Basic
This product need a certain level of technical expertise. If you don't know what you are doing, you might break the System and cause bad things to happen.
Welcome to this getting started & setup guide.
This setup guide will help you setup the required basics that are needed for almost every of our products.
You will need the following sofwares to install and use this product:
For our server we are using Debian 11 "bullseye" 64 bit. This should work on any other systems, tho probably changes are nessessary to make.
We have the option of using nginx or apache. In both cases we need PHP
Make sure you system is up-to-date by executing sudo apt-get update -y && sudo
apt-get upgrade -y.
Since PHP8 is not in the official Debian repositories, we need to add the external repository from "survy".
root@server:~# sudo apt install ca-certificates apt-transport-https software-properties-common gnupg2 git unzip -y
root@server:~# echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/sury-php.list
root@server:~# wget -qO - https://packages.sury.org/php/apt.gpg | sudo apt-key add -
root@server:~# sudo apt update -y
After that we can install the packages we need.
root@server:~# sudo apt install -y php8.1-zip php8.1-common php8.1-mysql php8.1-ssh2 php8.1-xml php8.1-curl php8.1-gd php8.1-imagick php8.1-mbstring
see the above PHP installation.
root@server:~# sudo apt install -y apache2 libapache2-mod-php8.1
root@server:~# sudo a2enmod rewrite
After that we need to enable our custom .htaccess file by edition the apache2-configuration:
open the apache2-config with sudo nano
/etc/apache2/apache2.conf and find the following block:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Now, change the AllowOverride from None to
All. The line should now be: AllowOverride All.
Quit the editor using ctrl + x and confirm with y
Restart apache with sudo systemctl restart apache2 and we are done.
Install nginx with the following command:
root@server:~# sudo apt install nginx
Since there are no PHP Modules for nginx, we need to install fpm:
root@server:~# sudo apt install php8.1-fpm
Now we can modify the configuration /etc/nginx/sites-enable/default
or create a new one in the folder
/etc/nginx/sites-available/
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# document root
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.php;
# Website-Name
server_name _;
# PHP Handler via FPM
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
}
# Rewrite assets to _views
location ~* ^\/(assets|css|png|img|imgs|images|js)\/(.*) {
rewrite (.*) /_views/$1 break;
return 301;
}
# use PHP if the file does not exist
location / {
try_files $uri $uri/ /index.php?$args;
}
# disallow direct config access
location /config.json {
deny all;
}
# allow .well-known access
location ~ /\.(?!well-known).* {
deny all;
access_log off;
log_not_found off;
}
}
Enable the page and reload nginx with sudo systemctl reload nginx
and you should be good to go.
If not stated otherwise, the product needs a database to run on. We are using MariaDB and this will explain how to set it up and create a new user for the product.
root@server:~# sudo apt install mariadb-server mariadb-client
Next, we need to configure mysql with the right things. Run sudo
mysql_secure_installation
root@server:~# sudo mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
First we just press enter, since we do not currently have a root password. After
that we always answer with Y and when ask to input our root-password we
just enter root.
It should be noted, that this is not a security issue, since we are only allowing a
root-login from localhost (the server itself). If you plan to use something like
phpmyadmin, it is advised to use a secure password.
Now, let's create a user to use with the product.
Enter the mysql shell be running sudo mysql. You should get a shell
similiar to this:
root@server:~# sudo mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 57
Server version: 10.3.23-MariaDB-0+deb10u1 Debian 10
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
This means, we are successfully connect to the database and can now create the new user.
MariaDB [(none)]> CREATE USER 'CP'@'localhost' IDENTIFIED BY 'CP';
Again, we are only allowing the user to login from localhost, so user
CP as the password is fine.
MariaDB [(none)]> GRANT ALL PRIVILEGES ON * . * TO 'CP'@'localhost';
This will grant the user access to all databases. Since we do not have created on for the specific product. You can also do this step after importing this database and just grant access to the one database.
MariaDB [(none)]> FLUSH PRIVILEGES;
Run this to reload the privilege tables.
This concludes the basic setup. You can now continue the setup of the actual product.