Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Guide: Debian LAMP Server Setup
New Posts  All Forums:Forum Nav:

Guide: Debian LAMP Server Setup

post #1 of 5
Thread Starter 
Jimi's Debian LAMP Setup Guide


Change Log

Dec 7 2009 - Fixed some things - Thanks error10!
Dec 1 2009 - Originally wrote guide

Index

1.0 - Introduction
---1.1 - What is LAMP?
---1.2 - Requirements
---1.3 - Starting Out
2.0 - Getting to Work
---2.1 - First Thing's First
---2.2 - Upgrading & Installing Common Software
---2.3 - 'Own' Server Software (Covers: SSH, Network, Hostname, Bind9)
---2.4 - Main Software (Covers: MySQL, Apache, ProFTPd)
3.0 - Ease-of-Use
---Coming soon
4.0 - Configurations
---Coming soon
5.0 - Conclusion
---5.1 - Credits

1.0 Introduction

// 1.1 What is LAMP?

LAMP stands for Linux + Apache + MySQL + Php/Perl.
This is a common setup for webhosting on a Linux server/VPS (Virtual Private Server). This is
basically the "standard of the internet".

Still confused? Let me break it down piece by piece.

Linux - a generic term reffering to Unix-like computer operating systems based on the Linux kernel.
In this guide we will be using the Debian distribution.
Apache - web server software notable for playing a key role in the initial growth of the World Wide Web.
This is the software that runs your website essentially.
MySQL - a relational database management system that
has more than 6 million installations.
This is the "database" of your server. It stores information used for most
websites.
PHP - widely used, general-purpose scripting language
that was originally designed for web development, to produce dynamic web pages.
This is needed to support the use of PHP language on your server.
Perl - a high-level, general-purpose, interpreted,
dynamic programming language.
This is needed to support the use of Perl on your server.
// 1.2 Requirements

The approximate minimum requirement for your server/VPS is around 256MB of RAM. MySQL will use the most memory. It uses around 300MB of RAM on my personal VPS.
NOTE: If you're getting an "cannot connect to mysql.sock" error, that means that MySQL is not running.
As I've stated this guide is for the Debian distribution of Linux. So that is another requirement. At current this guide isn't going to contain instructions for basic installation of Debian, but eventually I might add it.

// 1.3 Starting Out

I've broken this part into 2 sections: one for people who have decided to purchase a server from an online company for their hosting and one for people who decided to use one of their old PCs as a server.

'Online' Server

If you're running a Windows OS, I'd suggest you download an application called PuTTY. This allows you to connect to your machine via SSH (Secured Shell). You can do this because most hosts (the company providing your server) will have your server already somewhat pre-setup. How much is has been set up, depends on the host. This guide assumes that the host hasn't pre-setup most things. What PuTTY is allowing you to do is connect to your server and manipulate it via the "command line" or terminal as it's known on Linux systems. This is how you're going to do EVERYTHING on your server. Your host will probably email you your SSH details or it will be available for you once you login their website.

'Own' server

Read through the 'Online' Server section above. You can also use an SSH but only once you've installed and setup an SSHD on your server. You have the advantage that you don't need to SSH to your server, since it's in your own home, but if you don't feel like running to the computer or don't want to use a monitor for your server, it is advised that you do install an SSHD so you can control your server from your other computers. When connecting to your server you will most likely SSH to the local IP address of the server and not it's physical IP address (since all your computers share the same physical IP address). You will also have to go about setting your router to forward incoming traffic on port 80 to your server. This can be done multiple ways, see http://www.portforward.com/ if you really need help, but this should all be common knowledge and you should understand port forwarding.

The following section will be written mostly in the context for those who have purchased their server from an online host. I will update this section and make it larger when I have some more time to make things clearer for those who want to use this method.

2.0 Getting to Work

// 2.1 First Thing's First

Log in by whatever method (probably SSH) to the root account. PuTTY is pretty straightforward to use. If you're running Linux, use the ssh command in the terminal (ssh ServerIPHere -p ServerPortHere -l ServerLoginNameHere). The IP address is the IP address of your server, the port is usually 22 (I set my to something different once I've set everything up to keep my server safer), and the login name will be root.

In my experience sometimes hosts (like 1and1) do some stupid things. So I recommend checking a couple of things before starting.

First find out what version of Debian you're using. Type:
Code:
cat /etc/issue
You should get a response like:
Code:
Debian GNU/Linux 5.0 \
 \\
5.0 is called Lenny and 4.0 is called Etch (Below explains upgrading if you have to).

Next we're going to check what repositories you're using (where your system will default to download software).
Type this in the terminal
Code:
cat /etc/apt/sources.list
You should recieve the following:
Code:
deb http://ftp.de.debian.org/debian lenny main contrib non-free
deb http://ftp.de.debian.org/debian-volatile lenny/volatile main contrib non-free
deb http://ftp.de.debian.org/debian-security lenny/updates main contrib non-free
If yours says "etch" instead of "lenny" don't worry, that just means your running Debian 4 and not Debian 5. It's really simple to upgrade. To upgrade from Etch to Lenny see this page: http://www.go2linux.org/upgrading-debian (You may have to install aptitude by typing "sudo apt-get install aptitude". Aptitude are basically synonyms.)
If your's looks completely different (some hosts *cough*1and1*cough* use their own repositories and it's extremely stupid) type:
Code:
vi /etc/apt/sources.list
You're now using the program "vi" to edit this file. To use vi you must press the "i" key on your keyboard to go into insert mode. Then you can delete everything inside and paste the correct contents into your file. To save and exit, hit the "Esc" key on your keyboard and then type ":wq!" and hit
"Enter". Vi is a little confusing at first, but once you learn it is as a very valuable text editor. Once we've got things updated, I'll run you through installing "nano" a much easier text editor.

// 2.2 Upgrading & Installing Common Software

Now we're going to upgrade the entire system. This may take a couple minutes.
Code:
apt-get update
That updates the repositories. Now to upgrade the system itself:
Code:
apt-get upgrade
NOTE: If you are receiving errors regarding resolving see the "BIND9" section below.
About halfway throught upgrading, it should ask you if you want to sync clocks with the Debian servers. I'd suggest this.

Now to install a few common applications that are very helpful: (Some might already be there)
Code:
apt-get install aptitude nano ucf binutils cpp fetchmail flex gcc libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.6-dev libpcre3 libpopt-dev lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++ build-essential
NOTE: from now on, I'm going to use nano to edit files. Here's a guide how to use nano: http://www.nano-editor.org/dist/v2.2/nano.html
// 2.3 'Own' Server Software
Those marked with a red asterisk (*) MAY need to be installed on pre-setup servers also.
It as at this point in time that people running their own computer as a server should install a couple things.

SSH
SSH allows you to remotely connect to your server from another device.
This one's easy:
Code:
apt-get install openssh-server
Network
Next we're going to configure the network so your server has a static local IP address.

Code:
nano /etc/network/interfaces
Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp
auto eth0
iface eth0 inet static
        address 192.168.0.100
        netmask 255.255.255.0
        network 192.168.0.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
In this example, I used 192.168.0.100 as the local static IP address. This is the IP of one my computers, so make sure that it isn't the IP of one of your other computers.

Now restart your network:
Code:
/etc/init.d/networking restart
Hostname
We're going to edit your hostname so it includes your static IP address.

Now you're going to edit your hosts file and make it look like this:
Code:
nano /etc/hosts
Code:
127.0.0.1       localhost.localdomain   localhost
192.168.0.100   server1.example.com     server1

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
Now run:
Code:
echo server1.example.com > /etc/hostname
Code:
/etc/init.d/hostname.sh start
Code:
hostname
Code:
hostname -f
Both of them should output "server1.example.com".

Now we should reboot so all processes are updated with the new hostname:
Code:
shutdown -r now
You'll be disconnected if you were using SSH, once the server is back online, you should be able to reconnect and continue where you left off.

*Bind9
Bind9 is what resolves everything on your server. Some VPSs might not require Bind9, because the host server is already resolving things. If you couldn't update previously or have gotten any errors regarding resolving, this will most likely solve the problem.

Install:
Code:
apt-get install bind9
Now stop Bind9:

Code:
/etc/init.d/bind9 stop
Just for some more security we're going to set BIND9 to run chrooted and set as the user 'bind' which doesn't have as many priviledges as root.
Code:
nano /etc/default/bind9
Modify to look similiar:
Code:
# run resolvconf?
RESOLVCONF=yes

# startup options for the server
OPTIONS="-u bind -t /var/lib/named"
Let's create some of the necessary directories.
Code:
mkdir -p /var/lib/named/etc
Code:
mkdir /var/lib/named/dev
Code:
mkdir -p /var/lib/named/var/cache/bind
Code:
mkdir -p /var/lib/named/var/run/bind/run
Now let's move the config directory
Code:
mv /etc/bind /var/lib/named/etc
This will null some things and fix permissions:
Code:
mknod /var/lib/named/dev/null c 1 3
Code:
mknod /var/lib/named/dev/random c 1 8
Code:
chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
Code:
chown -R bind:bind /var/lib/named/var/*
Code:
chown -R bind:bind /var/lib/named/etc/bind
Now to set it to log:
Code:
nano /etc/rsyslog.d/bind-chroot.conf
Add this line to the file:
Code:
$AddUnixListenSocket /var/lib/named/dev/log
Save the file and restart the loggin daemon:
Code:
/etc/init.d/rsyslog restart
Now that that's all over with turn BIND9 back on:
Code:
/etc/init.d/bind9 start
// 2.4 Main Software

MySQL

Install MySQL:
Code:
apt-get install mysql-server mysql-client libmysqlclient15-dev
You will be prompted for a password for the root user of MySQL. I suggest you simply use the same password as the root user on your server. It's just easier.

Next you're going to want to make it so MySQL listens to all interfaces and not just localhost, so:
Code:
nano /etc/mysql/my.cnf
Your going to want to comment out the following line:
Code:
bind-address           = 127.0.0.1
so it looks like:
Code:
#bind-address           = 127.0.0.1
Restart MySQL
Code:
/etc/init.d/mysql restart
Apache

Install Apache & the useful modules
Code:
apt-get install apache2 apache2-doc apache2-mpm-prefork apache2-utils apache2-suexec libexpat1 ssl-cert
Install the PHP5, Ruby, & Python Apache Modules
Code:
apt-get install libapache2-mod-php5 libapache2-mod-ruby libapache2-mod-python php5 php5-common php5-curl php5-dev php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-mysql php5-pspell php5-recode php5-snmp php5-sqlite php5-suhosin php5-tidy php5-xcache php5-xmlrpc php5-xsl
Now we're going to change it so that Apache recognizes new the new language's index pages.
Code:
nano /etc/apache2/mods-available/dir.conf
Comment out the one and add our new one:
Code:
<IfModule mod_dir.c>

          #DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
          DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl index.xhtml

</IfModule>
Next we're going to enable some useful modules.
Code:
a2enmod ssl
Code:
a2enmod rewrite
Code:
a2enmod suexec
Code:
a2enmod include
Code:
a2enmod userdir
Then restart Apache
Code:
/etc/init.d/apache2 restart
Although, most of you won't be using Ruby, there is a small problem with it. Basically it'll prompt you to download .rb files unless you do this:
Code:
nano /etc/mime.types
and comment out
Code:
application/x-ruby                             rb
so it looks like
Code:
#application/x-ruby                             rb
Then restart apache (again)
Code:
/etc/init.d/apache2 restart
ProFTPd

Install Proftpd:
Code:
apt-get install proftpd
Select to run it standalone.

Simple as that.

3.0 Ease of Use

Coming soon...
In this section I will give details on some popular software that just helps manage things way easier. This will include things like phpmyadmin, webmin, and firewalls like apf & csf.

4.0 Configurations

Coming soon...
In this section I will cover some of the configurations that are popular and secure for a lot of the popular programs that people are running on their webservers.

5.0 Conclusion

When it comes down to it, majority of the internet is running on linux servers. The top choices for server distrubutions are CentOS and Debian. This guide was made to help kick start your learning experience running your new webserver off of one of the most preffered mediums (and for good reason). This server has the advantage of being lite and only having what is absolutely needed. This is how I've been running my webservers for years and I hope this helps someone out there learn just as I did.

// 5.1 Credits

-Myself for putting together the guide
-A couple guides that reminded me of a few things
-Debian Community
Edited by Jimi - 5/15/10 at 8:42pm
post #2 of 5
I like the guide, and I have a couple of technical comments.

First, if you get an error about mysql.sock, it usually means the MySQL server isn't actually started. Just start it up and you should be fine. You might also mention how to use update-rc.d to ensure that a service starts at boot time.

Second, after setting the hostname, you should restart the server so that all processes pick up the change, because it only applies to processes that start after the change is made.

You could add a section about setting the timezone. (And remember to restart after changing the timezone.)

Finally, I don't trust Debian and distributions based on it, especially not for servers, and especially since Debian still has a critical data-loss bug (also affects Ubuntu) which ate 400GB of my data and has remained unfixed for months. All of my servers run Red Hat-based distributions, usually CentOS, but I have one Fedora server. The reason is that Red Hat specializes in building an enterprise-grade Linux distribution, and I refuse to accept anything but the best.
Underground
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 C0 ASUS P6T6 WS Revolution GTX 460 TR3X6G1600C8D 
Hard DriveOptical DriveCoolingOS
WD1001FALS SAMSUNG SH-S223F 22X DVD MULTI Corsair H50 Fedora 16 KDE x86_64 
MonitorKeyboardPowerCase
HP w19b Microsoft Comfort Curve Corsair CX600 Thermaltake Armor VA8003BWS 
MouseMouse Pad
Razer DeathAdder Black 
  hide details  
Reply
Underground
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 C0 ASUS P6T6 WS Revolution GTX 460 TR3X6G1600C8D 
Hard DriveOptical DriveCoolingOS
WD1001FALS SAMSUNG SH-S223F 22X DVD MULTI Corsair H50 Fedora 16 KDE x86_64 
MonitorKeyboardPowerCase
HP w19b Microsoft Comfort Curve Corsair CX600 Thermaltake Armor VA8003BWS 
MouseMouse Pad
Razer DeathAdder Black 
  hide details  
Reply
post #3 of 5
Thread Starter 
Quote:
Originally Posted by error10 View Post
I like the guide, and I have a couple of technical comments.

First, if you get an error about mysql.sock, it usually means the MySQL server isn't actually started. Just start it up and you should be fine. You might also mention how to use update-rc.d to ensure that a service starts at boot time.

Second, after setting the hostname, you should restart the server so that all processes pick up the change, because it only applies to processes that start after the change is made.

You could add a section about setting the timezone. (And remember to restart after changing the timezone.)

Finally, I don't trust Debian and distributions based on it, especially not for servers, and especially since Debian still has a critical data-loss bug (also affects Ubuntu) which ate 400GB of my data and has remained unfixed for months. All of my servers run Red Hat-based distributions, usually CentOS, but I have one Fedora server. The reason is that Red Hat specializes in building an enterprise-grade Linux distribution, and I refuse to accept anything but the best.
Thanks for heads up I'll add more on those topics.

As for the whole Red Hat vs Debian server-wise. I'm not really a fan of Red Hat distributions and I've never ran into this data-loss bug. I'll be sure to look into it though.
post #4 of 5
[DATALOSS] Unrelated LVM partitions are initialized as PVs

Doesn't affect everyone, but it certainly affected me.
Underground
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 C0 ASUS P6T6 WS Revolution GTX 460 TR3X6G1600C8D 
Hard DriveOptical DriveCoolingOS
WD1001FALS SAMSUNG SH-S223F 22X DVD MULTI Corsair H50 Fedora 16 KDE x86_64 
MonitorKeyboardPowerCase
HP w19b Microsoft Comfort Curve Corsair CX600 Thermaltake Armor VA8003BWS 
MouseMouse Pad
Razer DeathAdder Black 
  hide details  
Reply
Underground
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 920 C0 ASUS P6T6 WS Revolution GTX 460 TR3X6G1600C8D 
Hard DriveOptical DriveCoolingOS
WD1001FALS SAMSUNG SH-S223F 22X DVD MULTI Corsair H50 Fedora 16 KDE x86_64 
MonitorKeyboardPowerCase
HP w19b Microsoft Comfort Curve Corsair CX600 Thermaltake Armor VA8003BWS 
MouseMouse Pad
Razer DeathAdder Black 
  hide details  
Reply
post #5 of 5
Thread Starter 
Updated
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Guide: Debian LAMP Server Setup