# infra.bksp

# Nextcloud

## Dépendances

Environnement : Arch Linux + Caddy

1. Installation des dépendances
   ```
   pacman -Sy php php-fpm php-apcu php-gd php-imagick
   ```
2. Configuration de php (`/etc/php/php.ini`)
   ```ini
   [PHP]
   memory_limit = 512M

   ; Extensions
   extension=bcmath
   extension=bz2
   extension=curl
   extension=exif
   extension=gd
   extension=gmp
   extension=iconv
   extension=intl
   zend_extension=opcache
   extension=pdo_mysql
   extension=sysvsem
   extension=zip

   [opcache]
   opcache.enable=1
   opcache.memory_consumption=256
   opcache.interned_strings_buffer=32
   opcache.max_accelerated_files=10000
   opcache.revalidate_freq=2
   opcache.save_comments=1
   ```
3. Enable `imagick` extension (`/etc/php/conf.d/imagick.ini`)
   ```ini
   extension = imagick
   ```
4. Enable `apcu` extension (`/etc/php/conf.d/apcu.ini`)
   ```ini
   extension=apcu.so
   apc.enable_cli=1
   apc.ttl=7200
   ```
5. Configure `php-fpm` (`/etc/php/php-fpm.d/www.conf`)
   ```ini
   env[PATH] = /usr/local/bin:/usr/bin:/bin
   ```

## Configuration reverse proxy

```
cloud.bksp.space {
	root * /srv/http/cloud.bksp.space
	php_fastcgi unix//run/php-fpm/php-fpm.sock
	log {
		output file /var/log/caddy/cloud.bksp.space.log
	}
	file_server
	encode gzip
	
	handle_errors {
		respond "{err.status_code} {err.status_text}" {err.status_code}
	}

	@disallowed {
		path /build/*
		path /tests/*
		path /config/*
		path /lib/*
		path /3rdparty/*
		path /templates/*
		path /data/*
		path .*
		path /autotest*
		path /occ*
		path /issue*
		path /indie*
		path /db_*
		path /console*
	}
	
	handle @disallowed {
		error 404
	}

	redir /.well-known/carddav /remote.php/dav 301
	redir /.well-known/caldav /remote.php/dav 301

	header {
        # enable HSTS
		Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"
    }
	
	@static path_regexp \.(?:css|js|svg|gif)$
	handle @static {
		# 6 months
		header Cache-Control max-age=15552000
	}
	@fonts path *.woff2
	handle @fonts {
		# 7 days
		header Cache-Control max-age=604800
	}
}
```

# Wallabag

Environement : Archlinux + Caddy

## Dépendances

1. Installation des dépendances
   ```
   pacman -Sy php php-fpm php-gd php-tidy php-sodium composer
   ```
2. Configuration de php (`/etc/php/php.ini`)
   ```ini
   [PHP]
   ; Extensions
   extension=bcmath
   extension=curl
   extension=gd
   extension=gettext
   extension=iconv
   extension=intl
   extension=pdo_mysql
   extension=sockets
   extension=sodium
   extension=tidy
   extension=zip
   ```
## Configuration base de données

1. Se connecter à la base de données
   ```
   mariadb -u root
   ```
2. Créer le compte et la base de données
   ```sql
   CREATE USER 'wallabag'@'localhost' IDENTIFIED BY '***';
   create database wallabag;
   GRANT ALL PRIVILEGES ON wallabag.* TO 'wallabag'@'localhost';
   FLUSH PRIVILEGES;
   ```

## Installation

1. Passer en tant que l'user `http`
   ```
   sudo -su http
   ```
2. Récupéré les sources
   ```
   cd /srv/http
   git clone https://github.com/wallabag/wallabag.git bag.bksp.space
   ```
3. Démarrer l'installation
   ```
   cd bag.bksp.space
   make install
   ```

## Configuration du reverse proxy

```caddy
bag.bksp.space {
    root * /srv/http/bag.bksp.space/web
    file_server
    encode gzip
 
    php_fastcgi unix//run/php-fpm/php-fpm.sock {
        index app.php
    }

    try_files {path} {path}/ /app.php?{query}

    log {
        output file /var/log/caddy/bag.bksp.space.log
    }
}
```