* The cover image is originally by jplenio and edited with great appreciation.
Introduction
Drupal is a secure and powerful CMS aka content management system.
It's an open source platform, which is based on Symfony, a fast and robust PHP web framework, nowadays.
EC-CUBE and Kimai 2 are also based on the same, Symfony.
I have built their servers on OpenBSD.
My post about EC-CUBE's installation is here and Kimai 2's is here.
Thus, I believed I could build a Drupal server on OpenBSD, my favorite OS, as well as them.
And I did it :)
The official document about Drupal installation is:
https://www.drupal.org/docs/8/install
Also, the system requirements is:
https://www.drupal.org/docs/8/install/before-a-drupal-8-installation
Environment
Tutorial of Installation
Create Database
Create database and user:
CREATE DATABASE <database> CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES ON <database>.* TO <dbuser>@'localhost' IDENTIFIED BY '<dbpassword>';
FLUSH PRIVILEGES;
Get The Code
The latest package is available here:
https://www.drupal.org/download
First, download it and set it up:
$ ftp https://www.drupal.org/download-latest/zip
$ unzip zip
$ mv drupal-* drupal
$ # optional:
$ rm ./zip
$ cd drupal
Note: Simpler installation
There is an alternative installation.
"QUICKSTART" is written about in site/core/INSTALL.txt
in the package.
Following it, you can have much fewer steps with missing the web installation and without the detailed configuration.
Next, install the dependencies via PHP Composer.
In OpenBSD, the package manager has it but the composer
command is linked to the lower version PHP than 7.2 today.
Therefore, a small trick is required.
After the installation of Composer, run this command:
$ /usr/local/bin/php-7.2 /usr/local/libexec/composer.phar install --no-dev
The result is:
Loading composer repositories with package information
Installing dependencies from lock file
Nothing to install or update
Generating autoload files
> Drupal\Core\Composer\Composer::preAutoloadDump
> Drupal\Core\Composer\Composer::ensureHtaccess
Build the server
You have to build a web server with OpenBSD's httpd and get a certificate of Let's Encrypt beforehand.
Configure httpd.conf like this.
fastcgi socket
brings requests to Drupal via PHP-FPM :)
server "<fqdn>" {
listen on $ext_addr port 80
block return 301 "https://$SERVER_NAME$REQUEST_URI"
}
server "<fqdn>" {
listen on $ext_addr tls port 443
tls {
certificate "/etc/letsencrypt/live/<fqdn>/fullchain.pem"
key "/etc/letsencrypt/live/<fqdn>/privkey.pem"
}
# optional:
log {
access "<fqdn>-access.log"
error "<fqdn>-error.log"
}
root "/<...>/drupal"
directory index index.php
location "/*.php" {
fastcgi socket "/run/php-fpm.sock"
}
location "/*.php[/?]*" {
fastcgi socket "/run/php-fpm.sock"
}
location match "^/(.*)/[^\.]+/?$" {
fastcgi socket "/run/php-fpm.sock"
request rewrite "/index.php/%1"
}
}
Restart httpd:
# rcctl restart httpd
Change permissions:
# # files
# chown -R :www sites/default
# chmod -R g+w sites/default
# # settings.php
$ cp sites/default/default.settings.php sites/default/settings.php
# chmod g+w sites/default/settings.php
Here we're ready.
Let's access to https://<fqdn> .
You will see the web installer running.
Just follow it :)
If you use "localhost" as database host, you might have to replace it with "127.0.0.1".
Also, I recommend using "Table name prefix" also from the point of view of security.
Wait seconds.
Site configuration will start.
Finished :)
Reduce write permissions from a file, sites/default/settings.php
, and a directory, sites/default
:
# chmod g-w sites/default/settings.php
# # The target is just a directory and therefore the `-R` option is unnecessary:
# chmod g-w sites/default
"Health check" of the system will perhaps want you to register trusted hosts.
Edit sites/default/settings.php
like this:
+ $settings['trusted_host_patterns'] = array(
+ '^<fqdn>$',
+ );
Don't forget escape sequence to use period because it means patterns.
For example, "^your.sub.domain$
" should be "^your\.sub\.domain$
".
Conclusion
Thank you for your reading :)
Happy computing.