Headline News
GoPro Returns with New Range (September 26, 2016 7:31 pm)
TRAILER: Doctor Strange (April 13, 2016 8:23 am)
TRAILER: Dawn of Justice Trailer 2 (December 3, 2015 6:25 pm)
Luther Season 4 Returns to the BBC (December 2, 2015 9:13 pm)
Sherlock Special (December 2, 2015 9:01 pm)

Configuring Anchor CMS on Nginx

April 9, 2014
880 Views

Here is how I configured the site and got everything working. I’m sure there are many mistakes and examples of bad practice in my config files, and I take no responsibility if you follow this guide and create a website riddled with security holes. If you choose to follow this guide, you should take suitable measures tosecure your site. This guide assumes you already have a dynamic DNS or static IP address setup and you know how to access the server to install stuff, your ports are forwarded correctly and you are running Arch Linux.

First, download the latest version of Anchor CMS and extract to /srv/http so you have a folder structure like /srv/http/anchorcms/.

Change the owner of all the files to the http user, give the http user full access, and give everyone else only read and execute access.

cd /srv/http/anchorcms
sudo chown -R http *
sudo chmod -R 755 *

Download the necessary packages from the Arch repos.

pacman -S mysqld php php-fpm nginx

Set up a database.

mysql -u root -p

mysql> create database anchordb
mysql> USE anchordb

Make sure the /etc/php/php.ini file lists /srv/http/ in the open_basedir directive and the following extensions in the dynamic extensions section are uncommented.

open_basedir = /srv/http/

extension=gd.so
extension=gettext.so
extension=openssl.so
extension=pdo_mysql.so

Make sure the /etc/php/php-fpm.conf file uses the http user and is listening on the unix socket rather than the loopback IP address.

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
user = http
group = http

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific address on
;                            a specific port;
;   'port'                 - to listen on a TCP socket to all addresses on a
;                            specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
;listen = 127.0.0.1:9000
listen = /run/php-fpm/php-fpm.sock

Edit your /etc/nginx/nginx.conf file to be the same as below.

user http;
worker_processes  1;
error_log /var/log/nginx/error.log warn;
events {
        worker_connections  1024;
}
http {
    index index.php index.html index.htm;        
        default_type  application/octet-stream;
    include       mime.types;
        sendfile        on;
        keepalive_timeout  65;
    ## Compression
    gzip              on;
    gzip_buffers      16 8k;
    gzip_comp_level   4;
    gzip_http_version 1.0;
    gzip_min_length   1280;
    gzip_types        text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript image/x-icon image/bmp;
    gzip_vary         on;
    server {
            listen   80;
            root /srv/http/anchorcms;
            server_name localhost;
            try_files $uri $uri/ /index.php;
        #Browser caching
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
            expires 1y;
            log_not_found off;
        }
        #Display errors
            error_page 404 /404.html;
            error_page 500 502 503 504 /50x.html;
            location = /50x.html {
                  root /srv/http;
            }
        location ~ \.php$ {
                    fastcgi_pass   unix:/run/php-fpm/php-fpm.sock; 
                fastcgi_param  SCRIPT_FILENAME  /srv/http/nginx$fastcgi_script_name;
                include        fastcgi.conf;
            fastcgi_intercept_errors        on;
                fastcgi_ignore_client_abort     off;
                fastcgi_connect_timeout 60;
                fastcgi_send_timeout 180;
                fastcgi_read_timeout 180;
                fastcgi_buffer_size 128k;
                fastcgi_buffers 4 256k;
                fastcgi_busy_buffers_size 256k;
                fastcgi_temp_file_write_size 256k;
            }
    }
}

That should be everything configured, now to spin up the services and set them to start on boot.

sudo systemctl start php-fpm mysqld nginx
sudo systemctl enable php-fpm mysqld nginx

Now navigate to your dynamic DNS name or your IP address in a browser and you should be greeted with an Anchor CMS set up screen. It will ask you for the name of the database you created and for you to set a username and password to be able to login to the management interface of the site which can be found under http://yoursitename/admin.

Thats it! Hopefully anyway. If you run into any problems you can try checking the Arch wiki for tips on configuration of each of the components. The Nginx error log can be found at /var/log/nginx/error.log if you followed the config above. The Anchor CMS set up screen also does a pretty good job of telling you if it needs something that doesn’t appear to be enabled.