i had the same happen after -r ips, using git master from 2 months ago at least. i updated to latest git master and alles gut 
Posts by anarking
-
-
I think "minor" things like reset and send passwords, backup restore, create/edit email accounts and ftp accounts, view services status. bigger things like edit domains, install software, etc. would all be awesome, of course, but larger.
-
i think so, and the old web filemanager ispcp used did.
-
this is one feature that I miss from the old ftp client (though I think it's possible with net2ftp), but ajaxplorer is great. The only thing that is sorely needed is the ability to see .htaccess files. something that can only be set by admin, but we don't have admin settings with this deployment.
-
i run a number of 1GB VPS' with i-MSCP for people (I run a small "datacenter"). with basic optimization and no varnish, it's very powerful. with varnish, you have to be careful and very specifically configure it, when using small RAM systems. it will depend on what kind of datasets and things on your site. images, js, css, html, or a lot of database activity. if database activity, varnish doesn't help very much, you want an opcode cacher, I recommend Xcache. When using varnish and any caching, 1GB of ram isn't very much, so like I said, be careful, 256mb for apache, 256mb for varnish, 128mb for Xcache. Varnish handles static files (a lot like nginx, so it doesn't make much sense to use nginx with it when already using apache, speed gains would be minimal) and so will generally use more memory to keep the files in, where Xcache doesn't need much, as data out of the database is usually small.
apache + varnish will do what you want the best. if you can get it tweaked well and keep most in memory, and the provider's pipe is good enough, you can serve a hundred thousand visitors off a 1GB VPS. it becomes more about CPU than ram at that point (apache likes cpu, p.s. make sure to use php-fpm for xcache to work)
-
Pardon the wait, it is not a short tutorial
let's begin...apt-get install varnish libapache2-mod-rpaf
(rpaf is used for correct recognition of user ips that are proxied back to apache via varnish, otherwise authentication issues)
edit /etc/default/varnish
make sure START=yes (line
change
to(note: there are many other options here, amount of memory to allocate, whether to use file as storage or direct-to-memory, how many thread pools/workers, and what config files to use)
Example:
default is:modified (big server):
Code- DAEMON_OPTS="-a :80 \ -T localhost:6082 \ -f /etc/varnish/default.vcl \ -S /etc/varnish/secret \ -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,2G \ -p thread_pool_add_delay=2 \ -p thread_pools=8 \ -p thread_pool_min=200 \ -p thread_pool_max=5000 \ -p session_linger=50 \ -p sess_workspace=262144"
thread pools should normally be the # of CPU cores. but the only requirement here is port changed to 80.
modify /etc/apache2/ports.conf
change:
toedit all site config files in /etc/apache2/sites-available/ including 00_master.conf and 00_nameserver.conf (00_modcband.conf will not be edited)
change:
tofor scripting, perhaps use:
NOTE: for servers with multiple IPs being hosted, there will be different configurations needed in Varnish and in apache
edit all site config files in /etc/apache2/sites-available/ EXCLUDING 00_nameserver.conf and 00_modcband.conf
add: (start at line 2?)edit /etc/apache2/mods-available/rpaf.conf
file should be:change /etc/varnish/default.vcl
make sure backend default is this:
this can be the entire file, nothing else is needed. you must mkdir /etc/varnish/imscp and create master.vcl. see following post for example master.vclwe include master.vcl, as many settings can be put in there, and must, for caching to work and Varnish to know what domains to accept. this is where it gets tricky.
the proper way to then configure is to include other specific config files, which can then have the caching specifics that say what to cache for each site, and MUST declare the URL of each site that is being passed back to Apache. and for Varnish to be effective, there must be more config to set what static content to strip of cookies and cache (images, video, archives), what pages to bypass (login), etc. etc. That is a complete other article of reading
QuoteNOTE FOR DEV:
For complete integration with i-MSCP, I believe we should have the option "Varnish enabled?" for each customer. If enabled, this would add an entry in /etc/varnish/default.vcl that says
with a newline of the same for every customer. then each of those configuration files can then be edited by a customer from within imscp. (maybe /etc/varnish/imscp/customerdomain/config.vcl if needed to better separate permissions)
It should use the same method as others handled by i-MSCP (parts/working in /etc/imscp/varnish) to have a base config that inserts {DOMAIN_NAME}.Now, to make i-MSCP respect the new port changes when using the panel...
change .pm files for apache types in /var/www/imscp/engine/PerlLib/Servers/httpd/
for each type (php-fpm, fcgi, itk) change (for example) ../httpd/apache_php_fpm.pm and ../httpd/apache_php_fpm/installer.pm
so...
change apache_php_fpm.pm
from
tochange apache_php_fpm/installer.pm
from
toTO SCRIPT:
change /etc/imscp/apache/parts/domain*
from:
to:change /etc/imscp/apache/parts/*_ssl.tpl
from:
to:change /etc/imscp/apache/01_awstats.conf
from:
to:change /etc/imscp/apache2/00_master.conf
from:
to:change /etc/imscp/apache2/00_master_ssl.conf
from:
to:cp -p /etc/apache2/sites-available/* /etc/imscp/apache/working/
service apache restart
service varnish restartThen it should all be fully functional. I think that's everything. Like I said, for use with multiple IP's, it would need a slightly different setup with the variables, I'll think about that some other time
[hr]
Here is the good master.vcl varnish config file for use that covers most caching scenarios, you can see, just replace with your domain name(s).return(pass); means to pass it through and do not cache at all.
also includes an example of not caching a particular page (login.php).
This could easily be ported to i-MSCP handling for customers' varnish .vcl files by replacing the domain names with {DOMAIN_NAME} (as well as ALIAS and subdomain), to generate the new /etc/varnish/imscp/{DOMAIN_NAME}/config.vcl for each customer
Display MoreCode- sub vcl_recv {
- remove req.http.X-Forwarded-For;
- set req.http.X-Forwarded-For = client.ip;
- set req.http.Host = regsub(req.http.Host, "www\.", "");
- ### do not cache these rules:
- if (req.request != "GET" && req.request != "HEAD") {
- return(pass);
- }
- if (req.http.Authenticate || req.http.Authorization) {
- return(pass);
- }
- ### don't cache authenticated sessions
- if (req.http.Cookie && req.http.Cookie ~ "authtoken=") {
- return(pipe);
- }
- if (req.http.host ~ "^somedomain.com(:[0-9]+)?$") {
- set req.backend = default;
- }
- else if (req.http.host ~ "^anotherdomain.com(:[0-9]+)?$") {
- set req.backend = default;
- }
- else if (req.http.host ~ "^non-cached-domain.com(:[0-9]+)?$") {
- set req.backend = default;
- return(pass);
- }
- else { set req.backend = default;}
- # Don't cache login.php
- if (req.url ~ "login.php") {
- return (pass);
- }
- ## Remove has_js and Google Analytics cookies.
- set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|has_js)=[^;]*", "");
- set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__utma|__utmb|__utmc|__utmv|__utmz|__utms)=[^;]+;?", "");
- # Properly handle different encoding types
- if (req.http.Accept-Encoding) {
- if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf)$") {
- # No point in compressing these
- remove req.http.Accept-Encoding;
- } elsif (req.http.Accept-Encoding ~ "gzip") {
- set req.http.Accept-Encoding = "gzip";
- } elsif (req.http.Accept-Encoding ~ "deflate") {
- set req.http.Accept-Encoding = "deflate";
- } else {
- # unkown algorithm
- remove req.http.Accept-Encoding;
- }
- }
- # Serve objects up to 5 minutes past their expiry if the backend
- # is slow to respond.
- if (req.backend.healthy)
- {
- set req.grace = 60s;
- } else
- {
- set req.grace = 5m;
- }
- # Cache things with these extensions
- if (req.request == "GET" && req.url ~ "\.(js)") {
- unset req.http.cookie;
- return (lookup);
- }
- ## images
- if (req.request == "GET" && req.url ~ "\.(gif|jpg|jpeg|bmp|png|tiff|tif|ico|img|tga|wmf|swf)$") {
- unset req.http.cookie;
- return (lookup);
- }
- ## various other content pages
- if (req.request == "GET" && req.url ~ "\.(css|html)$") {
- unset req.http.cookie;
- return (lookup);
- }
- ## multimedia dont cache
- if (req.request == "GET" && req.url ~ "\.(svg|mp3|mp4|m4a|ogg|mov|avi|wmv)$") {
- return (pass);
- }
- ## xml
- if (req.request == "GET" && req.url ~ "\.(xml)$") {
- unset req.http.cookie;
- return (lookup);
- }
- return(lookup);
- }
- ###############
- sub vcl_fetch {
- unset beresp.http.Server;
- set beresp.http.Server = "Varnish";
- set beresp.grace = 10m;
- if (req.request == "GET" && req.url ~ "\.(gif|jpg|jpeg|bmp|png|tiff|tif|ico|img|tga|wmf|swf)$") {
- unset beresp.http.set-cookie;
- set beresp.ttl = 24h;
- }
- ## various other content pages
- if (req.request == "GET" && req.url ~ "\.(css|html)$") {
- unset beresp.http.set-cookie;
- set beresp.ttl = 24h;
- }
- if (req.request == "GET" && req.url ~ "\.(js)$") {
- unset beresp.http.set-cookie;
- set beresp.ttl = 24h;
- }
- ## xml
- if (req.request == "GET" && req.url ~ "\.(xml)$") {
- unset beresp.http.set-cookie;
- set beresp.ttl = 24h;
- }
- return(deliver);
- }
- ###############
- sub vcl_deliver {
- #add cache hit data
- #set resp.http.X-Served-By = server.hostname;
- if (obj.hits > 0) {
- set resp.http.X-Cache = "HIT";
- set resp.http.X-Cache-Hits = obj.hits;
- } else {
- set resp.http.X-Cache = "MISS";
- }
- }
-
you guys are awesome, thank you
-
keep in mind that a domain belong to an user, which has also a status (since i-MSCP 1.1.0-rc2.1). The unix users creation (also known as i-MSCP virtual users) are created before the domains. So, if you doesn't set the customers status to 'toadd' in the admin table, the whole process will fail.That is the new detail I did not know, thank you! In past, when populating from database dump of the same version, I could just put the users in /etc/passwd and /etc/group and set domain_status to "toadd" and the daemon would recreate.
I updated to latest master, and it completed correctly and recreated all necessary directories, dns, etc. as before. I probably just needed to change the users to "toadd" in the admin table also, like you mentioned, and it would have worked without upgrading.
Very good to know! Thanks nux.
-
running master from July 16. I haven't done this in a while, but need to right now... I imported the db and set domains to "toadd" from ok, but daemon is not processing them... should I set a different status?
-
Awesome, great work everyone!
Regarding: Removed Amavis, ClamAV and SpamAssassin configuration (Such service must be provided as plugin)
What is the behavior then when upgrading? Will existing configurations of these be completely removed? Will their installs be removed? Those both seem dangerous, especially when there is no plugin replacement yet. I have yet to upgrade, I'm running git master from a week ago or so, so just asking