Commits

Zhang Huangbin committed 4b6465b

Improve Nginx/php-fpm/uWSGI support on FreeBSD.

  • Participants
  • Parent commits 6d05b94

Comments (0)

Files changed (14)

iRedMail/conf/nginx

 
 # Configuration files
 export NGINX_CONF_ROOT='/etc/nginx'
-export NGINX_CONF="${NGINX_CONF_ROOT}/nginx.conf"
-export NGINX_CONF_DIR="${NGINX_CONF_ROOT}/conf.d"
-export NGINX_CONF_DEFAULT="${NGINX_CONF_DIR}/default.conf"
 
 # Log files
 export NGINX_LOG_ACCESSLOG='/var/log/nginx/access.log'
 # PID file
 export NGINX_PID='/var/run/nginx.pid'
 
-export NGINX_MIME_TYPES="${NGINX_CONF_ROOT}/mime.types"
-
 # php-fpm
 export PHP_FASTCGI_SOCKET='/var/run/php-fpm.socket'
 export NGINX_PHP_INI="${APACHE_PHP_INI}"
 
 elif [ X"${DISTRO}" == X'FREEBSD' ]; then
     export NGINX_CONF_ROOT="/usr/local/etc/nginx"
-    export NGINX_CONF="${NGINX_CONF_ROOT}/nginx.conf"
-    export NGINX_CONF_DIR="${NGINX_CONF_ROOT}/Includes"
-
-    # Log file location.
-    export NGINX_LOG_ACCESSLOG='/var/log/nginx-access.log'
-    export NGINX_LOG_ERRORLOG='/var/log/nginx-error.log'
+    export PHP_FPM_POOL_WWW_CONF='/usr/local/etc/php-fpm.conf'
 
 elif [ X"${DISTRO}" == X'OPENBSD' ]; then
     export PHP_FPM_RC_SCRIPT_NAME='php_fpm'
     export NGINX_LOG_ERRORLOG='logs/error.log'
 fi
 
+export NGINX_CONF="${NGINX_CONF_ROOT}/nginx.conf"
+export NGINX_CONF_DIR="${NGINX_CONF_ROOT}/conf.d"
+export NGINX_CONF_DEFAULT="${NGINX_CONF_DIR}/default.conf"
+
+export NGINX_MIME_TYPES="${NGINX_CONF_ROOT}/mime.types"
+
 export PHP_FASTCGI_SOCKET_FULL="unix:${PHP_FASTCGI_SOCKET}"

iRedMail/conf/web_server

 . ${CONF_DIR}/apache_php
 . ${CONF_DIR}/nginx
 
-if [ X"${USE_APACHE}" == X'YES' ]; then
+if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
     export ENABLED_HTTPD_SERVICES="${APACHE_RC_SCRIPT_NAME}"
-    export DISABLED_HTTPD_SERVICES="${NGINX_RC_SCRIPT_NAME} ${UWSGI_RC_SCRIPT_NAME}"
+    export DISABLED_HTTPD_SERVICES="${NGINX_RC_SCRIPT_NAME} ${PHP_FPM_RC_SCRIPT_NAME} ${UWSGI_RC_SCRIPT_NAME}"
 fi
 
-if [ X"${USE_NGINX}" == X'YES' ]; then
+if [ X"${WEB_SERVER_WEB_SERVER_USE_NGINX}" == X'YES' ]; then
     # Use Nginx as web server if it's selected.
     # php-fpm will be listed in variable 'pkg_scripts' in /etc/rc.conf.local.
-    export ENABLED_HTTPD_SERVICES="${NGINX_RC_SCRIPT_NAME} ${UWSGI_RC_SCRIPT_NAME}"
+    export ENABLED_HTTPD_SERVICES="${NGINX_RC_SCRIPT_NAME} ${PHP_FPM_RC_SCRIPT_NAME} ${UWSGI_RC_SCRIPT_NAME}"
     export DISABLED_HTTPD_SERVICES="${APACHE_RC_SCRIPT_NAME}"
 fi
 

iRedMail/dialog/config_via_dialog.sh

 done
 
 echo ${web_servers} | grep -i 'apache' >/dev/null 2>&1
-[ X"$?" == X"0" ] && export USE_APACHE='YES' && echo "export USE_APACHE='YES'" >>${IREDMAIL_CONFIG_FILE}
+[ X"$?" == X"0" ] && export WEB_SERVER_USE_APACHE='YES' && echo "export WEB_SERVER_USE_APACHE='YES'" >>${IREDMAIL_CONFIG_FILE}
 
 echo ${web_servers} | grep -i 'nginx' >/dev/null 2>&1
-[ X"$?" == X"0" ] && export USE_NGINX='YES' && echo "export USE_NGINX='YES'" >>${IREDMAIL_CONFIG_FILE}
+[ X"$?" == X"0" ] && export WEB_SERVER_USE_NGINX='YES' && echo "export WEB_SERVER_USE_NGINX='YES'" >>${IREDMAIL_CONFIG_FILE}
 
 # --------------------------------------------------
 # --------------------- Backends --------------------

iRedMail/functions/apache_php.sh

         mkdir -p /usr/local/www/proxy/ 2>/dev/null
 
         # Start apache when system start up.
-        freebsd_enable_service_in_rc_conf 'apache22_enable' 'YES'
-        freebsd_enable_service_in_rc_conf 'htcacheclean_enable' 'NO'
+        if [ X"${WEB_SERVER_USE_NGINX}" != X'YES' ]; then
+            freebsd_enable_service_in_rc_conf 'apache22_enable' 'YES'
+            freebsd_enable_service_in_rc_conf 'htcacheclean_enable' 'NO'
+        fi
     fi
 
     if [ X"${DISTRO}" == X'OPENBSD' ]; then
         # Enable httpd.
         # Note: iRedAdmin doesn't work with chroot.
-        if [ X"${USE_NGINX}" != X'YES' ]; then
+        if [ X"${WEB_SERVER_USE_NGINX}" != X'YES' ]; then
             echo 'httpd_flags="-DSSL -u"  # -u is required by iRedAdmin' >> ${RC_CONF_LOCAL}
         fi
 

iRedMail/functions/awstats.sh

 EOF
 
     # Make Awstats accessible via HTTPS.
-    if [ X"${USE_APACHE}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
         perl -pi -e 's#^(\s*</VirtualHost>)#Alias /awstats/icon "$ENV{AWSTATS_ICON_DIR}/"\n${1}#' ${HTTPD_SSL_CONF}
         perl -pi -e 's#^(\s*</VirtualHost>)#Alias /awstatsicon "$ENV{AWSTATS_ICON_DIR}/"\n${1}#' ${HTTPD_SSL_CONF}
         perl -pi -e 's#^(\s*</VirtualHost>)#ScriptAlias /awstats "$ENV{AWSTATS_CGI_DIR}/"\n${1}#' ${HTTPD_SSL_CONF}

iRedMail/functions/cluebringer.sh

     perl -pi -e 's#(.DB_PASS=).*#${1}"$ENV{CLUEBRINGER_DB_PASSWD}";#' ${CLUEBRINGER_WEBUI_CONF}
 
     # Make Cluebringer accessible via HTTPS.
-    if [ X"${USE_APACHE}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
         perl -pi -e 's#^(\s*</VirtualHost>)#Alias /cluebringer "$ENV{CLUEBRINGER_HTTPD_ROOT}/"\n${1}#' ${HTTPD_SSL_CONF}
 
         cat > ${CLUEBRINGER_HTTPD_CONF} <<EOF

iRedMail/functions/iredadmin.sh

         chown -R ${HTTPD_USER}:${HTTPD_GROUP} settings.py
     fi
 
-    if [ X"${USE_APACHE}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
         backup_file ${IREDADMIN_HTTPD_CONF}
         ECHO_DEBUG "Create directory alias for iRedAdmin."
 

iRedMail/functions/nginx.sh

         perl -pi -e 's#PH_HTTPD_GROUP#$ENV{HTTPD_GROUP}#g' /etc/uwsgi/apps-enabled/iredadmin.ini
     fi
 
-    if [ X"${DISTRO}" == X'OPENBSD' ]; then
-        # Enable Nginx service, but unchrooted.
+    if [ X"${DISTRO}" == X'FREEBSD' ]; then
+        mkdir -p /var/log/nginx &>/dev/null
+        freebsd_enable_service_in_rc_conf 'nginx_enable' 'YES'
+        freebsd_enable_service_in_rc_conf 'uwsgi_enable' 'YES'
+    elif [ X"${DISTRO}" == X'OPENBSD' ]; then
+        # Enable unchrooted Nginx
         echo 'nginx_flags="-u"' >> ${RC_CONF_LOCAL}
 
         # Disable chroot in php-fpm

iRedMail/functions/packages.sh

             fi
 
             ALL_PKGS="${ALL_PKGS} postfix-mysql"
-            if [ X"${USE_APACHE}" == X'YES' ]; then
+            if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
                 ALL_PKGS="${ALL_PKGS} libapache2-mod-auth-mysql"
             fi
 
             # postgresql-contrib provides extension 'dblink' used in Roundcube password plugin.
             ALL_PKGS="${ALL_PKGS} postgresql postgresql-client postgresql-contrib postfix-pgsql"
 
-            if [ X"${USE_APACHE}" == X'YES' ]; then
+            if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
                 ALL_PKGS="${ALL_PKGS} libapache2-mod-auth-pgsql"
             fi
 
     fi
 
     # Nginx
-    if [ X"${USE_NGINX}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_NGINX}" == X'YES' ]; then
         if [ X"${DISTRO}" == X"RHEL" ]; then
             ALL_PKGS="${ALL_PKGS} nginx php-fpm"
         elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then
     # Force install all dependence to help customers install iRedAdmin-Pro.
     if [ X"${DISTRO}" == X"RHEL" ]; then
         ALL_PKGS="${ALL_PKGS} python-jinja2 python-webpy"
-        [ X"${USE_APACHE}" == X'YES' ] && ALL_PKGS="${ALL_PKGS} mod_wsgi"
-        [ X"${USE_NGINX}" == X'YES' ] && ALL_PKGS="${ALL_PKGS} uwsgi uwsgi-plugin-python"
+        [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ] && ALL_PKGS="${ALL_PKGS} mod_wsgi"
+        [ X"${WEB_SERVER_USE_NGINX}" == X'YES' ] && ALL_PKGS="${ALL_PKGS} uwsgi uwsgi-plugin-python"
 
     elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
         ALL_PKGS="${ALL_PKGS} python-jinja2 python-netifaces python-webpy"
-        [ X"${USE_APACHE}" == X'YES' ] && ALL_PKGS="${ALL_PKGS} libapache2-mod-wsgi"
-        [ X"${USE_NGINX}" == X'YES' ] && ALL_PKGS="${ALL_PKGS} uwsgi uwsgi-plugin-python"
+        [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ] && ALL_PKGS="${ALL_PKGS} libapache2-mod-wsgi"
+        [ X"${WEB_SERVER_USE_NGINX}" == X'YES' ] && ALL_PKGS="${ALL_PKGS} uwsgi uwsgi-plugin-python"
 
     elif [ X"${DISTRO}" == X'OPENBSD' ]; then
         ALL_PKGS="${ALL_PKGS} py-jinja2 py-webpy py-flup"

iRedMail/functions/packages_freebsd.sh

         security_libssh2 \
         security_p5-Authen-SASL \
         security_p5-IO-Socket-SSL \
-        www_apache${WANT_APACHE_VER}; do
+        www_apache${WANT_APACHE_VER} \
+        www_nginx; do
         mkdir -p /var/db/ports/${p} 2>/dev/null
     done
 
     rm -f /var/db/ports/www_apache${WANT_APACHE_VER}/options${SED_EXTENSION} &>/dev/null
 
     ALL_PORTS="${ALL_PORTS} www/apache${WANT_APACHE_VER}"
-    ENABLED_SERVICES="${ENABLED_SERVICES} ${APACHE_RC_SCRIPT_NAME}"
+    if [ X"${WEB_SERVER_USE_NGINX}" != X'YES' ]; then
+        ENABLED_SERVICES="${ENABLED_SERVICES} ${APACHE_RC_SCRIPT_NAME}"
+    fi
+
+    # Nginx
+    cat > /var/db/ports/www_nginx/options <<EOF
+OPTIONS_FILE_SET+=DEBUG
+OPTIONS_FILE_UNSET+=DEBUGLOG
+OPTIONS_FILE_UNSET+=FILE_AIO
+OPTIONS_FILE_SET+=IPV6
+OPTIONS_FILE_UNSET+=GOOGLE_PERFTOOLS
+OPTIONS_FILE_SET+=HTTP
+OPTIONS_FILE_UNSET+=HTTP_ADDITION
+OPTIONS_FILE_SET+=HTTP_CACHE
+OPTIONS_FILE_SET+=HTTP_DAV
+OPTIONS_FILE_SET+=HTTP_FLV
+OPTIONS_FILE_SET+=HTTP_GEOIP
+OPTIONS_FILE_SET+=HTTP_GZIP_STATIC
+OPTIONS_FILE_SET+=HTTP_GUNZIP_FILTER
+OPTIONS_FILE_SET+=HTTP_IMAGE_FILTER
+OPTIONS_FILE_SET+=HTTP_PERL
+OPTIONS_FILE_SET+=HTTP_RANDOM_INDEX
+OPTIONS_FILE_SET+=HTTP_REALIP
+OPTIONS_FILE_SET+=HTTP_REWRITE
+OPTIONS_FILE_SET+=HTTP_SECURE_LINK
+OPTIONS_FILE_SET+=HTTP_SSL
+OPTIONS_FILE_SET+=HTTP_STATUS
+OPTIONS_FILE_SET+=HTTP_SUB
+OPTIONS_FILE_UNSET+=HTTP_XSLT
+OPTIONS_FILE_SET+=MAIL
+OPTIONS_FILE_SET+=MAIL_IMAP
+OPTIONS_FILE_SET+=MAIL_POP3
+OPTIONS_FILE_SET+=MAIL_SMTP
+OPTIONS_FILE_SET+=MAIL_SSL
+OPTIONS_FILE_SET+=SPDY
+OPTIONS_FILE_UNSET+=WWW
+OPTIONS_FILE_UNSET+=CACHE_PURGE
+OPTIONS_FILE_UNSET+=CTPP2
+OPTIONS_FILE_UNSET+=ECHO
+OPTIONS_FILE_SET+=HEADERS_MORE
+OPTIONS_FILE_UNSET+=HTTP_ACCEPT_LANGUAGE
+OPTIONS_FILE_UNSET+=HTTP_ACCESSKEY
+OPTIONS_FILE_UNSET+=HTTP_AUTH_DIGEST
+OPTIONS_FILE_SET+=HTTP_AUTH_LDAP
+OPTIONS_FILE_UNSET+=HTTP_AUTH_PAM
+OPTIONS_FILE_UNSET+=HTTP_AUTH_REQ
+OPTIONS_FILE_UNSET+=HTTP_DAV_EXT
+OPTIONS_FILE_UNSET+=HTTP_EVAL
+OPTIONS_FILE_UNSET+=HTTP_FANCYINDEX
+OPTIONS_FILE_UNSET+=HTTP_FOOTER
+OPTIONS_FILE_UNSET+=HTTP_MOGILEFS
+OPTIONS_FILE_UNSET+=HTTP_NOTICE
+OPTIONS_FILE_UNSET+=HTTP_PUSH
+OPTIONS_FILE_UNSET+=HTTP_PUSH_STREAM
+OPTIONS_FILE_UNSET+=HTTP_REDIS
+OPTIONS_FILE_UNSET+=HTTP_RESPONSE
+OPTIONS_FILE_UNSET+=HTTP_SUBS_FILTER
+OPTIONS_FILE_SET+=HTTP_UPLOAD
+OPTIONS_FILE_SET+=HTTP_UPLOAD_PROGRESS
+OPTIONS_FILE_SET+=HTTP_UPSTREAM_FAIR
+OPTIONS_FILE_SET+=HTTP_UPSTREAM_HASH
+OPTIONS_FILE_UNSET+=HTTP_UPSTREAM_STICKY
+OPTIONS_FILE_SET+=HTTP_ZIP
+OPTIONS_FILE_UNSET+=ARRAYVAR
+OPTIONS_FILE_UNSET+=DRIZZLE
+OPTIONS_FILE_UNSET+=ENCRYPTSESSION
+OPTIONS_FILE_UNSET+=FORMINPUT
+OPTIONS_FILE_UNSET+=GRIDFS
+OPTIONS_FILE_SET+=ICONV
+OPTIONS_FILE_SET+=LET
+OPTIONS_FILE_UNSET+=LUA
+OPTIONS_FILE_UNSET+=MEMC
+OPTIONS_FILE_SET+=MODSECURITY
+OPTIONS_FILE_UNSET+=NAXSI
+OPTIONS_FILE_UNSET+=PASSENGER
+OPTIONS_FILE_UNSET+=POSTGRES
+OPTIONS_FILE_UNSET+=RDS_CSV
+OPTIONS_FILE_UNSET+=RDS_JSON
+OPTIONS_FILE_UNSET+=REDIS2
+OPTIONS_FILE_UNSET+=RTMP
+OPTIONS_FILE_UNSET+=SET_MISC
+OPTIONS_FILE_UNSET+=SFLOW
+OPTIONS_FILE_UNSET+=SLOWFS_CACHE
+OPTIONS_FILE_UNSET+=SRCACHE
+OPTIONS_FILE_UNSET+=SUPERVISORD
+OPTIONS_FILE_UNSET+=SYSLOG_SUPPORT
+OPTIONS_FILE_UNSET+=TCP_PROXY
+OPTIONS_FILE_UNSET+=UDPLOG
+OPTIONS_FILE_UNSET+=XRID_HEADER
+OPTIONS_FILE_UNSET+=XSS
+OPTIONS_FILE_UNSET+=VIDEO
+OPTIONS_FILE_UNSET+=HTTP_MP4
+OPTIONS_FILE_UNSET+=HTTP_MP4_H264
+EOF
+
+    if [ X"${WEB_SERVER_USE_NGINX}" == X'YES' ]; then
+        ALL_PORTS="${ALL_PORTS} www/nginx www/uwsgi"
+        ENABLED_SERVICES="${ENABLED_SERVICES} ${NGINX_RC_SCRIPT_NAME} ${UWSGI_RC_SCRIPT_NAME}"
+    fi
 
     # PHP5. REQUIRED.
     cat > /var/db/ports/lang_php5/options <<EOF

iRedMail/functions/phpldapadmin.sh

     chmod -R 0755 ${PLA_HTTPD_ROOT}
 
     # Make phpldapadmin can be accessed via HTTPS only.
-    if [ X"${USE_APACHE}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
         perl -pi -e 's#^(\s*</VirtualHost>)#Alias /phpldapadmin "$ENV{PLA_HTTPD_ROOT_SYMBOL_LINK}/"\nAlias /ldap "$ENV{PLA_HTTPD_ROOT_SYMBOL_LINK}/"\n${1}#' ${HTTPD_SSL_CONF}
     fi
 

iRedMail/functions/phpmyadmin.sh

     fi
 
     # Make phpMyAdmin can be accessed via HTTPS only.
-    if [ X"${USE_APACHE}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
         perl -pi -e 's#^(\s*</VirtualHost>)#Alias /phpmyadmin "$ENV{PHPMYADMIN_HTTPD_ROOT_SYMBOL_LINK}/"\n${1}#' ${HTTPD_SSL_CONF}
     fi
 

iRedMail/functions/roundcubemail.sh

     fi
 
     # Make Roundcube can be accessed via HTTPS.
-    if [ X"${USE_APACHE}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
         perl -pi -e 's#^(\s*</VirtualHost>)#Alias /mail "$ENV{RCM_HTTPD_ROOT_SYMBOL_LINK}/"\n${1}#' ${HTTPD_SSL_CONF}
     fi
 

iRedMail/functions/web_server.sh

 
 web_server_config()
 {
-    if [ X"${USE_APACHE}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_APACHE}" == X'YES' ]; then
         . ${FUNCTIONS_DIR}/apache_php.sh
         check_status_before_run apache_php_config
     fi
 
-    if [ X"${USE_NGINX}" == X'YES' ]; then
+    if [ X"${WEB_SERVER_USE_NGINX}" == X'YES' ]; then
         . ${FUNCTIONS_DIR}/nginx.sh
         check_status_before_run nginx_config
     fi