Installazione ambiente LEMP (Linux Nginx MariaDB PHP) su Debian 9.5 Stretch
In questo tutorial andremo ad installare passo dopo passo un ambiente LEMP ( Linux Nginx MariaDB PHP) su Linux Debian 9.5 Stretch.
Consideriamo di partire da una macchina virtuale preinstallata Linux Debian 9.5 Stretch (per l’installazione segui questo articolo) ed aggiorniamola
sudo apt-get update
sudo apt-get upgrade
per semplicità faremo tutta l’attività di installazione con l’utenza root (attraverso il comando su). Cominciamo installando il server web Nginx
apt-get install nginx
abilitiamo avvio automatico al boot di Nginx
systemctl enable nginx
avremo
root@debiantest01:/home/test# systemctl status nginx
● nginx.service – A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2018-09-10 12:42:58 CEST; 1min 44s ago
Docs: man:nginx(8)
Process: 1676 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 1675 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 1679 (nginx)
Tasks: 2 (limit: 4915)
Memory: 8.2M
CPU: 71ms
CGroup: /system.slice/nginx.service
├─1679 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─1680 nginx: worker processset 10 12:42:57 debiantest01 systemd[1]: Starting A high performance web server and a reverse proxy server…
set 10 12:42:58 debiantest01 systemd[1]: nginx.service: Failed to read PID from file /run/nginx.pid: Invalid argument
set 10 12:42:58 debiantest01 systemd[1]: Started A high performance web server and a reverse proxy server.
per verificare il funzionamento è possibile anche accedere all’indirizzo http://ip_server (se è presente un DHCP nella vostra rete utilizzare il comando ip addr per avere evidenza dell’indirizzo ip)
Installiamo il database MariaDB
apt-get install mariadb-server
systemctl status mariadb
● mariadb.service – MariaDB database server
Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2018-09-10 13:37:28 CEST; 35s ago
Main PID: 3230 (mysqld)
Status: “Taking your SQL requests now…”
CGroup: /system.slice/mariadb.service
└─3230 /usr/sbin/mysqldset 10 13:37:27 debiantest01 systemd[1]: Starting MariaDB database server…
set 10 13:37:27 debiantest01 mysqld[3230]: 2018-09-10 13:37:27 140444754145856 [Note] /usr/sbin/mysqld (mysqld 10.1.26-MariaDB-0+deb9
set 10 13:37:28 debiantest01 systemd[1]: Started MariaDB database server.
abilitiamo avvio automatico al boot di MariaDB
systemctl enable mariadb
rendiamo il database MariaDB sicuro seguendo le best practices
mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!In order to log into MariaDB to secure it, we’ll need the current
password for the root user. If you’ve just installed MariaDB, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.Enter current password for root (enter for none): lasciare vuoto la prima volta (fare invio)
successivamente inseriamo la password dell’utente root.
Eliminiamo l’utente anonimo
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.Remove anonymous users? [Y/n] Y
Disabilitiamo l’accesso da remoto di root (disabilitandolo è possibile interagire con PHPMYADMIN)
Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.Disallow root login remotely? [Y/n]Y
Rimuoviamo il database test
By default, MariaDB comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.Remove test database and access to it? [Y/n]Y
e in ultimo effettuiamo il reload dei privilegi
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.Reload privilege tables now? [Y/n]Y
Cleaning up…
All done! If you’ve completed all of the above steps, your MariaDB
installation should now be secure.Thanks for using MariaDB!
Terminata l’installazione del database MariaDB, installiamo i pacchetti PHP per interagire con MariaDB e Nginx
apt-get install php-fpm php-mysql php-cli vim
vim /etc/php/7.0/fpm/php.ini
ed impostiamo i seguenti parametri
cgi.fix_pathinfo=0
upload_max_filesize = 8M
date.timezone = “Europe/Rome”
per poter leggere i file php modifichiamo il Server Block (simile al VirtualHost di Apache)
vim /etc/nginx/sites-enabled/default
abilitiamo le righe location dei file php al’interno della direttiva server, in particolare:
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
ed aggiungiamo alla direttiva index index.php, avremo
index index.php index.html index.htm index.nginx-debian.html;
verifichiamo che la sintassi sia corretta e riavviamo Nginx
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
systemctl restart nginx
A questo punto creiamo una pagina di info
echo "<?php phpinfo(); ?>" > /var/www/html/info.php
ed accediamo alla pagina http://ip_server/info.php
