This is a thread to consider what things we need to change / update compared with what we have running on Debian 9, Stretch.
- Hosting accounts to be described and provisioned using Ansible rather than text files and shell scripts. Also make maximum use of public Ansible roles.
- MySQL socket access to be setup for all users (
roothas this by default on Debian 9) so applications can connect to the database(s) without passwords.
- Consider running Apache with ITK MPM on port 80 only (we can’t ditch Apache and switch to
php-fpmsince so many applications depend on
.htaccessfiles so I think we need to stick with
mod_php) with a Nginx reverse proxy on port 443, this would enable Ngnix level micro-caching and also HTTP/2 (HTTP/2 can’t be used with ITK MPM).
- Currently each hosting account can have multiple
VirtualHost's however only one type of
VirtualHostconfig can be used per account, for example you can’t have a
/home/user/sites/wordpresssite and a
/home/user/sites/mediawikisite with the respective WordPress and MediaWiki Apache configs — it would be nice to change this however we also need to consider how we are going to describe and sell hosting accounts… I don’t have a good answer for this at the moment.
Any other ideas / suggestions?