tulixhost documentation
tulixhost is an opinionated provisioning toolkit for hosting multiple isolated PHP sites
on a single Ubuntu server, sharing nginx, PHP-FPM, MariaDB, and Redis. Every site gets its own system
user, FPM pool, database, Redis ACL, and config tree under /data/web/<site>. It's a
single tarball of bash scripts plus this demo dashboard — no daemon, no agent, no remote calls.
Read in this order
- Architecture & layout — where every file lives, what the per-site directory tree looks like, and the per-site system-user isolation model.
- Scripts — what each script does, all flags, and example
invocations. Covers
setup.sh,create_vhost.sh,remove_vhost.sh, and the backup/restore pair. - PHP & PHP-FPM — soft
php.inivs hardphp_admin_*pool overrides, what each tunable does, when to reload. - Nginx — vhost structure, security snippets, rate-limit zones, and the per-site extension file.
- MariaDB — server-wide config vs per-site
my.cnf, the unix_socket root, and what your app shouldSET SESSIONon connect. - Redis — ACL grammar, DB-number assignment, key-prefix isolation, and shared maxmemory considerations.
- Cron & backups — per-site cron files, the master nightly job, what's in a backup tarball, and how to restore.
- Security — the full threat model and what's defending against what.
- Troubleshooting — common failures and how to fix them fast.
One-page summary
| concept | where | notes |
|---|---|---|
| main config | /etc/tulixhost/tulixhost.conf | Redis admin pass, PHP version, backup retention. |
| scripts | /usr/local/sbin/tulixhost-* | Symlinks to the local *.sh files. |
| site root | /data/web/<site>/ | One directory per site, owned by its per-site system user. |
| site configs | /data/web/<site>/conf/ | php.ini, php-fpm.conf, my.cnf, redis.conf, .envtulix, nginx-extra.conf, ssl/ |
| site logs | /data/web/<site>/logs/ | nginx-access, nginx-error, php-error, php-fpm-slow, php-fpm-access |
| backups | /data/backups/<site>/ | One tarball per backup, retention via BACKUP_RETENTION_DAYS. |
| cron | /etc/cron.d/tulixhost-<site> | Materialized from /data/web/<site>/cron/crontab. |
| audit log | /var/log/tulixhost/audit.log | Every privileged script invocation. |