About

This is a brief description of yourself or your site, to change this text go to the admin panel, settings, plugins, and configure the plugin "about".

Categories

Recent Article

Static Pages

GRAV with CADDY, Debian 12

 
Install, PHP, DB, Caddy first.

$ adduser caddy
$ adduser caddy sudo
$ su - caddy
$ exit

$ cd /usr/share/caddy
$ sudo wget https://getgrav.org/download/core/grav-admin/1.7.48
$ sudo unzip 1.7.48
$ sudo mv grav-admin grav
$ sudo chown -R $USER:$USER /usr/share/caddy/grav

$ nano /etc/caddy/Caddyfile

your_domain:80 {
    tls xxx@xxx.com
    root * /usr/share/caddy/grav
    file_server
    encode zstd gzip
    php_fastcgi unix//run/php/php8.2-fpm.sock 

    # Begin - Security
    # deny all direct access for these folders
    rewrite /(\.git|cache|bin|logs|backups|tests)/.* /403

    # deny running scripts inside core system folders
    rewrite /(system|vendor)/.*\.(txt|xml|md|html|htm|shtml|shtm|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ /403

    # deny running scripts inside user folder
    rewrite /user/.*\.(txt|md|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ /403

    # deny access to specific files in the root folder
    rewrite /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) /403

    respond /403 403
    ## End - Security

    # global rewrite should come last.
    try_files {path} {path}/ /index.php?_url={uri}&{query}

    log {
        output file /var/log/caddy/access.log
        format console
    }
}

$ sudo systemctl restart caddy

WordPress with Caddy

Open webmin, go to desired domain, upload wordpress.zip and extract wordpress.zip. OR

$ cd /tmp
$ wget https://wordpress.org/latest.zip
$ sudo mkdir /usr/share/caddy/domain
$ sudo unzip /tmp/latest.zip   //it will unzip in the directory wordpress.
$ sudo mv /tmp/wordpress/* /usr/share/caddy/domain  //it will transfer all the files to domain.
$ cd /usr/share/caddy/domain
$ ls //see if all the files there
$ sudo chown -R $USER:$USER /usr/share/caddy/domain

mysql -u root -p
CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL ON wordpress.* TO 'user'@'localhost' IDENTIFIED BY 'password';
GRANT ALL ON *.* TO 'user'@'localhost';
FLUSH PRIVILEGES;
exit;

$ nano /etc/caddy/Caddyfile
domain:80 {    
    tls your@email.com
        log {
        output file /var/log/caddy/your.domain
        format console
    }
    root * /usr/share/caddy/domain
    encode gzip
    file_server
    php_fastcgi unix//run/php/php8.2-fpm.sock
      @disallowed {
        path /xmlrpc.php
        path *.sql
        path /wp-content/uploads/*.php
                  }
     rewrite @disallowed '/index.php'

        if {path} not_match ^\/wp-admin
        to {path} {path}/ /index.php?_url={uri}
}
$ sudo systemctl restart caddy
$ cd /usr/share/caddy/domain
  rename wp-config-sample.php to wp-config.php
$ mv wp-config-sample.php wp-config.php
$ sudo nano /usr/share/caddy/domain/wp-config.php
define('DB_NAME', 'wp_site');
define('DB_USER', 'wp_user');
define('DB_PASSWORD', 'StrongPassword');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
Go to https://Domain, it will setup Wordpress.

Caddy

 
Testing Sequential Write Speed    
$ dd if=/dev/zero of=/tmp/tempfile bs=1M count=1024 conv=fdatasync
Testing Sequential Read Speed
$ sudo sh -c "/usr/bin/echo 3 > /proc/sys/vm/drop_caches"
$ dd if=/tmp/tempfile of=/dev/null bs=1M count=1024 

$ lsb_release -a //current Debian version OR  $ cat /etc/debian_version
$ cat /proc/cpuinfo
$ sudo dpkg --configure -a
$ sudo nano /etc/hosts
$ sudo hostnamectl set-hostname new-one
$ newgrp

$ apt-get update --allow-releaseinfo-change -y
$ apt-get install --reinstall ca-certificates -y
$ apt-get upgrade -y
$ apt-get install nano wget curl perl sudo -y
$ sudo apt -y dist-upgrade
$ sudo apt --purge autoremove -y
$ sudo apt update && sudo apt upgrade -y
$ apt -y purge Apache2* bind* exim* ufw firewalld libapache2-mod-php*

$ adduser caddy
$ adduser caddy sudo
$ su - caddy
$ exit

1. ============Install DB================
$ apt install mariadb-server mariadb-client -y
$ systemctl start mariadb
$ systemctl enable mariadb
$ systemctl status mariadb

$ mysql_secure_installation
type y to set the root password
$ mariadb -u rootexit; 

2. ==========Install PHP==================
$ sudo apt -y install php software-properties-common libmcrypt-dev libreadline-dev mcrypt
$ sudo apt -y install php-common php-mysql php-xml php-xmlrpc php-curl php-gd php-imagick php-cli php-fpm php-json php-imap php-mbstring php-opcache php-soap php-dev php-cgi php-zip php-intl php-bcmath php-pear
$ sudo apt -y install php8.2 php8.2-fpm php8.2-common php8.2-mysql php8.2-xml php8.2-xmlrpc php8.2-curl php8.2-gd php8.2-cli php8.2-dev php8.2-imap php8.2-mbstring php8.2-soap php8.2-zip php8.2-cgi

3. ==============Install Caddy========================= 
$ sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl 
$ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg 
$ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list

$ sudo apt update 
$ sudo apt install caddy
$ sudo systemctl enable --now caddy 
$ sudo systemctl status caddy 
Open http://i.p in your browser 

# nano /etc/php/8.2/fpm/pool.d/www.conf
user = caddy
group= caddy
listen.owner = caddy
listen.group= caddy
# sudo systemctl restart php8.2-fpm
$ systemctl start php8.2-fpm
$ sudo systemctl enable --now php8.2-fpm
$ systemctl status php8.2-fpm

$ apt -y purge Apache2* bind* exim* ufw firewalld libapache2-mod-php*

4. =========Making Website==================
$ sudo mkdir /usr/share/caddy/domain1
$ nano /usr/share/caddy/domain1/index.html

5. ========Install Webmin=============== 
$ curl -o setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh 
$ sh setup-repos.sh 
$ apt -y install webmin --install-recommends 
( change port: $ sudo nano -w /etc/webmin/miniserv.conf ) 

6. ====Install PhpMyadmin on Debian($ sudo apt-get purge adminer)==== 
$ sudo apt install phpmyadmin -y 
$ sudo apt -y autoremove 
$ sudo dpkg --configure -a ( $ sudo apt install phpmyadmin -y )
$ mysql -u root
use mysql;
FLUSH PRIVILEGES;
ALTER USER 'root'@'localhost' IDENTIFIED BY 'xxxxxxxx';
FLUSH PRIVILEGES;
exit;
$ cd /usr/share/phpmyadmin
$ ls
$ sudo cp config.sample.inc.php config.inc.php
$ sudo nano config.inc.php
  $cfg['blowfish_secret'] = '';
$ sudo chown -R caddy:caddy /usr/share/phpmyadmin
$ sudo rm -rf /usr/share/phpmyadmin/setup

7. Working with CaddyFile
$ nano /etc/caddy/Caddyfile    //caddyfile holds all the domain info.
===========Very Basic cong. ==============================
:80 {   
    root * /usr/share/caddy 
    file_server
    # reverse_proxy localhost:8080
    # php_fastcgi localhost:9000
}

$ systemctl reload caddy
==============OR with fpm=======================
domain:80 {
    tls xxx@xxx.com
    root * /usr/share/caddy/domain1
    file_server
    encode zstd gzip
    php_fastcgi unix//run/php/php8.2-fpm.sock 
    log {
        output file /var/log/caddy/access.log
        format console
    }
}
==========Use as proxy server===========================
domain:80 {
    tls xxx@xxx.com
    /usr/share/caddy/domain1
    file_server
    encode zstd gzip
    reverse_proxy localhost:3000
    log {
        output file /var/log/caddy/access.log
        format console
    }
}
$ sudo systemctl restart caddy

8. ====Install PhpMyadmin on Debian($ sudo apt-get purge adminer)====
$ nano /etc/caddy/Caddyfile
:8070 { 
    root * /usr/share/phpmyadmin
    file_server
    encode zstd gzip
    php_fastcgi unix//run/php/php7.4 8.2-fpm.sock     
}
$ sudo systemctl restart caddy
http://i.p addr:8070

Extra: =============Install Adminer on Debian=============
$ sudo mkdir /usr/share/caddy/adminer
$ sudo wget https://www.adminer.org/latest.php -O /usr/share/caddy/adminer/index.php
$ sudo mysql
$ SET PASSWORD FOR 'root'@'localhost' = PASSWORD("my-password");
$ FLUSH PRIVILEGES;
$ exit;
Option://$ sudo ufw allow from any to any port 8070 proto tcp
$ sudo nano /etc/caddy/Caddyfile
:8070 {      
        root * /usr/share/caddy/adminer
        encode gzip zstd
        php_fastcgi unix//run/php/php7.4-fpm.sock

        # Enable the static file server.
        file_server
}
$ sudo systemctl restart caddy
http://i.p:8070

Important ! ==========Enabling Automatic HTTPS===========
In the first line of the Caddyfile, you specify the domains that Caddy should manage.
example.com:80 {
    tls email@example.com
    root * /var/www/html
    file_server
}
tls email@example.com indicates to Caddy that it should use Let's Encrypt to secure
domain using the provided email address for notifications.

============Getting different version of PHP=========================
$ apt -y install apt-transport-https lsb-release ca-certificates
$ wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
$ echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" |
sudo tee /etc/apt/sources.list.d/php.list
$ sudo apt-get -y upgrade
$ sudo apt-get -y purge php8.*
$ sudo apt-get -y purge php5.6*
$ sudo apt-get -y autoclean
$ sudo apt-get -y autoremove
Set Default PHP Version
$ sudo update-alternatives --set php /usr/bin/php7.4
$ php -v
$ php -i | grep "Loaded Configuration File"
$ a2dismod php5.6
$ a2enmod php5.6

=============Install Wordpress================================
Open webmin, go to desired domain, upload wordpress.zip and extract wordpress.zip.
OR
$ cd /tmp
$ wget https://wordpress.org/latest.zip
$ sudo mkdir /usr/share/caddy/domain
$ sudo unzip /tmp/latest.zip   //it will unzip in the directory wordpress.
$ sudo mv /tmp/wordpress/* /usr/share/caddy/domain  //it will transfer all the files to domain.
$ cd /usr/share/caddy/domain
$ ls //see if all the files there
$ sudo chown -R caddy:caddy /usr/share/caddy/domain

mysql -u root -p
CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL ON wordpress.* TO 'user'@'localhost' IDENTIFIED BY 'password';
GRANT ALL ON *.* TO 'user'@'localhost';
FLUSH PRIVILEGES;
exit;

$ nano /etc/caddy/Caddyfile
domain: {    
    tls your@email.com
        log {
        output file /var/log/caddy/your.domain
        format console
    }
    root * /usr/share/caddy/domain
    encode gzip
    file_server
    php_fastcgi unix//run/php/php7.4-fpm.sock
      @disallowed {
        path /xmlrpc.php
        path *.sql
        path /wp-content/uploads/*.php
                  }
     rewrite @disallowed '/index.php'
}
$ sudo systemctl restart caddy
$ cd /usr/share/caddy/domain
  rename wp-config-sample.php to wp-config.php
$ mv wp-config-sample.php wp-config.phpf
$ sudo nano /usr/share/caddy/domain/wp-config.php
define('DB_NAME', 'wp_site');
define('DB_USER', 'wp_user');
define('DB_PASSWORD', 'StrongPassword');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
Go to https://Domain, it will setup Wordpress.

=============Install Adminer on Debian 11=============
$ sudo mkdir /usr/share/caddy/adminer
$ sudo wget https://www.adminer.org/latest.php -O /usr/share/caddy/adminer/index.php
$ sudo mysql
$ SET PASSWORD FOR 'root'@'localhost' = PASSWORD("my-password");
$ FLUSH PRIVILEGES;
$ exit;
Option://$ sudo ufw allow from any to any port 8080 proto tcp
$ sudo nano /etc/caddy/Caddyfile
:8080 {       
        root * /usr/share/caddy/adminer
        encode gzip zstd
        php_fastcgi unix//run/php/php7.4-fpm.sock

        # Enable the static file server.
        file_server
}
$ sudo systemctl restart caddy
http://i.p:8080