Drupal 8 on OpenBSD

nabbisen - Jun 1 '19 - - Dev Community

* The cover image is originally by jplenio and edited with great appreciation.


Introduction

Drupal is a secure and powerful CMS aka content management system.
It's an open source platform, which is based on Symfony, a fast and robust PHP web framework, nowadays.

EC-CUBE and Kimai 2 are also based on the same, Symfony.
I have built their servers on OpenBSD.
My post about EC-CUBE's installation is here and Kimai 2's is here.

Thus, I believed I could build a Drupal server on OpenBSD, my favorite OS, as well as them.
And I did it :)

The official document about Drupal installation is:
https://www.drupal.org/docs/8/install
Also, the system requirements is:
https://www.drupal.org/docs/8/install/before-a-drupal-8-installation

Environment


Tutorial of Installation

Create Database

Create database and user:

CREATE DATABASE <database> CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES ON <database>.* TO <dbuser>@'localhost' IDENTIFIED BY '<dbpassword>';
FLUSH PRIVILEGES;
Enter fullscreen mode Exit fullscreen mode

Get The Code

The latest package is available here:
https://www.drupal.org/download

First, download it and set it up:

$ ftp https://www.drupal.org/download-latest/zip
$ unzip zip
$ mv drupal-* drupal
$ # optional:
$ rm ./zip

$ cd drupal
Enter fullscreen mode Exit fullscreen mode

Note: Simpler installation

There is an alternative installation.
"QUICKSTART" is written about in site/core/INSTALL.txt in the package.
Following it, you can have much fewer steps with missing the web installation and without the detailed configuration.


Next, install the dependencies via PHP Composer.
In OpenBSD, the package manager has it but the composer command is linked to the lower version PHP than 7.2 today.
Therefore, a small trick is required.
After the installation of Composer, run this command:

$ /usr/local/bin/php-7.2 /usr/local/libexec/composer.phar install --no-dev
Enter fullscreen mode Exit fullscreen mode

The result is:

Loading composer repositories with package information
Installing dependencies from lock file
Nothing to install or update
Generating autoload files
> Drupal\Core\Composer\Composer::preAutoloadDump
> Drupal\Core\Composer\Composer::ensureHtaccess
Enter fullscreen mode Exit fullscreen mode

Build the server

You have to build a web server with OpenBSD's httpd and get a certificate of Let's Encrypt beforehand.

Configure httpd.conf like this.
fastcgi socket brings requests to Drupal via PHP-FPM :)

server "<fqdn>" {
        listen on $ext_addr port 80
        block return 301 "https://$SERVER_NAME$REQUEST_URI"
}                                                  
server "<fqdn>" {
        listen on $ext_addr tls port 443
        tls {
                certificate     "/etc/letsencrypt/live/<fqdn>/fullchain.pem"
                key             "/etc/letsencrypt/live/<fqdn>/privkey.pem"
        }
        # optional:
        log {
                access  "<fqdn>-access.log"
                error   "<fqdn>-error.log"
        }

        root "/<...>/drupal"
        directory index index.php

        location "/*.php" { 
                fastcgi socket "/run/php-fpm.sock"
        } 
        location "/*.php[/?]*" { 
                fastcgi socket "/run/php-fpm.sock"
        }
        location match "^/(.*)/[^\.]+/?$" {
                fastcgi socket "/run/php-fpm.sock"    
                request rewrite "/index.php/%1"
         }
}
Enter fullscreen mode Exit fullscreen mode

Restart httpd:

# rcctl restart httpd
Enter fullscreen mode Exit fullscreen mode

Change permissions:

# # files
# chown -R :www sites/default
# chmod -R g+w sites/default
# # settings.php
$ cp sites/default/default.settings.php sites/default/settings.php
# chmod g+w sites/default/settings.php
Enter fullscreen mode Exit fullscreen mode

Here we're ready.

Let's access to https://<fqdn> .
You will see the web installer running.
Just follow it :)

web installer
web installer

If you use "localhost" as database host, you might have to replace it with "127.0.0.1".
Also, I recommend using "Table name prefix" also from the point of view of security.

web installer
web installer

web installer

Wait seconds.

web installer

Site configuration will start.

web installer
web installer
web installer

Finished :)

finished

Reduce write permissions from a file, sites/default/settings.php, and a directory, sites/default:

# chmod g-w sites/default/settings.php
# # The target is just a directory and therefore the `-R` option is unnecessary:
# chmod g-w sites/default
Enter fullscreen mode Exit fullscreen mode

"Health check" of the system will perhaps want you to register trusted hosts.
Edit sites/default/settings.php like this:

+ $settings['trusted_host_patterns'] = array(   
+   '^<fqdn>$',   
+ );
Enter fullscreen mode Exit fullscreen mode

Don't forget escape sequence to use period because it means patterns.
For example, "^your.sub.domain$" should be "^your\.sub\.domain$".


Conclusion

Thank you for your reading :)
Happy computing.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .