ROUNDCUBE: Init script for PHP CGI and nginx configuration file.
#!/bin/sh | |
### BEGIN INIT INFO | |
# Provides: php-cgi | |
# Required-Start: $remote_fs $syslog | |
# Required-Stop: $remote_fs $syslog | |
# Default-Start: 2 3 4 5 | |
# Default-Stop: 0 1 6 | |
# Short-Description: Make available a cgi for nginx | |
# Description: primarly is used for the wordpress installation | |
### END INIT INFO | |
# Author: Gianluca Pacchiella <gp@ktln2.org> | |
# | |
# Do NOT "set -e" | |
# PATH should only include /usr/* if it runs after the mountnfs.sh script | |
PATH=/sbin:/usr/sbin:/bin:/usr/bin | |
DESC="Php CGI daemon" | |
NAME=php-cgi | |
# FIXME: give me error | |
BIND=/var/run/php-cgi.socket | |
USER=www-data | |
DAEMON=/usr/bin/$NAME | |
PHP_CGI=/usr/bin/php-cgi | |
PHP_FCGI_CHILDREN=5 | |
PHP_FCGI_MAX_REQUESTS=1000 | |
PHP_CGI_ARGS="- USER=$USER PATH=/usr/bin PHP_FCGI_CHILDREN=$PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS=$PHP_FCGI_MAX_REQUESTS $PHP_CGI -b $BIND" | |
PIDFILE=/var/run/$NAME.pid | |
SCRIPTNAME=/etc/init.d/$NAME | |
# Exit if the package is not installed | |
[ -x "$DAEMON" ] || exit 0 | |
# Read configuration variable file if it is present | |
[ -r /etc/default/$NAME ] && . /etc/default/$NAME | |
# Load the VERBOSE setting and other rcS variables | |
. /lib/init/vars.sh | |
# Define LSB log_* functions. | |
# Depend on lsb-base (>= 3.2-14) to ensure that this file is present | |
# and status_of_proc is working. | |
. /lib/lsb/init-functions | |
# | |
# Function that starts the daemon/service | |
# | |
do_start() | |
{ | |
# Return | |
# 0 if daemon has been started | |
# 1 if daemon was already running | |
# 2 if daemon could not be started | |
#start-stop-daemon --start --quiet --pidfile $PIDFILE --chuid "$USER" \ | |
# --exec /usr/bin/env -- $PHP_CGI_ARGS \ | |
# --test > /dev/null \ | |
# || return 1 | |
start-stop-daemon --start --quiet --background --make-pidfile --chuid "$USER" \ | |
--pidfile $PIDFILE --exec /usr/bin/env -- $PHP_CGI_ARGS \ | |
|| return 2 | |
# Add code here, if necessary, that waits for the process to be ready | |
# to handle requests from services started subsequently which depend | |
# on this one. As a last resort, sleep for some time. | |
} | |
# | |
# Function that stops the daemon/service | |
# | |
do_stop() | |
{ | |
# Return | |
# 0 if daemon has been stopped | |
# 1 if daemon was already stopped | |
# 2 if daemon could not be stopped | |
# other if a failure occurred | |
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE | |
RETVAL="$?" | |
[ "$RETVAL" = 2 ] && return 2 | |
# Wait for children to finish too if this is a daemon that forks | |
# and if the daemon is only ever run from this initscript. | |
# If the above conditions are not satisfied then add some other code | |
# that waits for the process to drop all resources that could be | |
# needed by services started subsequently. A last resort is to | |
# sleep for some time. | |
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 \ | |
--exec /usr/bin/env -- $PHP_CGI_ARGS | |
[ "$?" = 2 ] && return 2 | |
# Many daemons don't delete their pidfiles when they exit. | |
rm -f $PIDFILE | |
return "$RETVAL" | |
} | |
# | |
# Function that sends a SIGHUP to the daemon/service | |
# | |
do_reload() { | |
# | |
# If the daemon can reload its configuration without | |
# restarting (for example, when it is sent a SIGHUP), | |
# then implement that here. | |
# | |
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME | |
return 0 | |
} | |
case "$1" in | |
start) | |
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" | |
do_start | |
case "$?" in | |
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; | |
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; | |
esac | |
;; | |
stop) | |
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" | |
do_stop | |
case "$?" in | |
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; | |
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; | |
esac | |
;; | |
status) | |
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? | |
;; | |
#reload|force-reload) | |
# | |
# If do_reload() is not implemented then leave this commented out | |
# and leave 'force-reload' as an alias for 'restart'. | |
# | |
#log_daemon_msg "Reloading $DESC" "$NAME" | |
#do_reload | |
#log_end_msg $? | |
#;; | |
restart|force-reload) | |
# | |
# If the "reload" option is implemented then remove the | |
# 'force-reload' alias | |
# | |
log_daemon_msg "Restarting $DESC" "$NAME" | |
do_stop | |
case "$?" in | |
0|1) | |
do_start | |
case "$?" in | |
0) log_end_msg 0 ;; | |
1) log_end_msg 1 ;; # Old process is still running | |
*) log_end_msg 1 ;; # Failed to start | |
esac | |
;; | |
*) | |
# Failed to stop | |
log_end_msg 1 | |
;; | |
esac | |
;; | |
*) | |
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 | |
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 | |
exit 3 | |
;; | |
esac |
# with this configuration Nginx enforces the access by HTTPS | |
server { | |
server_name webmail.example.com; | |
location = / { | |
rewrite ^(.*)$ https://webmail.example.com$1 permanent; | |
} | |
} | |
server { | |
listen 443; | |
ssl on; | |
ssl_certificate /etc/ssl/certs/my.crt; | |
ssl_certificate_key /etc/ssl/private/my.key; | |
ssl_session_timeout 5m; | |
ssl_protocols SSLv3 TLSv1; | |
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; | |
ssl_prefer_server_ciphers on; | |
server_name webmail.example.com; | |
root /var/www/roundcubemail-0.7/; | |
location = / { | |
index index.php; | |
} | |
location ~ .php$ { | |
try_files $uri = 404;# for security reason (see Pitfall section in Nginx's wiki) | |
include fastcgi_params; | |
fastcgi_intercept_errors on; | |
# TODO: move this to /var/run/php/ | |
fastcgi_pass unix:/tmp/php-cgi.socket; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment