Debian GNU/Linux Apache Webserver help
Table of Contents
- Debian GNU/Linux Apache Webserver help
Linux, Apache, MariaDB, PHP (LAMP)
Linux
apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
Apache
apt install apache2
apache2 -v
- Testing
Call up 127.0.0.1 in the browser.ifconfig
Activate mod_rewrite
a2enmod rewrite
systemctl restart apache2
nano /etc/apache2/apache2.conf
- Change the following in the following lines
‹Directory /var/www/›
Options Indexes FollowSymLinks
AllowOverride None
(ChangeNone
toAll
)Require all granted
DirectoryIndex index.php index.html
(Add line so thatindex.php
is loaded first)‹/Directory›
- Restart Apache
systemctl restart apache2
- Change Apache user and group
nano /etc/apache2/envvars
Change www-data user and groupsystemctl restart apache2
Increase the timeout so that scripts are not aborted prematurely
nano /etc/apache2/apache2.conf
(in other configurationshttpd.conf
)- Change the following in the following lines
Timeout 3600
(Standard 600)ProxyTimeout 600
(in other configurations this increase can help) systemctl restart apache2
MariaDB
apt install mariadb-server
(Or thedefault-mysql-server
package, depending on the system, this leads to MariaDB via dependency)- Secure MariaDB
mysql_secure_installation
5xYes
- Testing
mysql -u root -p
SHOW databases;
EXIT;
- Change password
USE mysql;
UPDATE user SET password=[PASSWORD] WHERE user='root';
FLUSH PRIVILEGES;
EXIT;
MariaDB Upgrade
systemctl stop mysql
- Create backups
cp -R /etc/mysql/ /etc/mysql-[VERSION]_[DATE]
cp -R /var/lib/mysql/ /var/lib/mysql-[VERSION]_[DATE]
- Script is downloaded and executed.
Creates '/etc/apt/sources.list.d/mariadb.list
', '/etc/apt/preferences.d/mariadb-enterprise.pref
' and 'GPG Keys'.curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
- System update
apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
- Uninstall old installation and related items
apt remove mariadb-*
- Install new MariaDB
apt-get install mariadb-server
- Upgrade databases
mysql_upgrade
System variables
MariaDB in Debian
character_set_server utf8mb4
collation_server utf8mb4_general_ci
Standard MariaDB
character_set_server latin1
collation_server latin1_swedish_ci
Change system variables
For this session
mysql
SHOW VARIABLES LIKE 'character%';
SET character_set_server = 'utf8mb4';
SHOW VARIABLES LIKE 'collation%';
SET collation_server = 'utf8mb4_general_ci';
exit
systemctl restart mariadb.service
systemctl restart apache2
Via configuration file (required restart)
- Rename '
my.cnf
' symlink to 'my.cnf.backup
' - Since the link '
/etc/mysql/my.cnf
' points to 'my.cnf.fallback
' until the end, we copy this file and save the copy under '/etc/mysql/my.cnf
'. - At the end of the '
/etc/mysql/my.cnf
' file we add the following.[mysqld]
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci
- Restart. Testing. Testing. Testing.
PHP
- Query PHP standard version
apt show php
- Install the PHP standard version
apt install php
- Install important PHP modules
apt install php7.0-[MODULE]
(Construction)apt install php7.0-mysql
(for MariaDB)apt install php7.0-gd
(for Graphics)apt install php7.0-opcache
(for optimizing the script speed; setopcache.save_comments=1
inphp.ini
)apt install php7.0-mcrypt
apt install php7.0-intl
apt install php7.0-soap
apt install php7.0-bcmath
- Show installed modules
php -m
- PHP settings
nano /etc/php/7.0/apache2/php.ini
systemctl restart apache2
Enable/disable PHP extension
These commands create or remove the symlink '20-xdebug.ini
' in '/etc/php/7.1/cli/conf.d
' and '/etc/php/7.1/fpm/conf.d
'.
- Activate
php5enmod xdebug
(for PHP 5)phpenmod xdebug
(for standard PHP version) - Deactivate
php5dismod xdebug
(for PHP 5)phpdismod xdebug
(for standard PHP version) - Restart
systemctl restart php5.6-fpm.service
systemctl restart apache2
phpMyAdmin
apt install phpmyadmin
- Testing
Call localhost/phpmyadmin in the browser. - If not select (= space bar) the automatic configuration for apache2
nano /etc/apache2/apache2.conf
Include /etc/phpmyadmin/apache.conf
(Insert line at the bottom) - Create a new user for MariaDB
For security reasons, you can no longer log into the MariaDB server directly as a root user using the normal password authentication (e.g. with phpMyAdmin).USE mysql;
CREATE USER '[USER]'@'localhost' IDENTIFIED BY '[PASSWORD]';
GRANT ALL PRIVILEGES ON *.* TO '[USER]'@'localhost' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON [DATABASE].* TO '[USER]'@'localhost';
(Create user for a specific database)FLUSH PRIVILEGES;
EXIT;
Xdebug
apt install php-xdebug
- Add the following to the '
/etc/php/7.0/mods-available/xdebug.ini
' filexdebug.remote_enable=1
xdebug.remote_handler=dbgp
xdebug.remote_mode=req
xdebug.remote_host=localhost
xdebug.remote_port=9000
timeout 300 seconds
systemctl restart apache2
ImageMagick
apt install imagemagick
apt install php7.0-imagick
systemctl restart apache2
E-mail dispatch
sendmail
The sendmail module is set as standard in php.ini and is already installed on Debian, you just have to start Thunderbird.
- Create a Thunderbird account to read messages
Account name: [USERNAME]@debian.com
Your name: [NAME]
E-mail address: [E-MAIL]
Outgoing mail server (SMTP): [SMTP-SERVER]
Server settingsServer type: Unix Movemail
Server: localhost
Username:[USERNAME]
- E-mail storage location
/var/spool/mail/
- Outbound e-mail queue
ATTENTION: The folder did not exist on my system./var/spool/mqueue/
- Here are all the configuration files
/etc/mail/
e.g./etc/mail/access/
- Informations
Only*.db
files are used by sendmail.
After changes in configuration files, the respective*.db
files are regenerated by the Makefile.
ATTENTION: If no Makefile is available:cat ./Filename | makemap hash Filename
ATTENTION: Here too, exceptions confirm the rule. Thealiases.db
is the only one generated with the commandnewaliases
.makemap
also creates analiases.db
, but it can make sendmail inoperable.
sSMTP
Send e-mails with sSMTP via the console.
apt install ssmtp
nano /etc/ssmtp/ssmtp.conf
Change the following in the following linesroot=[E-MAIL]
mailhub=[SMTP-SERVER]:[SMTP-PORT]
hostname=
(Is not needed. If the variable has been entered, the sending of the e-mail is accelerated.)rewriteDomain=
AuthUser=[E-MAIL]
AuthPass=[PASSWORD]
UseSTARTTLS=yes
UseTLS=yes
FromLineOverride=yes
nano /etc/ssmtp/revaliases
Add the following[USER]:[E-MAIL]:[SMTP-SERVER]:[SMTP-PORT]
root:mail@dreadyhead.com:smtp.dreadyhead.com:465
- Testing
echo "This is a test message" | mailx -s 'Test Message' [E-MAIL]
Add MIME Types
nano /etc/mime.types
Create Host
nano /etc/hosts
Create Apache VirtualHost and set up SSL
- Create folder
mkdir /etc/apache2/ssl
cd /etc/apache2/ssl
- Create private key
openssl genrsa -out sslcert.key 2048
- Generate CSR file from private key
CSR file contains certificate informationopenssl req -new -key sslcert.key -out sslcert.csr
- Generate certificate from CSR file
openssl x509 -req -days 365 -in sslcert.csr -signkey sslcert.key -out sslcert.crt
- Activate Apache2 SSL module
a2enmod ssl
- Check whether port 443 is listening
cat /etc/apache2/ports.conf
The following lines should appearListen 80
‹IfModule ssl_module›
Listen 443
‹/IfModule›
‹IfModule mod_gnutls.c›
Listen 443
‹/IfModule›
- Create a new VirtualHost configuration for the SSL port
nano /etc/apache2/sites-available/[DOMAIN].conf
Insert the following lines in the new VirtualHost configuration‹VirtualHost *:80›
ServerAdmin info@[DOMAIN]
ServerName [DOMAIN]
ServerAlias www.[DOMAIN]
DocumentRoot /var/www/[PATH]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
‹/VirtualHost›
‹VirtualHost *:443›
ServerAdmin info@[DOMAIN]
ServerName [DOMAIN]
ServerAlias www.[DOMAIN]
DocumentRoot /var/www/[PATH]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/sslcert.crt
SSLCertificateKeyFile /etc/apache2/ssl/sslcert.key
‹/VirtualHost›
- Activate page
a2ensite [DOMAIN].conf
systemctl restart apache2
- Deactivate page
a2dissite [DOMAIN].conf
systemctl restart apache2
Important Log Files
- Apache and PHP errors
nano /var/log/apache2/error.log
- MariaDB errors
nano /var/log/mysql/error.log
Set up multiple PHP versions in Apache
Deactivate PHP 5.6, activate PHP 7.1
a2dismod php5.6
a2enmod php7.1
systemctl restart apache2
PHP, FPM and FastCGI
- Add source list
apt install ca-certificates apt-transport-https
wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
echo "deb https://packages.sury.org/php/ stretch main" | sudo tee /etc/apt/sources.list.d/php.list
- Install PHP and FPM
apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
apt install php5.6 php5.6-fpm
apt install php7.4 php7.4-fpm
- Testing
systemctl status php5.6-fpm
systemctl status php7.4-fpm
- Install Apache FastCGI
apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
apt install apache2 libapache2-mod-fcgid
- Apache configuration
a2enmod actions fcgid alias proxy_fcgi
systemctl restart apache2
- Adjust VirtualHost configuration
nano /etc/apache2/sites-available/[DOMAIN].conf
Add the following lines to the VirtualHost configuration‹VirtualHost *:[PORT]›
...
‹FilesMatch \.php$›
# Apache 2.4.10+ can proxy to unix socket
SetHandler "proxy:unix:/var/run/php/php7.2-fpm.sock|fcgi://localhost/"
‹/FilesMatch›
‹/VirtualHost›
Restart Apachesystemctl restart apache2
- Adjust PHP settings
ATTENTION: Installed modules are automatically added when installing.nano /etc/php/7.0/fpm/php.ini
- Change user www-data if necessary
nano /etc/php/7.0/fpm/pool.d/www.conf
Change all userswww-data
to your username (e.g.dreadyhead
)systemctl restart php7.0-fpm.service
- Important files
/var/log/php7.0-fpm.log
/etc/php/7.0/fpm/php-fpm.conf
If the apache2 folder in '/etc/php/7.3/' is missing
- Install the following
apt install libapache2-mod-php7.3
Deactivate PHP version
systemctl disable php5.6-fpm.service
Set up multiple PHP versions in the console
- Check the current configuration
which php
The file '/usr/bin/php
' refers to the '/etc/alternatives/php
'.
The file '/etc/alternatives/php
' refers to the '/usr/bin/php7.3
'. - Change alternatives
update-alternatives --set php /usr/bin/php7.1
update-alternatives --set phar /usr/bin/phar7.1
update-alternatives --set phar.phar /usr/bin/phar.phar7.1
ATTENTION: The phpize and php-config command is available in php[PHP VERSION]-dev package. This is more useful for compiling PHP modules using pecl.update-alternatives --set phpize /usr/bin/phpize7.1
update-alternatives --set php-config /usr/bin/php-config7.1
Composer
Install System Composer (may be out of date)
apt install composer
- Testing
composer
If everything went well, all commands will be displayed.
Install Composer from getcomposer.org
- Add source list
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === '8a6138e2a05a8c28539c9f0fb361159823655d7ad2deecb371b04a83966c61223adc522b0189079e3e9e277cd72b8897') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
- Make available globally
mv composer.phar /usr/bin/composer
Composer commands
- Upgrade version
composer require [MANUFACTURER]/[PACKAGE]
composer require friendsofphp/php-cs-fixer
Set up multiple PHP versions in the Composer
Status
- About the Composer
composer -vvv about
which php
/usr/bin/php/usr/bin/php -v
PHP 7.1.33php -v
PHP 7.2.24type -a php
php is aliased to '/usr/bin/php7.2'
php is /usr/bin/phpwhich composer
/usr/bin/composer
Solution
- Change the
.bash_aliases
filealias php="/usr/bin/php7.2"
alias composer="/usr/bin/php7.2 /usr/bin/composer"
- Restart the console
- Check settings
type -a composer
composer is aliased to '/usr/bin/php7.2 /usr/bin/composer'
composer is /usr/bin/composer - The Composer is now using the correct php version.
elasticsearch
- Add source list
Download and install the public signing keywget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
apt install apt-transport-https
Save the repository definition to '/etc/apt/sources.list.d/elastic-7.x.list
'echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list
apt update && apt upgrade -y && apt full-upgrade -y && apt autoremove -y
apt install elasticsearch
- Settings
nano /etc/elasticsearch/elasticsearch.yml
- Error Report
/var/log/elasticsearch/
Configure SysVInit autostart
- Add elasticsearch
update-rc.d elasticsearch defaults 95 10
- Start service
service elasticsearch start
- Testing
curl -X GET http://127.0.0.1:9200
Configure SystemD autostart
- Reload SystemD process
systemctl daemon-reload
- Start service
systemctl start elasticsearch
systemctl enable elasticsearch
- Testing
curl -X GET http://127.0.0.1:9200