User Tools

Site Tools

Trace:
lemp-install

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
lemp-install [2020/10/22 10:14] gwsadminlemp-install [2023/05/17 22:52] (current) – external edit 127.0.0.1
Line 15: Line 15:
  
 sudo ufw allow http https sudo ufw allow http https
 +
  
 </code> </code>
 +
   * Create a directory for your webserver files etc - but change this to your own preferences   * Create a directory for your webserver files etc - but change this to your own preferences
  
 <code bash> <code bash>
 sudo mkdir /media/webdisk/web-data sudo mkdir /media/webdisk/web-data
 +
  
 </code> </code>
 +
   * Change the permission so Nginx can use this folder:   * Change the permission so Nginx can use this folder:
  
 <code bash> <code bash>
 sudo chown www-data:www-data /media/webdisk/web-data -R sudo chown www-data:www-data /media/webdisk/web-data -R
 +
  
 </code> </code>
Line 35: Line 40:
  
 <code bash> <code bash>
-sudo apt install MariaDB-server MariaDB-client +sudo apt install mariadb-server mariadb-client 
-sudo systemctl start MariaDB +sudo systemctl start mariadb 
-sudo systemctl enable MariaDB+sudo systemctl enable mariadb 
  
 </code> </code>
Line 45: Line 51:
 <code bash> <code bash>
 sudo mysql_secure_installation sudo mysql_secure_installation
 +
  
 </code> </code>
Line 66: Line 73:
  
 sudo systemctl enable php7.4-fpm sudo systemctl enable php7.4-fpm
 +
  
 </code> </code>
 +
 +==== Create your default server block ====
 +
 +  * But first, remove the symlink in sites-enabled first
 +
 +<code bash>
 +sudo rm /etc/nginx/sites-enabled/default
 +
 +
 +</code>
 +
 +  * Now create the server block,
 +
 +<code bash>
 +sudo nano /etc/nginx/conf.d/default.conf
 +
 +
 +</code>
 +
 +  * Copy/Paste all this into the new config file
 +
 +<code bash>
 +server {
 +  listen 80;
 +  listen [::]:80;
 +  server_name _;
 +  root /usr/share/nginx/html/;
 +  index index.php index.html index.htm index.nginx-debian.html;
 +
 +  location / {
 +    try_files $uri $uri/ /index.php;
 +  }
 +
 +  location ~ \.php$ {
 +    fastcgi_pass unix:/run/php/php7.4-fpm.sock;
 +    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 +    include fastcgi_params;
 +    include snippets/fastcgi-php.conf;
 +  }
 +
 + # A long browser cache lifetime can speed up repeat visits to your page
 +  location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
 +       access_log        off;
 +       log_not_found     off;
 +       expires           360d;
 +  }
 +
 +  # disable access to hidden files
 +  location ~ /\.ht {
 +      access_log off;
 +      log_not_found off;
 +      deny all;
 +  }
 +}
 +
 +
 +</code>
 +
 +  * Reload Nginx
 +
 +<code bash>
 +sudo nginx -t
 +
 +sudo systemctl reload nginx
 +
 +
 +</code>
 +
 +  * Test Nginx and PHP are working by creeating an info.php in the webroot directory
 +
 +<code bash>
 +sudo nano /usr/share/nginx/html/info.php
 +
 +
 +</code>
 +
 +  * Paste the following into the file
 +
 +<code php>
 +<?php phpinfo(); ?>
 +
 +
 +</code>
 +
 +  * To check it's working either go to [[http://127.0.0.1/info.php|http://127.0.0.1/info.php]] or [[http://yourserveripaddress/info.php|http://yourserveripaddress/info.php]]. If it works remove this file for secuirty.
 +
 +<code bash>
 +sudo rm /usr/share/nginx/html/info.php
 +
 +
 +</code>
 +
 +**Congratulations! You now have a working Web Server!**
 +
 +==== Install PHPmyadmin ====
 +
 +  * Open terminal and run these:
 +
 +<code bash>
 +sudo apt update
 +
 +sudo apt install phpmyadmin
 +
 +
 +</code>
 +
 +  * Create a new server block, for best results, have PHPmyadmin run in a subdomain.
 +
 +<code bash>
 +sudo nano /etc/nginx/conf.d/phpmyadmin.conf
 +
 +
 +</code>
 +
 +  * Copy/Paste all this into the new config file.
 +
 +<code bash>
 +server {
 +  listen 80;
 +  listen [::]:80;
 +  server_name pma.example.com; #change this to your domain
 +  root /usr/share/phpmyadmin/;
 +  index index.php index.html index.htm index.nginx-debian.html;
 +
 +  access_log /var/log/nginx/phpmyadmin_access.log;
 +  error_log /var/log/nginx/phpmyadmin_error.log;
 +
 +  location / {
 +    try_files $uri $uri/ /index.php;
 +  }
 +
 +  location ~ ^/(doc|sql|setup)/ {
 +    deny all;
 +  }
 +
 +  location ~ \.php$ {
 +    fastcgi_pass unix:/run/php/php7.4-fpm.sock;
 +    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 +    include fastcgi_params;
 +    include snippets/fastcgi-php.conf;
 +  }
 +
 +  location ~ /\.ht {
 +    deny all;
 +  }
 +}
 +
 +
 +</code>
 +
 +  * Reload Nginx
 +
 +<code bash>
 +sudo nginx -t
 +
 +sudo systemctl reload nginx
 +
 +
 +</code>
 +
 +==== Install Certbot ====
 +
 +  * Run this command
 +
 +<code bash>
 +sudo apt install certbot python3-certbot-nginx
 +
 +
 +</code>
 +
 +  * Run certbot
 +
 +<code bash>
 +sudo certbot --nginx
 +
 +
 +</code>
 +
 +  * Respond to prompts from ''certbot''  to configure your HTTPS settings, which involves entering your email address and agreeing to the Let’s Encrypt terms of service.
 +
 +==== Add new SQL user ====
 +
 +As we have secured MariaDB we need to add a user for PHPmyadmin for you to log in.
 +
 +  * Run these commands:
 +
 +<code mysql>
 +sudo mariadb -u root
 +
 +create user 'phpadmin'@'localhost' identified by 'yourpassword';
 +
 +grant all privileges on *.* to 'phpadmin'@'localhost' with grant option;
 +
 +flush privileges;
 +
 +exit;
 +
 +
 +</code>
 +
 +**Login to PHPmyadmin via your domain name, and now you have a secure web server with a secure database server!**
  
  
lemp-install.1603361664.txt.gz · Last modified: 2023/05/17 22:52 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Valid HTML5 Valid CSS Driven by DokuWiki