乘着双11的时候在阿里云买了一台vm,替换之前申请的AWS的机器。因此大陆访问AWS的机器实在是卡的不能用。。
此次乘着重新迁移,把wordpress部署写成了一个salt的sls文件。
www-data:
user.present:
- shell: /bin/false
- createhome: False
group.present:
- addusers:
- www-data
blog-pkgs:
pkg.installed:
- pkgs:
- nginx
- mariadb-server
- php-fpm
- php-mysql
- php
- tcpdump
{% for d in ["log/mysql","run/mysqld" ]: %}
/var/{{d}}:
file.directory:
- user: mysql
- group: mysql
- recurse:
- user
- group
- makedirs: true
{% endfor %}
{% for d in [ "/var/log/nginx/","/var/cache/nginx","/var/lib/nginx/tmp/fastcgi"]: %}
{{d}}:
file.directory:
- user: www-data
- group: www-data
- makedirs: true
- require:
- user: www-data
{% endfor %}
{% for f in ["dhparam.pem","server.crt.2016","server.key.2016"]: %}
/etc/nginx/cert/{{f}}:
file.managed:
- source: salt://base/conf/nginx/{{f}}
- makedirs: true
{% endfor %}
mariadb:
service.running:
- enable: True
- reload: True
- watch:
- file: mysql-conf
- require:
- file: mysql-conf
php-fpm:
service.running:
- enable: True
- reload: True
- watch:
- file: php-conf
- require:
- file: php-conf
nginx:
service.running:
- enable: True
- reload: True
- watch:
- file: /etc/nginx/conf.d/443.conf
- require:
- user: www-data
nginx_reload:
cmd.wait:
- name: systemctl reload nginx
- watch:
- file: /etc/nginx/conf.d/443.conf
- file: /etc/nginx/nginx.conf
- file: /etc/nginx/fastcgi_params
php_reload:
cmd.wait:
- name: systemctl reload php-fpm
- watch:
- file: php-conf
/etc/nginx/conf.d/443.conf:
file.managed:
- source: salt://base/conf/nginx/443.conf
- template: jinja
/etc/nginx/nginx.conf:
file.managed:
- source: salt://base/conf/nginx/nginx.conf
- template: jinja
/etc/nginx/fastcgi_params:
file.managed:
- source: salt://base/conf/nginx/fastcgi_params
- template: jinja
mysql-conf:
file.managed:
- name: /etc/my.cnf
- source: salt://base/conf/mysql/my.cnf
- template: jinja
php-conf:
file.managed:
- name: /etc/php-fpm.d/www.conf
- source: salt://base/conf/php/www.conf
- template: jinja
[root@CentOS base]# cat init.sls
www-data:
user.present:
- shell: /bin/false
- createhome: False
group.present:
- addusers:
- www-data
blog-pkgs:
pkg.installed:
- pkgs:
- nginx
- mariadb-server
- php-fpm
- php-mysql
- php
- tcpdump
{% for d in ["log/mysql","run/mysqld" ]: %}
/var/{{d}}:
file.directory:
- user: mysql
- group: mysql
- recurse:
- user
- group
- makedirs: true
{% endfor %}
{% for d in [ "/var/log/nginx/","/var/cache/nginx","/var/lib/nginx/tmp/fastcgi"]: %}
{{d}}:
file.directory:
- user: www-data
- group: www-data
- makedirs: true
- require:
- user: www-data
{% endfor %}
{% for f in ["dhparam.pem","server.crt.2016","server.key.2016"]: %}
/etc/nginx/cert/{{f}}:
file.managed:
- source: salt://base/conf/nginx/{{f}}
- makedirs: true
{% endfor %}
mariadb:
service.running:
- enable: True
- reload: True
- watch:
- file: mysql-conf
- require:
- file: mysql-conf
php-fpm:
service.running:
- enable: True
- reload: True
- watch:
- file: php-conf
- require:
- file: php-conf
nginx:
service.running:
- enable: True
- reload: True
- watch:
- file: /etc/nginx/conf.d/443.conf
- require:
- user: www-data
nginx_reload:
cmd.wait:
- name: systemctl reload nginx
- watch:
- file: /etc/nginx/conf.d/443.conf
- file: /etc/nginx/nginx.conf
- file: /etc/nginx/fastcgi_params
php_reload:
cmd.wait:
- name: systemctl reload php-fpm
- watch:
- file: php-conf
- file: /etc/php.ini
/etc/nginx/conf.d/443.conf:
file.managed:
- source: salt://base/conf/nginx/443.conf
- template: jinja
/etc/nginx/nginx.conf:
file.managed:
- source: salt://base/conf/nginx/nginx.conf
- template: jinja
/etc/nginx/fastcgi_params:
file.managed:
- source: salt://base/conf/nginx/fastcgi_params
- template: jinja
mysql-conf:
file.managed:
- name: /etc/my.cnf
- source: salt://base/conf/mysql/my.cnf
- template: jinja
php-conf:
file.managed:
- name: /etc/php-fpm.d/www.conf
- source: salt://base/conf/php/www.conf
- template: jinja
/etc/php.ini:
file.managed:
- source: salt://base/conf/php/php.ini
迁移的过程中遇到几个问题:
1. 迁移有后会造成首页白屏幕。查了很久才发现是nginx配置文件内默认参数的差异导致。centos默认的fastcgi_param内没带SCRIPT_FILENAME。
解决方案,fastcgi_params内新增以下配置
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- 升级后我之前做的文章的缓存方案失效了。
curl看了一下,返回的header内有Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0和Pragma: no-cache的配置,并且还发了Set-Cookie的配置。
$curl -I https://blog.gnuers.org
HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Tue, 22 Nov 2016 02:19:41 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=p0r4lcqeqqa8fcog63esrq8686; path=/
Link: <https://blog.gnuers.org/?rest_route=/>; rel="https://api.w.org/"
Cache-status: MISS
Cache-Control: max-age=241
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
网上搜了一下确认这个是php.ini内的2个问题修改配置后搞定。
session.use_cookies = 0
session.cache_limiter = none