blog迁移的坑

乘着双11的时候在阿里云买了一台vm，替换之前申请的AWS的机器。因此大陆访问AWS的机器实在是卡的不能用。。此次乘着重新迁移，把wordpress部署写成了一个salt的sls文件。

www-data:
user.present:
- shell: /bin/false
- createhome: False
group.present:
- addusers:
- www-data
blog-pkgs:
pkg.installed:
- pkgs:
- nginx
- mariadb-server
- php-fpm
- php-mysql
- php
- tcpdump
{% for d in ["log/mysql","run/mysqld" ]: %}
/var/{{d}}:
file.directory:
- user: mysql
- group: mysql
- recurse:
- user
- group
- makedirs: true
{% endfor %}
{% for d in [ "/var/log/nginx/","/var/cache/nginx","/var/lib/nginx/tmp/fastcgi"]: %}
{{d}}:
file.directory:
- user: www-data
- group: www-data
- makedirs:  true
- require:
- user: www-data
{% endfor %}
{% for f in ["dhparam.pem","server.crt.2016","server.key.2016"]: %}

/etc/nginx/cert/{{f}}:   file.managed:     - source: salt://base/conf/nginx/{{f}}     - makedirs: true {% endfor %} mariadb:   service.running:     - enable: True     - reload: True     - watch:       - file: mysql-conf     - require:       - file: mysql-conf php-fpm:   service.running:     - enable: True     - reload: True     - watch:       - file: php-conf     - require:       - file: php-conf nginx:   service.running:     - enable: True     - reload: True     - watch:       - file: /etc/nginx/conf.d/443.conf     - require:       - user: www-data nginx_reload:   cmd.wait:     - name: systemctl reload nginx     - watch:       - file: /etc/nginx/conf.d/443.conf       - file: /etc/nginx/nginx.conf       - file: /etc/nginx/fastcgi_params php_reload:   cmd.wait:     - name: systemctl reload php-fpm     - watch:       - file: php-conf /etc/nginx/conf.d/443.conf:   file.managed:     - source: salt://base/conf/nginx/443.conf     - template: jinja /etc/nginx/nginx.conf:   file.managed:     - source: salt://base/conf/nginx/nginx.conf     - template: jinja /etc/nginx/fastcgi_params:   file.managed:

- source: salt://base/conf/nginx/fastcgi_params

    - template: jinja mysql-conf:   file.managed:     - name: /etc/my.cnf     - source: salt://base/conf/mysql/my.cnf     - template: jinja php-conf:   file.managed:     - name: /etc/php-fpm.d/www.conf     - source: salt://base/conf/php/www.conf     - template: jinja [root@CentOS base]# cat init.sls www-data:   user.present:     - shell: /bin/false     - createhome: False   group.present:     - addusers:       - www-data blog-pkgs:   pkg.installed:     - pkgs:       - nginx       - mariadb-server       - php-fpm       - php-mysql       - php       - tcpdump {% for d in [“log/mysql”,“run/mysqld” ]: %} /var/{{d}}:   file.directory:     - user: mysql     - group: mysql     - recurse:       - user       - group     - makedirs: true {% endfor %} {% for d in [ “/var/log/nginx/”,"/var/cache/nginx","/var/lib/nginx/tmp/fastcgi"]: %} {{d}}:   file.directory:     - user: www-data     - group: www-data     - makedirs:  true     - require:       - user: www-data {% endfor %}

{% for f in ["dhparam.pem","server.crt.2016","server.key.2016"]: %}

/etc/nginx/cert/{{f}}:   file.managed:     - source: salt://base/conf/nginx/{{f}}     - makedirs: true {% endfor %} mariadb:   service.running:     - enable: True     - reload: True     - watch:       - file: mysql-conf     - require:       - file: mysql-conf php-fpm:   service.running:     - enable: True     - reload: True     - watch:       - file: php-conf     - require:       - file: php-conf nginx:   service.running:     - enable: True     - reload: True     - watch:       - file: /etc/nginx/conf.d/443.conf     - require:       - user: www-data nginx_reload:   cmd.wait:     - name: systemctl reload nginx     - watch:       - file: /etc/nginx/conf.d/443.conf       - file: /etc/nginx/nginx.conf       - file: /etc/nginx/fastcgi_params php_reload:   cmd.wait:     - name: systemctl reload php-fpm     - watch:       - file: php-conf       - file: /etc/php.ini /etc/nginx/conf.d/443.conf:   file.managed:     - source: salt://base/conf/nginx/443.conf     - template: jinja /etc/nginx/nginx.conf:   file.managed:     - source: salt://base/conf/nginx/nginx.conf     - template: jinja /etc/nginx/fastcgi_params:   file.managed:

- source: salt://base/conf/nginx/fastcgi_params

    - template: jinja mysql-conf:   file.managed:     - name: /etc/my.cnf     - source: salt://base/conf/mysql/my.cnf     - template: jinja php-conf:   file.managed:     - name: /etc/php-fpm.d/www.conf     - source: salt://base/conf/php/www.conf     - template: jinja /etc/php.ini:   file.managed:     - source: salt://base/conf/php/php.ini

迁移的过程中遇到几个问题：1. 迁移有后会造成首页白屏幕。查了很久才发现是nginx配置文件内默认参数的差异导致。centos默认的fastcgi_param内没带SCRIPT_FILENAME。解决方案，fastcgi_params内新增以下配置
fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
1. 升级后我之前做的文章的缓存方案失效了。curl看了一下，返回的header内有Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0和Pragma: no-cache的配置，并且还发了Set-Cookie的配置。

$curl -I https://blog.gnuers.org HTTP/1.1 200 OK Server: nginx/1.10.1 Date: Tue, 22 Nov 2016 02:19:41 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

Pragma: no-cache

Set-Cookie: PHPSESSID=p0r4lcqeqqa8fcog63esrq8686;
path=/
Link: <https://blog.gnuers.org/?rest_route=/>;
rel="https://api.w.org/"

Cache-status: MISS Cache-Control: max-age=241

Strict-Transport-Security: max-age=63072000;
includeSubdomains;
preload
网上搜了一下确认这个是php.ini内的2个问题修改配置后搞定。

session.use_cookies = 0 session.cache_limiter = none