FreeBSD 12: Mail Server Installation

blog.bachi.net
FreeBSD Ports
freebsd-update

QMail HOWTO (2016)

$ pkg install mysql57-server
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 11 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        mysql57-server: 5.7.26_1
        perl5: 5.28.2
        curl: 7.65.1
        libnghttp2: 1.39.1
        ca_root_nss: 3.45
        protobuf: 3.7.1,1
        libevent: 2.1.10
        libedit: 3.1.20190324,1
        mysql57-client: 5.7.26
        cyrus-sasl: 2.1.27
        liblz4: 1.9.1,1

Number of packages to be installed: 11

The process will require 285 MiB more space.
35 MiB to be downloaded.

Proceed with this action? [y/N]:

[...]

Message from ca_root_nss-3.45:

********************************* WARNING *********************************

FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.

Assessment and verification of trust is the complete responsibility of the
system administrator.

*********************************** NOTE **********************************

This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.

This enables SSL Certificate Verification by client software without manual
intervention.

If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.

  * /etc/ssl/cert.pem
  * /usr/local/etc/ssl/cert.pem
  * /usr/local/openssl/cert.pem

***************************************************************************
Message from perl5-5.28.2:

The /usr/bin/perl symlink has been removed starting with Perl 5.20.
For shebangs, you should either use:

#!/usr/local/bin/perl

or

#!/usr/bin/env perl

The first one will only work if you have a /usr/local/bin/perl,
the second will work as long as perl is in PATH.
Message from cyrus-sasl-2.1.27:

You can use sasldb2 for authentication, to add users use:

        saslpasswd2 -c username

If you want to enable SMTP AUTH with the system Sendmail, read
Sendmail.README

NOTE: This port has been compiled with a default pwcheck_method of
      auxprop.  If you want to authenticate your user by /etc/passwd,
      PAM or LDAP, install ports/security/cyrus-sasl2-saslauthd and
      set sasl_pwcheck_method to saslauthd after installing the
      Cyrus-IMAPd 2.X port.  You should also check the
      /usr/local/lib/sasl2/*.conf files for the correct
      pwcheck_method.
      If you want to use GSSAPI mechanism, install
      ports/security/cyrus-sasl2-gssapi.
      If you want to use SRP mechanism, install
      ports/security/cyrus-sasl2-srp.
      If you want to use LDAP auxprop plugin, install
      ports/security/cyrus-sasl2-ldapdb.
Message from mysql57-client-5.7.26:

* * * * * * * * * * * * * * * * * * * * * * * *

This is the mysql CLIENT without the server.
for complete server and client, please install databases/mysql57-server

* * * * * * * * * * * * * * * * * * * * * * * *
Message from mysql57-server-5.7.26_1:

*****************************************************************************

Remember to run mysql_upgrade the first time you start the MySQL server
after an upgrade from an earlier version.

Initial password for first time use of MySQL is saved in $HOME/.mysql_secret
ie. when you want to use "mysql -u root -p" first you should see password
in /root/.mysql_secret

MySQL57 has a default %%ETCDIR%%/my.cnf,
remember to replace it wit your own
or set `mysql_optfile="$YOUR_CNF_FILE` in rc.conf.

*****************************************************************************


$ cat /etc/rc.conf
[...]
mysql_enable="YES"
mysql_dbdir="/db/mysql"
[...]

$ service mysql-server start
/usr/local/etc/rc.d/mysql-server: WARNING: failed precmd routine for mysql
$ mkdir /db
$ mkdir /db/mysql
$ service mysql-server start
Starting mysql.

How to Install MariaDB 10.3 on FreeBSD 12
MySQL unter FreeBSD: Installation

===> Creating groups.
Using existing group 'mysql'.
===> Creating users
Using existing user 'mysql'.
[5/5] Extracting mariadb104-server-10.4.6: 100%
Message from mariadb104-client-10.4.6:

************************************************************************

MariaDB respects hier(7) and doesn't check /etc and /etc/mysql for
my.cnf. Please move existing my.cnf files from those paths to
/usr/local/etc and /usr/local/etc/mysql.

************************************************************************
Message from mariadb104-server-10.4.6:

************************************************************************

Remember to run mysql_upgrade (with the optional --datadir=<dbdir> flag)
the first time you start the MySQL server after an upgrade from an
earlier version.

MariaDB respects hier(7) and doesn't check /etc and /etc/mysql for
my.cnf. Please move existing my.cnf files from those paths to
/usr/local/etc and /usr/local/etc/mysql.

This port does NOT include the mytop perl script, this is included in
the MariaDB tarball but the most recent version can be found in the
databases/mytop port

************************************************************************

 service mysql-server start
Installing MariaDB/MySQL system tables in '/var/db/mysql' ...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system


Two all-privilege accounts were created.
One is root@localhost, it has no password, but you need to
be system 'root' user to connect. Use, for example, sudo mysql
The second is root@localhost, it has no password either, but
you need to be the system 'root' user to connect.
After connecting you can set the password, if you would need to be
able to connect as any of these users with a password and without sudo

See the MariaDB Knowledgebase at http://mariadb.com/kb or the
MySQL manual for more instructions.

You can start the MariaDB daemon with:
cd '/usr/local' ; /usr/local/bin/mysqld_safe --datadir='/var/db/mysql'

You can test the MariaDB daemon with mysql-test-run.pl
cd '/usr/local/mysql-test' ; perl mysql-test-run.pl

Please report any problems at http://mariadb.org/jira

The latest information about MariaDB is available at http://mariadb.org/.
You can find additional information about the MySQL part at:
http://dev.mysql.com
Consider joining MariaDB's strong and vibrant community:
Get Involved
Starting mysql. # mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already have your root account protected, so you can safely answer 'n'. Switch to unix_socket authentication [Y/n] n ... skipping. You already have your root account protected, so you can safely answer 'n'. Change the root password? [Y/n] y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] n ... skipping. By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!

1. Installation

Mail Server Installation

/head/mail/qmail-tls/Makefile

=============================================

ATTENTION

Add the following line to your /etc/make.conf
QMAIL_SLAVEPORT=tls

=============================================

install  -m 0644 /usr/ports/mail/qmail-tls/work/qmail.conf /usr/ports/mail/qmail-tls/work/stage/usr/local/etc/man.d/qmail.conf
===> Fixing plist for /var/qmail ownership
/bin/rm -f -r /usr/ports/mail/qmail-tls/work/stage/var/qmail/queue/
====> Compressing man pages (compress-man)
===>  Installing for netqmail-tls-1.06.20160918_2
===>  Checking if netqmail-tls is already installed
===>   Registering installation for netqmail-tls-1.06.20160918_2
pkg-static: Warning: @exec is deprecated, please use @[pre|post][un]exec
Installing netqmail-tls-1.06.20160918_2...
===> Creating groups.
Creating group 'qmail' with gid '82'.
Creating group 'qnofiles' with gid '81'.
===> Creating users
Creating user 'alias' with uid '81'.
Creating user 'qmaild' with uid '82'.
Creating user 'qmaill' with uid '83'.
Creating user 'qmailp' with uid '84'.
Creating user 'qmailq' with uid '85'.
Creating user 'qmailr' with uid '86'.
Creating user 'qmails' with uid '87'.
Your hostname is samsung-bsd.
hard error
Sorry, I couldn't find your host's canonical name in DNS.
You will have to set up control/me yourself.
        ATTENTION:

Do not forget to read /var/qmail/doc/TLS.readme. After all,
this is NOT our old stock qmail.

You can enable qmail as your default mailer executing:
> /var/qmail/scripts/enable-qmail

==> As you need to provide a working certificate in /var/qmail/control/cert.pem :

# makes a self-signed certificate
3) do "make certificate"

# makes a certificate request
4) do "make certificate-req"

===> SECURITY REPORT:
      This port has installed the following binaries which execute with
      increased privileges.
/var/qmail/bin/qmail-queue

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://inoa.net/qmail-tls/

=============================================

$ make certificate

${OPENSSLBASE}/bin/openssl req -new -x509 -nodes \
    -out ${WRKDIR}/servercert.pem -days 366 \
    -keyout ${WRKDIR}/servercert.pem ; \
${INSTALL} -o qmaild -g qmail -m 0640 ${WRKDIR}/servercert.pem ${PREFIX}/control/servercert.pem ; \
${OPENSSLBASE}/bin/openssl ciphers > ${QMAIL_PREFIX}/control/tlsclientciphers ; \
${OPENSSLBASE}/bin/openssl ciphers > ${QMAIL_PREFIX}/control/tlsserverciphers ; \


=============================================

sendmail_enable="NONE"

vs.

sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

$ openssl x509 -text -noout -in servercert.pem

/var/qmail/control/servercert.pem
/var/qmail/req.pem
===>   NOTICE:

The ucspi-tcp port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port

[...]

===>   NOTICE:

The ucspi-tcp port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port

===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/bin/tcpserver

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://cr.yp.to/ucspi-tcp.html

====> Compressing man pages (compress-man)
===> Staging rc.d startup script(s)
===>  Installing for spamassassin-3.4.2_3
===>  Checking if spamassassin is already installed
===>   Registering installation for spamassassin-3.4.2_3 as automatic
Installing spamassassin-3.4.2_3...
===> Creating groups.
Creating group 'spamd' with gid '58'.
===> Creating users
Creating user 'spamd' with uid '58'.
You should complete the following post-installation tasks:

        1) Read /usr/local/share/doc/spamassassin/INSTALL
           and /usr/local/share/doc/spamassassin/UPGRADE
           BEFORE enabling SpamAssassin for important changes

        2) Edit the configuration in /usr/local/etc/mail/spamassassin,
           in particular /usr/local/etc/mail/spamassassin/init.pre
           You may get lots of annoying (but harmless) error messages
           if you skip this step.

        3) To run spamd, add the following to /etc/rc.conf:
           spamd_enable="YES"

        4) If this is a new installation, you should run sa-update
           and sa-compile. If this isn't a new installation, you
           should probably run those commands on a regular basis
           anyway.

        5) Install mail/spamass-rules if you want some third-party
           spam-catching rulesets

SECURITY NOTE:
By default, spamd runs as root (the AS_ROOT option). If you wish
to change this, add the following to /etc/rc.conf:

        spamd_flags="-u spamd -H /var/spool/spamd"

===>   vpopmail-5.4.33_3 depends on executable: spamc - found


***********************************************************************
Now you should add the following options to your spamd.sh startup file:
-v -u vpopmail
***********************************************************************
===>   NOTICE:

The vpopmail port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port

===>  Cleaning for spamassassin-3.4.2_3
===>  Cleaning for p5-Encode-Detect-1.01_1
===>  Cleaning for p5-Module-Build-0.4229
===>  Cleaning for p5-HTML-Parser-3.72
===>  Cleaning for p5-HTML-Tagset-3.20_1
===>  Cleaning for p5-HTTP-Date-6.02_1
===>  Cleaning for p5-Net-DNS-1.21,1
===>  Cleaning for p5-Digest-HMAC-1.03_1
===>  Cleaning for p5-NetAddr-IP-4.079
===>  Cleaning for p5-Net-CIDR-Lite-0.21_1
===>  Cleaning for p5-Net-IDN-Encode-2.500
===>  Cleaning for p5-Test-NoWarnings-1.04_2
===>  Cleaning for p5-Net-LibIDN-0.12_5
===>  Cleaning for libidn-1.35
===>  Cleaning for gmake-4.2.1_3
===>  Cleaning for texinfo-6.6_4,1
===>  Cleaning for help2man-1.47.11
===>  Cleaning for p5-Locale-gettext-1.07
===>  Cleaning for gettext-tools-0.20.1_1
===>  Cleaning for libtextstyle-0.20.1
===>  Cleaning for p5-Locale-libintl-1.31
===>  Cleaning for p5-Text-Unidecode-1.30
===>  Cleaning for p5-Unicode-EastAsianWidth-12.0
===>  Cleaning for pkgconf-1.6.3,1
===>  Cleaning for p5-URI-1.76
===>  Cleaning for re2c-0.14.3
===>  Cleaning for p5-IO-Socket-SSL-2.066
===>  Cleaning for p5-Net-SSLeay-1.85
===>  Cleaning for p5-Test-Exception-0.43
===>  Cleaning for p5-Sub-Uplevel-0.2800
===>  Cleaning for p5-Mozilla-CA-20180117
===>  Cleaning for p5-IO-Socket-INET6-2.72_1
===>  Cleaning for p5-Socket6-0.29
===>  Cleaning for p5-Mail-DKIM-0.56
===>  Cleaning for p5-Crypt-OpenSSL-RSA-0.31
===>  Cleaning for p5-Crypt-OpenSSL-Guess-0.11
===>  Cleaning for p5-Crypt-OpenSSL-Bignum-0.09
===>  Cleaning for p5-Crypt-OpenSSL-Random-0.15
===>  Cleaning for p5-Mail-AuthenticationResults-1.20180923
===>  Cleaning for p5-Mail-Tools-2.19
===>  Cleaning for p5-TimeDate-2.30_2,1
===>  Cleaning for p5-Net-DNS-Resolver-Mock-1.20171219
===>  Cleaning for gnupg1-1.4.23_2
===>  Cleaning for p5-Mail-SPF-2.9.0_5
===>  Cleaning for p5-Error-0.17028
===>  Cleaning for p5-Net-DNS-Resolver-Programmable-0.009
===>  Cleaning for vpopmail-5.4.33_3
Installing dovecot-2.3.7_4...
===> Creating groups.
Creating group 'dovecot' with gid '143'.
Creating group 'dovenull' with gid '144'.
===> Creating users
Creating user 'dovecot' with uid '143'.
Creating user 'dovenull' with uid '144'.
---------------------------------------------------------------------

 You must create the configuration files yourself. Copy them over
 to /usr/local/etc/dovecot and edit them as desired:

        cp -R /usr/local/etc/dovecot/example-config/* \
                /usr/local/etc/dovecot

 The default configuration includes IMAP and POP3 services, will
 authenticate users agains the system's passwd file, and will use
 the default /var/mail/$USER mbox files.

 Next, enable dovecot in /etc/rc.conf:

        dovecot_enable="YES"


---------------------------------------------------------------------

 To avoid a risk of mailbox corruption, do not set the
 security.bsd.see_other_uids or .see_other_gids sysctls to 0
 if Dovecot is storing mail for multiple concurrent users (PR 218392).

---------------------------------------------------------------------

 If you want to be able to search within attachments using the
 decode2text plugin, you'll need to install textproc/catdoc, and
 one of graphics/xpdf or graphics/poppler-utils.

---------------------------------------------------------------------

 There are some potentially breaking changes in Dovecot 2.3. If you
 are upgrading from Dovecot 2.2:

   * Read https://wiki2.dovecot.org/Upgrading/2.3
   * Merge the configuration file changes from
     /usr/local/etc/dovecot/examples-config/

---------------------------------------------------------------------

===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/lib/dovecot/libdovecot.so.0.0.0
/usr/local/lib/dovecot/libdovecot.a(net.o)

      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
/usr/local/etc/rc.d/dovecot

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://www.dovecot.org/
===>  Cleaning for pkgconf-1.6.1,1
===>  Cleaning for dovecot-2.3.7_4
===>  Installing for spamassassin-3.4.2_3
===>  Checking if spamassassin is already installed
===>   Registering installation for spamassassin-3.4.2_3
Installing spamassassin-3.4.2_3...
===> Creating groups.
Creating group 'spamd' with gid '58'.
===> Creating users
Creating user 'spamd' with uid '58'.
==========================================================================

You should complete the following post-installation tasks:

        1) Read /usr/local/share/doc/spamassassin/INSTALL
           and /usr/local/share/doc/spamassassin/UPGRADE
           BEFORE enabling SpamAssassin for important changes

        2) Edit the configuration in /usr/local/etc/mail/spamassassin,
           in particular /usr/local/etc/mail/spamassassin/init.pre
           You may get lots of annoying (but harmless) error messages
           if you skip this step.

        3) To run spamd, add the following to /etc/rc.conf:
           spamd_enable="YES"

        4) If this is a new installation, you should run sa-update
           and sa-compile. If this isn't a new installation, you
           should probably run those commands on a regular basis
           anyway.

        5) Install mail/spamass-rules if you want some third-party
           spam-catching rulesets

SECURITY NOTE:
By default, spamd runs as root (the AS_ROOT option). If you wish
to change this, add the following to /etc/rc.conf:

        spamd_flags="-u spamd -H /var/spool/spamd"

==========================================================================

$ /usr/local/bin/sa-update
$ /usr/local/bin/sa-compile
# pkg install apache24-2.4.41
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 8 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        apache24: 2.4.41
        libnghttp2: 1.39.2
        expat: 2.2.6_1
        perl5: 5.28.2
        pcre: 8.43_1
        apr: 1.6.5.1.6.1_1
        gdbm: 1.18.1_1
        db5: 5.3.28_7

Number of packages to be installed: 8

The process will require 147 MiB more space.
33 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/8] Fetching apache24-2.4.41.txz: 100%    5 MiB   1.7MB/s    00:03
[2/8] Fetching libnghttp2-1.39.2.txz: 100%  115 KiB 117.5kB/s    00:01
[3/8] Fetching expat-2.2.6_1.txz: 100%  120 KiB 122.4kB/s    00:01
[4/8] Fetching perl5-5.28.2.txz: 100%   14 MiB   2.9MB/s    00:05
[5/8] Fetching pcre-8.43_1.txz: 100%    1 MiB 638.0kB/s    00:02
[6/8] Fetching apr-1.6.5.1.6.1_1.txz: 100%  463 KiB 474.0kB/s    00:01
[7/8] Fetching gdbm-1.18.1_1.txz: 100%  162 KiB 166.2kB/s    00:01
[8/8] Fetching db5-5.3.28_7.txz: 100%   12 MiB   2.6MB/s    00:05
Checking integrity... done (0 conflicting)
[1/8] Installing expat-2.2.6_1...
[1/8] Extracting expat-2.2.6_1: 100%
[2/8] Installing gdbm-1.18.1_1...
[2/8] Extracting gdbm-1.18.1_1: 100%
[3/8] Installing db5-5.3.28_7...
[3/8] Extracting db5-5.3.28_7: 100%
[4/8] Installing libnghttp2-1.39.2...
[4/8] Extracting libnghttp2-1.39.2: 100%
[5/8] Installing perl5-5.28.2...
[5/8] Extracting perl5-5.28.2: 100%
[6/8] Installing pcre-8.43_1...
[6/8] Extracting pcre-8.43_1: 100%
[7/8] Installing apr-1.6.5.1.6.1_1...
[7/8] Extracting apr-1.6.5.1.6.1_1: 100%
[8/8] Installing apache24-2.4.41...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[8/8] Extracting apache24-2.4.41: 100%
Message from perl5-5.28.2:

The /usr/bin/perl symlink has been removed starting with Perl 5.20.
For shebangs, you should either use:

#!/usr/local/bin/perl

or

#!/usr/bin/env perl

The first one will only work if you have a /usr/local/bin/perl,
the second will work as long as perl is in PATH.
Message from apr-1.6.5.1.6.1_1:

/!\ ================================================================== /!\

The Apache Portable Runtime project removed support for FreeTDS with
version 1.6. Users requiring MS-SQL connectivity must migrate
configurations to use the added ODBC driver and FreeTDS' ODBC features.

/!\ ================================================================== /!\
Message from apache24-2.4.41:

To run apache www server from startup, add apache24_enable="yes"
in your /etc/rc.conf. Extra options can be found in startup script.

Your hostname must be resolvable using at least 1 mechanism in
/etc/nsswitch.conf typically DNS or /etc/hosts or apache might
have issues starting depending on the modules you are using.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

- apache24 default build changed from static MPM to modular MPM
- more modules are now enabled per default in the port
- icons and error pages moved from WWWDIR to DATADIR

   If build with modular MPM and no MPM is activated in
   httpd.conf, then mpm_prefork will be activated as default
   MPM in etc/apache24/modules.d to keep compatibility with
   existing php/perl/python modules!

Please compare the existing httpd.conf with httpd.conf.sample
and merge missing modules/instructions into httpd.conf!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

# pkg install php73 php73-mysqli php73-mbstring php73-zlib php73-curl php73-gd php73-json
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 21 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        php73: 7.3.9
        php73-mysqli: 7.3.9
        php73-mbstring: 7.3.9
        php73-zlib: 7.3.9
        php73-curl: 7.3.9
        php73-gd: 7.3.9
        php73-json: 7.3.9
        libargon2: 20171227_1
        pcre2: 10.32_1
        oniguruma: 6.9.3
        curl: 7.65.1
        ca_root_nss: 3.45
        freetype2: 2.10.0
        png: 1.6.37
        jpeg-turbo: 2.0.2
        libgd: 2.2.5_1,1
        fontconfig: 2.12.6,1
        webp: 1.0.2
        tiff: 4.0.10_1
        jbigkit: 2.1_1
        giflib: 5.1.9

Number of packages to be installed: 21

The process will require 60 MiB more space.
11 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/21] Fetching php73-7.3.9.txz: 100%    3 MiB   1.8MB/s    00:02
[2/21] Fetching php73-mysqli-7.3.9.txz: 100%   40 KiB  41.3kB/s    00:01
[3/21] Fetching php73-mbstring-7.3.9.txz: 100%  742 KiB 759.8kB/s    00:01
[4/21] Fetching php73-zlib-7.3.9.txz: 100%   17 KiB  17.8kB/s    00:01
[5/21] Fetching php73-curl-7.3.9.txz: 100%   30 KiB  30.5kB/s    00:01
[6/21] Fetching php73-gd-7.3.9.txz: 100%   29 KiB  29.9kB/s    00:01
[7/21] Fetching php73-json-7.3.9.txz: 100%   22 KiB  22.0kB/s    00:01
[8/21] Fetching libargon2-20171227_1.txz: 100%   65 KiB  66.1kB/s    00:01
[9/21] Fetching pcre2-10.32_1.txz: 100%    1 MiB 626.6kB/s    00:02
[10/21] Fetching oniguruma-6.9.3.txz: 100%  213 KiB 217.7kB/s    00:01
[11/21] Fetching curl-7.65.1.txz: 100%    1 MiB   1.3MB/s    00:01
[12/21] Fetching ca_root_nss-3.45.txz: 100%  295 KiB 301.6kB/s    00:01
[13/21] Fetching freetype2-2.10.0.txz: 100%    1 MiB   1.4MB/s    00:01
[14/21] Fetching png-1.6.37.txz: 100%  286 KiB 293.0kB/s    00:01
[15/21] Fetching jpeg-turbo-2.0.2.txz: 100%  344 KiB 351.8kB/s    00:01
[16/21] Fetching libgd-2.2.5_1,1.txz: 100%  200 KiB 204.4kB/s    00:01
[17/21] Fetching fontconfig-2.12.6,1.txz: 100%  357 KiB 365.6kB/s    00:01
[18/21] Fetching webp-1.0.2.txz: 100%  410 KiB 419.9kB/s    00:01
[19/21] Fetching tiff-4.0.10_1.txz: 100%  830 KiB 850.1kB/s    00:01
[20/21] Fetching jbigkit-2.1_1.txz: 100%   74 KiB  75.6kB/s    00:01
[21/21] Fetching giflib-5.1.9.txz: 100%  199 KiB 203.4kB/s    00:01
Checking integrity... done (0 conflicting)
[1/21] Installing jpeg-turbo-2.0.2...
[1/21] Extracting jpeg-turbo-2.0.2: 100%
[2/21] Installing jbigkit-2.1_1...
[2/21] Extracting jbigkit-2.1_1: 100%
[3/21] Installing freetype2-2.10.0...
[3/21] Extracting freetype2-2.10.0: 100%
[4/21] Installing png-1.6.37...
[4/21] Extracting png-1.6.37: 100%
[5/21] Installing tiff-4.0.10_1...
[5/21] Extracting tiff-4.0.10_1: 100%
[6/21] Installing giflib-5.1.9...
[6/21] Extracting giflib-5.1.9: 100%
[7/21] Installing libargon2-20171227_1...
[7/21] Extracting libargon2-20171227_1: 100%
[8/21] Installing pcre2-10.32_1...
[8/21] Extracting pcre2-10.32_1: 100%
[9/21] Installing ca_root_nss-3.45...
[9/21] Extracting ca_root_nss-3.45: 100%
[10/21] Installing fontconfig-2.12.6,1...
[10/21] Extracting fontconfig-2.12.6,1: 100%
Running fc-cache to build fontconfig cache...
/usr/local/share/fonts: skipping, no such directory
/usr/local/lib/X11/fonts: skipping, no such directory
/var/db/fontconfig: cleaning cache directory
fc-cache: succeeded
[11/21] Installing webp-1.0.2...
[11/21] Extracting webp-1.0.2: 100%
[12/21] Installing php73-7.3.9...
[12/21] Extracting php73-7.3.9: 100%
[13/21] Installing oniguruma-6.9.3...
[13/21] Extracting oniguruma-6.9.3: 100%
[14/21] Installing curl-7.65.1...
[14/21] Extracting curl-7.65.1: 100%
[15/21] Installing libgd-2.2.5_1,1...
[15/21] Extracting libgd-2.2.5_1,1: 100%
[16/21] Installing php73-mysqli-7.3.9...
[16/21] Extracting php73-mysqli-7.3.9: 100%
[17/21] Installing php73-mbstring-7.3.9...
[17/21] Extracting php73-mbstring-7.3.9: 100%
[18/21] Installing php73-zlib-7.3.9...
[18/21] Extracting php73-zlib-7.3.9: 100%
[19/21] Installing php73-curl-7.3.9...
[19/21] Extracting php73-curl-7.3.9: 100%
[20/21] Installing php73-gd-7.3.9...
[20/21] Extracting php73-gd-7.3.9: 100%
[21/21] Installing php73-json-7.3.9...
[21/21] Extracting php73-json-7.3.9: 100%
Message from freetype2-2.10.0:

The 2.7.x series now uses the new subpixel hinting mode (V40 port's option) as
the default, emulating a modern version of ClearType. This change inevitably
leads to different rendering results, and you might change port's options to
adapt it to your taste (or use the new "FREETYPE_PROPERTIES" environment
variable).

The environment variable "FREETYPE_PROPERTIES" can be used to control the
driver properties. Example:

FREETYPE_PROPERTIES=truetype:interpreter-version=35 \
        cff:no-stem-darkening=1 \
        autofitter:warping=1

This allows to select, say, the subpixel hinting mode at runtime for a given
application.

The controllable properties are listed in the section "Controlling FreeType
Modules" in the reference's table of contents
(/usr/local/share/doc/freetype2/reference/site/index.html, if documentation was installed).
Message from ca_root_nss-3.45:

********************************* WARNING *********************************

FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.

Assessment and verification of trust is the complete responsibility of the
system administrator.

*********************************** NOTE **********************************

This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.

This enables SSL Certificate Verification by client software without manual
intervention.

If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.

  * /etc/ssl/cert.pem
  * /usr/local/etc/ssl/cert.pem
  * /usr/local/openssl/cert.pem

***************************************************************************
Message from php73-mysqli-7.3.9:

This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-mysqli.ini
Message from php73-mbstring-7.3.9:

This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-mbstring.ini
Message from php73-zlib-7.3.9:

This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-zlib.ini
Message from php73-curl-7.3.9:

This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-curl.ini
Message from php73-gd-7.3.9:

This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-gd.ini
Message from php73-json-7.3.9:

This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-json.ini

;;;;;;;;;;;;;;;;;;;;;
; FPM Configuration ;
;;;;;;;;;;;;;;;;;;;;;

include=/web/global/.config/fpm.d/*
include=/web/bachi.net/.config/fpm.d/*
include=/web/losenko.ch/.config/fpm.d/*
include=/web/meggen56.ch/.config/fpm.d/*
include=/web/styleesh.com/.config/fpm.d/*
include=/web/te-clan.ch/.config/fpm.d/*
include=/web/teehaus-umami.ch/.config/fpm.d/*
include=/web/y8303.net/.config/fpm.d/*
include=/web/bootteilet.ch/.config/fpm.d/*

;;;;;;;;;;;;;;;;;;
; Global Options ;
;;;;;;;;;;;;;;;;;;

[global]
pid = run/php-fpm.pid
error_log = log/php-fpm.log
syslog.facility = daemon
syslog.ident = php-fpm
log_level = notice
daemonize = yes
# pw user add -n www_bachi_net -g 80 -c www.bachi.net -d /web/bachi.net/www -s /usr/sbin/nologin
# pw group add -n www_bachi_net -g 1002

Apache Module mod_proxy_fcgi
VirtualHost Examples
suEXEC Support
FreeBSD install PHP 7.2 with FPM for Nginx
Apache 2.4 /PHP7.3 /PHP-FPM /freeBSD 12 (part 1)
How to set Apache’s MPM Event and PHP-FPM on FreeBSD
Virtual Hosts
PHP-FPM

Help with PHP-FPM on Apache
NextCloud12 auf debian 9 mit php7.0-fpm und apache2.4.25
Install PHP 7.3 / PHP 7.3-FPM With Apache2 / Nginx On Ubuntu 16.04 | 18.04 | 18.10
PHP-FPM
mod_php vs (Fast)CGI vs FPM
Install Apache, MySQL, PHP (FAMP) Stack on FreeBSD 12

phpMyAdmin Fehlermeldung: Konfiguration des pmadb… fehlerhaft
GRANT SELECT, INSERT, UPDATE, DELETE ON phpmyadmin.* TO 'pma'@'localhost' IDENTIFIED BY 'passwort';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER, REFERENCES, INDEX ON db_name.* TO 'user_name'@'localhost' IDENTIFIED BY 'password';

					

Leave a Reply

Your email address will not be published. Required fields are marked *