-
-
Save molotovbliss/3d6846626e384ec17348fb6823e4f8f3 to your computer and use it in GitHub Desktop.
Configuration/Scripts for Magento 2.x PHP7.x OPCache Apache2.x mod_pagespeed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [opcache] | |
| ; NOTE: Disable timestamp validations for production! | |
| ; When disabled, you must reset the OPcache manually or restart the | |
| ; webserver for changes to the filesystem to take effect. | |
| opcache.validate_timestamps=1 | |
| ; Determines if Zend OPCache is enabled | |
| opcache.enable=1 | |
| ; Determines if Zend OPCache is enabled for the CLI version of PHP | |
| opcache.enable_cli=1 | |
| ; save HTML comments for cache hole punching! | |
| opcache.save_comments=1 | |
| ; The OPcache shared memory storage size. | |
| ;opcache.memory_consumption=64 | |
| ; The amount of memory for interned strings in Mbytes. | |
| ;opcache.interned_strings_buffer=4 | |
| ; The maximum number of keys (scripts) in the OPcache hash table. | |
| ; Only numbers between 200 and 100000 are allowed. | |
| opcache.max_accelerated_files=22000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <VirtualHost *:80> | |
| ServerName local.johnnywas.com | |
| KeepAlive Off | |
| SetEnvIf Ssl-Offloaded 1 HTTPS=on | |
| SetEnvIf X-Forwarded-Proto https HTTPS=on | |
| FileETag none | |
| ServerSignature Off | |
| TraceEnable Off | |
| DocumentRoot /var/www/johnnywas-m2/ | |
| <Directory /> | |
| AllowOverride None | |
| Require all denied | |
| </Directory> | |
| <Directory /var/www/johnnywas-m2/> | |
| Options Indexes FollowSymLinks MultiViews | |
| AllowOverride All | |
| Order allow,deny | |
| Allow from all | |
| </Directory> | |
| <Directory ~ "\.svn"> | |
| Order allow,deny | |
| Deny from all | |
| </Directory> | |
| <Directory ~ "\.git"> | |
| Order allow,deny | |
| Deny from all | |
| </Directory> | |
| LogLevel info | |
| ErrorLog ${APACHE_LOG_DIR}/local.johnnywas.com-error.log | |
| CustomLog ${APACHE_LOG_DIR}/local.johnnywas.com-access.log combined | |
| DirectoryIndex index.php | |
| ProxyPassMatch ^/(\.php)$ fcgi://127.0.0.1:9000/var/www/johnnywas-m2/$1 | |
| #RewriteEngine On | |
| #IncludeOptional /etc/apache2/sites-available/johnnywas.com.conf.d/rewrite* | |
| IncludeOptional /var/www/johnnywas-m2/.htaccess-combined | |
| </VirtualHost> | |
| <IfModule mod_ssl.c> | |
| <VirtualHost _default_:443> | |
| ServerAdmin webmaster@localhost | |
| SetEnvIf Ssl-Offloaded 1 HTTPS=on | |
| SetEnvIf X-Forwarded-Proto https HTTPS=on | |
| FileETag none | |
| ServerSignature Off | |
| TraceEnable Off | |
| # Enable https/2 fallback to 1.1 | |
| Protocols h2 http/1.1 | |
| # Enable http/2 (non-SSL) fallback to 1.1 | |
| #Protocols h2c http/1.1 | |
| DocumentRoot /var/www/johnnywas-m2/ | |
| DirectoryIndex index.php | |
| ProxyPassMatch ^/(\.php)$ fcgi://127.0.0.1:9000/var/www/johnnywas-m2/$1 | |
| <Directory /> | |
| AllowOverride None | |
| Require all denied | |
| </Directory> | |
| <Directory /var/www/johnnywas-m2/> | |
| Options FollowSymLinks Indexes | |
| AllowOverride All | |
| Order allow,deny | |
| Allow from all | |
| </Directory> | |
| <Directory ~ "\.svn"> | |
| Order allow,deny | |
| Deny from all | |
| </Directory> | |
| <Directory ~ "\.git"> | |
| Order allow,deny | |
| Deny from all | |
| </Directory> | |
| <IfModule http2_module> | |
| LogLevel http2:debug | |
| </IfModule> | |
| # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, | |
| # error, crit, alert, emerg. | |
| # It is also possible to configure the loglevel for particular | |
| # modules, e.g. | |
| LogLevel info ssl:debug | |
| LogLevel info | |
| ErrorLog ${APACHE_LOG_DIR}/local.johnnywas.com-ssl-error.log | |
| CustomLog ${APACHE_LOG_DIR}/local.johnnywas.com-ssl-access.log combined | |
| # SSL Engine Switch: | |
| # Enable/Disable SSL for this virtual host. | |
| SSLEngine on | |
| # A self-signed (snakeoil) certificate | |
| #SSLCertificateFile /etc/ssl/johnnywas/johnnywas.crt | |
| #SSLCertificateKeyFile /etc/ssl/johnnywas/johnnywas.key | |
| SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem | |
| SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key | |
| #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt | |
| #SSLCACertificatePath /etc/ssl/certs/ | |
| #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt | |
| #SSLCARevocationPath /etc/apache2/ssl.crl/ | |
| #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl | |
| #SSLVerifyClient require | |
| #SSLVerifyDepth 10 | |
| # Guidance additions for extra security | |
| #SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK | |
| # Standard distro | |
| SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA | |
| SSLProtocol All -SSLv2 -SSLv3 | |
| SSLHonorCipherOrder On | |
| SSLCompression on | |
| <FilesMatch "\.(cgi|shtml|phtml|php)$"> | |
| SSLOptions +StdEnvVars | |
| </FilesMatch> | |
| <Directory /usr/lib/cgi-bin> | |
| SSLOptions +StdEnvVars | |
| </Directory> | |
| BrowserMatch "MSIE [2-6]" \ | |
| nokeepalive ssl-unclean-shutdown \ | |
| downgrade-1.0 force-response-1.0 | |
| BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown | |
| </VirtualHost> | |
| </IfModule> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| magentodir=$1 | |
| cd $magentodir | |
| read -d '' script << PHP | |
| <?php | |
| \$composer = json_decode(file_get_contents('composer.json'), true); | |
| if (!is_array(\$composer['autoload']['psr-0'][''])) { | |
| \$composer['autoload']['psr-0'][''] = [\$composer['autoload']['psr-0'][''], 'var/generation']; | |
| } | |
| if (!isset(\$composer['autoload']['exclude-from-classmap'])) { | |
| \$composer['autoload']['exclude-from-classmap'] = ['**/dev/**', '**/update/**', '**/Test/**']; | |
| } | |
| file_put_contents('composer.json', json_encode(\$composer, JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES)); | |
| PHP | |
| phpscript=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) | |
| echo $script > /tmp/$phpscript | |
| php -f /tmp/$phpscript | |
| rm /tmp/$phpscript | |
| composer config optimize-autoloader true | |
| composer dump-autoload |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ulimit -a | |
| Review open files limit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Author: Colin Mollenhour | |
| # | |
| # Usage: Run from the webroot, .htaccess-combined will be created. | |
| dest='.htaccess-combined' | |
| pwd=`pwd` | |
| echo -n "" > $dest | |
| while read -r file; do | |
| loc=`dirname $file` | |
| if [[ "$loc" =~ '^\./downloader/pearlib/\w+' ]]; then continue; fi | |
| if [[ "$loc" = "." ]]; then | |
| dir=$pwd | |
| else | |
| dir="$pwd/${loc#*/}" | |
| fi | |
| echo "<Directory $dir >" >> $dest | |
| cat $file | sed 's/^/ /' | awk 1 >> $dest | |
| echo -e "</Directory>\n" >> $dest | |
| done < <(find -L . -name \.htaccess -type f | awk '{ print length, $0 }' | sort -n | awk '{$1=""; print $0}') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Restart an array of services for the LAMP stack | |
| # jared.blalock@guidance.com | |
| # Detect if not a super user | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "You must be a root/su user" 2>&1 | |
| exit 1 | |
| fi | |
| # detect if getopt is available or not | |
| getopt --test > /dev/null | |
| if [[ $? -ne 4 ]]; then | |
| echo "I’m sorry, `getopt --test` failed in this environment." | |
| exit 1 | |
| fi | |
| # define array of services to restart | |
| services=("php7.0-fpm" "apache2" "mysql" "redis_6379_cache" "redis_6380_fpc" "redis_6381_sessions" "elasticsearch") | |
| # Define short or long options | |
| SHORT=a | |
| LONG=action | |
| # -temporarily store output to be able to check for errors | |
| # -activate advanced mode getopt quoting e.g. via “--options” | |
| # -pass arguments only via -- "$@" to separate them correctly | |
| PARSED=$(getopt --options $SHORT --longoptions $LONG --name "$0" -- "$@") | |
| if [[ $? -ne 0 ]]; then | |
| # e.g. $? == 1 | |
| # then getopt has complained about wrong arguments to stdout | |
| exit 2 | |
| fi | |
| # use eval with "$PARSED" to properly handle the quoting | |
| eval set -- "$PARSED" | |
| # now enjoy the options in order and nicely split until we see -- | |
| while true; do | |
| case "$1" in | |
| -h|--help) | |
| h=y | |
| echo "lamp: LAMP services with PHP switching from 5.6 to 7.0" | |
| echo "--------------------------------------------------------------" | |
| echo " --h|help this help" | |
| echo " --a|action service action: options ((re)start,stop,status)" | |
| exit | |
| shift | |
| ;; | |
| -a|--action) | |
| a=y | |
| shift | |
| ;; | |
| --) | |
| shift | |
| break | |
| ;; | |
| *) | |
| echo "error" | |
| exit 3 | |
| ;; | |
| esac | |
| done | |
| # handle non-option arguments | |
| if [[ $# -ne 1 ]]; then | |
| echo "$0: action required.." | |
| exit 4 | |
| fi | |
| echo "-------------------------------------------------------------" | |
| echo "Action: $1 all LAMP Services: ${services[@]}" | |
| echo "-------------------------------------------------------------" | |
| for ii in "${services[@]}" | |
| do | |
| : | |
| echo "service $ii $1 ..."; | |
| service $ii $1; | |
| done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <IfModule mod_pagespeed> | |
| # General Configuration | |
| ModPagespeed on | |
| ModPagespeedDomain *.domain.com | |
| ModPagespeedDomain images.domain.com | |
| ModPagespeedDomain assets.domain.com | |
| ModPagespeedStatistics on | |
| ModPagespeedStatisticsLogging on | |
| ModPagespeedLogDir /home/domain.com/public_html/var/pagespeed | |
| ModPagespeedRewriteLevel CoreFilters | |
| # May be bad to run in parallel with sessions (seperate instance?) | |
| ModPagespeedMemcachedServers "tcp://127.0.0.1:11220" | |
| # define path to cache if memcache isn't enabled | |
| ModPagespeedFileCachePath "/home/domain.com/public_html/var/cache/pagespeed/" | |
| ModPagespeedFileCacheSizeKb 102400 | |
| ModPagespeedFileCacheCleanIntervalMs 3600000 | |
| ModPagespeedFileCacheInodeLimit 500000 | |
| # touch file cache path cache.flush to global purge/flush cache | |
| ModPagespeedEnableCachePurge off | |
| # Filters to Disable | |
| ModPagespeedDisableFilters inline_css,inline_javascript | |
| # Filters to Enable | |
| ModPagespeedEnableFilters move_css_to_head | |
| ModPagespeedEnableFilters rewrite_css | |
| ModPagespeedEnableFilters rewrite_javascript | |
| ModPagespeedEnableFilters outline_css | |
| ModPagespeedEnableFilters outline_javascript | |
| ModPagespeedEnableFilters collapse_whitespace | |
| ModPagespeedEnableFilters extend_cache | |
| ModPagespeedEnableFilters defer_javascript | |
| ModPagespeedEnableFilters insert_dns_prefetch | |
| ModPagespeedEnableFilters lazyload_images | |
| ModPagespeedEnableFilters make_google_analytics_async | |
| ModPagespeedEnableFilters canonicalize_javascript_libraries | |
| #ModPagespeedEnableFilters remove_comments | |
| # New Filters to try | |
| ModPagespeedEnableFilters move_css_above_scripts | |
| ModPagespeedEnableFilters combine_css | |
| ModPagespeedEnableFilters combine_javascript | |
| ModPagespeedEnableFilters MaxCombinedJsBytes 300000 | |
| ModPagespeedEnableFilters CombineAcrossPaths on | |
| ModPagespeedEnableFilters insert_image_dimensions | |
| # CDN Mapping to local domains | |
| ModPagespeedMapOriginDomain ee.domain.com images.domain.com assets.domain.com | |
| ModPagespeedMapRewriteDomain images.domain.com assets.domain.com | |
| # Page Speed Admin access | |
| <Location /pagespeed_admin> | |
| Order allow,deny | |
| Allow from localhost | |
| Allow from 127.0.0.1 | |
| #Allow from any | |
| SetHandler pagespeed_admin | |
| </Location> | |
| </IfModule> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # cwd | |
| JWAS = /var/www/johnnywas.com/current/; | |
| export PATH=$PATH:$JWAS | |
| # NOTE: Disabling AllowOverride in main virtual host or apache2.conf while | |
| # including the .htaccess-combined generated by htaccess-combine.sh | |
| # optimize apache with searching entire dir tree for .htaccess files, combining into one combined | |
| # .htaccess file that is found, after which including the combined file directly into apache conf and | |
| # disable the very high I/O of AllowOverride being enabled. | |
| # | |
| # sites.conf: | |
| # | |
| # AllowOverride None | |
| # Include /var/www/johnnywas.com/current/.htaccess-combined | |
| # | |
| /bin/sh /usr/local/bin/htaccess-combine.sh > $JWAS/.htaccess-combined | |
| # clear dependency injection & the generated | |
| rm var/di/* var/generation/* | |
| # be sure lessc is executable | |
| chmod +x vendor/oyejorge/less.php/bin/lessc | |
| # be sure grunt-cli is installed | |
| npm install grunt-cli; | |
| npm install; | |
| npm update | |
| # run usual suspects | |
| php bin/magento setup:upgrade; | |
| php bin/magento setup:di:compile; | |
| php bin/magento cache:flush; | |
| #php bin/magento dev:source-theme:deploy; | |
| php bin/magento setup:static-content:deploy; | |
| grunt less | |
| #php bin/magento indexer:reindex |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment