Delmar/bikinibottom
3
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
69938dbaa56629ef06f4e88b6786b20ce925b996
bikinibottom/On host/LAMP Stack.md
Julieñ 2abf8e30cf Hosts specific configs
2025-04-24 15:55:10 +02:00

430 lines
13 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# L.A.M.P
## 1. Apache
> ssh into server
```bash
sudo apt -y install apache2 apache2-utils
```
```bash
sudo vim /etc/apache2/conf-enabled/security.conf
# line 12 : change
ServerTokens Prod
sudo vim /etc/apache2/mods-enabled/dir.conf
# add file name that it can access only with directory's name
DirectoryIndex index.html index.htm
sudo vim /etc/apache2/apache2.conf
# line 70 : add to specify server name
ServerName www.srv.world
sudo vim /etc/apache2/sites-enabled/000-default.conf
# line 11 : change to webmaster's email
ServerAdmin webmaster@srv.world
sudo systemctl reload apache2
```
```bash
sudo vim /etc/apache2/ports.conf
```
```
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 80
Listen 81
Listen 82
Listen 83
Listen 84
Listen 85
Listen 86
Listen 87
Listen 88
Listen 89
<IfModule ssl_module>
       Listen 443
</IfModule>
<IfModule mod_gnutls.c>
       Listen 443
</IfModule>
```
## 2. PHP
```bash
sudo apt update && apt full-upgrade -y
sudo apt install -y apache2 wget git zip unzip
# systemctl enable apache2 && systemctl start apache2# systemctl status apache2
sudo apt install -y php php-cli libapache2-mod-php php-common php-gd php-bcmath php-xml php-json php-zip php-mysql php-imap php-curl php-mbstring php-intl php-pear php-opcache php-soap php-apcu php-redis php-memcache
php -v
```
> http://<span class="keep-md">\[</span>ServerIP<span class="keep-md">\]</span>
```bash
echo "<?php phpinfo(); ?>" > /var/www/html/test.php
```
## 3. Database
```bash
sudo apt install mariadb-server mariadb-client -y
# systemctl start mariadb && systemctl enable mariadb
# systemctl status mariadb
mysql_secure_installation
mysql -u root -p (transatlantique)
```
```sql
CREATE DATABASE [database_name];
# CREATE DATABASE [database_name] COLLATE utf8mb4_general_ci;
CREATE USER "admin"@"localhost" IDENTIFIED BY "camera-wand-stubborn";
GRANT ALL PRIVILEGES ON [database_name].* TO "admin"@"localhost";
FLUSH PRIVILEGES;
EXIT;
```
<div class="table-wrapper" id="bkmrk-database-user-passwo"><table><tbody><tr><th colspan="1" rowspan="1">database</th><th colspan="1" rowspan="1">user</th><th colspan="1" rowspan="1">password</th><th colspan="1" rowspan="1">host</th><th colspan="1" rowspan="1">prefix</th></tr><tr><td colspan="1" rowspan="1"><span class="keep-md">\[</span>database\_name<span class="keep-md">\]</span></td><td colspan="1" rowspan="1">admin</td><td colspan="1" rowspan="1">camera-wand-stubborn</td><td colspan="1" rowspan="1">localhost</td><td colspan="1" rowspan="1">db\_</td></tr></tbody></table>
</div>## 4. PhpMyAdmin
```bash
DATA="$(wget https://www.phpmyadmin.net/home_page/version.txt -q -O-)"
URL="$(echo $DATA | cut -d ' ' -f 3)"
VERSION="$(echo $DATA | cut -d ' ' -f 1)"
wget https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-all-languages.tar.gz
tar xvf phpMyAdmin-${VERSION}-all-languages.tar.gz
mv phpMyAdmin-*/ /usr/share/phpmyadmin
mkdir -p /var/lib/phpmyadmin/tmp
chown -R www-data:www-data /var/lib/phpmyadmin
mkdir /etc/phpmyadmin/
cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php
```
```
vim /usr/share/phpmyadmin/config.inc.php
```
> (16gg) &gt; 32 characters
> `$cfg['blowfish_secret'] = 'WBqsYQwj5EotFPu58WGSFNT4b7PMJoBt';`
>
> (73gg)
> `$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';`
```bash
vim /etc/apache2/conf-enabled/phpmyadmin.conf
```
> Alias /phpmyadmin /usr/share/phpmyadmin
```conf
<Directory /usr/share/phpmyadmin>
Options SymLinksIfOwnerMatch
DirectoryIndex index.php
<IfModule mod_php5.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
php_admin_value mbstring.func_overload 0
</IfModule>
<IfModule mod_php.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
```
#### Authorize for setup
```conf
<Directory /usr/share/phpmyadmin/setup>
<IfModule mod_authz_core.c>
<IfModule mod_authn_file.c>
AuthType Basic
AuthName "phpMyAdmin Setup"
AuthUserFile /etc/phpmyadmin/htpasswd.setup
</IfModule>
Require valid-user
</IfModule>
</Directory>
```
#### Disallow web access to directories that don't need it
```conf
<Directory /usr/share/phpmyadmin/templates>
Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/libraries>
Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
Require all denied
</Directory>
```
```bash
a2enmod rewrite
systemctl restart apache2
```
> http://<span class="keep-md">\[</span>ServerIP<span class="keep-md">\]</span>/phpmyadmin
> First login as <span class="keep-md">\[</span> root | transatlantique <span class="keep-md">\]</span> to save phpmyadmin config
#### Alternative
> [WebDB](https://gitlab.com/web-db/app)
## 5. <span class="keep-md">\[</span>instance\_name<span class="keep-md">\]</span>
```bash
wget https://github.com/[sourcefile].zip
unzip [sourcefile].zip -d /var/www/[instance_name]
chown -R www-data: /var/www/[instance_name]
```
```bash
sudo vim /etc/apache2/sites-available/delmar.bzh.conf
```
```nginx
<VirtualHost *:80>
ServerName www.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/hugo
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:81>
ServerName nsns.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/nsns
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:82>
ServerName ugo.delmar.bzh
ServerAdmin ugo@delmar.bzh
DocumentRoot /var/www/wpugo
<Directory /var/www/wpugo>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
DavLockDB /usr/local/apache/var/DavLock
<VirtualHost *:83>
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/baikal/html
ServerName dav.delmar.bzh
RewriteEngine on
RewriteRule /.well-known/carddav /dav.php [R=308,L]
RewriteRule /.well-known/caldav /dav.php [R=308,L]
<Directory "/var/www/baikal/html">
Options None
# If you install cloning git repository, you may need the following
# Options +FollowSymlinks
AllowOverride None
# Configuration for apache-2.4:
Require all granted
# Configuration for apache-2.2:
# Order allow,deny
# Allow from all
</Directory>
Alias /webdav /var/www/webdav
<Directory /var/www/webdav>
DAV On
AuthType Basic
AuthName "webdav"
AuthUserFile /usr/local/apache/var/users.password
Require user admin
</Directory>
<Directory /var/www/webdav/shared>
Options Indexes
AllowOverride none
Order allow,deny
allow from all
DAV On
AuthType Basic
AuthName "webdav"
AuthUserFile /usr/local/apache/var/users.password
<Limit GET POST PROPFIND PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require valid-user
</Limit>
</Directory>
<Directory /var/www/webdav/julien>
Options Indexes
AllowOverride none
Order allow,deny
allow from all
DAV on
AuthType Basic
AuthName "webdav"
AuthUserFile /usr/local/apache/var/users.password
<Limit GET POST PROPFIND PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require user julien
</Limit>
</Directory>
<Directory /var/www/webdav/eliot>
Options Indexes
AllowOverride none
Order allow,deny
allow from all
DAV on
AuthType Basic
AuthName "webdav"
AuthUserFile /usr/local/apache/var/users.password
<Limit GET POST PROPFIND PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require user eliot
</Limit>
</Directory>
<IfModule mod_expires.c>
ExpiresActive Off
</IfModule>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:84>
ServerName julien.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/resumes/julien
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:85>
ServerName nds.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/nds
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:86>
ServerName shop.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/shop
<Directory /var/www/shop>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
RewriteEngine on
#Domain: shop.delmar.bzh
RewriteRule . - [E=REWRITEBASE:/]
RewriteRule ^api(?:/(.*))?$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L]
RewriteRule ^upload/.+$ %{ENV:REWRITEBASE}index.php [QSA,L]
# Images
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$1$3 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$1$4 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$1$5 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$1$6 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$1$7 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$1$8 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$8/$1$9 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^c/([\d]+)(\-[\.*\w-]*)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^c/([a-zA-Z_-]+)(-[\d]+)?/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L]
# AlphaImageLoader for IE and fancybox
RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ %{ENV:REWRITEBASE}js/jquery/plugins/fancybox/images/$1.$2 [L]
# Dispatcher
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L]
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
```
```bash
a2enmod rewrite
a2ensite [instance_name].conf
systemctl restart apache2
# touch /var/www/[instance_name]/.htaccess
```
Reference in New Issue View Git Blame Copy Permalink