Web Service Functionality (#6)

Rebuild YERD from scratch
Added NGINX and Site commands

Author: RichardAnderson

.config/nginx/nginx.conf

@@ -0,0 +1,20 @@
+user {{% user %}};
+worker_processes auto;
+pid /opt/yerd/web/nginx/run/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include /opt/yerd/web/nginx/conf/mime.types;
+    default_type application/octet-stream;
+    
+    sendfile        on;
+    keepalive_timeout  65;
+    
+    access_log /opt/yerd/web/nginx/logs/access.log;
+    error_log  /opt/yerd/web/nginx/logs/error.log;
+
+    include /opt/yerd/web/nginx/sites-enabled/*;
+}

.config/nginx/site.conf

@@ -0,0 +1,30 @@
+server {
+    listen 80;
+    server_name {{% domain %}};
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name {{% domain %}};
+
+    ssl_certificate {{% cert %}};
+    ssl_certificate_key {{% key %}};
+    
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
+    
+    root {{% path %}};
+    index index.php index.html;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+    
+    location ~ \.php$ {
+        fastcgi_pass unix:/opt/yerd/php/run/php{{% php_version %}}-fpm.sock;
+        include /opt/yerd/web/nginx/conf/fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+    }
+}

.config/nginx/systemd.conf

@@ -0,0 +1,18 @@
+[Unit]
+Description=Yerd nginx
+After=network.target
+
+[Service]
+Type=forking
+PIDFile=/opt/yerd/web/nginx/run/nginx.pid
+ExecStartPre=/opt/yerd/web/nginx/sbin/nginx -t -c /opt/yerd/web/nginx/conf/nginx.conf
+ExecStart=/opt/yerd/web/nginx/sbin/nginx -c /opt/yerd/web/nginx/conf/nginx.conf
+ExecReload=/bin/kill -s HUP $MAINPID
+ExecStop=/bin/kill -s QUIT $MAINPID
+User=root
+Group=root
+
+NonBlocking=true
+
+[Install]
+WantedBy=multi-user.target

.config/php/php-fpm.conf

@@ -0,0 +1,37 @@
+; PHP-FPM main configuration for PHP {{% version %}}
+; Generated by YERD
+
+[global]
+; PID file for the main process
+pid = {{% pid_path %}}
+
+; Error log file
+error_log = {{% log_path %}}
+
+; Log level (alert, error, warning, notice, debug)
+log_level = notice
+
+; When this amount of php-fpm processes is reached, master process will abort.
+; Set to 0 for no limits.
+process.max = 128
+
+; Emergency restart threshold. If this number of child processes exit with
+; SIGSEGV or SIGBUS within the time interval set by emergency_restart_interval
+; then FPM will restart. A value of '0' means 'Off'. Available Units: s(econds), m(inutes), h(ours), or d(ays)
+emergency_restart_threshold = 0
+
+; Interval of time used by emergency_restart_interval to determine when
+; a graceful restart will be initiated.  This can be useful to work around
+; accidental corruptions in an accelerator's shared memory.
+; Available Units: s(econds), m(inutes), h(ours), or d(ays)
+emergency_restart_interval = 0
+
+; Time limit for child processes to wait for a reaction on signals from master.
+; Available units: s(econds), m(inutes), h(ours), or d(ays)
+process_control_timeout = 0
+
+; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging.
+daemonize = yes
+
+; Include pool configurations
+include = {{% pool_dir %}}/*.conf

.config/php/php.ini

@@ -0,0 +1,107 @@
+; Default PHP configuration for YERD-managed PHP
+; Generated by YERD (A powerful, developer-friendly tool for managing PHP versions)
+
+[PHP]
+; Core Settings
+engine = On
+short_open_tag = Off
+precision = 14
+output_buffering = 4096
+zlib.output_compression = Off
+implicit_flush = Off
+unserialize_callback_func =
+serialize_precision = -1
+disable_functions =
+disable_classes =
+zend.enable_gc = On
+zend.exception_ignore_args = On
+zend.exception_string_param_max_len = 0
+
+; Resource Limits
+max_execution_time = 30
+max_input_time = 60
+memory_limit = 128M
+
+; Error handling and logging
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+display_errors = Off
+display_startup_errors = Off
+log_errors = On
+ignore_repeated_errors = Off
+ignore_repeated_source = Off
+report_memleaks = On
+
+; Data Handling
+variables_order = "GPCS"
+request_order = "GP"
+register_argc_argv = Off
+auto_globals_jit = On
+post_max_size = 8M
+auto_prepend_file =
+auto_append_file =
+default_mimetype = "text/html"
+default_charset = "UTF-8"
+
+; File Uploads
+file_uploads = On
+upload_max_filesize = 2M
+max_file_uploads = 20
+
+; Fopen wrappers
+allow_url_fopen = On
+allow_url_include = Off
+default_socket_timeout = 60
+
+; Dynamic Extensions
+; extension_dir will be dynamically set based on PHP version
+extension_dir = ""
+
+; Date
+date.timezone = UTC
+
+; Session
+session.save_handler = files
+session.use_strict_mode = 0
+session.use_cookies = 1
+session.use_only_cookies = 1
+session.name = PHPSESSID
+session.auto_start = 0
+session.cookie_lifetime = 0
+session.cookie_path = /
+session.cookie_domain =
+session.cookie_httponly =
+session.cookie_samesite =
+session.serialize_handler = php
+session.gc_probability = 0
+session.gc_divisor = 1000
+session.gc_maxlifetime = 1440
+session.referer_check =
+session.cache_limiter = nocache
+session.cache_expire = 180
+session.use_trans_sid = 0
+session.sid_length = 26
+session.trans_sid_tags = "a=href,area=href,frame=src,form="
+session.sid_bits_per_character = 5
+
+; MySQLi
+mysqli.max_persistent = -1
+mysqli.allow_persistent = On
+mysqli.max_links = -1
+mysqli.default_port = 3306
+mysqli.default_socket =
+mysqli.default_host =
+mysqli.default_user =
+mysqli.default_pw =
+mysqli.reconnect = Off
+
+; bcmath
+bcmath.scale = 0
+
+; OpCache (if available)
+; opcache.enable=1
+; opcache.enable_cli=0
+; opcache.memory_consumption=128
+; opcache.interned_strings_buffer=8
+; opcache.max_accelerated_files=4000
+; opcache.revalidate_freq=2
+; opcache.fast_shutdown=1

.config/php/systemd.conf

@@ -0,0 +1,27 @@
+[Unit]
+Description=PHP-FPM {{% version %}} (YERD managed)
+Documentation=man:php-fpm{{% version %}}(8)
+After=network.target
+
+[Service]
+Type=forking
+PIDFile={{% pid_path %}}
+ExecStart={{% fpm_binary_path %}} --fpm-config {{% main_config_path %}} --pid {{% pid_path %}}
+ExecReload=/bin/kill -USR2 $MAINPID
+ExecStop=/bin/kill -SIGINT $MAINPID
+TimeoutStopSec=5
+KillMode=process
+PrivateTmp=false
+ProtectSystem=full
+ProtectHome=false
+RuntimeDirectory=yerd-php{{% version %}}mfpm
+RuntimeDirectoryMode=0755
+
+# Restart policy
+Restart=on-failure
+RestartSec=5
+StartLimitInterval=60s
+StartLimitBurst=3
+
+[Install]
+WantedBy=multi-user.target

.config/php/www.conf

@@ -0,0 +1,30 @@
+; PHP-FPM pool configuration for PHP {{% version %}}
+; Generated by YERD
+
+[www]
+; The name of the pool
+user = {{% user %}}
+group = {{% group %}}
+
+; Unix socket configuration  
+listen = {{% sock_path %}}
+listen.owner = {{% user %}}
+listen.group = {{% group %}}
+listen.mode = 0660
+
+; Process management
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+; Logging
+php_admin_value[error_log] = {{% log_path %}}
+php_admin_flag[log_errors] = on
+
+; Performance
+php_value[memory_limit] = 1024M
+php_value[max_execution_time] = 999
+php_value[upload_max_filesize] = 999M
+php_value[post_max_size] = 999M

.config/ssl/ext.conf

@@ -0,0 +1,4 @@
+authorityKeyIdentifier=keyid,issuer
+basicConstraints=CA:FALSE
+keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
+subjectAltName = DNS:{{% domain %}},DNS:www.{{% domain %}}