blog迁移的坑

乘着双11的时候在阿里云买了一台vm,替换之前申请的AWS的机器。因此大陆访问AWS的机器实在是卡的不能用。。
此次乘着重新迁移,把wordpress部署写成了一个salt的sls文件。


www-data:
  user.present:
    - shell: /bin/false
    - createhome: False
  group.present:
    - addusers:
      - www-data
blog-pkgs:
  pkg.installed:
    - pkgs:
      - nginx
      - mariadb-server
      - php-fpm
      - php-mysql
      - php
      - tcpdump
{% for d in ["log/mysql","run/mysqld" ]: %}
/var/{{d}}:
  file.directory:
    - user: mysql
    - group: mysql
    - recurse:
      - user
      - group
    - makedirs: true
{% endfor %}
{% for d in [ "/var/log/nginx/","/var/cache/nginx","/var/lib/nginx/tmp/fastcgi"]: %}
{{d}}:
  file.directory:
    - user: www-data
    - group: www-data
    - makedirs:  true
    - require:
      - user: www-data
{% endfor %}
{% for f in ["dhparam.pem","server.crt.2016","server.key.2016"]: %}
/etc/nginx/cert/{{f}}:
  file.managed:
    - source: salt://base/conf/nginx/{{f}}
    - makedirs: true
{% endfor %}
mariadb:
  service.running:
    - enable: True
    - reload: True
    - watch:
      - file: mysql-conf
    - require:
      - file: mysql-conf
php-fpm:
  service.running:
    - enable: True
    - reload: True
    - watch:
      - file: php-conf
    - require:
      - file: php-conf
nginx:
  service.running:
    - enable: True
    - reload: True
    - watch:
      - file: /etc/nginx/conf.d/443.conf
    - require:
      - user: www-data
nginx_reload:
  cmd.wait:
    - name: systemctl reload nginx
    - watch:
      - file: /etc/nginx/conf.d/443.conf
      - file: /etc/nginx/nginx.conf
      - file: /etc/nginx/fastcgi_params
php_reload:
  cmd.wait:
    - name: systemctl reload php-fpm
    - watch:
      - file: php-conf
/etc/nginx/conf.d/443.conf:
  file.managed:
    - source: salt://base/conf/nginx/443.conf
    - template: jinja
/etc/nginx/nginx.conf:
  file.managed:
    - source: salt://base/conf/nginx/nginx.conf
    - template: jinja
/etc/nginx/fastcgi_params:
  file.managed:
    - source: salt://base/conf/nginx/fastcgi_params
    - template: jinja
mysql-conf:
  file.managed:
    - name: /etc/my.cnf
    - source: salt://base/conf/mysql/my.cnf
    - template: jinja
php-conf:
  file.managed:
    - name: /etc/php-fpm.d/www.conf
    - source: salt://base/conf/php/www.conf
    - template: jinja
[root@CentOS base]# cat init.sls
www-data:
  user.present:
    - shell: /bin/false
    - createhome: False
  group.present:
    - addusers:
      - www-data
blog-pkgs:
  pkg.installed:
    - pkgs:
      - nginx
      - mariadb-server
      - php-fpm
      - php-mysql
      - php
      - tcpdump
{% for d in ["log/mysql","run/mysqld" ]: %}
/var/{{d}}:
  file.directory:
    - user: mysql
    - group: mysql
    - recurse:
      - user
      - group
    - makedirs: true
{% endfor %}
{% for d in [ "/var/log/nginx/","/var/cache/nginx","/var/lib/nginx/tmp/fastcgi"]: %}
{{d}}:
  file.directory:
    - user: www-data
    - group: www-data
    - makedirs:  true
    - require:
      - user: www-data
{% endfor %}
{% for f in ["dhparam.pem","server.crt.2016","server.key.2016"]: %}
/etc/nginx/cert/{{f}}:
  file.managed:
    - source: salt://base/conf/nginx/{{f}}
    - makedirs: true
{% endfor %}
mariadb:
  service.running:
    - enable: True
    - reload: True
    - watch:
      - file: mysql-conf
    - require:
      - file: mysql-conf
php-fpm:
  service.running:
    - enable: True
    - reload: True
    - watch:
      - file: php-conf
    - require:
      - file: php-conf
nginx:
  service.running:
    - enable: True
    - reload: True
    - watch:
      - file: /etc/nginx/conf.d/443.conf
    - require:
      - user: www-data
nginx_reload:
  cmd.wait:
    - name: systemctl reload nginx
    - watch:
      - file: /etc/nginx/conf.d/443.conf
      - file: /etc/nginx/nginx.conf
      - file: /etc/nginx/fastcgi_params
php_reload:
  cmd.wait:
    - name: systemctl reload php-fpm
    - watch:
      - file: php-conf
      - file: /etc/php.ini
/etc/nginx/conf.d/443.conf:
  file.managed:
    - source: salt://base/conf/nginx/443.conf
    - template: jinja
/etc/nginx/nginx.conf:
  file.managed:
    - source: salt://base/conf/nginx/nginx.conf
    - template: jinja
/etc/nginx/fastcgi_params:
  file.managed:
    - source: salt://base/conf/nginx/fastcgi_params
    - template: jinja
mysql-conf:
  file.managed:
    - name: /etc/my.cnf
    - source: salt://base/conf/mysql/my.cnf
    - template: jinja
php-conf:
  file.managed:
    - name: /etc/php-fpm.d/www.conf
    - source: salt://base/conf/php/www.conf
    - template: jinja
/etc/php.ini:
  file.managed:
    - source: salt://base/conf/php/php.ini

迁移的过程中遇到几个问题:
1. 迁移有后会造成首页白屏幕。查了很久才发现是nginx配置文件内默认参数的差异导致。centos默认的fastcgi_param内没带SCRIPT_FILENAME。
解决方案,fastcgi_params内新增以下配置


fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
  1. 升级后我之前做的文章的缓存方案失效了。
    curl看了一下,返回的header内有Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0和Pragma: no-cache的配置,并且还发了Set-Cookie的配置。

$curl -I https://blog.gnuers.org
HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Tue, 22 Nov 2016 02:19:41 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=p0r4lcqeqqa8fcog63esrq8686; path=/
Link: <https://blog.gnuers.org/?rest_route=/>; rel="https://api.w.org/"
Cache-status: MISS
Cache-Control: max-age=241
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

网上搜了一下确认这个是php.ini内的2个问题修改配置后搞定。


session.use_cookies = 0
session.cache_limiter = none
此条目发表在OS, saltstack分类目录。将固定链接加入收藏夹。

发表评论