Before anything begins; first thing first;
$ apt-get update --allow-releaseinfo-change $ apt-get install --reinstall ca-certificates $ apt-get upgrade -y $ apt-get upgrade --fix-missing $ apt-get install nano wget perl curl sudo -y $ sudo apt -y dist-upgrade $ sudo apt --purge autoremove $ sudo apt update && sudo apt upgrade $ adduser nginx $ adduser nginx sudo $ su - nginx $ exit
$ apt -y purge Apache2* bind* exim* ufw firewalld libapache2-mod-php* postfix
Step 1. Install Nginx
$ sudo apt-get install nginx -y $ systemctl start nginx $ systemctl enable nginx $ systemctl status nginx http://i.p address $ chown www-data:www-data /var/www/html -R
Step 2. Install DB
$ apt install mariadb-server mariadb-client -y $ systemctl start mariadb $ systemctl status mariadb $ systemctl enable mariadb $ mysql_secure_installation type y to set the root password $ mariadb -u root exit;
Step 3. Install PHP
$ sudo apt -y install php software-properties-common $ sudo apt -y install php-common php-mysql php-xml php-xmlrpc php-curl php-gd php-imagick php-cli php-fpm php-json php-imap php-mbstring php-opcache php-soap php-dev php-cgi php-zip php-intl php-bcmath php-pear $ sudo apt -y install libmcrypt-dev libreadline-dev mcrypt
$ sudo apt -y install php8.2 php8.2-fpm php8.2-common php8.2-mysql php8.2-xml php8.2-xmlrpc $ sudo apt -y install php8.2-curl php8.2-gd php8.2-cli php8.2-dev php8.2-imap $ sudo apt -y install php8.2-mbstring php8.2-soap php8.2-zip php8.2-cgi
$ sudo apt -y install php7.4 php7.4-fpm php7.4-common php7.4-mysql php7.4-xml php7.4-xmlrpc $ sudo apt -y install php7.4-curl php7.4-gd php7.4-cli php7.4-dev php7.4-imap php7.4-mbstring $ sudo apt -y install php7.4-soap php7.4-zip php7.4-cgi
$ apt -y purge Apache2* bind* exim* ufw firewalld libapache2-mod-php* postfix
$ sudo nano /etc/php/8.2/fpm/pool.d/www.conf user = nginx group = nginx listen.owner = nginx listen.group = nginx $ systemctl start php8.2-fpm $ systemctl enable php8.2-fpm $ systemctl status php8.2-fpm
Step 4. Configure Nginx to use PHP Processor
$ sudo nano /etc/nginx/sites-enabled/default
--------------------------------------------
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
}
}
$ sudo nginx -t $ sudo systemctl reload nginx http://server_IP/
=============Create Website=======================================
Use full domain name or whatever word!
$ sudo mkdir -p /var/www/html/website1
$ sudo nano /var/www/html/website1/index.html
$ sudo nano /etc/nginx/sites-available/website1.conf
server {
listen 80;
server_name website1.com;
root /var/www/html/website1;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
}
access_log /var/log/nginx/website1-access.log;
error_log /var/log/nginx/website1-error.log;
}
------------OR------------------------------------------------
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
root /var/www/html/website1;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
}
access_log /var/log/nginx/website1-access.log;
error_log /var/log/nginx/website1-error.log;
location ~ /\.ht {
deny all;
}
}
Make other website by copying first one.
$ sudo cp /etc/nginx/sites-available/website1 /etc/nginx/sites-available/website2 $ sudo nano /etc/nginx/sites-available/website2 paste same as above website1.com. $ sudo ln -s /etc/nginx/sites-available/website1.conf /etc/nginx/sites-enabled/ $ sudo nginx -t $ sudo systemctl restart nginx
Step 5. Automatic restart of Nginx
$ systemctl restart nginx $ mkdir -p /etc/systemd/system/nginx.service.d/ $ nano /etc/systemd/system/nginx.service.d/restart.conf Add the following lines to the file [Service] Restart=always RestartSec=5s $ systemctl daemon-reload $ pkill nginx $ systemctl status nginx
Step 6. Install Memcached
Memcached allows server side caching for faster data retrieval. $ sudo apt -y install memcached $ sudo apt -y install php8.2-memcached $ sudo service php8.2-fpm restart $ sudo service nginx restart
Step 7.Install phpMyAdmin with Domain
$ sudo apt -y install phpmyadmin
$ ln -s /usr/share/phpmyadmin /var/www/html
$ cd /var/www/html/phpmyadmin
$ sudo cp config.sample.inc.php config.inc.php
$ sudo nano config.inc.php
$cfg['blowfish_secret'] = '';
$ chown -R www-data:www-data /var/www/html/phpmyadmin
$ chmod -R 755 /var/www/html/phpmyadmin
sudo rm -rf /var/www/html/phpmyadmin/setup
$ nano /etc/nginx/conf.d/domain.conf // this is in conf.d not sites_available
server {
listen 80;
server_name Domain;
root /var/www/html/phpmyadmin;
index index.php index.html index.htm;
error_log /var/log/nginx/phpmyadmin_error.log;
access_log /var/log/nginx/phpmyadmin_access.log;
client_max_body_size 100M;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
$ rm /etc/nginx/sites-enabled/default
$ rm /etc/nginx/sites-available/default
$ nginx -t
$ systemctl reload nginx
http://domain1.com
Step 8 .Install Webmin
$ curl -o setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh $ sh setup-repos.sh $ apt -y install webmin --install-recommends ( change port: $ sudo nano -w /etc/webmin/miniserv.conf )
Reduce the size of the initramfs
$ nano /etc/initramfs-tools/conf.d/compress COMPRESS=xz reduce it further with sed -i s,MODULES=most,MODULES=dep,g /etc/initramfs-tools/initramfs.conf update-initramfs -u
Install Let’s Encrypt on Your Domain
$ add-apt-repository ppa:certbot/certbot $ apt-get update -y $ apt-get install python-certbot-nginx -y $ certbot --nginx -d example.com Set Up Let’s Encrypt SSL Certificate Auto-Renewal $ crontab -e Add the following line: 12 8 * * * root /usr/bin/certbot renew >/dev/null 2>&1 Renew the SSL certificate manually: $ certbot renew --dry-run
prerequisite $ cat /proc/cpuinfo $ sudo dpkg --configure -a $ sudo nano /etc/hosts $ sudo hostnamectl set-hostname new-one $ newgrp $ apt-get update --allow-releaseinfo-change $ apt-get install --reinstall ca-certificates $ apt-get upgrade -y $ apt-get install nano wget curl perl sudo -y $ sudo apt dist-upgrade $ sudo apt --purge autoremove $ sudo apt update && sudo apt upgrade $ apt -y purge Apache2* bind* exim* ufw* firewalld* ================Install Apache========================================== $ sudo apt -y install apache2 apache2-utils $ apache2 -v $ systemctl status apache2 $ systemctl reload apache2 =================PHP===================== $ sudo apt -y install php software-properties-common $ sudo apt -y install php-common php-mysql php-xml php-xmlrpc php-curl php-gd php-imagick php-cli php-fpm php-json php-imap php-mbstring php-opcache php-soap php-dev php-cgi php-zip php-intl php-bcmath php-pear $ sudo apt -y install libmcrypt-dev libreadline-dev mcrypt
$ sudo apt -y install php8.2 php8.2-fpm php8.2-common php8.2-mysql php8.2-xml php8.2-xmlrpc php8.2-curl php8.2-gd php8.2-cli php8.2-dev php8.2-imap php8.2-mbstring php8.2-soap php8.2-zip php8.2-cgi
$ sudo apt -y install php7.4 php7.4-fpm php7.4-common php7.4-mysql php7.4-xml php7.4-xmlrpc
$ sudo apt -y install php7.4-curl php7.4-gd php7.4-cli php7.4-dev php7.4-imap php7.4-mbstring
$ sudo apt -y install php7.4-soap php7.4-zip php7.4-cgi
================MySql==========================================
$ apt install -y mariadb-server mariadb-client
$ systemctl status mariadb
$ mysql_secure_installation
$ mysql -u root -p
--Enter password:
Maria DB [(none)]>
> CREATE DATABASE rome;
> CREATE USER 'user_name'@localhost IDENTIFIED BY 'password';
> GRANT ALL PRIVILEGES ON *.* TO 'db_name'@localhost IDENTIFIED BY 'password';
> FLUSH PRIVILEGES;
> SHOW GRANTS FOR 'db_name'@localhost;
> SHOW DATABASES;
> Exit;
===============Setting website========================
$ mkdir -p /var/www/website
$ chmod -R 755 /var/www/website
$ nano /var/www/website/index.php
$ cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/website.conf
$ nano /etc/apache2/sites-available/website.conf
<VirtualHost *:80>
ServerName your_domain
ServerAlias www.your_domain
ServerAdmin webmaster@localhost
DocumentRoot /var/www/your_domain
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
$ a2dissite 000-default.conf
$ a2ensite website.conf
$ systemctl reload apache2
$ sudo apachectl configtest
Output Syntax OK
$ systemctl reload apache2
==========Using php-fpm===========
$ sudo systemctl start php8.2-fpm
$ sudo systemctl status php8.2-fpm
$ sudo systemctl reload apache2
$ sudo chown -R www-data:www-data /var/www/website
$ sudo chmod -R 755 /var/www/website
$ nano /etc/apache2/sites-available/website.conf
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName website.com
DocumentRoot /var/www/website
DirectoryIndex index.php index.html
<Directory /var/www/website>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php/php8.2-fpm.sock|fcgi://localhost"
</FilesMatch>
ErrorLog ${APACHE_LOG_DIR}/site1_error.log
CustomLog ${APACHE_LOG_DIR}/site1_access.log combined
</VirtualHost>
$ sudo apachectl configtest
Output Syntax OK
$ sudo a2ensite website
$ sudo a2dissite 000-default.conf
$ sudo systemctl reload apache2
================Webmin===================
$ sudo apt -y install curl
$ curl -o setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh
$ sh setup-repos.sh
$ apt -y install webmin --install-recommends
( change port: $ sudo nano -w /etc/webmin/miniserv.conf )
===============phpMyAdmin=======================
sudo apt install phpmyadmin -y
sudo dpkg --configure -a
sudo apt -y autoremove
sudo apt install phpmyadmin -y
$ sudo ln -s /usr/share/phpmyadmin/ /var/www/html/
$ cd /var/www/html/phpmyadmin
$ ls
$ sudo cp config.sample.inc.php config.inc.php
$ sudo nano config.inc.php
$cfg['blowfish_secret'] = '';
$ sudo chown -R www-data:www-data /var/www/html
$ sudo rm -rf /var/www/html/phpmyadmin/setup
http://i.p addr/phpmyadmin
Testing Sequential Write Speed $ dd if=/dev/zero of=/tmp/tempfile bs=1M count=1024 conv=fdatasync Testing Sequential Read Speed $ sudo sh -c "/usr/bin/echo 3 > /proc/sys/vm/drop_caches" $ dd if=/tmp/tempfile of=/dev/null bs=1M count=1024 $ lsb_release -a //current Debian version OR $ cat /etc/debian_version $ cat /proc/cpuinfo $ sudo dpkg --configure -a $ sudo nano /etc/hosts $ sudo hostnamectl set-hostname new-one $ newgrp $ apt-get update --allow-releaseinfo-change -y $ apt-get install --reinstall ca-certificates -y $ apt-get upgrade -y $ apt-get install nano wget curl perl sudo -y $ sudo apt -y dist-upgrade $ sudo apt --purge autoremove -y $ sudo apt update && sudo apt upgrade -y $ apt -y purge Apache2* bind* exim* ufw firewalld libapache2-mod-php* $ adduser caddy $ adduser caddy sudo $ su - caddy $ exit 1. ============Install DB================ $ apt install mariadb-server mariadb-client -y $ systemctl start mariadb $ systemctl enable mariadb $ systemctl status mariadb $ mysql_secure_installation type y to set the root password $ mariadb -u rootexit;
2. ==========Install PHP================== $ sudo apt -y install php software-properties-common libmcrypt-dev libreadline-dev mcrypt $ sudo apt -y install php-common php-mysql php-xml php-xmlrpc php-curl php-gd php-imagick php-cli php-fpm php-json php-imap php-mbstring php-opcache php-soap php-dev php-cgi php-zip php-intl php-bcmath php-pear $ sudo apt -y install php8.2 php8.2-fpm php8.2-common php8.2-mysql php8.2-xml php8.2-xmlrpc php8.2-curl php8.2-gd php8.2-cli php8.2-dev php8.2-imap php8.2-mbstring php8.2-soap php8.2-zip php8.2-cgi 3. ==============Install Caddy========================= $ sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl $ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg $ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list $ sudo apt update $ sudo apt install caddy $ sudo systemctl enable --now caddy $ sudo systemctl status caddy Open http://i.p in your browser
# nano /etc/php/8.2/fpm/pool.d/www.conf user = caddy group= caddy listen.owner = caddy listen.group= caddy # sudo systemctl restart php8.2-fpm $ systemctl start php8.2-fpm $ sudo systemctl enable --now php8.2-fpm $ systemctl status php8.2-fpm
$ apt -y purge Apache2* bind* exim* ufw firewalld libapache2-mod-php*
4. =========Making Website==================
$ sudo mkdir /usr/share/caddy/domain1
$ nano /usr/share/caddy/domain1/index.html
5. ========Install Webmin===============
$ curl -o setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh
$ sh setup-repos.sh
$ apt -y install webmin --install-recommends
( change port: $ sudo nano -w /etc/webmin/miniserv.conf )
6. ====Install PhpMyadmin on Debian($ sudo apt-get purge adminer)====
$ sudo apt install phpmyadmin -y
$ sudo apt -y autoremove
$ sudo dpkg --configure -a ( $ sudo apt install phpmyadmin -y )
$ mysql -u root
use mysql;
FLUSH PRIVILEGES;
ALTER USER 'root'@'localhost' IDENTIFIED BY 'xxxxxxxx';
FLUSH PRIVILEGES;
exit;
$ cd /usr/share/phpmyadmin
$ ls
$ sudo cp config.sample.inc.php config.inc.php
$ sudo nano config.inc.php
$cfg['blowfish_secret'] = '';
$ sudo chown -R caddy:caddy /usr/share/phpmyadmin
$ sudo rm -rf /usr/share/phpmyadmin/setup
7. Working with CaddyFile
$ nano /etc/caddy/Caddyfile //caddyfile holds all the domain info.
===========Very Basic cong. ==============================
:80 {
root * /usr/share/caddy
file_server
# reverse_proxy localhost:8080
# php_fastcgi localhost:9000
}
$ systemctl reload caddy
==============OR with fpm=======================
domain:80 {
tls xxx@xxx.com
root * /usr/share/caddy/domain1
file_server
encode zstd gzip
php_fastcgi unix//run/php/php8.2-fpm.sock
log {
output file /var/log/caddy/access.log
format console
}
}
==========Use as proxy server===========================
domain:80 {
tls xxx@xxx.com
/usr/share/caddy/domain1
file_server
encode zstd gzip
reverse_proxy localhost:3000
log {
output file /var/log/caddy/access.log
format console
}
}
$ sudo systemctl restart caddy
8. ====Install PhpMyadmin on Debian($ sudo apt-get purge adminer)====
$ nano /etc/caddy/Caddyfile
:8070 {
root * /usr/share/phpmyadmin
file_server
encode zstd gzip
php_fastcgi unix//run/php/php7.4 8.2-fpm.sock
}
$ sudo systemctl restart caddy
http://i.p addr:8070
Extra: =============Install Adminer on Debian=============
$ sudo mkdir /usr/share/caddy/adminer
$ sudo wget https://www.adminer.org/latest.php -O /usr/share/caddy/adminer/index.php
$ sudo mysql
$ SET PASSWORD FOR 'root'@'localhost' = PASSWORD("my-password");
$ FLUSH PRIVILEGES;
$ exit;
Option://$ sudo ufw allow from any to any port 8070 proto tcp
$ sudo nano /etc/caddy/Caddyfile
:8070 {
root * /usr/share/caddy/adminer
encode gzip zstd
php_fastcgi unix//run/php/php7.4-fpm.sock
# Enable the static file server.
file_server
}
$ sudo systemctl restart caddy
http://i.p:8070
Important ! ==========Enabling Automatic HTTPS===========
In the first line of the Caddyfile, you specify the domains that Caddy should manage.
example.com:80 {
tls email@example.com
root * /var/www/html
file_server
}
tls email@example.com indicates to Caddy that it should use Let's Encrypt to secure
domain using the provided email address for notifications.
============Getting different version of PHP=========================
$ apt -y install apt-transport-https lsb-release ca-certificates
$ wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
$ echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" |
sudo tee /etc/apt/sources.list.d/php.list
$ sudo apt-get -y upgrade
$ sudo apt-get -y purge php8.*
$ sudo apt-get -y purge php5.6*
$ sudo apt-get -y autoclean
$ sudo apt-get -y autoremove
Set Default PHP Version
$ sudo update-alternatives --set php /usr/bin/php7.4
$ php -v
$ php -i | grep "Loaded Configuration File"
$ a2dismod php5.6
$ a2enmod php5.6
=============Install Wordpress================================
Open webmin, go to desired domain, upload wordpress.zip and extract wordpress.zip.
OR
$ cd /tmp
$ wget https://wordpress.org/latest.zip
$ sudo mkdir /usr/share/caddy/domain
$ sudo unzip /tmp/latest.zip //it will unzip in the directory wordpress.
$ sudo mv /tmp/wordpress/* /usr/share/caddy/domain //it will transfer all the files to domain.
$ cd /usr/share/caddy/domain
$ ls //see if all the files there
$ sudo chown -R caddy:caddy /usr/share/caddy/domain
mysql -u root -p
CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL ON wordpress.* TO 'user'@'localhost' IDENTIFIED BY 'password';
GRANT ALL ON *.* TO 'user'@'localhost';
FLUSH PRIVILEGES;
exit;
$ nano /etc/caddy/Caddyfile
domain: {
tls your@email.com
log {
output file /var/log/caddy/your.domain
format console
}
root * /usr/share/caddy/domain
encode gzip
file_server
php_fastcgi unix//run/php/php7.4-fpm.sock
@disallowed {
path /xmlrpc.php
path *.sql
path /wp-content/uploads/*.php
}
rewrite @disallowed '/index.php'
}
$ sudo systemctl restart caddy
$ cd /usr/share/caddy/domain
rename wp-config-sample.php to wp-config.php
$ mv wp-config-sample.php wp-config.phpf
$ sudo nano /usr/share/caddy/domain/wp-config.php
define('DB_NAME', 'wp_site');
define('DB_USER', 'wp_user');
define('DB_PASSWORD', 'StrongPassword');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
Go to https://Domain, it will setup Wordpress.
=============Install Adminer on Debian 11=============
$ sudo mkdir /usr/share/caddy/adminer
$ sudo wget https://www.adminer.org/latest.php -O /usr/share/caddy/adminer/index.php
$ sudo mysql
$ SET PASSWORD FOR 'root'@'localhost' = PASSWORD("my-password");
$ FLUSH PRIVILEGES;
$ exit;
Option://$ sudo ufw allow from any to any port 8080 proto tcp
$ sudo nano /etc/caddy/Caddyfile
:8080 {
root * /usr/share/caddy/adminer
encode gzip zstd
php_fastcgi unix//run/php/php7.4-fpm.sock
# Enable the static file server.
file_server
}
$ sudo systemctl restart caddy
http://i.p:8080