To install LAMP (Apache, MySQL, PHP) on Ubuntu/Debian web server, run
apt-get install lamp-server^
This use meta package install LAMP. If you want to remove, don’t remove the meta package as it will remove many other required packages. You need to remove packages one by one.
Related Posts
EasyEngine come admin tools. This include phpMyAdmin, phpinfo, OpCache GUI, nginx status.
To enable admin tool, run
ee admin-tools enable example.com
Admin tools are password protected, to get login details, run
ee auth list global
You can login to admin tools at
http://example.com/ee-admin/
The pma link in EasyEngine Admin tools take you to phpMyAdmin login page. To login, you need to use MySQL login details for your web site. This you can get by checking your web site configuration file.
You will be able to find your web site files in document root of your web site at
/opt/easyengine/sites/YOUR-DOMAIN/app/htdocs
See EasyEngine
To Find MySQL root password on EasyEngine, run
cd /opt/easyengine/services && docker-compose exec global-db bash -c 'echo $MYSQL_ROOT_PASSWORD'
Or
cat /opt/easyengine/services/docker-compose.yml | grep MYSQL_ROOT_PASSWORD | awk -F'=' '{print $2}'
cat /opt/easyengine/services/docker-compose.yml | grep MYSQL_ROOT_PASSWORD | cut -d'=' -f2
To connect to MySQL console, run
cd /opt/easyengine/services && docker-compose exec global-db bash -c 'mysql -uroot -p${MYSQL_ROOT_PASSWORD}'
See EasyEngine
To find IP with most access from Apache or other web server log file, run
cat APACHE_ACCESS_LOG_FILE | awk -F' ' '{print $1}' | sort | uniq -c | sort -n
If you want to see IP that made most POST request
cat APACHE_ACCESS_LOG_FILE | grep POST | awk -F' ' '{print $1}' | sort | uniq -c | sort -n
To install PHP 7. you need to first enable epel and remi repo.
yum install -y epel-release rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm
Remove existing PHP
yum -y remove php
Install PHP 7.3
yum --enablerepo=remi-php73 install php73-php php73-php-mbstring php73-php-mysqlnd php73-php-gd php73-php-fpm php73-php-intl php73-php-cli php73-php-xml php73-php-opcache php73-php-pdo php73-php-gmp php73-php-process php73-php-pecl-imagick php73-php-devel
start php-fpm
service php-fpm stop service php73-php-fpm start
Set php 7.3 as default PHP for cli
rm /usr/bin/php ln -s /usr/bin/php73 /usr/bin/php
Restart apache
service httpd restart
On reverse proxy server, lets install some basic utilities.
apt install -y wget wget https://raw.githubusercontent.com/serverok/server-setup/master/debian/1-basic-tools.sh bash 1-basic-tools.sh
Install nginx
apt install nginx -y
Now create a config file
vi /etc/nginx/sites-enabled/proxy.conf
Add following to the file and save
server {
server_name YOUR-DOMAIN.COM www.YOUR-DOMAIN.COM;
listen *:80;
client_max_body_size 100M;
proxy_read_timeout 600s;
proxy_buffers 16 4k;
proxy_buffer_size 2k;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://BACKEND-SERVER-IP:80;
}
}
server {
server_name YOUR-DOMAIN.COM www.YOUR-DOMAIN.COM;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;
# use any of the following two
real_ip_header CF-Connecting-IP;
#real_ip_header X-Forwarded-For;
listen 443 ssl http2;
ssl on;
ssl_certificate /etc/nginx/ssl/YOUR-DOMAIN.COM.crt;
ssl_certificate_key /etc/nginx/ssl/YOUR-DOMAIN.COM.key;
client_max_body_size 100M;
proxy_read_timeout 600s;
proxy_buffers 16 4k;
proxy_buffer_size 2k;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass https://BACKEND-SERVER-IP:443;
}
}
In above replce following
YOUR-DOMAIN.COM = replace with your actual domain name BACKEND-SERVER-IP = replace with IP of the web server where your web site is running.
Next create a self signed SSL certificate for the web site
mkdir /etc/nginx/ssl cd /etc/nginx/ssl openssl genrsa -out YOUR-DOMAIN.COM.key 2048 openssl req -new -x509 -key YOUR-DOMAIN.COM.key -out YOUR-DOMAIN.COM.crt -days 3650 -subj /CN="YOUR-DOMAIN.COM www.YOUR-DOMAIN.COM"
Restart nginx
nginx -s reload
At this stage, you can login to cloudflare, point IP of the web site to reverse proxy server IP address.
When running a site behind reverse proxy, by default, web server shows IP of the revese proxy server instead of real visitor IP. To fix this, you need to configure remoteip module.
On Cpanel server, edit file
vi /etc/apache2/conf.modules.d/370_mod_remoteip.conf
Find
RemoteIPTrustedProxy 127.0.0.1
Add your proxy server IP after.
Example
root@lh34134 [~]# cat /etc/apache2/conf.modules.d/370_mod_remoteip.conf # Enable mod_remoteip LoadModule remoteip_module modules/mod_remoteip.so RemoteIPHeader X-Forwarded-For RemoteIPTrustedProxy 127.0.0.1 94.242.55.132 104.238.213.205 185.193.126.66 207.246.98.251 root@lh34134 [~]#
To update VestaCP server, run
v-list-sys-vesta-updates v-update-sys-vesta-all
Example
[root@backendz ~]# v-list-sys-vesta-updates PKG VER REL ARCH UPDT DATE --- --- --- ---- ---- ---- vesta 0.9.8 26 x86_64 yes 2019-09-30 vesta-php 0.9.8 26 x86_64 yes 2019-09-30 vesta-nginx 0.9.8 26 x86_64 yes 2019-09-30 [root@backendz ~]# v-update-sys-vesta-all [root@backendz ~]#
To create a LVM, run
lvcreate -L 3T -n backup vg1
This command will create a logical volume with 3 TB size with name backup inside volume group vg1.
To format it as xfs file system, run
mkfs.xfs /dev/vg1/backup
To mount it, add the following line in /etc/fstab file.
/dev/vg1/backup /backup xfs defaults 0 0
Create a LVM using all available disk space in Volume Group vg1
root@ok:~# lvcreate --extents 100%FREE vg1 -n data1 Logical volume "data1" created. root@ok:~# lvs LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert data1 vg1 -wi-a----- 58.10t root@ok:~#
lvcreate --size 100G --type thin-pool --thinpool LV_NAME_HERE VG_NAME_HERE
example
[root@server ~]# lvcreate --size 100G --type thin-pool --thinpool thin_pool vg-storage Thin pool volume with chunk size 64.00 KiB can address at most 15.81 TiB of data. Logical volume "thin_pool" created. [root@server ~]#
To remove the volume created, run
[root@server ~]# lvremove vg-storage/thin_pool Do you really want to remove active logical volume vg-storage/thin_pool? [y/n]: y Logical volume "thin_pool" successfully removed [root@server ~]#
See lvm
When running yum update on a CentOS server, i get following error.
[root@ip-172-30-0-39 ~]# yum update error: rpmdb: BDB0113 Thread/process 12797/46913889995840 failed: BDB1507 Thread died in Berkeley DB library error: db5 error(-30973) from dbenv->failchk: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery error: cannot open Packages index using db5 - (-30973) error: cannot open Packages database in /var/lib/rpm CRITICAL:yum.main: Error: rpmdb open failed [root@ip-172-30-0-39 ~]#
To fix it, run
rm -f /var/lib/rpm/__db.00*
To renew SSL for site hosted in EasyEngine, run
ee site ssl-renew --all
You can set a cronjob to run every month to auto renew the SSL certificates.
To verify a package installed on system, you can use
rpm -V PKG_NAMEExample
[root@hello-1 curl-curl-7_69_0]# rpm -V bind
S.5....T. c /etc/named.conf
[root@hello-1 curl-curl-7_69_0]# Here bind package have /etc/named.conf file modified.
To verify all packages on system, run
rpm -VaBack to rpm