Aegir 2.x nginx install notes

This document summarizes issues I have found while working offline on Aegir 2.x on june 2012. I have taken those notes instead of filing bugs as this work is being done offline and working on websites is difficult and painful.

use sudo instead of su

We should use the following instead of su aegir:

sudo -u aegir -H /bin/bash

Some systems, like Ubuntu, do not have a root password by default and therefore depend on sudo to get their credentials. Since we depend on sudo anyways, it makes more sense to use a sudo command there. (done)

install drush through PEAR

We should follow Arch linux's lead and install drush through PEAR, as it is upstream's suggestion. (done)

aegir 2.x modifications

Those are the deviations from the regular install directives necessary to install Aegir 2.x:

  1. install drush 5 instead of drush 4 (should be in the docs)
  2. we don't depend on drush make anymore, as it's in drush 5 core!! make sure we change the hostmaster-install help and process at the very least (done?)

other issues

  • we should not talk about using a makefile if the hostmaster platform already exists, when telling the user what we do

  • the aegir config file generates this nginx error:

    nginx on localhost could not be restarted. Changes might not be available until this has been done.  [warning]
    (error: Reloading nginx configuration: nginx: [emerg] "error_log" directive is duplicate in
    /etc/nginx/conf.d/aegir.conf:107
    

    (fixed in 2.x)

  • install error:

    The hosting_platform_pathauto module is required but was not found. Please move it into the modules  [error]
    subdirectory.
    

    (the module should just be merged in 2.x, i think)

  • the nginx config file is way too big, it sets policy, like hiding headers, SSL performance, gzip compression, size limits and so on. those do not belong in an aegir configuration file, and should at least be optional. the fastcgi_params are also duplicate of a file in /etc/nginx.conf

    (work started in the dev-nginx-cleanup branch)

  • out of the box, nginx shows "bad gateway" error when following the login link - fix:

    diff --git a/php5/fpm/pool.d/www.conf b/php5/fpm/pool.d/www.conf
    index 28a0651..e6d552d 100644
    --- a/php5/fpm/pool.d/www.conf
    +++ b/php5/fpm/pool.d/www.conf
    @@ -30,7 +30,8 @@ group = www-data
     ;                            specific port;
     ;   '/path/to/unix/socket' - to listen on a unix socket.
     ; Note: This value is mandatory.
    -listen = /var/run/php5-fpm.sock
    +;listen = /var/run/php5-fpm.sock
    +listen = localhost:9000
    
     ; Set listen(2) backlog.
     ; Default Value: 128 (-1 on FreeBSD and OpenBSD)
    

    not sure how to fix this

  • the nginx includes may fail on remote servers because /var/aegir/config/includes may not be rsync'd to remote servers

  • the nginx advanced and simple configuration are almost exactly the same minus about 10 lines of diff - they should include each other instead of duplicating stuff

    (fixed in cleanup branch)

things i forgot

  • forgot to clone pkg-drush (done)
  • forgot to install the nginx-doc package (done)
  • forgot to install ab or siege (crap) (done)

offline hacks

I had to go through a few hoops to make this work offline. To install drush, i worked from a previous clone I had lying around:

sudo aegir -H git clone ~anarcat/src/drush
sudo ln -s /var/aegir/drush/drush /usr/local/bin/drush

And the same for provision:

sudo aegir -H git clone ~anarcat/src/provision .drush/provision --branch 6.x-2.x

Then for the frontend (trickier), I had to fiddle around with also a previously existing hostmaster platform:

git clone ~anarcat/src/drupal hostmaster-6.x-2.x --branch 6.26
git clone ~anarcat/src/hostmaster hostmaster-6.x-2.x/profiles/hostmaster --branch 6.x-2.x
cd hostmaster-6.x-2.x/profiles/hostmaster
cp -a ~/hostmaster-6.x-1.x/profiles/hostmaster/modules/{admin_menu,install_profile_api,jquery_ui,modalframe,openidadmin} modules

Summary

Overall, this works, but I am concerned about the complexity of the nginx config. There are too many things in there, I feel...