Updated Installation


(Ed) #1

Hi All,

Can someone please provide me with an updated guide to install Matrix 5-5-6? I have downloaded the tgz file however the documentation seems to be not updated (most of the steps are referring to Apache however, it seems the Matrix version no longer supports it - the recommendation is to use NGINX but there seems to be a lack of succinct documentation out there.

Many thanks


(Bart Banda) #2

Hi Ed,
This is in our documentation backlog to update the installation instructions for the latest version.
In the meantime, I’ll see if I can dig up the Nginx config that we typically use in the Squiz Cloud for our Matrix installs.


(Tbaatar) #3

Hi Bart,

Would it be possible if you can share the Nginx config before the documentation is updated.
Whilst we are stuck at home I’d like to get my hands dirty again with the installation process.

Many thanks.


(David Schoen) #4

I know this isn’t the nicest way to grab it, but maybe it’s useful regardless - the public VM uses Openresty, which is basically Nginx + Lua.

I think the critical files are the vhost:

$ cat openresty/conf.d/matrix.conf 
server {
    listen 80 default;

    # per vhost logging
    access_log /var/log/openresty/access.log main;
    error_log /var/log/openresty/error.log error;

    set $matrix_root /var/www/matrix;
    set $fcgi_path unix:/var/run/php-fpm/www.sock;

    root $matrix_root;

    # Enable Gzip
    include gzip;

    include matrix-common;
}

and a common file that does a lot of the stuff that was done with Apache aliases historically:

$ cat openresty/matrix-common 
# Push 404's to the matrix handler, this means static 404's in __data are handled by matrix too
error_page 404 = @matrix;

# Redirect server error pages to the static page /50x.html
#error_page 500 502 503 504  /50x.html;
#location = /50x.html {
#        root /usr/share/nginx/html;
#}

# don't allow access to php status from the web
location /__status {
        # this is to override the @matrix 404 handling above (which would just render the php status)
        error_page 404 = /__404;
        return 404;
}
location /__404 {
        # this turns on the internal nginx 404 handler because we can't let php see this request at all
        internal;
}

# Just serve data files
location /__data {
        alias $matrix_root/data/public/;
        expires 30d;

        # Ensure that browsers don't guess filetypes
        add_header X-Content-Type-Options nosniff;

        # There are php scripts in here too...
        location ~ asset_types/.*\.php$ {
                expires off;
                fastcgi_split_path_info ^/__data/(.*)(.*);
                fastcgi_pass $fcgi_path;
                fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                include fastcgi-params;
        }
}

# Fudge and lib contain some php scripts, annoying.
location /__fudge {
        alias $matrix_root/fudge/;
        expires 30d;
        location ~ \.php$ {
                expires off;
                fastcgi_split_path_info ^/__fudge/(.*)(.*);
                fastcgi_pass $fcgi_path;
                fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                include fastcgi-params;
        }
}
location /__lib {
        alias $matrix_root/core/lib/;
        expires 30d;
        # uncomment specific test_message\.php location  if you are seeing 499 from nginx when test_message.php 
        # is used as a healthcheck by a load balancer. "fastcgi_ignore_client_abort on" should help with 499 code
        # You may also need to set "half_closed_clients on" in squid config if there is a loadbalancer in front of squid nodes
#       location ~ test_message\.php$ {
#               fastcgi_ignore_client_abort on; 
#               expires off;
#               fastcgi_split_path_info ^/__lib/(.*)(.*);
#               fastcgi_pass $fcgi_path;
#               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#               include fastcgi-params;
#       }
        location ~ \.php$ {
                expires off;
                fastcgi_split_path_info ^/__lib/(.*)(.*);
                fastcgi_pass $fcgi_path;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi-params;
        }
}

# trinity session information
location /__trinity/authsession.php {
        alias $matrix_root/core/lib/edge/;

        expires -1;
        fastcgi_split_path_info ^/__trinity/(.*)(.*);
        fastcgi_pass $fcgi_path;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi-params;
}

# Pass everything else to matrix handler
location / {
        fastcgi_read_timeout 120s;
        fastcgi_pass $fcgi_path;
        fastcgi_param SCRIPT_FILENAME $document_root/core/web/index.php$fastcgi_script_name;
        include fastcgi-params;
}
location @matrix {
        fastcgi_read_timeout 120s;
        fastcgi_pass $fcgi_path;
        fastcgi_param SCRIPT_FILENAME $document_root/core/web/index.php$fastcgi_script_name;
        include fastcgi-params;
}

# deny .inc, .git, .FFV and CVS
location ~ \.inc$ {
        deny all;
}
location ~ /(CVS|\.FFV|\.git)/ {
        deny all;
}

I’m not sure which other bits are crucial or whether that will just “drop in” to Nginx, so you may want to try the VM anyway.