Tutorial ini dibuat sebagai salah satu rincian instalasi Nginx + Php-FPM + MariaDB yang dipergunakan untuk menjalankan blog ini, dengan memakai vps Ubuntu 18 64bit DigitalOcean
Instalasi package yang umum :
$ apt-get update && apt-get upgrade $ apt-get install ncdu htop nethogs proftpd supervisor iftop tinc git squid3 autoconf automake zip unzip unrar python-pip python-m2crypto redis-server
Konfigurasi swap
$ dd if=/dev/zero of=/swap bs=1024 count=1048576 $ mkswap /swap $ chmod 0600 /swap
Sesuaikan /etc/fstab seperti contoh berikut :
/swap swap swap defaults,noatime 0 0
Aktifkan swap dengan perintah swapon -a, atau restart vps
Instalasi Nginx
$ apt-get install nginx
Instalasi Php7.2-FPM
$ apt install php-fpm php-mysql php php-fpm php-common php-mysql php-gd
Instalasi MariaDB
$ apt-get install mariadb-server mariadb-client $ mysql_secure_installation
Instalasi NodeJS dan NPM
$ apt-get install nodejs $ apt-get install npm
Instalasi MongoDB
$ apt install -y mongodb
Menambahkan user untuk website dan home direktori
$ adduser webhost Menambahkan user www-data ke webhost agar permission website normal : $ gpasswd -a www-data webhost Membuat direktori untuk website $ mkdir -p /home/webhost/http/hosts $ mkdir -p /home/webhost/http/logs $ cd /home/webhost/http/hosts/ $ chown -R www-data:webhost namadomain.com/ $ chown -R www-data:webhost namadomain.com/*
Membuat file /etc/rc.local
$ printf '%s\n' '#!/bin/bash' 'exit 0' | sudo tee -a /etc/rc.local $ chmod +x /etc/rc.local
Instalasi composer
$ curl -sS https://getcomposer.org/installer | php $ mv composer.phar /usr/local/bin/composer $ chmod +x /usr/local/bin/composer
Membuat Database
$ mysql -u root -p Isikan password... mysql> create database namaDatabase; mysql> grant usage on *.* to namaUser@localhost identified by 'P4sswordDBUser'; mysql> grant all privileges on namaDatabase.* to namaUser@localhost; mysql> flush privileges; mysql> exit;
Perintah untuk backup atau dump database
$ mysqldump -q --skip-lock-tables -u namaUser --password=P4sswordDBUser namaDatabase > backup.sql
Perintah untuk import database
$ mysql -u namaUser --password=P4sswordDBUser namaDatabase < backup.sql
Instalasi Ghost-cli
$ npm install ghost-cli -g $ su webhost $ mkdir /home/webhost/http/hosts/ghost-domain.org $ cd /home/webhost/http/hosts/ghost-domain.org $ ghost install local Untuk menjalankan ghost : $ ghost start Untuk menghentikan ghost : $ ghost stop
Instalasi OpenVPN
$ wget https://git.io/vpn -O openvpn-install.sh $ bash openvpn-install.sh
Membuka port di firewall
$ ufw allow 80 $ ufw allow 443 $ ufw allow 1194/udp Jika kita merubah port ssh ke port 5678 , jangan lupa untuk membuka portnya $ ufw allow 5678 $ ufw reload
Merubah port listen Php7.2-FPM
$ nano /etc/php/7.2/fpm/pool.d/www.conf ... listen = /run/php/php7.2-fpm.sock ; comment baris diatas dan ganti ke 127.0.0.1:9000 ... Sehingga menjadi seperti dibawah $ nano /etc/php/7.2/fpm/pool.d/www.conf ... ; listen = /run/php/php7.2-fpm.sock listen = 127.0.0.1:9000 ... $ service php7.2-fpm restart
Membuat file konfigurasi untuk domain yang dihost di vps :
$ nano /etc/nginx/sites-enabled/erawanarifnugroho.com.conf
#-- First bite config --
fastcgi_cache_path /etc/nginx-cache levels=1:2 keys_zone=phpcache:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
server {
listen 80;
server_name erawanarifnugroho.com www.erawanarifnugroho.com;
return 301 https://$host$request_uri;
}
server {
#-- Module first byte --
fastcgi_cache phpcache;
fastcgi_cache_valid 200 30m;
fastcgi_cache_methods GET HEAD;
add_header X-FastCache $upstream_cache_status;
server_name erawanarifnugroho.com www.erawanarifnugroho.com;
index index.htm index.html index.php;
root /home/webhost/http/hosts/erawanarifnugroho.com;
try_files $uri $uri/ /index.php;
client_max_body_size 2000M;
error_log /home/webhost/http/logs/erawanarifnugroho.com_error.log;
access_log /home/webhost/http/logs/erawanarifnugroho.com_access.log;
location ~ \.php$ {
gzip_vary on;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With port:
# fastcgi_pass 127.0.0.1:9000;
# With socket:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#Untuk keperluan Letsencrypt
location ~ /.well-known {
allow all;
}
# Deny access to .htaccess
location ~ /\.ht {
deny all;
}
# ------------------------------------------------------------------------------------------------------------------------
# --- Fungsi caching dari Hummingbird ---
gzip on;
gzip_comp_level 9;
gzip_http_version 1.1;
gzip_proxied any;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_vary on;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/json
application/font.woff
application/xml
application/rss+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
# Disable for IE < 6 because there are some known problems
gzip_disable "MSIE [1-6].(?!.*SV1)";
location ~* \.(txt|xml|js)$ {
expires 8d;
}
location ~* \.(css)$ {
expires 8d;
}
location ~* \.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|mp4|m4v|ogg|webm|aac|eot|ttf|otf|woff|svg)$ {
expires 8d;
}
location ~* \.(jpg|jpeg|png|gif|swf|webp)$ {
expires 8d;
}
# --- Fungsi caching dari Hummingbird ---
# ------------------------------------------------------------------------------------------------------------------------
}
Instalasi Letsencrypt untuk domain
$ apt install certbot $ apt-get install python-certbot-nginx $ certbot --nginx -d erawanarifnugroho.com -d www.erawanarifnugroho.com