tulixhost documentation

tulixhost is an opinionated provisioning toolkit for hosting multiple isolated PHP sites on a single Ubuntu server, sharing nginx, PHP-FPM, MariaDB, and Redis. Every site gets its own system user, FPM pool, database, Redis ACL, and config tree under /data/web/<site>. It's a single tarball of bash scripts plus this demo dashboard — no daemon, no agent, no remote calls.

Read in this order

  1. Architecture & layout — where every file lives, what the per-site directory tree looks like, and the per-site system-user isolation model.
  2. Scripts — what each script does, all flags, and example invocations. Covers setup.sh, create_vhost.sh, remove_vhost.sh, and the backup/restore pair.
  3. PHP & PHP-FPM — soft php.ini vs hard php_admin_* pool overrides, what each tunable does, when to reload.
  4. Nginx — vhost structure, security snippets, rate-limit zones, and the per-site extension file.
  5. MariaDB — server-wide config vs per-site my.cnf, the unix_socket root, and what your app should SET SESSION on connect.
  6. Redis — ACL grammar, DB-number assignment, key-prefix isolation, and shared maxmemory considerations.
  7. Cron & backups — per-site cron files, the master nightly job, what's in a backup tarball, and how to restore.
  8. Security — the full threat model and what's defending against what.
  9. Troubleshooting — common failures and how to fix them fast.

One-page summary

conceptwherenotes
main config/etc/tulixhost/tulixhost.confRedis admin pass, PHP version, backup retention.
scripts/usr/local/sbin/tulixhost-*Symlinks to the local *.sh files.
site root/data/web/<site>/One directory per site, owned by its per-site system user.
site configs/data/web/<site>/conf/php.ini, php-fpm.conf, my.cnf, redis.conf, .envtulix, nginx-extra.conf, ssl/
site logs/data/web/<site>/logs/nginx-access, nginx-error, php-error, php-fpm-slow, php-fpm-access
backups/data/backups/<site>/One tarball per backup, retention via BACKUP_RETENTION_DAYS.
cron/etc/cron.d/tulixhost-<site>Materialized from /data/web/<site>/cron/crontab.
audit log/var/log/tulixhost/audit.logEvery privileged script invocation.