Malin
fa5bf17eb8
Complete conversion of the WordOps stack from Nginx + PHP-FPM to OpenLiteSpeed + LSPHP + LSCache. This is a full rewrite across all 7 phases of the codebase: - Foundation: OLS paths, variables, services, removed pynginxconfig dep - Templates: 11 new OLS mustache templates, removed nginx-specific ones - Stack: stack_pref, stack, stack_services, stack_upgrade, stack_migrate - Site: site_functions, site, site_create, site_update - Plugins: debug, info, log, clean rewritten for OLS - SSL/ACME: acme.sh deploy uses lswsctrl, OLS vhssl blocks - Other: secure, backup, clone, install script Additional features: - Debian 13 (trixie) support - PHP 8.5 support - WP Fort Knox mu-plugin integration (wo secure --lockdown/--unlock) - --nginx CLI flag preserved for backward compatibility Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
123 lines
3.0 KiB
Plaintext
123 lines
3.0 KiB
Plaintext
# OpenLiteSpeed Virtual Host Configuration - WordOps {{release}}
|
|
# Domain: {{site_name}}
|
|
|
|
docRoot {{webroot}}/htdocs
|
|
vhDomain {{site_name}}
|
|
vhAliases www.{{site_name}}
|
|
enableGzip 1
|
|
enableBr 1
|
|
|
|
errorlog {{webroot}}/logs/ols.error_log {
|
|
useServer 0
|
|
logLevel ERROR
|
|
rollingSize 10M
|
|
}
|
|
|
|
accesslog {{webroot}}/logs/ols.access_log {
|
|
useServer 0
|
|
rollingSize 10M
|
|
keepDays 30
|
|
compressArchive 0
|
|
}
|
|
|
|
index {
|
|
useServer 0
|
|
indexFiles {{^static}}index.php, {{/static}}index.html, index.htm
|
|
autoIndex 0
|
|
}
|
|
|
|
{{^static}}
|
|
# PHP handler via LSAPI
|
|
scripthandler {
|
|
add lsapi:lsphp{{php_short}} php
|
|
}
|
|
{{/static}}
|
|
|
|
# External app - LSPHP
|
|
extprocessor lsphp{{php_short}} {
|
|
type lsapi
|
|
address uds://tmp/lshttpd/lsphp{{php_short}}.sock
|
|
maxConns 10
|
|
env PHP_LSAPI_CHILDREN=10
|
|
env LSAPI_AVOID_FORK=200M
|
|
initTimeout 60
|
|
retryTimeout 0
|
|
pcKeepAliveTimeout 60
|
|
respBuffer 0
|
|
autoStart 2
|
|
path /usr/local/lsws/lsphp{{php_short}}/bin/lsphp
|
|
backlog 100
|
|
instances 1
|
|
priority 0
|
|
memSoftLimit 2047M
|
|
memHardLimit 2047M
|
|
procSoftLimit 1400
|
|
procHardLimit 1500
|
|
}
|
|
|
|
# LSCache module configuration
|
|
module cache {
|
|
ls_enabled 1
|
|
checkPrivateCache 1
|
|
checkPublicCache 1
|
|
maxCacheObjSize 10000000
|
|
maxStaleAge 200
|
|
qsCache 1
|
|
reqCookieCache 1
|
|
respCookieCache 1
|
|
ignoreReqCacheCtrl 1
|
|
ignoreRespCacheCtrl 0
|
|
{{#wp}}
|
|
enableCache 1
|
|
{{/wp}}
|
|
{{^wp}}
|
|
enableCache 0
|
|
{{/wp}}
|
|
expireInSeconds 3600
|
|
enablePrivateCache 0
|
|
privateExpireInSeconds 3600
|
|
}
|
|
|
|
# Rewrite rules
|
|
rewrite {
|
|
enable 1
|
|
autoLoadHtaccess 1
|
|
}
|
|
|
|
# Security context for wp-admin
|
|
context /wp-admin/ {
|
|
location {{webroot}}/htdocs/wp-admin/
|
|
allowBrowse 1
|
|
{{^static}}
|
|
addDefaultCharset off
|
|
phpIniOverride {
|
|
}
|
|
{{/static}}
|
|
}
|
|
|
|
# Security - deny hidden files
|
|
context exp:/(\.(?!well-known)) {
|
|
allowBrowse 0
|
|
}
|
|
|
|
# Let's Encrypt validation
|
|
context /.well-known/acme-challenge/ {
|
|
location /var/www/html/.well-known/acme-challenge/
|
|
allowBrowse 1
|
|
addDefaultCharset off
|
|
}
|
|
|
|
# Include per-site custom configurations
|
|
include {{webroot}}/conf/ols/*.conf
|
|
|
|
{{#ssl}}
|
|
# SSL Configuration
|
|
vhssl {
|
|
keyFile {{ssl_live_path}}/{{site_name}}/key.pem
|
|
certFile {{ssl_live_path}}/{{site_name}}/fullchain.pem
|
|
certChain 1
|
|
sslProtocol 24
|
|
enableQuic 1
|
|
}
|
|
{{/ssl}}
|