This is the old XigmaNAS forum in read only mode,
it will taken offline by the end of march 2021!


I like to aks Users and Admins to rewrite/take over important post from here into the new fresh main forum!
Its not possible for us to export from here and import it to the main forum!

[HOWTO] Install Pydio in Finch / Qjail

Jails with XigmaNAS
Forum rules
Set-Up GuideFAQsForum Rules
Post Reply
mekonghigh
Starter
Starter
Posts: 39
Joined: 13 Oct 2013 18:03
Status: Offline

[HOWTO] Install Pydio in Finch / Qjail

Post by mekonghigh »

Install Pydio inside a jail created with Finch / Qjail.
Based on: https://pyd.io/freebsd-nginx-php-fpm/

Installing Nginx:

Code: Select all

cd "/usr/ports/www/nginx" && make "config-recursive" "install" "clean"
Uncomment: IPV6 and comment: HTTP_DAV, HTTP_GZIP_STATIC, HTTP_PERL, HTTP_SSL, HTTP_DAV_EXT.
On future dialog boxes, accept the defaults.

Installing PHP:

Code: Select all

cd /usr/ports/lang/php56/ && make install clean
Uncomment: IPV6
On future dialog boxes, accept the defaults.

Code: Select all

sysrc "nginx_enable=YES"
exit
qjail restart "$jailname"
qjail console "$jailname"
Installing PHP5-Extensions:

Code: Select all

cd /usr/ports/lang/php56-extensions/ && make install clean
Comment: CURL, GD, IMAP, MBSTRING, MCRYPT, MySQL, MySQLi, OPENSSL, PDO_MySQL, ZIP, ZLIB.
On next dialog boxes uncomment: IPV6, and accept the defaults.

Installing MySQL:

Code: Select all

cd /usr/ports/databases/mysql56-server/ && make install clean
sysrc php_fpm_enable="YES"
sysrc mysql_enable="YES"
service mysql-server start
mysql_secure_installation
mysql -u root -p
CREATE DATABASE pydiodb;
CREATE USER "pydio"@"localhost" IDENTIFIED BY "ChangeThisPassword";
GRANT ALL PRIVILEGES ON pydiodb.* TO "pydio"@"localhost";
FLUSH PRIVILEGES;
quit
Create /usr/local/etc/my.cnf
Add the following lines:

Code: Select all

# The MySQL server configuration
[mysqld]
socket          = /tmp/mysql.sock

# Don't listen on a TCP/IP port at all.
skip-networking
skip-name-resolve

#Expire binary logs after one day:
expire_logs_days = 1
Setup SSL Certificates:

Code: Select all

cd /usr/local/etc/nginx
openssl genrsa -des3 -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 3650 -in server.csr -signkey server.key -out ssl-bundle.crt
cp server.key server.key.orig
openssl rsa -in server.key.orig -out server.key
Configuring PHP:

Code: Select all

cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
Edit /usr/local/etc/php.ini
Find:

Code: Select all

output_buffering = 4096
;session.save_path = "/tmp"
upload_max_filesize = 2M
max_file_uploads = 20
post_max_size = 8M
;date.timezone = America/Los_Angeles
and change to:

Code: Select all

output_buffering = OFF
session.save_path = "/tmp"
upload_max_filesize = 20G
max_file_uploads = 20000
post_max_size = 20G
date.timezone = "Europe/Amsterdam"
Find your timezone: http://php.net/manual/en/timezones.php

Configuring PHP-FPM:
Edit /usr/local/etc/php-fpm.conf
Replace the default config with the following lines:

Code: Select all

[global]
pid = run/php-fpm.pid

[PYDIO]
listen = /var/run/phph-fpm.socket
listen.owner = www
listen.group = www
listen.mode = 0666

listen.backlog = -1
listen.allowed_clients = 127.0.0.1

user = www
group = www

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 500

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
Configuring the fastcgi_params file:
Edit /usr/local/etc/nginx/fastcgi_params
Replace the default config with the following lines:

Code: Select all

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;
Start PHP-FPM

Code: Select all

service php-fpm start
Configuring Nginx
Edit /usr/local/etc/nginx/nginx.conf
Replace the default config with the following lines:

Code: Select all

user  www;
### Change the number of workers to the same number of cores your server has
worker_processes  2;

pid        /var/run/nginx.pid;

events {
        worker_connections  512;
}

http {
        include       mime.types;
        default_type  application/octet-stream;
        log_format  main        '$remote_addr - $remote_user [$time_local] "$request" '
                                                '$status $body_bytes_sent "$http_referer" '
                                                '"$http_user_agent" "$http_x_forwarded_for"';

        # GENERAL
        ignore_invalid_headers  on;
        sendfile                on;
        server_name_in_redirect off;
        server_tokens           off;

        #SSL
        ssl_session_cache    shared:SSL:10m;
        ssl_session_timeout  10m;
        ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
        ssl_prefer_server_ciphers   on;
        ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;

        # TCP
        tcp_nodelay off;
        tcp_nopush  on;

        # Timeouts
        client_body_timeout   65;
        client_header_timeout 65;
        keepalive_timeout     65 65;
        send_timeout          65;

        # Compression
        gzip              on;
        gzip_buffers      256 8k;
        gzip_comp_level   9;
        gzip_http_version 1.0;
        gzip_min_length   0;
        gzip_types        text/css text/javascript text/mathml text/plain text/xml application/x-javascript application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml;
        gzip_vary         on;
        gzip_disable      "MSIE [1-6]\.(?!.*SV1)";

        # Redirects HTTP to HTTPS
        server {
                listen 80;
                ### Change the following two lines to match your website name
                server_name 192.168.1.2;
                return 301 https://192.168.1.2$request_uri;

                # Prevent Clickjacking
                add_header X-Frame-Options "SAMEORIGIN";
        }

        # PYDIO (ssl/tls)
        server {
                listen 4443 ssl;
                ### Change the following line to match your website name
                server_name 192.168.1.2;
                root /usr/local/www/pydio;
                index index.php;
                ### If you changed the maximum upload size in PHP.ini, also change it below
                client_max_body_size 20G;

                # Prevent Clickjacking
                add_header X-Frame-Options "SAMEORIGIN";

                # SSL Settings
                ### If you are using different names for your SSL certificate and key, change them below:
                ssl_certificate /usr/local/etc/nginx/ssl-bundle.crt;
                ssl_certificate_key /usr/local/etc/nginx/server.key;
                add_header Strict-Transport-Security "max-age=16070400; includeSubdomains";

                # Set the custom error pages
                error_page 404 = /data/public/404.html;
                error_page 403 = /data/public/404.html;

                # Logs
                error_log /var/log/pydio.nginx.error.log;
                ### Uncomment the line below if you don't want nginx logging access to the server. 
                #access_log off;

                # Remove direct access to the following folders & files
                location ~* ^/(?:\.|conf|data/(?:files|personal|logs|plugins|tmp|cache)|plugins/editor.zoho/agent/files) {
                        deny all;
                }

		location /data/public/
		{
		if (!-e $request_filename)
		{
			rewrite ^/data/public/([a-zA-Z0-9_-]+)\.php$ /data/public/share.php?hash=$1;
		}
		rewrite ^/data/public/([a-zA-Z0-9_-]+)--([a-z]+)$ /data/public/share.php?hash=$1&lang=$2;
		rewrite ^/data/public/([a-zA-Z0-9_-]+)$ /data/public/share.php?hash=$1;
		}

                # Stops the annoying error messages in the logs
                location ~* ^/(favicon.ico|robots.txt) {
                         log_not_found off;
                }

                # WebDAV Rewrites
                location /shares {
                        if (!-f $request_filename) {
                                rewrite ^/shares /dav.php last;
                                break;
                        }

                        if (!-d $request_filename) {
                                rewrite ^/shares /dav.php last;
                                break;
                        }
                }

                # Enables PHP
                location ~ \.php$ {
                        fastcgi_pass unix:/var/run/phph-fpm.socket;
                        try_files $uri =404;
                        fastcgi_param HTTPS on;
                        include fastcgi_params;
                }

                # Enables Caching
                location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
                        expires 7d;
                        add_header Pragma public;
                        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
                }
        }
}
Important: Next, go through the configuration file and look at the comments with three hash symbols (###), and change them to match your environment.

Downloading and Installing Pydio:
Start off by finding the direct download URL from here: https://pyd.io/download/
Once you’ve found the URL, run this command to download Pydio to your server,

Code: Select all

cd ~
fetch "http://download.url.here"
tar -xzvf pydio-*
mv pydio-core-6.x.x /usr/local/www/pydio
chown -R www:www /usr/local/www/pydio
chmod -R 770 /usr/local/www/pydio
Note: make sure you replace pydio-core-6.x.x with the name of the extracted folder you see.

Edit /usr/local/www/pydio/conf/bootstrap_conf.php
Search for:

Code: Select all

//define("AJXP_LOCALE", "en_EN.UTF-8");
And change to:

Code: Select all

define("AJXP_LOCALE", "en_US.UTF-8");

Code: Select all

cd /usr/ports/graphics/php5-exif/ && make install clean
exit
qjail restart "$jailname"
Accessing Pydio and configuring Pydio:
With all that done, you should now be able to access Pydio at https://192.168.1.2:4443 (or whatever the IP address is of your web server).
From there you will be greeted with the Pydio configuration page. On that page, start off by setting up “Admin access”.
From there, set a name, a display name, and a passphrase for the Administrator account.
Afterwards, go to “Global options” and choose “English” as the “Default Language”.

Then in the “Configurations storage” area, fill in the fields as follows:

Code: Select all

Storage Type: Database
Enable Notifications: Yes
Database: MySQL
Host: localhost
Database: pydiodb
User: pydio
Password: The password you chose earlier
Next, click on “Try connecting to the database”. This will verify the connection between Pydio and the MySQL server.
If the configuration is correct, you will have this message: “Connection established!”
Then you may click on “Install Pydio Now!”
Pydio is now setup and ready for you to login with the Administrator account.
Top
Post Reply

Return to “Jails”