diff --git a/server/README.md b/server/README.md new file mode 100644 index 0000000..91315b2 --- /dev/null +++ b/server/README.md @@ -0,0 +1,121 @@ + + + + + + + + + +sudo apt update + + +======== PHP ============== + +apt-get install python-software-properties +sudo add-apt-repository ppa:ondrej/php +apt-get update +sudo apt-get install php8.2-cli php8.2-fpm + +update-alternatives --set php /usr/bin/php8.2-fpm + +sudo apt install php8.2-common php8.2-mysql php8.2-xml php8.2-xmlrpc php8.2-curl php8.2-gd php8.2-imagick php8.2-cli php8.2-dev php8.2-imap php8.2-mbstring php8.2-opcache php8.2-soap php8.2-zip php8.2-redis php8.2-intl unzip -y + +cd ~ +curl -sS https://getcomposer.org/installer -o /tmp/composer-setup.php + +HASH=`curl -sS https://composer.github.io/installer.sig` + +php -r "if (hash_file('SHA384', '/tmp/composer-setup.php') === '$HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" + + +sudo php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer + +cd /var/www/ +composer create-project thetempusproject/thetempusproject allthebookmarks + + +< I then copied all my updates manuyally, deletiing the ixiisting files > + +mkdir /etc/nginx/sites-available/old/ +sudo mv /etc/nginx/sites-available/* /etc/nginx/sites-available/old/ +sudo rm -rf /etc/nginx/sites-enabled/* +touch /etc/nginx/sites-available/allthebookmarks.com.conf +sudo ln -s /etc/nginx/sites-available/allthebookmarks.com.conf /etc/nginx/sites-enabled/allthebookmarks.com.conf + +< you now need to copy the correct content to the new file > + + + +sudo systemctl restart nginx.service + + + + + + +publiic ip +74.207.230.135 + + + + +Email address (for the Let's Encrypt SSL certificate) (required) +webmaster@allthebookmarks.com + + +The limited sudo user to be created for the Linode: *No Capital Letters or Special Characters* (required) +joey + + + + +Security +Root Password +131df9fbc597cf0eac3424 + +mysql db allthebookmarks@localhost + +Xiv9_JrXXhF9I + + + + + + + + +SELECT User, Host FROM mysql.user; + + +CREATE USER 'allthebookmarks'@'localhost' IDENTIFIED BY 'Xiv9_JrXXhF9I'; + + + + + + +SHOW GRANTS FOR 'allthebookmarks'@'localhost'; + + + + + + + + + + + +GRANT ALL PRIVILEGES ON * . * TO 'allthebookmarks'@'localhost'; + +FLUSH PRIVILEGES; + + + + +SHOW DATABASES; + + + +CREATE DATABASE allthebookmarks; \ No newline at end of file diff --git a/server/allthebookmarks.com.key b/server/allthebookmarks.com.key new file mode 100644 index 0000000..26c66d0 --- /dev/null +++ b/server/allthebookmarks.com.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCwn7fNgRK9ConV +7f+B6dHx3yQ7i54Mf6mGcu9rY97pJuaK8JFqwuZmLJMRE/HiUiKmbf+r2F+DFOAp +qCfINouxhmEXp2eYjfNzpQ3vqPWJRHs419NLPhnLj0kM/kZv8U/Iys+CEnOiT9Mp +JYE51QEi1hxMnVinGiECZA3+ySxnT/diowgqYQMzdvcNGk3OiQ+f616b9QGtI0fo +HMj6t6vaEGOV5BYbYpTEnp1NNI4YzJlWb11+Pjs0yy/OmS83VcHvriFNgP0RAgqy +AUID0yxNHCjMVtD0RAJPWFcE/tm2Y0taSGazhX+kLAN5IYffnUOTry25Y661uHoT +JcEA9A7jAgMBAAECggEAEBUFmBFanW/qNlp3W2Lo74xmhi149KEN1I9+kVlZ9gIe +wnk+eb7JWnWl5nYvHhu7H/WqxADtoXKIfq0wV3Xv/k1tZclOZiuhW975h+BAiyvQ +dHqNDgWCNRtqMWQDEd+iaMwJXPSafCWnOns5wFmkGCyauGHTV/50Zv1T8OZsbp5I +Om91AO086EljbFhBuwPVuhjtJgykYew5uu87WHosZPBHnyAqakhAWHApgbjPK4tA +pLVKQUZ3WpehBcLPysFpqiFY3GcOtKHoUJwVFCCKH9jeWPnnuwCExASWpElr0krn +2E2wuCqjUCHqDboxG6Mg0SGRBO6JdJ2FP+BMPElu8QKBgQD3FRMCVq+zFIfntNwV +8tVgl43OaFKJ6tWhO4s06O/zAYi6XwsE17WUPSawwek0gepOILqXtRakYRDHNWBb +u1+D7iEewLDK1q27Pav94Etett5cXdlqmMuHhQY01Giap4aC15x5nKnsgQwkTQw0 +P6TUqz6EZ1Iv3Ef5DlOcWwZUpwKBgQC2/6QCfir04M01tX5HgVDApz1roy8pfBer +Opzrryiq9KTAfd8JNWAvCDRfb5iIOJmG5maYfMo2FaNQ8ZqDy03iOBro9rHNzCKe +rurxtEN+v438LAMh6CTkL/5V3H/u/WnrSyZnwvGeg/9uY3il1D3MOBqKNfkyhfiP +i4S3vgYvZQKBgDweSpPFF9cQ5ciA/xPwE+7+sShJxdt84iHq5QIos0mDVAtU2M+C +1NGO130mkWGPQr1jxULocuvoGjb+S8XGH4VwSWq8I8gW2Aq5BMIu8ufGwu/ifeYr +60m8Gjh8fj8zB82KPK5yaf37oEKs5I1J9wcv63Q3142BoZl93OYsV6v9AoGAB+b2 +IB1uoXBrrBwQPeo5oHgYUOOVD8eKBhzb1dmUef1id+V3kiA57Q3/pPdesNMw3gBp +AcCxwrAgg0hLkdFfpZsinli4yNg9znhjMNjF6V1ANll4MSijHy9rXi3NYHaU8lIm +cGicomm0yAGHnjGSEZWCn+FAx4u9dgViT8Tm43kCgYEAtCbFLe6Xflq1eFs0tW8l +7ONWggQnJWmNxtkvp6BdABCftirgEgplreJU522rDykOn//vDQw3Bxy+ONRdGGlq +zJMkYNqWvBB1pfsFtAsge+iholqj7o16R97AMXzMtYrjF/NlvMGK7qDemxRuXvCE +mLf4JUX9F+4gNQZFWOaJZK0= +-----END PRIVATE KEY----- diff --git a/server/allthebookmarks.com.pem b/server/allthebookmarks.com.pem new file mode 100644 index 0000000..74879a5 --- /dev/null +++ b/server/allthebookmarks.com.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEFTCCAv2gAwIBAgIUJyD1kpPruuSjW0Xp+eDB5PUYSOowDQYJKoZIhvcNAQEL +BQAwgagxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH +Ew1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKExBDbG91ZGZsYXJlLCBJbmMuMRswGQYD +VQQLExJ3d3cuY2xvdWRmbGFyZS5jb20xNDAyBgNVBAMTK01hbmFnZWQgQ0EgZDJk +NWNhYTY4ZTAwMDA5YmU5YWNiNTliMWVlZTE4YzMwHhcNMjQxMjEyMjMyMTAwWhcN +MzQxMjEwMjMyMTAwWjAiMQswCQYDVQQGEwJVUzETMBEGA1UEAxMKQ2xvdWRmbGFy +ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCft82BEr0KidXt/4Hp +0fHfJDuLngx/qYZy72tj3ukm5orwkWrC5mYskxET8eJSIqZt/6vYX4MU4CmoJ8g2 +i7GGYRenZ5iN83OlDe+o9YlEezjX00s+GcuPSQz+Rm/xT8jKz4ISc6JP0yklgTnV +ASLWHEydWKcaIQJkDf7JLGdP92KjCCphAzN29w0aTc6JD5/rXpv1Aa0jR+gcyPq3 +q9oQY5XkFhtilMSenU00jhjMmVZvXX4+OzTLL86ZLzdVwe+uIU2A/RECCrIBQgPT +LE0cKMxW0PREAk9YVwT+2bZjS1pIZrOFf6QsA3khh9+dQ5OvLbljrrW4ehMlwQD0 +DuMCAwEAAaOBuzCBuDATBgNVHSUEDDAKBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA +MB0GA1UdDgQWBBT1YGr8qlQQ9uFN2zB8/E0fAaJkwDAfBgNVHSMEGDAWgBR8vfq4 +V6tsq1fU+eA0UiEPxba4tzBTBgNVHR8ETDBKMEigRqBEhkJodHRwOi8vY3JsLmNs +b3VkZmxhcmUuY29tL2YyZDMxNjRjLWQ1NWYtNGM4MS1hOGE3LTI2MDZlYTU2YzBm +Mi5jcmwwDQYJKoZIhvcNAQELBQADggEBAFw3p9dqEaqA9RhQqw5IkH+Woop26IUB +qQBQpLVbU5BQECF0U4579DhSfUWnZNorICMlO+7ncpZuegjJslfN2eIw4GXVG4Vt +bSKvZyq4tBOVMucRfbtm0aet1jPtLM2JN9JDnBuanQjDFmxy6tgZZU0DK79mwH5T +GeYimmqefwCZHNEGDhB/CIaC87Q+KsFO+Hgn60CG+H7aR13EH+jyNwoQgzbnoPnK +mQunF2P4zom4+DrIcoVWoXVlw841cxljYPi9gjtt0bjZbJilMGI1764y6CVapLUP +kiqzVFNw86veQ52usc5Vej+YCRrrBtGzTHaMJ7THAbNoBBmjROyEuZA= +-----END CERTIFICATE----- diff --git a/server/new.site.conf b/server/new.site.conf new file mode 100644 index 0000000..e8fa848 --- /dev/null +++ b/server/new.site.conf @@ -0,0 +1,35 @@ +upstream php { + server unix:/run/php/php8.2-fpm.sock; +} + +server { + listen 80; + listen [::]:80; + server_name allthebookmarks.com; + include snippets/well-known; + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + server_name allthebookmarks.com; + include snippets/ssl-params.conf; + root /var/www/allthebookmarks.com; + index index.php; + + client_max_body_size 100M; + + autoindex off; + + # custom TTP code + include snippets/ttp.conf; + + location ~* \.php$ { + fastcgi_pass php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_intercept_errors on; + } +} diff --git a/server/new.sniippets-ttp.conf b/server/new.sniippets-ttp.conf new file mode 100644 index 0000000..3f440d1 --- /dev/null +++ b/server/new.sniippets-ttp.conf @@ -0,0 +1,89 @@ +add_header X-Frame-Options "SAMEORIGIN"; +add_header X-Content-Type-Options "nosniff"; + +charset utf-8; + +ssl_certificate /etc/nginx/ssl/allthebookmarks.com.pem; +ssl_certificate_key /etc/nginx/ssl/allthebookmarks.com.key; + +error_page 404 /index.php; + +location = /favicon.ico { + log_not_found off; + access_log off; +} + +location = /robots.txt { + allow all; + log_not_found off; + access_log off; +} + +location ~ /\.(?!well-known).* { + deny all; +} + +location ~ /\.ht { + deny all; +} + +location ~ ^/(doc|sql|setup)/ { + deny all; +} + +location ~ /\. { + deny all; +} + +location ~* \.(?:js|css|png|jpg|gif|ico|woff|tff|woff2|min.css.map)$ { + access_log off; + log_not_found off; +} + +location /js/ { + access_log off; + log_not_found off; + try_files $uri /index.php?error=js404&file=$uri; +} + +location /css/ { + access_log off; + log_not_found off; + try_files $uri /index.php?error=css404&file=$uri; +} + +location /images/ { + try_files $uri /index.php?error=image404&url=$uri; +} + +location /uploads/ { + try_files $uri /index.php?error=upload404&url=$uri; +} + +location /errors/ { + try_files $uri /index.php?error=$uri; +} + +location /api/ { + # Handle CORS for all requests + if ($request_method = 'POST') { + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; + add_header 'Access-Control-Allow-Headers' 'Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range' always; + add_header 'Access-Control-Expose-Headers' 'Content-Length, Content-Range' always; + } + # Handle preflight requests + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Headers' 'Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range' always; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain; charset=utf-8' always; + return 204; # Return no content for preflight + } + + rewrite ^/(.+)$ /index.php?url=$1&$args; +} + +location / { + rewrite ^/(.+)$ /index.php?url=$1&$args; +}