# Installing Apache, PHP7, MariaDB etc etc and install a Laravel project
- [Installing Apache, PHP7, MariaDB etc etc and install a Laravel project](#installing-apache-php7-mariadb-etc-etc-and-install-a-laravel-project)
- [Server](#server)
- [Updating the system](#updating-the-system)
- [Create a user and disable root login](#create-a-user-and-disable-root-login)
- [Add your SSH keys for the new user.](#add-your-ssh-keys-for-the-new-user)
- [Disable root login via SSH](#disable-root-login-via-ssh)
- [Disable root shell access](#disable-root-shell-access)
- [Install Apache, PHP and MariaDB](#install-apache-php-and-mariadb)
- [Install a web application](#install-a-web-application)
- [Now add the virtualhost](#now-add-the-virtualhost)
## Server
For this installation, I'm using Ubuntu 18.04 on DigitalOcean, with my ssh key already added for easy first-time login.
Login into the new server using ssh:
`ssh root@serverip`
## Updating the system
Before doing anything, update Ubuntu using the following commands:
Because we're logged in as root, there's no need to use `sudo`.
~~~~
# apt update
# apt dist-upgrade
~~~~
Both commands can take a minute.
## Create a user and disable root login
This step is very important if you want to have a secure server.
By default, many VPS providers setup servers with only a root user.
I'm going to create a user, this is the user I'm going to use when logging in.
Root login will be completely disabled. Commands that require super user privilege will be executed using `sudo`.
Use the following command to create a user:
~~~
# adduser username
~~~
Replace `username` with your own username.
It'll ask you to choose a password and some personal account information.
Choose a super safe password and remember it, this is the password you're going to use when you need superuser privileges.
Use the `usermod` command to add the user to the sudo group.
~~~
# usermod -aG sudo username
~~~
After this, you can use `su - username` to test logging in as the user.
If logging in works, you can test sudo rights for example by using `sudo ls /root`.
### Add your SSH keys for the new user.
Now for the new user, you can add your SSH keys for easier and safer login.
On the host computer, read your ssh keys by typing:
~~~
$ cat ~/.ssh/id_rsa.pub
~~~
The output probably starts with with ssh-rsa.
Copy the contents of the file.
On the server, type
~~~
$ mkdir ~/.ssh
$ nano ~/.ssh/authorized_keys
~~~
(or use any other text editor)
And paste the contents of the public key.
Save by typing control-o (enter) and quit by typing control-x.
### Disable root login via SSH
After this step, it's not possible to login using the root anymore.
Open the ssh configuration file:
~~~
$ sudo nano /etc/ssh/sshd_config
~~~
And add the following line:
~~~
PermitRootLogin no
~~~
Save by typing control-o (enter) and quit by typing control-x.
After that, restart the SSH servers:
~~~
$ sudo service ssh restart
~~~
### Disable root shell access
Edit the passwd file by typing
~~~
sudo nano /etc/passwd
~~~
The first line will probably look somethnig like this:
~~~
root:x:0:0:root:/root:/bin/bash
~~~
Change that to the following.
~~~
root:x:0:0:root:/root:/sbin/nologin
~~~
This makes sure that if anyone tries to log in on the server (in
## Install Apache, PHP and MariaDB
Install the following packages:
* Apache2
* php7.4
* php7.4-mysql *for connecting php to mysql*
* php7.4-xml *for html parsing (laravel needs it)*
* php7.4-zip *for reading zips - makes composer faster*
* php7.4-mbstring *Multibyte strings* 😎
* php7.4-curl *For web requests from PHP*
* mod-php *php module for apache*
* composer *Install your laravel project*
* MariaDB *MySQL compatible database server*
~~~
$ sudo apt install apache2 php7.4 php7.4-mysql php7.4-xml php7.4-zip php7.4-mbstring libapache2-mod-php7.4 php7.4-curl composer mariadb-server
~~~
First, secure the database and make database and user:
~~~
$ sudo mysql_secure_installation
~~~
Choose a super safe root password and disable remote root login!
Now, login with that new password.
(replace newuser, password and dbname)
~~~
$ mysql -u root -p
mysql> CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password';
mysql> GRANT ALL PRIVILEGES ON * . * TO 'newuser'@'localhost';
mysql> FLUSH PRIVILEGES;
mysql> CREATE DATABASE dbname;
~~~
## Install a web application
If your git repository needs it, create a new ssh keypair and read the public key:
~~~
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is: (...)
The key's randomart image is: (...)
$ cat ~/.ssh/id_rsa.pub
~~~
And set it up on the git server.
Go to the web server directory and clone the project:
~~~
$ cd /var/www
$ sudo chmod 777 .
$ git clone (git address)
$ cd (project)
$ composer install
$ cp .env.example .env
$ php artisan migrate
~~~
### Now add the virtualhost
~~~
$ sudo nano /etc/apache2/sites-available/sitename.conf
~~~
And add something like
~~~
ServerAdmin (email)
ServerName (hostname)
DocumentRoot /var/www/(cloned git dir)/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
~~~
Save and activate it using
~~~
$ sudo a2ensite sitename
~~~
Also activate mod_rewrite
~~~
$ sudo a2enmod rewrite
$ sudo systemctl reload apache2
~~~
Have a nice weekend.
Sources:
* https://www.digitalocean.com/community/tutorials/how-to-create-a-sudo-user-on-ubuntu-quickstart
* https://www.digitalocean.com/community/tutorials/how-to-create-a-new-user-and-grant-permissions-in-mysql
*