2013Feb26
Tuesday, Feb 26, 6:30-8:30 pm at Open Lab Idaho, Garden City ID
Idaho Ubuntu LoCo (Local Community) meeting February 26th, 2013
Meeting was held at the Open Lab Idaho, from 6:30-8:30 PM. Clint Tinsley of the Boise Linux Group was the presenter. The presentation focused on adding a full LAMP server to a basic Ubuntu 12.04.2 server with no graphical tools or desktop to create a webserver running WordPress and phpMyAdmin. Do to connectivity issues resulting in slow downloads of the installation packages, Clint took time to demonstrate other topics of interest including SSH usage with authentication using RSA shared keys which also supports using RSYNC, SCP, and Secure VNC without having to provide a SSH password to perform operations on a remote host system and concluded with a demo of the KVM virtualized environment that he had used for the presentation. Clint used SSH for installation of all the packages and command line activities need to build the LAMP server with WordPress and phpMyAdmin. He did not do anything directly on the server, connecting to it “remotely” using SSH much as if the server was located out on the Internet. Clint used what was basically a step-by-step in his demo tonight which is detailed here with his comments in this report.
Server Install - Default Server Build, only install OpenSSH for SSH connection post build
Clint made a point on building the basic server. Ubuntu by default will create the /boot an ext2 file system, which is not a good idea. Ext2 file systems are subject to corruption on system crashes and can result in an un-bootable system. Clint made apoint of making sure it is an ext4 file system which is a "journaled” file system" and much more able to survive a system crash or power outage in being able to start back up cleanly. He also advised that the system be given a distinctive hostname, he used ubuntulamp as the host name and he placed this name in the hosts files as a psuedo DNS name so he could access the website by name rather than localhost or ip address. He also talked about using TaskSel during the installation and only to install the OpenSSH component so you can login via SSH after the server is built. He strongly recommended against installing anything else with TaskSel as this can create problems during the webserver build and specifically in making sure your webserver meets the requirements of the website system, in this case WordPress and phpMySqlAdmin
After building the basic server, next steps:
Login in to the server via SSH (regular user account) and then switch to root with the sudo su - command (a standard practice with Ubuntu and other Linux operating systems). sudo su – and provide the user’s password for authentication
apt-get update && apt-get upgrade
set /etc/hosts files for ubuntulamp ip address (pseudo dns, refer to server by name rather than localhost or an ip address)
/etc/hosts .... 192.168.122.4 ubuntulamp
You want to do this on both your server and your client machine which you are using to connect to server and eventually will test and administer your webserver using Firefox or another Browser using the dns name in the URL.
Clint then opened two terminal windows as root so he cut and paste between his installation script and the command line in doing the actual installation as detailed here. At one point, he actually had three terminal windows opened on the server from his desktop as he worked and presented the process. He had a copy of this process open in one terminal session that he could copy from and then paste on the command line, saving a lot of typing and potential errors at the command line.
apt-get install vim-nox (The vim program installed default is not a complete vim implementation).
dpkg-reconfigure dash => change to bash, not dash shell. (Most scripts are written to run in a bash shell, not Ubuntu's dash shell.)
Clint then discussed whether to remove or keep apparmor (application armor) as in some circumstances it can be problematic. Clint evaluated the Ubunut implementation of apparmor decides that it would not be problematic in the webserver build and operation, so he left it in full enforcing mode. If you wish to remove it or put it in "complaining" mode (not enforcing), he offered this information.
Remove apparmor if desired:
service apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils
apparmor_status will report the status of apparmor, by default, enforcing 4 policies.
apt-get install apparmor-utils (not installed by default)
aa-complain /etc/apparmor.d/* <= change to "complain" mode
aa-enforce /etc/apparmor.d/* <= change to "enforce" mode
More information: https://help.ubuntu.com/community/AppArmor
Start actual installation/build of the webserver:
apt-get install mysql-client mysql-server openssl binutils sudo
New password for the MySQL "root" user: <-- your sql password
Repeat password for the MySQL "root" user: <-- your sql password
We want MySQL to listen on all interfaces, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1 by placing a # sign at the beginning of the line as shown:
vi /etc/mysql/my.cnf
# bind-address = 127.0.0.1
test:
service mysql restart
netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN 21298/mysqld
Install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, And mcrypt:
apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-curl php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libruby libapache2-mod-ruby libapache2-mod-python libapache2-mod-perl2
You will be prompted to during the installation of these packages, appropriate responses are:
Web server to reconfigure automatically: Chose apache2
Configure database for phpmyadmin with dbconfig-common? Chose Yes
Then run the following command to enable the Apache modules suexec, rewrite, ssl, actions, and include (plus dav, dav_fs, and auth_digest if you want to use WebDAV):
a2enmod suexec rewrite ssl actions include
a2enmod dav_fs dav auth_digest
Restart Apache afterwards:
service apache2 restart
Xcache is a free and open PHP opcode cacher for caching and optimizing PHP intermediate code. It's similar to other PHP opcode cachers, such as eAccelerator and APC. It is strongly recommended to have one of these installed to speed up your PHP page. Xcache can be installed as follows:
apt-get install php5-xcache
restart Apache:
service apache2 restart
Wordpress Install:
apt-get install wordpress
ln -s /usr/share/wordpress/ /var/www/wordpress
cd /usr/share/doc/wordpress/examples
chmod a+x setup-mysql
./setup-mysql -n wordpress ubuntulamp
After you do this, you can open your browser to http://ubuntulamp/wordpress where you will see the install screen, provide a website name and certain administration information such as the admin name and password as well as the admin's email address. At that point, you can actually login to the administrative dashboard and start customizing or personalizating your WordPress website. Also, at this point you can open another browser window at http://ubuntulamp/wordpress and actually view your WordPress website. And if you want to work with the WordPress MySQL database, you can open a browser window on http://ubuntulamp/phpmyadmin, where you run queries, modify, print query results.
Clint then showed how to add the latest themes and plugins to your wordpress site.
- 1) download files to your web server using ftp or a file copy process to copy the files from your download location.
- 2) install zip utilities on your server:
- apt-get install zip unzip
3) copy or move folders found inside the downloaded zip files from WordPress to one of the following locations, depending of the file is a theme or plugin. Move or copy the entire folder from the zip file to one of the these two folders and be sure to do that as root:
- 2) install zip utilities on your server:
/var/www/wordpress/wp-content/themes
/var/www/wordpress/wp-content/plugins
During the presentation, while waiting on the install packages to download, clear took the group on tours of both a Joomla website that he was familiar of and an indepth tour of the Boise Linux Group's Drupal website, of which he is the administrator, and showed the various administrative tools and add-ins that make Drupal a very popular and powerful website Content Management System (CMS), even the White House uses it. Joomla, WordPress, and Drupal are all considered content management systems and free for downloading.
The WordPress demonstration concluded with a short tour of the Dashboard, updating the default theme and plugin, adding a widget to the site's navigation area. Clint also showed how to access the phpmyadmin MySql database administration tool and gave a short tour of that as well.
Other topics presented on during the course of the evening including how to use the SSH commands for creating and using your shared keys for logging into remote systems:
ssh-keygen
ssh-copy-id
Clint also did a short presentation on using the rsync command with a comparison of the usual copy (cp) command and rsync syntax for remote file copy, with comments on the use of a trailing slash in the command:
rsync -r /home/tinslecl tinslecl@ubuntulamp:/tmp
He cautioned strongly about not to put a trailing slash as in /home/tinslecl/ or a /*, as both forms will result in a mess of files instead of an organized directory getting rsync'd.
Clint used Fedora 17 with KVM (Kernel Virtualized Machine) as his 64 bit virtualization environment for his presentation which sparked a question on using KVM. Clint then gave a tour of the KVM's Virtual Machine Manager which also runs on Ubuntu, how to build a KVM virutal machine, both the console view of the machine as well as the configuration view where there is support for other hardware including PCI passthrough. KVM machines are very fast since they run at the kernel level as opposed to being "on top" of the host operating system, support 64 bit installations, and all the hardware support is built into the KVM system meaning no "guest" software has to be installed to the "virtual machine" for the virtual machine to work properly in virtual space.
Server and WordPress reference links:
http://codex.wordpress.org/First_Steps_With_WordPress
http://www.thrillingheroics.com/how-to-start-website-install-wordpress-guide
http://ubuntuserverguide.com/2012/05/how-to-install-latest-wordpress-in-ubuntu-server-12-04-lts.html
http://ubuntuserverguide.com/2012/05/how-to-install-lamp-server-in-ubuntu-server-12-04-lts.html
http://www.howtoforge.com/perfect-server-ubuntu-12.04-lts-apache2-bind-dovecot-ispconfig-3-p5
IdahoTeam/Minutes/2013Feb26 (last edited 2013-03-02 23:40:12 by 96)