Lighttpd, Php-fpm, MySQL on Debian 8

Home » Computer Articles » Linux » Lighttpd, Php-fpm, MySQL on Debian 8
August 25, 2015 Linux No Comments

Wanted to try out a different WebServer.

 

Setup a basic VPS Server on Vultr.com, Reliability and Performance is very good. Good prices also. If you are interested in Vultr.com here is my referral link http://www.vultr.com/?ref=6818914

 

I deployed Debian 8 and see below for basic configuration.

 

Hostname

Setting the hostname.

# hostname vps.yourdomain.com

Edit hostname so it will set after a reboot.

# nano /etc/hostname

vps.yourdomain.com

 

Systemd

The most notable distribution using systemd is Fedora. Though it is used by many others. Additionally, with Debian having chosen to go with systemd over upstart, it will become the defacto upstart system for most distributions (ubuntu has already announced they will be dropping upstart for systemd).

List services:

# systemctl list-unit-files

Start service:

# systemctl start {SERVICENAME}

Stop service:

# systemctl stop {SERVICENAME}

Enable service:

# systemctl enable {SERVICENAME}

Disable service:

# systemctl disable {SERVICENAME}

 

Iptables Firewall

Setup a basic firewall. We will start the firewall from rc.local.

# nano /etc/rc.local

# Launch my netfilter rules

if

[ -e '/etc/firewall.rules.v4' ]

then

/bin/sh '/etc/firewall.rules.v4'

fi

Lets create a basic firewall file.

# nano /etc/firewall.rules.v4

# configure iptables

iptables -F iptables -X

iptables -Z

iptables -t nat -F

iptables -P INPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -P OUTPUT ACCEPT

#

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -p icmp -s 0/0 --icmp-type echo-request -j ACCEPT

#

iptables -A INPUT -p tcp -s 0.0.0.0/0 --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A INPUT -p tcp -s 0.0.0.0/0 --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A INPUT -s 0.0.0.0/0 -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A INPUT -j DROP

iptables -A OUTPUT -m state --state INVALID -j DROP

iptables -A OUTPUT -j ACCEPT

Swap Space

Setup a swap space, so you won't have any out of memory errors.
Create a swap file.

# dd if=/dev/zero of=/swapfile bs=1024k count=1000

Make the operating system see the swap file.

# mkswap /swapfile

Setup permissions on swap file.

# chmod 600 /swapfile

Turns on swap.

# swapon /swapfile

Edit fstab so after reboot the swap is enabled.

# nano /etc/fstab

/swapfile none swap sw 0    0

WebServer

Install Lighttpd WebServer.

# apt-get install lighttpd

Install MySQL Server and MySQL Client.

# apt-get install mysql-server mysql-client

Install Php-fpm Server.

# apt-get install php5 php5-fpm php5-mysql php5-cgi php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-pspell php5-recode php5-tidy php5-xmlrpc php5-xsl

Edit the php.ini file.

# nano /etc/php5/fpm/php.ini

cgi.fix_pathinfo=1

 

The default username and groupname for Lighttpd is www-data.

Lets edit the lighttpd.conf file.

# nano /etc/lighttpd/lighttpd.conf

server.modules = (

"mod_access",

"mod_alias",

"mod_compress",

"mod_redirect",

#      "mod_rewrite",

)

server.document-root        = "/var/www/html"

server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )

server.errorlog             = "/var/log/lighttpd/error.log"

server.pid-file             = "/var/run/lighttpd.pid"

server.username             = "www-data"

server.groupname            = "www-data"

server.port                 = 80

index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )

url.access-deny             = ( "~", ".inc" )

>static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.allowed-encodings = ("gzip", "deflate")

compress.cache-dir          = "/var/cache/lighttpd/compress/"

compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

url.rewrite-final = (

# Exclude some directories from rewriting

#"^/(wp-admin|wp-includes|wp-content|gallery2)/(.*)" => "$0",

"^/(wp-.+).*/?" => "$0",

# Exclude xmlrpc access

"^/(xmlrpc.php)" => "$0",

# Exclude .php files at root from rewriting

"^/(.*.php)" => "$0",

# Handle permalinks and feeds

"^/(.*)$" => "/index.php/$1"

)

# default listening port for IPv6 falls back to the IPv4 port

include_shell "/usr/share/lighttpd/create-mime.assign.pl"

include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

 

Lets edit and add or changes some settings.

# nano /etc/lighttpd/conf-available/15-fastcgi-php.conf

# "socket" => "/var/run/php5-fpm.sock",

"host" => "127.0.0.1",

"port" => "9000",

 

Lets edit and add or changes some settings.

# nano /etc/php5/fpm/pool.d/www.conf

;listen = /var/run/php5-fpm.sock

listen = 127.0.0.1:9000

 

Run theses commands to start Lighttpd and Php-fpm.
Enable fastcgi.

# lighttpd-enable-mod fastcgi

Enable fastcgi-php.

# lighttpd-enable-mod fastcgi-php

Restart lighttpd webserver.

# service lighttpd restart

Restart php5-fpm.

# service php5-fpm restart

 

MySQL

Start the MySQL Server and initialize MySQL Data Directory
Stop MySQL service.

# systemctl stop mysql.service

Delete MySQL data.

# rm –rf /var/lib/mysql

Rebuild MySQL data.

# mysql_install_db

Start MySQL Server.

# systemctl start mysql.service

Secure your MySQL Server.

# mysql_secure_installation

 

There is a lot more you can play with but this is the basic setup.

Share This:

Leave a Reply

Your email address will not be published. Required fields are marked *