Linux, Apache, MariaDB, PHP (LAMP)

Linux

  • apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y

Apache

  • apt install apache2
  • apache2 -v
  • Testing
    Call up 127.0.0.1 in the browser.
    ifconfig

Activate mod_rewrite

  • a2enmod rewrite
  • systemctl restart apache2
  • nano /etc/apache2/apache2.conf
  • Change the following in the following lines
    ‹Directory /var/www/›
        Options Indexes FollowSymLinks
        AllowOverride None (Change None to All)
        Require all granted
        DirectoryIndex index.php index.html (Add line so that index.php is loaded first)
    ‹/Directory›
  • Restart Apache
    systemctl restart apache2
  • Change Apache user and group
    nano /etc/apache2/envvars
    Change www-data user and group
    systemctl restart apache2

Increase the timeout so that scripts are not aborted prematurely

  • nano /etc/apache2/apache2.conf (in other configurations httpd.conf)
  • Change the following in the following lines
    Timeout 3600 (Standard 600)
    ProxyTimeout 600 (in other configurations this increase can help)
  • systemctl restart apache2

MariaDB

  • apt install mariadb-server (Or the default-mysql-server package, depending on the system, this leads to MariaDB via dependency)
  • Secure MariaDB
    mysql_secure_installation
    5x Yes
  • Testing
    mysql -u root -p
    SHOW databases;
    EXIT;
  • Change password
    USE mysql;
    UPDATE user SET password=[PASSWORD] WHERE user='root';
    FLUSH PRIVILEGES;
    EXIT;

MariaDB Upgrade

  • systemctl stop mysql
  • Create backups
    cp -R /etc/mysql/ /etc/mysql-[VERSION]_[DATE]
    cp -R /var/lib/mysql/ /var/lib/mysql-[VERSION]_[DATE]
  • Script is downloaded and executed.
    Creates '/etc/apt/sources.list.d/mariadb.list', '/etc/apt/preferences.d/mariadb-enterprise.pref' and 'GPG Keys'.
    curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
  • System update
    apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
  • Uninstall old installation and related items
    apt remove mariadb-*
  • Install new MariaDB
    apt-get install mariadb-server
  • Upgrade databases
    mysql_upgrade

System variables

MariaDB in Debian

character_set_server utf8mb4
collation_server  utf8mb4_general_ci

Standard MariaDB

character_set_server latin1
collation_server  latin1_swedish_ci

Change system variables

For this session
  • mysql
    SHOW VARIABLES LIKE 'character%';
    SET character_set_server = 'utf8mb4';
    SHOW VARIABLES LIKE 'collation%';
    SET collation_server = 'utf8mb4_general_ci';
    exit
  • systemctl restart mariadb.service
  • systemctl restart apache2
Via configuration file (required restart)
  1. Rename 'my.cnf' symlink to 'my.cnf.backup'
  2. Since the link '/etc/mysql/my.cnf' points to 'my.cnf.fallback' until the end, we copy this file and save the copy under '/etc/mysql/my.cnf'.
  3. At the end of the '/etc/mysql/my.cnf' file we add the following.
    [mysqld]
    character-set-server  = utf8mb4
    collation-server      = utf8mb4_general_ci
  4. Restart. Testing. Testing. Testing.

PHP

  • Query PHP standard version
    apt show php
  • Install the PHP standard version
    apt install php
  • Install important PHP modules
    apt install php7.0-[MODULE] (Construction)
    apt install php7.0-mysql (for MariaDB)
    apt install php7.0-gd (for Graphics)
    apt install php7.0-opcache (for optimizing the script speed; set opcache.save_comments=1 in php.ini)
    apt install php7.0-mcrypt
    apt install php7.0-intl
    apt install php7.0-soap
    apt install php7.0-bcmath
  • Show installed modules
    php -m
  • PHP settings
    nano /etc/php/7.0/apache2/php.ini
    systemctl restart apache2

Enable/disable PHP extension

These commands create or remove the symlink '20-xdebug.ini' in '/etc/php/7.1/cli/conf.d' and '/etc/php/7.1/fpm/conf.d'.

  • Activate
    php5enmod xdebug (for PHP 5)
    phpenmod xdebug (for standard PHP version)
  • Deactivate
    php5dismod xdebug (for PHP 5)
    phpdismod xdebug (for standard PHP version)
  • Restart
    systemctl restart php5.6-fpm.service
    systemctl restart apache2

phpMyAdmin

  • apt install phpmyadmin
  • Testing
    Call localhost/phpmyadmin in the browser.
  • If not select (= space bar) the automatic configuration for apache2
    nano /etc/apache2/apache2.conf
    Include /etc/phpmyadmin/apache.conf (Insert line at the bottom)
  • Create a new user for MariaDB
    For security reasons, you can no longer log into the MariaDB server directly as a root user using the normal password authentication (e.g. with phpMyAdmin).
    USE mysql;
    CREATE USER '[USER]'@'localhost' IDENTIFIED BY '[PASSWORD]';
    GRANT ALL PRIVILEGES ON *.* TO '[USER]'@'localhost' WITH GRANT OPTION;
    GRANT ALL PRIVILEGES ON [DATABASE].* TO '[USER]'@'localhost'; (Create user for a specific database)
    FLUSH PRIVILEGES;
    EXIT;

Xdebug

  • apt install php-xdebug
  • Add the following to the '/etc/php/7.0/mods-available/xdebug.ini' file
    xdebug.remote_enable=1
    xdebug.remote_handler=dbgp
    xdebug.remote_mode=req
    xdebug.remote_host=localhost
    xdebug.remote_port=9000
    timeout 300 seconds
  • systemctl restart apache2

ImageMagick

  • apt install imagemagick
  • apt install php7.0-imagick
  • systemctl restart apache2

E-mail dispatch

sendmail

The sendmail module is set as standard in php.ini and is already installed on Debian, you just have to start Thunderbird.

  • Create a Thunderbird account to read messages
    Account name: [USERNAME]@debian.com
    Your name: [NAME]
    E-mail address: [E-MAIL]
    Outgoing mail server (SMTP): [SMTP-SERVER]
    Server settings
    Server type: Unix Movemail
    Server: localhost
    Username:[USERNAME]
  • E-mail storage location
    /var/spool/mail/
  • Outbound e-mail queue
    ATTENTION: The folder did not exist on my system.
    /var/spool/mqueue/
  • Here are all the configuration files
    /etc/mail/
    e.g. /etc/mail/access/
  • Informations
    Only *.db files are used by sendmail.
    After changes in configuration files, the respective *.db files are regenerated by the Makefile.
    ATTENTION: If no Makefile is available: cat ./Filename | makemap hash Filename
    ATTENTION: Here too, exceptions confirm the rule. The aliases.db is the only one generated with the command newaliases. makemap also creates an aliases.db, but it can make sendmail inoperable.

sSMTP

Send e-mails with sSMTP via the console.

  • apt install ssmtp
  • nano /etc/ssmtp/ssmtp.conf
    Change the following in the following lines
    root=[E-MAIL]
    mailhub=[SMTP-SERVER]:[SMTP-PORT]
    hostname= (Is not needed. If the variable has been entered, the sending of the e-mail is accelerated.)
    rewriteDomain=
    AuthUser=[E-MAIL]
    AuthPass=[PASSWORD]
    UseSTARTTLS=yes
    UseTLS=yes
    FromLineOverride=yes
  • nano /etc/ssmtp/revaliases
    Add the following
    [USER]:[E-MAIL]:[SMTP-SERVER]:[SMTP-PORT]
    root:mail@dreadyhead.com:smtp.dreadyhead.com:465
  • Testing
    echo "This is a test message" | mailx -s 'Test Message' [E-MAIL]

Add MIME Types

  • nano /etc/mime.types

Create Host

  • nano /etc/hosts

Create Apache VirtualHost and set up SSL

  • Create folder
    mkdir /etc/apache2/ssl
    cd /etc/apache2/ssl
  • Create private key
    openssl genrsa -out sslcert.key 2048
  • Generate CSR file from private key
    CSR file contains certificate information
    openssl req -new -key sslcert.key -out sslcert.csr
  • Generate certificate from CSR file
    openssl x509 -req -days 365 -in sslcert.csr -signkey sslcert.key -out sslcert.crt
  • Activate Apache2 SSL module
    a2enmod ssl
  • Check whether port 443 is listening
    cat /etc/apache2/ports.conf
    The following lines should appear
    Listen 80
    ‹IfModule ssl_module›
        Listen 443
    ‹/IfModule›
    ‹IfModule mod_gnutls.c›
        Listen 443
    ‹/IfModule›
  • Create a new VirtualHost configuration for the SSL port
    nano /etc/apache2/sites-available/[DOMAIN].conf
    Insert the following lines in the new VirtualHost configuration
    ‹VirtualHost *:80›
        ServerAdmin info@[DOMAIN]
        ServerName [DOMAIN]
        ServerAlias www.[DOMAIN]
        DocumentRoot /var/www/[PATH]
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
    ‹/VirtualHost›
    ‹VirtualHost *:443›
        ServerAdmin info@[DOMAIN]
        ServerName [DOMAIN]
        ServerAlias www.[DOMAIN]
        DocumentRoot /var/www/[PATH]
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/sslcert.crt
        SSLCertificateKeyFile /etc/apache2/ssl/sslcert.key
    ‹/VirtualHost›
  • Activate page
    a2ensite [DOMAIN].conf
    systemctl restart apache2
  • Deactivate page
    a2dissite [DOMAIN].conf
    systemctl restart apache2

Important Log Files

  • Apache and PHP errors
    nano /var/log/apache2/error.log
  • MariaDB errors
    nano /var/log/mysql/error.log

Set up multiple PHP versions in Apache

Deactivate PHP 5.6, activate PHP 7.1

  • a2dismod php5.6
  • a2enmod php7.1
  • systemctl restart apache2

PHP, FPM and FastCGI

  1. Add source list
    apt install ca-certificates apt-transport-https
    wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
    echo "deb https://packages.sury.org/php/ stretch main" | sudo tee /etc/apt/sources.list.d/php.list
  2. Install PHP and FPM
    apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
    apt install php5.6 php5.6-fpm
    apt install php7.4 php7.4-fpm
  3. Testing
    systemctl status php5.6-fpm
    systemctl status php7.4-fpm
  4. Install Apache FastCGI
    apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
    apt install apache2 libapache2-mod-fcgid
  5. Apache configuration
    a2enmod actions fcgid alias proxy_fcgi
    systemctl restart apache2
  6. Adjust VirtualHost configuration
    nano /etc/apache2/sites-available/[DOMAIN].conf
    Add the following lines to the VirtualHost configuration
    ‹VirtualHost *:[PORT]›
        ...
        ‹FilesMatch \.php$›
            # Apache 2.4.10+ can proxy to unix socket
            SetHandler "proxy:unix:/var/run/php/php7.2-fpm.sock|fcgi://localhost/"
        ‹/FilesMatch›
    ‹/VirtualHost›
    Restart Apache
    systemctl restart apache2
  7. Adjust PHP settings
    ATTENTION: Installed modules are automatically added when installing.
    nano /etc/php/7.0/fpm/php.ini
  8. Change user www-data if necessary
    nano /etc/php/7.0/fpm/pool.d/www.conf
    Change all users www-data to your username (e.g. dreadyhead)
    systemctl restart php7.0-fpm.service
  9. Important files
    /var/log/php7.0-fpm.log
    /etc/php/7.0/fpm/php-fpm.conf

If the apache2 folder in '/etc/php/7.3/' is missing

  • Install the following
    apt install libapache2-mod-php7.3

Deactivate PHP version

  • systemctl disable php5.6-fpm.service

Set up multiple PHP versions in the console

  • Check the current configuration
    which php
    The file '/usr/bin/php' refers to the '/etc/alternatives/php'.
    The file '/etc/alternatives/php' refers to the '/usr/bin/php7.3'.
  • Change alternatives
    update-alternatives --set php /usr/bin/php7.1
    update-alternatives --set phar /usr/bin/phar7.1
    update-alternatives --set phar.phar /usr/bin/phar.phar7.1
    ATTENTION: The phpize and php-config command is available in php[PHP VERSION]-dev package. This is more useful for compiling PHP modules using pecl.
    update-alternatives --set phpize /usr/bin/phpize7.1
    update-alternatives --set php-config /usr/bin/php-config7.1

Composer

Install System Composer (may be out of date)

  • apt install composer
  • Testing
    composer
    If everything went well, all commands will be displayed.

Install Composer from getcomposer.org

  • Add source list
    php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
    php -r "if (hash_file('sha384', 'composer-setup.php') === '8a6138e2a05a8c28539c9f0fb361159823655d7ad2deecb371b04a83966c61223adc522b0189079e3e9e277cd72b8897') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
    php composer-setup.php
    php -r "unlink('composer-setup.php');"
  • Make available globally
    mv composer.phar /usr/bin/composer

Composer commands

  • Upgrade version
    composer require [MANUFACTURER]/[PACKAGE]
    composer require friendsofphp/php-cs-fixer

Set up multiple PHP versions in the Composer

Status

  • About the Composer
    composer -vvv about
  • which php
    /usr/bin/php
  • /usr/bin/php -v
    PHP 7.1.33
  • php -v
    PHP 7.2.24
  • type -a php
    php is aliased to '/usr/bin/php7.2'
    php is /usr/bin/php
  • which composer
    /usr/bin/composer

Solution

  • Change the .bash_aliases file
    alias php="/usr/bin/php7.2"
    alias composer="/usr/bin/php7.2 /usr/bin/composer"
  • Restart the console
  • Check settings
    type -a composer
    composer is aliased to '/usr/bin/php7.2 /usr/bin/composer'
    composer is /usr/bin/composer
  • The Composer is now using the correct php version.

elasticsearch

  • Add source list
    Download and install the public signing key
    wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
    apt install apt-transport-https
    Save the repository definition to '/etc/apt/sources.list.d/elastic-7.x.list'
    echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list
    apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
    apt install elasticsearch
  • Settings
    nano /etc/elasticsearch/elasticsearch.yml
  • Error Report
    /var/log/elasticsearch/

Configure SysVInit autostart

  • Add elasticsearch
    update-rc.d elasticsearch defaults 95 10
  • Start service
    service elasticsearch start
  • Testing
    curl -X GET http://127.0.0.1:9200

Configure SystemD autostart

  • Reload SystemD process
    systemctl daemon-reload
  • Start service
    systemctl start elasticsearch
    systemctl enable elasticsearch
  • Testing
    curl -X GET http://127.0.0.1:9200