +1,8 @@ +## NOTE: This file is automatically generated by Mail-in-a-Box. +## Do not edit this file. It will be replaced each time +## Mail-in-a-Box needs to update the web configuration. + +upstream php-fpm { + server unix:/var/run/php5-fpm.sock; +} + diff --git a/conf/nginx.conf b/conf/nginx.conf index eb9a6335..da371b92 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,6 +1,4 @@ -## NOTE: This file is automatically generated by Mail-in-a-Box. -## Do not edit this file. It will be replaced each time -## Mail-in-a-Box needs up update the web configuration. +## $HOSTNAME # Redirect all HTTP to HTTPS. server { @@ -42,7 +40,7 @@ server { fastcgi_split_path_info ^/mail(/.*)()$; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/lib/roundcubemail/$fastcgi_script_name; - fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock; + fastcgi_pass php-fpm; client_max_body_size 20M; } @@ -50,21 +48,21 @@ server { location = /.well-known/webfinger { include fastcgi_params; fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-webfinger.php; - fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock; + fastcgi_pass php-fpm; } # Microsoft Exchange autodiscover.xml for email location /autodiscover/autodiscover.xml { include fastcgi_params; fastcgi_param SCRIPT_FILENAME /usr/local/bin/mailinabox-exchange-autodiscover.php; - fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock; + fastcgi_pass php-fpm; } # Z-Push (Microsoft Exchange ActiveSync) location /Microsoft-Server-ActiveSync { include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/index.php; - fastcgi_pass unix:/tmp/php-fastcgi.www-data.sock; + fastcgi_pass php-fpm; } # ADDITIONAL DIRECTIVES HERE diff --git a/conf/phpfcgi-initscript b/conf/phpfcgi-initscript deleted file mode 100755 index f9ab7a19..00000000 --- a/conf/phpfcgi-initscript +++ /dev/null @@ -1,134 +0,0 @@ -#! /bin/sh -### BEGIN INIT INFO -# Provides: php-fastcgi -# Required-Start: $all -# Required-Stop: $all -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Start and stop php-cgi in external FASTCGI mode -# Description: Start and stop php-cgi in external FASTCGI mode -### END INIT INFO - -# Author: Kurt Zankl -# via: http://blog.codefront.net/2007/06/11/nginx-php-and-a-php-fastcgi-daemon-init-script/ -# But modified by JT. - -# Do NOT "set -e" - -PATH=/sbin:/usr/sbin:/bin:/usr/bin -DESC="php-fastcgi" -NAME=php-fastcgi -DAEMON=/usr/bin/php-cgi -PIDFILE=/var/run/$NAME.pid -SCRIPTNAME=/etc/init.d/$NAME -PHP_CONFIG_FILE=/etc/php5/cgi/php.ini - -# Exit if the package is not installed -[ -x "$DAEMON" ] || exit 0 - -# Set defaults. -START=yes -EXEC_AS_USER=www-data -#FCGI_SOCKET=localhost:9000 -FCGI_SOCKET=/tmp/php-fastcgi.$EXEC_AS_USER.sock -PHP_FCGI_CHILDREN=4 -PHP_FCGI_MAX_REQUESTS=1000 - -# Read configuration variable file if it is present -[ -r /etc/default/$NAME ] && . /etc/default/$NAME - -# Load the VERBOSE setting and other rcS variables -. /lib/init/vars.sh - -# Define LSB log_* functions. -# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. -. /lib/lsb/init-functions - -# If the daemon is not enabled, give the user a warning and then exit, -# unless we are stopping the daemon -if [ "$START" != "yes" -a "$1" != "stop" ]; then - log_warning_msg "To enable $NAME, edit /etc/default/$NAME and set START=yes" - exit 0 -fi - -# Process configuration -export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS -DAEMON_ARGS="-q -b $FCGI_SOCKET -c $PHP_CONFIG_FILE" - - -do_start() -{ - # Return - # 0 if daemon has been started - # 1 if daemon was already running - # 2 if daemon could not be started - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ - || return 1 - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \ - --background --make-pidfile --chuid $EXEC_AS_USER --startas $DAEMON -- \ - $DAEMON_ARGS \ - || return 2 -} - -do_stop() -{ - # Return - # 0 if daemon has been stopped - # 1 if daemon was already stopped - # 2 if daemon could not be stopped - # other if a failure occurred - start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE > /dev/null # --name $DAEMON - RETVAL="$?" - [ "$RETVAL" = 2 ] && return 2 - # Wait for children to finish too if this is a daemon that forks - # and if the daemon is only ever run from this initscript. - # If the above conditions are not satisfied then add some other code - # that waits for the process to drop all resources that could be - # needed by services started subsequently. A last resort is to - # sleep for some time. - start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON - [ "$?" = 2 ] && return 2 - # Many daemons don't delete their pidfiles when they exit. - rm -f $PIDFILE - return "$RETVAL" -} -case "$1" in - start) - [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" - do_start - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" - do_stop - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - restart|force-reload) - log_daemon_msg "Restarting $DESC" "$NAME" - do_stop - case "$?" in - 0|1) - do_start - case "$?" in - 0) log_end_msg 0 ;; - 1) log_end_msg 1 ;; # Old process is still running - *) log_end_msg 1 ;; # Failed to start - esac - ;; - *) - # Failed to stop - log_end_msg 1 - ;; - esac - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2 - exit 3 - ;; -esac diff --git a/management/web_update.py b/management/web_update.py index 5e4b09b4..0704c262 100644 --- a/management/web_update.py +++ b/management/web_update.py @@ -40,7 +40,9 @@ def get_web_domains(env): def do_web_update(env): # Build an nginx configuration file. - nginx_conf = "" + nginx_conf = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-top.conf")).read() + + # Add configuration for each web domain. template = open(os.path.join(os.path.dirname(__file__), "../conf/nginx.conf")).read() for domain in get_web_domains(env): nginx_conf += make_domain_config(domain, template, env) diff --git a/setup/web.sh b/setup/web.sh index 383bea48..4f0b0685 100755 --- a/setup/web.sh +++ b/setup/web.sh @@ -5,7 +5,7 @@ source setup/functions.sh # load our functions source /etc/mailinabox.conf # load global vars -apt_install nginx php5-cgi +apt_install nginx php5-fpm rm -f /etc/nginx/sites-enabled/default @@ -30,11 +30,14 @@ if [ ! -f $STORAGE_ROOT/www/default/index.html ]; then fi chown -R $STORAGE_USER $STORAGE_ROOT/www -# Create an init script to start the PHP FastCGI daemon and keep it -# running after a reboot. Allows us to serve Roundcube for webmail. -rm -f /etc/init.d/php-fastcgi -ln -s $(pwd)/conf/phpfcgi-initscript /etc/init.d/php-fastcgi -hide_output update-rc.d php-fastcgi defaults +# We previously installed a custom init script to start the PHP FastCGI daemon. +# Remove it now that we're using php5-fpm. +if [ -L /etc/init.d/php-fastcgi ]; then + echo "Removing /etc/init.d/php-fastcgi, php5-cgi..." + rm -f /etc/init.d/php-fastcgi + hide_output update-rc.d php-fastcgi remove + apt-get -y purge php5-cgi +fi # Put our webfinger and Exchange autodiscover.xml server scripts # into a well-known location. @@ -49,7 +52,7 @@ chown -R $STORAGE_USER $STORAGE_ROOT/webfinger # Start services. restart_service nginx -restart_service php-fastcgi +restart_service php5-fpm # Open ports. ufw_allow http diff --git a/setup/webmail.sh b/setup/webmail.sh index 93e79889..fbb489f4 100755 --- a/setup/webmail.sh +++ b/setup/webmail.sh @@ -100,4 +100,4 @@ chmod 664 $STORAGE_ROOT/mail/users.sqlite # Enable PHP modules. php5enmod mcrypt -restart_service php-fastcgi \ No newline at end of file +restart_service php5-fpm diff --git a/setup/zpush.sh b/setup/zpush.sh index 32135495..a65d71b2 100755 --- a/setup/zpush.sh +++ b/setup/zpush.sh @@ -50,4 +50,4 @@ chown www-data:www-data /var/lib/z-push # Restart service. -restart_service php-fastcgi +restart_service php5-fpm