le epic php8 migration

2022-11-27 06:02:55 +00:00 · 2022-11-27 06:02:55 +00:00 · 22387a4106
parent e57c7b506e
commit 22387a4106
11 changed files with 141 additions and 10 deletions
--- a/common/dokuwiki.conf
+++ b/common/dokuwiki.conf
@ -9,7 +9,7 @@ location / {
 }

 location ~ \.php$ {
-	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/run/php/php8.0-fpm.sock;
 	fastcgi_index index.php;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 	include /etc/nginx/snippets/fastcgi.conf;
--- a/common/freshrss.conf
+++ b/common/freshrss.conf
@ -9,7 +9,7 @@ error_log /var/log/nginx/rss.error.log;
 # php files handling
 # this regex is mandatory because of the API
 location ~ ^.+?\.php(/.*)?$ {
-	fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
 	fastcgi_split_path_info ^(.+\.php)(/.*)$;
 	# By default, the variable PATH_INFO is not set under PHP-FPM
 	# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
--- a/common/fulltextrss.conf
+++ b/common/fulltextrss.conf
@ -9,7 +9,7 @@ location / {
 }

 location ~ \.php$ {
-	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/run/php/php8.0-fpm.sock;
 	fastcgi_index index.php;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 	include /etc/nginx/snippets/fastcgi.conf;
--- a/common/littlelink.conf
+++ b/common/littlelink.conf
@ -17,7 +17,7 @@ location = /robots.txt  { access_log off; log_not_found off; }
 error_page 404 /index.php;

 location ~ \.php$ {
-	fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
 	fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
 	include snippets/fastcgi.conf;
 }
--- a/common/nextcloud.conf
+++ b/common/nextcloud.conf
@ -111,7 +111,7 @@ location ~ \.php(?:$|/) {

 	fastcgi_param modHeadersAvailable true;         # Avoid sending the security headers twice
 	fastcgi_param front_controller_active true;     # Enable pretty urls
-	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/run/php/php8.0-fpm.sock;

 	fastcgi_intercept_errors on;
 	fastcgi_request_buffering off;
--- a/common/privatebin.conf
+++ b/common/privatebin.conf
@ -9,7 +9,7 @@ location / {
 }

 location ~ \.php$ {
-	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/run/php/php8.0-fpm.sock;
 	fastcgi_index index.php;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 	include /etc/nginx/snippets/fastcgi.conf;
--- a/common/roundcube.conf
+++ b/common/roundcube.conf
@ -15,7 +15,7 @@ location ~ \.php(?:$|/) {
 	fastcgi_param PATH_INFO $fastcgi_path_info;
 	fastcgi_param HTTPS on;
 	fastcgi_param modHeadersAvailable true;
-	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/run/php/php8.0-fpm.sock;
 	fastcgi_intercept_errors on;
 	fastcgi_buffers 4 256k;
 	fastcgi_busy_buffers_size 256k;
--- a/common/rssbridge.conf
+++ b/common/rssbridge.conf
@ -9,7 +9,7 @@ location / {
 }

 location ~ \.php$ {
-	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/run/php/php8.0-fpm.sock;
 	fastcgi_index index.php;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 	include /etc/nginx/snippets/fastcgi.conf;
--- a/common/website.conf
+++ b/common/website.conf
@ -91,7 +91,7 @@ location ~ \.php$ {
 	try_files $uri =404;
 	#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
 	include snippets/fastcgi.conf;
-	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+	fastcgi_pass unix:/run/php/php8.0-fpm.sock;
 	fastcgi_buffers 16 16k;
 	fastcgi_buffer_size 32k;
 }
--- a/conf.d/matrix.conf.cobrafuckedupsomestuff
+++ b/conf.d/matrix.conf.cobrafuckedupsomestuff
@ -0,0 +1,131 @@
+server {
+	listen 80;
+	listen [::]:80;
+
+	listen 8449 default_server;
+	listen [::]:8449 default_server;
+
+	server_name mtrx.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion;
+
+	add_header Onion-Location http://mtrx.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion$request_uri;
+
+	subs_filter_types application/json;
+	subs_filter "{\"base_url\":\"https://mtrx.vern.cc/\"}" "{\"base_url\":\"http://mtrx.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion/\"}";
+
+	location ~ ^(/_matrix|/_synapse/client) {
+		# note: do not add a path (even a single /) after the port in `proxy_pass`,
+		# otherwise nginx will canonicalise the URI and cause signature verification
+		# errors.
+		proxy_pass http://localhost:8008;
+		proxy_set_header X-Forwarded-For $remote_addr;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Host $host;
+
+		# Nginx by default only allows file uploads up to 1M in size
+		# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
+		client_max_body_size 1024M;
+	}
+	## well-known
+	location /.well-known/matrix/support {
+		add_header Access-Control-Allow-Origin '*' always;
+		add_header Content-Type application/json;
+		return 200 '{"admins": [{"matrix_id": "@root:vern.cc", "email_address": "tildemaster@vern.cc", "role": "admin"}], "support_page": "https://matrix.to/#/#vern:vern.cc"}';
+	}
+
+	location /.well-known/matrix/server {
+		add_header Access-Control-Allow-Origin '*' always;
+		add_header Content-Type application/json;
+		return 200 '{"m.server": "mtrx.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion:80"}';
+	}
+
+	location /.well-known/matrix/client {
+		add_header Access-Control-Allow-Origin '*' always;
+		add_header Content-Type application/json;
+		return 200 '{"m.homeserver": {"base_url": "http://mtrx.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion"}, "m.identity_server": { "base_url": "https://id.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion" }}';
+	}
+}
+
+server {
+	listen 11043;
+	listen [::]:11043;
+
+	listen 8450 default_server;
+	listen [::]:8450 default_server;
+
+	server_name verndnomc4cnte4aw7yrfpse33vrw2nlwoxozxmf77zqquk6ea7q.b32.i2p;
+
+	add_header Onion-Location http://mtrx.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion$request_uri;
+
+	subs_filter_types application/json;
+	subs_filter "{\"base_url\":\"https://mtrx.vern.cc/\"}" "{\"base_url\":\"http://verndnomc4cnte4aw7yrfpse33vrw2nlwoxozxmf77zqquk6ea7q.b32.i2p/\"}";
+
+	location ~ ^(/_matrix|/_synapse/client) {
+		# note: do not add a path (even a single /) after the port in `proxy_pass`,
+		# otherwise nginx will canonicalise the URI and cause signature verification
+		# errors.
+		proxy_pass http://localhost:8008;
+		proxy_set_header X-Forwarded-For $remote_addr;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Host $host;
+
+		# Nginx by default only allows file uploads up to 1M in size
+		# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
+		client_max_body_size 1024M;
+	}
+	## well-known
+	location /.well-known/matrix/support {
+		add_header Access-Control-Allow-Origin '*' always;
+		add_header Content-Type application/json;
+		return 200 '{"admins": [{"matrix_id": "@root:vern.cc", "email_address": "tildemaster@vern.cc", "role": "admin"}], "support_page": "https://matrix.to/#/#vern:vern.cc"}';
+	}
+
+	location /.well-known/matrix/server {
+		add_header Access-Control-Allow-Origin '*' always;
+		add_header Content-Type application/json;
+		return 200 '{"m.server": "verndnomc4cnte4aw7yrfpse33vrw2nlwoxozxmf77zqquk6ea7q.b32.i2p:80"}';
+	}
+
+	location /.well-known/matrix/client {
+		add_header Access-Control-Allow-Origin '*' always;
+		add_header Content-Type application/json;
+		return 200 '{"m.homeserver": {"base_url": "http://verndnomc4cnte4aw7yrfpse33vrw2nlwoxozxmf77zqquk6ea7q.b32.i2p"}, "m.identity_server": { "base_url": "http://vern4l4bo3tzed7niopxkfijgbyod6vc7pmqrhice2mjvjfboqua.b32.i2p" }}';
+	}
+}
+
+server {
+	server_name stickers.vern.cc;
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	root /var/www/matrix;
+	index index.html;
+
+	location / {
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_pass http://127.0.0.1:8082;
+	}
+
+	include snippets/lets-encrypt.conf;
+}
+server {
+	server_name dim.vern.cc;
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	root /var/www/matrix;
+	index index.html;
+
+	location / {
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_pass http://127.0.0.1:8184;
+	}
+
+	include snippets/lets-encrypt.conf;
+}
+
+server {
+	listen 80;
+	listen [::]:80;
+	return 301 https://$host$request_uri;
+	server_name dim.vern.cc stickers.vern.cc;
+}
--- a/conf.d/nextcloud.conf
+++ b/conf.d/nextcloud.conf
@ -1,5 +1,5 @@
 upstream php-handler {
-	server unix:/var/run/php/php7.4-fpm.sock;
+	server unix:/var/run/php/php8.0-fpm.sock;
 }

 # Set the `immutable` cache control options only for assets with a cache busting `v` argument