WordPress on OpenBSD + httpd + MariaDB + PHP

Table of Contents

  1. Introduction
  2. HTTP Daemon Setup
  3. Database Installation
  4. PHP Configuration
  5. Testing
  6. Web Deployment
  7. Further Reading

Introduction

The ubiquitous LAMP (Linux / Apache / MySQL / PHP) Stack that runs on just about every private or SOHO, and even enterprise level, deployment has scores of guides available across the Internet. If you are establishing your own web server for the first time, you can google “LAMP Stack” $linux_flavour and Google will return thousands of results; many of them up-to-date and accurate enough that you can reliably follow the steps provided to deploy a secure production environment where you can serve anything from your WordPress blog to private cloud storage with webmail and online calendar application. Attempting to do the same on OpenBSD, however, is not as fruitful; current, correct, and comprehensive guides are not as forthcoming from a Google search. To start, there is no comparable search pattern. For example, “OAMP Stack” (OpenBSD / Apache / MySQL / PHP) returns 23 results, most of which aren’t relevant, and less than a handful that are current and correct albeit short of comprehensive. Further, the base system web server included in your OpenBSD installation is named “httpd,” which presents more of a challenge in searching for quality content. There is, however, a silver lining for OpenBSD users: quality documentation and rock solid design. The official OpenBSD documentation is clear and concise. It is super easy to follow and always correct. It is common to hear praises being sung of the exhaustive, albeit garrulous, official documentation of its better known cousin, FreeBSD. The more common Berkeley Unix derivative, however, is susceptible to delivering outdated-difficult-to-locate-and-implement tasks through trawling the long-winded Handbook. Further, installation of OpenBSD ported packages provides additional system specific information in /usr/local/share/doc/pkg-readmes with step-by-step instructions that produce sane configuration and a working setup. OpenBSD developers have put in a lot of work to ensure users are met with precision in their developments. It is a brilliant example of quality trumping quantity.

With that in mind, you will find these pages presenting information sourced from the official OpenBSD documentation, provided in the website FAQ, as well as software official documentation. Proper use of these two sources combined with ad hoc use of relevant Manual Pages are more often than not all that is needed for successful installation, configuration, and deployment of all services.

HTTP Daemon Setup

OpenBSD comes with its own web server: httpd. It is secure, lightweight and very simple to use.

In OpenBSD, rcctl is used to configure and control daemons and services; to enable and start httpd:

rcctl enable httpd
rcctl start httpd

The enable command adds an entry to /etc/rc.conf.local, which is where the system’s daemon control scripts are either set or unset to start at system boot. The start command, as you suspect, starts the httpd daemon.

OpenBSD provides an example configuration file in /etc/examples/httpd.conf that you can peruse if not use for yourself. Creating your own, though, is really very simple and can be done in as little as a half dozen non-whitespace lines.

Create a new /etc/httpd.conf file with your editor of choice, and add the following (replacing domain.tld with your site particulars):

server "domain.tld" {
        alias "www.domain.tld"
        listen on * port 80
        root "/site_name"
        directory index index.php

        location "/*.php*" { fastcgi socket "/run/php-fpm.sock" }

        location "/.well-known/acme-challenge/*" {
                root "/htdocs/acme"
                root strip 2
        }
}

The meanings of each line can be ascertained from the httpd.conf(5) man page. In short, the above will serve regular http (i.e., port 80)  domain.tld and www.domain.tld requests from /var/www/site_name, and will process all PHP requests through a unix socket connection to the FastCGI Process Manager. The second location directive handles acme challenges that will be received when generating a HTTPS certificate with acme-client(1), which will be detailed in an upcoming post.

Check that the syntax is correct with:

# httpd -vnf /etc/httpd.conf
configuration OK

That concludes the rather simple setup of the OpenBSD HTTP daemon, httpd.

Database Installation

OpenBSD offers both PostgreSQL and MariaDB, the open source MySQL fork, as binary packages available through pkg_add. PostgreSQL is an excellent (likely superior) alternative to MySQL, but is not as widely covered by third-party applications in their installation and RDBMS (Relational Database Management System) configuration documentation. Plus, for most personal and SOHO environments it is arguably overkill, with any real advantage not being utilised. In contrast, MySQL/MariaDB installations share common syntax with abundant documentation for most use cases. In short, MySQL/MariaDB is simpler than PostgreSQL so this will be installed with:

# pkg_add mariadb-server

Once downloaded and extracted, use the provided install script before enabling and starting the daemon.

# mysql_install_db
# rcctl enable mysqld
# rcctl start mysqld

MariaDB also offers a post-installation script to secure the daemon and create a root superuser account, which will be ran with:

# mysql_secure_installation

A series of easily answered questions will follow; set the root password and answer yes to each question. Once finished, before accessing the database, change the environment to delete MySQL input rather than have it logged in clear text by adding the following to /etc/rc.conf.local:

export MYSQL_HISTFILE=/dev/null

Now access MariaDB as the superuser to create a database for the upcoming website and blog:

# mysql -u root -p

Enter the root password when prompted, then:

CREATE DATABASE wordpress;
GRANT ALL ON wordpress.* to 'wp-admin'@'localhost' IDENTIFIED BY '$password';
FLUSH PRIVILEGES;
quit;

To ensure MariaDB can communicate with httpd through a unix socket, edit /etc/my.cnf and change the socket location under both the client and mysqld sections to the chroot’ed file:

[client]
socket = /var/www/var/run/mysql/mysql.sock
[mysqld]
socket = /var/www/var/run/mysql/mysql.sock

Restart the daemon to make changes take effect before moving onto PHP installation and setup.

# rcctl restart mysqld

PHP Configuration

In OpenBSD, PHP is offered as a binary package, with extensions that don’t come in the default install available as additional packages. Given that not all commonly required extensions are available in the latest available PHP version, at this point in time, it is best to select version 5.6.31 when prompted by the interactive pkg prompt. In addition to the needed MySQL PHP extensions, we will install some more commonly needed extensions that will be required by future package installations.

# pkg_add php php-gd php-mysql php-mysqli php-bz2 php-curl php-intl php-mcrypt php-zip php-pdo_dblib php-pdo_mysql

The web server is already configured to handle PHP requests so we can move straight onto PHP configuration by enabling all installed extensions.

# cp /etc/php-5.6.sample/* /etc/php-5.6/.

Some minor adjustments to the default php-fpm.conf file will be made for runtime optimisation. Bring up /etc/php-fpm.conf in your favourite editor and search for the string ‘pm =‘ to make the following edits:

pm = ondemand
pm.max_children = 50
pm.max_requests = 500

Next, to cache compiled PHP files and improve performance, activate Zend OpCache by either locating, uncommenting, and editing, or  simply appending, the following entries to /etc/php-5.6.ini:

[opcache]
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

Now enable and start php-fpm.

# rcctl enable php56_fpm
# rcctl start php56_fpm

Testing

At this point, httpd is up and serving out of /var/www/site_name, MariaDB has been installed and is ready to create databases required by different web applications, and PHP is configured with FastCGI Process Manager handling requests made through the httpd web server. To test that the setup is working as intended, bring up a new file /var/www/site_name/info.php in your favourite editor and add:

<?

  phpinfo();

?>

Now enter domain.tld/info.php in a browser and you should be greeted with the easily recognisable PHP info page.

Web Deployment

To standup a basic website and blog, download the latest WordPress compressed archive into the /var/www directory.

# ftp -S do&nbsp;https://en-au.wordpress.org/wordpress-4.9.4-en_AU.tar.gz

Extract the contents, then open /etc/httpd.conf to change the root of domain.tld requests to the wordpress directory.

root "/wordpress"

Now restart the daemon for changes to take effect:

# rcctl restart httpd

Point your browser to domain.tld where you will be greeted by the WordPress setup screen. Enter the previously created database name, user, password, and host. Leave the database table prefix as is and click “Let’s go!” You should immediately be met by WordPress advising that it cannot create the wp-config.php file, but providing you with the contents of this file instead. Copy the provided text, and open up /var/www/wordpress/wp-config.php in your favourite editor. Enter the text provided by WordPress, then save and exit the file. Now point your browser again to domain.tld where you will be presented with your newly created WordPress site.

If you have any issues following this guide, don’t hesitate to comment or email mark [at] bsdbox [dot] org.

Further Reading

  1. OpenBSD Package Management
  2. MariaDB SQL Statements
  3. Install WordPress Codex
  4. Introducing OpenBSD’s new httpd
  5. PHP OpCache Runtime Configuration

One Reply to “WordPress on OpenBSD + httpd + MariaDB + PHP”

Leave a Reply

Your email address will not be published. Required fields are marked *