retrocoder.se

Login

My setup of a VPS - Part 2: Inst

Posted 2016-10-13 22:45:55

It's time for part two of the setup of the VPS used to run retrocoder.se.

In the first part we went through some basic setup of the VPS itself, e.g. creating admin user etc. You can find that article here: My setup of a VPS - Part 1
So now we are ready to continue with the installation of the actual webserver. The retrocoder.se site is running on a standard LAMP configuration, i.e. Linux, Apache, MySQL, PHP. The information in this article is based on a tutorial at digitalocean.com

Install apache

To install and start the Apache webserver on CentOS 7 is super easy. Login in via SSH and write the following commands.
sudo yum install httpd
This command will download and install the Apache webserver.

sudo systemctl start httpd
This command willstart the webserver.
sudo systemctl enable httpd
And finally enable the service to start automatically at boot.

Ok, thats it. Open your webbrowser and go to your site url and you should see a welcome message from the Apache webserver.

Configure apache

Well of course you don't run a webserver only to show a welcome message but we also need to configure the webserver to show the content we would like.
In the setup of Apache on CentOS 7 the files that the webserver will show is located in /var/www

So the first step to configure Apache is to copy any files needed to the /var/www directory. These files will be any html, css, javascript, images, php files etc. that is needed to show the desired content.

Depending on how these files are organized it is probably also needed to edit the Apache config files in /etc/httpd. After you have edited the files in /etc/httpd the webserver needs to be restarted for any changes to take effect.
To restart Apache write this command:
sudo systemctl restart httpd

I will not go into any details here, since there are lots of good tutorials and guides for this on the internet. Google is your friend.

Install MySQL (MariaDB)

After the webserver has been configured there maybe a need for a databases to store content on the server. In my case the MariaDB is used to store the articles etc. that I write on retrocoder.se.

The installation of MariaDB is also super-easy. Just type in the following commands:
sudo yum install mariadb mariadb-server
sudo systemctl start mariadb
sudo mysql_secure_installation
sudo systemctl enable mariadb

Install PHP

And finally to complete the LAMP stack we need to install PHP to run the actual webserver code. As may be obvious depending on your actual website, you may not need to install MySQL or PHP. E.g. if your webserver only have a number of fixed content html pages, the Apache webserver will be enough for you.

But in the case of retrocoder.se PHP is needed and is installed with the following commands:
sudo yum install php php-mysqlnd
sudo systemctl restart httpd

The last command restarts the Apache webserver and that is needed since when PHP is installed Apache needs to reread its configuration to enable correct handling of PHP files. Without this any PHP file, e.g. index.php, will be treated as a ordinary text file and Apache will only display the content of the file.

Final steps

Now these were all the steps needed to install a LAMP based webserver. Piece-of-cake.

How ever in my case, since I was migrating my VPS, a few more configuration steps were needed. These steps are related to setting up the MySQL database and restoring the content of retrocoder.se. Before I started the migration I made backup of the database and other files to be able to restore everything like it was on the previous VPS.

Create database user

First a new user was created on the MariaDB server. This is not strictly necessary, but it is a good practice to use a dedicated database user account, with limited capabilities and rights. In this way the damage can be somewhat limited if an intruder get hold of the database user credentials. These credentials has to be stored in a PHP text file for PHP to be able to access the database. And you don't want to store the db root account credentials somewhere on the server.

Ok, so to do this we use the MySQL admin tool called mysql. Start this with the command:
mysql -u root -p

This will start the admin tool by asking for the database root password.

Then a new user is created by writing the following SQL commands:
CREATE USER username'@'localhost';
SET PASSWORD FOR 'username'@'localhost' = PASSWORD('password');

It is important to set the new users password by using the PASSWORD() function. This function hashes the password before it is stored in the database. Otherwise the password will be stored in clear text, which is something that should never be done.

Next the new user needs some rights to do stuff in the database. These rights should be as limited as possible to minimize the capabilities of an possible malicious intruder. In the case of retrocoder.se the new user only has the rights to read, insert, update and delete content on the specific database used by the site. These rights are given to the user by the following SQL command:
GRANT SELECT, INSERT, UPDATE, DELETE ON `database`.* TO 'username'@'localhost';

Ok, now we have new user for accessing the database from PHP.

Restore MySQL backup

My last step in the migration of retrocoder.se was to restore the database content. I had a SQL backup made from the previous server.
The database backup is restored with the same MySQL admin tool as before. I my case I first had to create the database to be used, but I think this step could have been included in the backup file since the backup is only a text file with SQL commands.

To create the database start mysql admin:
mysql -u root -p

In there write
CREATE DATABASE dbname CHARACTER SET utf8;

Then to restore from the backup write this command:
mysql -u root -p dbname < backup-file.sql

Well done!

That was all for this time.

On the VPS that hosts the retrocoder.se website I also run a mailserver for email sent to and from retrocoder.se email addresses. The setup of the mail server will be described on the third and last article in this series.

Hope to see you soon again!

//retrocoder