AJout de contenu ...à mettre en forme

reveal/httpd.html

@@ -18,7 +18,7 @@
         <link rel="stylesheet" href="reveal.js/css/theme/beige.css" id="theme">
 
         <!-- Theme used for syntax highlighting of code -->
-        <link rel="stylesheet" href="reveal.js/lib/css/zenburn.css">
+        <link rel="sftylesheet" href="reveal.js/lib/css/zenburn.css">
 
         <!-- Printing and PDF exports -->
         <script>
@@ -57,6 +57,8 @@
     <pre><code data-trim class="hljs nohighlight">
 # apt install apache2-mpm-itk \
               libapache2-mod-evasive apachetop libwww-perl
+
+# apachectl configtest
     </code></pre>
   </section>
 
@@ -106,14 +108,14 @@
       MinSpareServers 20
       MaxSpareServers 30
       MaxRequestsPerChild 100
-      <Directory /home/>
+      &lt;Directory /home/>
           AllowOverride None
           Require all granted
-      </Directory>
-      <IfModule mod_ssl.c>
+      &lt;/Directory>
+      &lt;IfModule mod_ssl.c>
       SSLProtocol all -SSLv2 -SSLv3
       SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
-      </IfModule>
+       &lt;/IfModule>
     </code></pre>
   </section>
 
@@ -138,15 +140,15 @@ umask 007
       <h4>VirtualHost basé sur un nom de domaine</h4>
 <!-- Je n'ai pas trouvé le moyen d'avoir du code à balise qui soit proprement affiché tout en conservant le texte brut intacte.  -->
       <pre><code data-trim class="hljs nohighlight" style="max-height: 600px">
-&lt;VirtualHost *:80&gt;
+&lt;VirtualHost *:80>
     ServerName www.example.com
     ServerAlias example.com
 
     DocumentRoot /home/example/www/
-    &lt;Directory /home/example/www/&gt;
+    &lt;Directory /home/example/www/>
         Options SymLinksIfOwnerMatch
         AllowOverride AuthConfig Limit FileInfo Indexes
-    &lt;/Directory&gt;
+    &lt;/Directory>
 
     AssignUserID www-example example
     MaxClientsVHost 150
@@ -159,7 +161,7 @@ umask 007
     UseCanonicalName On
     RewriteCond %{HTTP_HOST} !^www.example.com$
     RewriteRule ^/(.*) http://%{SERVER_NAME}/$1 [L,R]
-&lt;/VirtualHost&gt;
+&lt;/VirtualHost>
     </code></pre>
 
 </section>
@@ -206,7 +208,7 @@ umask 007
 
     <section>
       <h4>Attention !</h4>
-      <p><strong>Ne jamais forcer les droits<br>récursivement sur toute l’arborescence.</strong></p>
+      <p><strong>Ne jamais forcer les droits<br>récursivement sur toute l’arborescence.</strong> #NEVER777</p>
 <p>Si la restriction en écriture pour Apache est impossible :</p>
 <ul>
   <li>plus d’utilisateur distinct</li>
@@ -337,7 +339,7 @@ RewriteRule ^/foo.txt [L,F]
 
 <section>
   <h3>Apachetop</h3>
-  Affiche en direct des stats sur le traffic, d'après les logs.
+  Affiche en direct des stats sur le trafic, d'après les logs.
   <pre><code data-trim class="hljs nohighlight">
   $ apachetop -f access.log -T 3600 -q
   </code></pre>
@@ -370,16 +372,100 @@ RewriteRule ^/foo.txt [L,F]
   <section>
     <h3>Installation</h3>
   <pre><code data-trim class="hljs nohighlight">
-  # aptitude install nginx
-  # nginx -v
+# apt install nginx
+
+# nginx -t -c /etc/nginx/nginx.conf
   </code>
-nginx version: nginx/1.10.3
   </pre>
   </section>
 
   <section>
-https://wiki.evolix.org/HowtoNginx
+    <h3>Fichiers de configuration</h3>
+    <pre>
+/etc/nginx/
+├── conf.d
+├── fastcgi.conf
+├── fastcgi_params
+├── koi-utf
+├── koi-win
+├── mime.types
+├── nginx.conf
+├── proxy_params
+├── scgi_params
+├── sites-available
+│   └── default
+├── sites-enabled
+│   └── default -> /etc/nginx/sites-available/default
+├── snippets
+│   ├── fastcgi-php.conf
+│   └── snakeoil.conf
+├── uwsgi_params
+└── win-utf
+</pre>
 </section>
+
+  <section>
+    <h3>Optimisations "Evolix"</h3>
+    <pre><code data-trim style="max-height: 500px">
+user www-data;
+worker_processes 8; 
+pid /var/run/nginx.pid;
+
+events {
+    use epoll;
+    worker_connections 10240;
+}
+
+http {
+    keepalive_timeout  15;
+[...]
+
+# disable Nginx version
+server_tokens off;
+    </code></pre>
+</section>
+
+<section>
+    <h3>VirtualHost</h3>
+<pre><code data-trim class="hljs nohighlight" style="max-height: 600px">
+server {
+        listen 80;
+        server_name static.example.com assets.example.com;
+        access_log  /var/log/nginx/access.log;
+        root   /home/static/www;
+        location /crossdomain.xml {
+                alias   /home/static/www/crossdomain.xml;
+        }
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+                root   /var/www/nginx-default;
+        }
+        location ~\.(jpeg|jpg|gif|png)$ {
+                add_header Cache-Control "public";
+                expires 2w;
+        }
+        location ~\.(js|pdf|css|swf)$ {
+                add_header Cache-Control "public";
+                expires 3w;
+        }
+}
+    </code></pre>
+</section>
+
+<section>
+<pre><code data-trim class="hljs nohighlight" style="max-height: 600px">
+server {
+        listen 443;
+        server_name static.example.com assets.example.com;
+
+        ssl on;
+        ssl_certificate /etc/ssl/certs/static.example.com.crt;
+        ssl_certificate_key /etc/ssl/private/static.example.com.key;
+        #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
+}
+</code></pre>
+</section>
+
 </section>
 
 <section>
@@ -391,11 +477,10 @@ https://wiki.evolix.org/HowtoNginx
   <section>
     <h3>Installation</h3>
   <pre><code data-trim class="hljs nohighlight">
-  # apt install haproxy
-  # varnishd -v
+# apt install haproxy
+
+# haproxy -c -f /etc/haproxy/haproxy.cfg 
   </code>
-HA-Proxy version 1.7.5-2 2017/05/17
-Copyright 2000-2017 Willy Tarreau &lt;willy@haproxy.org&gt;
   </pre>
   </section>
 
@@ -423,7 +508,7 @@ listen www
     <h3>Configuration avancée</h3>
     <ul>
       <li>gestion fine des performances</li>
-      <li>multiples IP/domaines écoutés</li>
+      <li>multiples IP/domaines</li>
       <li>différents algorithmes de load-balancing</li>
     </ul>
   </section>
@@ -479,11 +564,7 @@ listen mysql 127.0.0.1:3306
   <h3>Installation</h3>
 <pre><code data-trim class="hljs nohighlight">
 # apt install varnish
-# varnishd -V
 </code>
-varnishd (varnish-4.0.2 revision bfe7cd1)
-Copyright (c) 2006 Verdens Gang AS
-Copyright (c) 2006-2014 Varnish Software AS
 </pre>
 </section>
 
@@ -517,6 +598,28 @@ Filtres possibles
 
 <section>
 <h3>Syntaxe VCL</h3>
+<pre><code data-trim class="hljs nohighlight">
+sub vcl_recv {
+    if (req.http.host == "boutique.example.com") {
+
+        if (req.url ~ "^/" || req.url  ~ "/newsletter" ) {
+            unset req.http.cookie;
+        }
+    }
+}
+
+sub vcl_backend_response {
+    if (bereq.http.host == "boutique.example.com") {
+
+        if (bereq.url ~ "^/" || bereq.url  ~ "/newsletter" ) {
+            unset beresp.http.Set-Cookie;
+            set beresp.ttl = 1h;
+            return (deliver);
+        }
+    }
+}
+</code></pre>
+
 </section>
 
 </section>
@@ -527,7 +630,133 @@ Filtres possibles
     <p>Langage de programmation très adapté au web.</p>
   </section>
 
-https://wiki.evolix.org/HowtoLAMP/PHP
+  <section>
+    <h2>Versions de PHP</h2>
+<ul>
+<li>PHP 3 (1997)</li>
+<li>PHP 4 (2000)</li>
+<li>PHP 5 (2004)</li>
+<li>PHP 5.4 (Debian 7)</li>
+<li>PHP 5.6 (Debian 8)</li>
+<li>PHP 7 (Debian 9)</li>
+</ul>
+</section>
+
+<section>
+<h2>Installation</h2>
+<pre><code data-trim class="hljs nohighlight">
+# apt install php5 libapache2-mod-php5 php5-gd php5-imap php5-ldap php5-mcrypt php5-mhash php5-mysql php5-pgsql php-gettext librsvg2-bin
+$ php -v
+
+# apt install php5-fpm
+
+php.ini
+
+short_open_tags = Off
+disable_functions = exec, shell-exec, system, passthru, putenv, popen
+expose_php = Off
+display_errors = Off
+log_errors = On
+allow_url_fopen = Off
+memory_limit = 128M
+max_execution_time = 10
+open_basedir = /home
+
+
+Délégation dans VortualHost Apache :
+
+#php_admin_flag engine off
+#AddType text/html .html
+#php_admin_flag safe_mode off
+#php_admin_value safe_mode_exec_dir /usr/bin
+#php_admin_flag display_errors on
+#php_flag short_open_tag on
+#php_flag register_globals on
+#php_admin_value upload_tmp_dir "/home/bloginfo/tmp/
+php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f www-bloginfo"
+php_admin_value error_log "/home/bloginfo/log/php.log"
+php_admin_value memory_limit "64M"
+
+
+
+fpm/php-fpm.conf
+
+[global]
+pid = /run/php5-fpm.pid
+error_log = /var/log/php5-fpm.log
+
+
+fpm/pool.d/www.conf
+
+[www]
+listen = /var/run/php5-fpm.sock
+;listen = 127.0.0.1:9000
+user = www-data
+group = www-data
+pm = dynamic
+
+php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f return-path@example.com
+php_flag[display_errors] = off
+php_admin_value[error_log] = /var/log/fpm-php.www.log
+php_admin_flag[log_errors] = on
+php_admin_value[memory_limit] = 32M
+
+
+pm = dynamic
+pm.max_children = 100
+pm.start_servers = 50
+pm.min_spare_servers = 20
+pm.max_spare_servers = 30
+pm.max_requests = 100
+
+OU
+
+pm = ondemand
+pm.max_children = 100
+pm.process_idle_timeout = 10s
+
+
+slowlog = log/$pool.log.slow
+request_slowlog_timeout = 5s
+
+pm.status_path = /fpm-status
+request_terminate_timeout = 60s
+chroot = /home/foo
+access.log = log/$pool.access.log
+
+
+Avec Apache :
+
+# a2enmod proxy_fcgi
+
+DocumentRoot /home/foo/www/
+#ProxyPassMatch "^/(.*\.php(/.*)?)$" "fcgi://127.0.0.1:9000//home/foo/www/$1"
+ProxyPassMatch "^/(.*\.php(/.*)?)$" "unix:/var/run/php5-fpm.sock|fcgi://localhost/home/foo/www/"
+
+
+Avec Nginx :
+
+server {
+    listen 80;
+    server_name www.example.com example.com;
+    root /home/foo/www;
+    index index.php;
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        #fastcgi_pass   127.0.0.1:9000;
+        fastcgi_pass   unix:/var/run/php5-fpm.sock;
+        fastcgi_param SCRIPT_FILENAME /home/foo/www$fastcgi_script_name;
+        include fastcgi_params;
+    }
+}
+
+$ echo "<?php phpinfo() ; ?>" > /var/www/info.php
+
+
+</code></pre>
+</section>
+
 </section>
 
 <section>