sudo apt-get update
sudo apt-get install nginx
sudo apt-get install -y php7.0-common php7.0-zip php7.0-gd php7.0-intl php7.0-iconv php7.0-curl php7.0-json php7.0-soap php7.0-bz2
- Fresh installation from Pimcore Resource
wget https://www.pimcore.org/download-5/pimcore-latest.zip -O pimcore-install.zip
You can use now the command-line installer with bin/install
or go to <your-host>/install.php
.
Before using the webinstaller you might have to change the NGINX site config here:
# Use this location when the installer has to be run
# location ~ /(app|install)\.php(/|$) {
#
# Use this after initial install is done:
location ~ ^/app\.php(/|$) {
- Project via Git
git clone <project-repo>
cd <project-dir>
composer install
composer dump-autoload -o
Use the ut8mb4
charset and the ut8b4_unicode_ci
collation.
If the DB runs on same server instance as the webserver use as host localhost
- Create a config file
cd /etc/nginx/sites-available
touch <project-name>.conf
- Setup the nginx config file
# mime types are covered in nginx.conf by:
# http {
# include mime.types;
# }
upstream php-pimcore5 {
server unix:/var/run/php/php7.0-fpm.sock; # Depending on the PHP FPM version your are running
}
server {
listen 80;
root /var/www/<project-dir>/web;
server_name <domain>; # e.g pimcore.davidhoeck.com
index index.php;
access_log /var/log/access.log;
error_log /var/log/error.log error;
# Pimcore Head-Link Cache-Busting
rewrite ^/cache-buster-(?:\d+)/(.*) /$1 last;
# Stay secure
#
# a) don't allow PHP in folders allowing file uploads
location ~* /var/assets/*\.php(/|$) {
return 404;
}
# b) Prevent clients from accessing hidden files (starting with a dot)
# Access to `/.well-known/` is allowed.
# https://www.mnot.net/blog/2010/04/07/well-known
# https://tools.ietf.org/html/rfc5785
location ~* /\.(?!well-known/) {
deny all;
log_not_found off;
access_log off;
}
# c) Prevent clients from accessing to backup/config/source files
location ~* (?:\.(?:bak|conf(ig)?|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
deny all;
}
# Thumbnails
location ~* .*/(image|video)-thumb__\d+__.* {
try_files /var/tmp/$1-thumbnails$request_uri /app.php;
expires 2w;
access_log off;
add_header Cache-Control "public";
}
# Assets
# Still use a whitelist approach to prevent each and every missing asset to go through the PHP Engine.
location ~* (.+?)\.((?:css|js)(?:\.map)?|jpe?g|gif|png|svgz?|eps|exe|gz|zip|mp\d|ogg|ogv|webm|pdf|docx?|xlsx?|pptx?)$ {
try_files /var/assets$uri $uri =404;
expires 2w;
access_log off;
log_not_found off;
add_header Cache-Control "public";
}
# Installer
# Remove this if you don't need the web installer (anymore)
if (-f $document_root/install.php) {
rewrite ^/install(/?.*) /install.php$1 last;
}
location / {
error_page 404 /meta/404;
add_header "X-UA-Compatible" "IE=edge";
try_files $uri /app.php$is_args$args;
}
# Use this location when the installer has to be run
# location ~ /(app|install)\.php(/|$) {
#
# Use this after initial install is done:
location ~ ^/app\.php(/|$) {
send_timeout 1800;
fastcgi_read_timeout 1800;
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
include fastcgi.conf;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
# Activate these, if using Symlinks and opcache
# fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
# fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_pass php-pimcore5;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
# PHP-FPM Status and Ping
location /fpm- {
access_log off;
include fastcgi_params;
location /fpm-status {
allow 127.0.0.1;
# add additional IP's or Ranges
deny all;
fastcgi_pass php-pimcore5;
}
location /fpm-ping {
fastcgi_pass php-pimcore5;
}
}
# nginx Status
# see: https://nginx.org/en/docs/http/ngx_http_stub_status_module.html
location /nginx-status {
allow 127.0.0.1;
deny all;
access_log off;
stub_status;
}
}
- Create symlink
ln -s /etc/nginx/sites-available/<project-name>.conf /etc/nginx/sites-enabled/
- Restart PHP-FPM and Nginx
sudo service nginx restart
sudo service php7.0-fpm restart
- APCu (Cache) and Imagick (Image Processing)
sudo apt-get install php7.0-apcu php-imagick -y
- Redis (Cache/Storage) https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-redis-on-ubuntu-16-04
sudo apt-get install php-redis