CO & US Flags
Home Veterans PH-TRotS Motorcycles HAM/KD0EQH Linux Reloading Josh CBT Graduation Chef Rousseau
Weather

LAMP Install

Linux(openSUSE) / Apache / MariaDB / PHP

OS

Install openSUSE(install guide coming soon)

Configure SUDO

sudo visudo

REMOVE [ root ALL=(ALL:ALL) ALL ]
ADD [ username ALL=(ALL:ALL) ALL ]

SAVE & EXIT

Configure User Session Timeout

Create a new file called autologout.sh

sudo nano /etc/profile.d/autologout.sh

Add the following lines:

TMOUT=600
readonly TMOUT
export TMOUT

SAVE & EXIT

Make it executable

sudo chmod +x /etc/profile.d/autologout.sh

Harden SSH

Backup sshd_config

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config_BAK

Deny root ssh logon

sudo nano /etc/ssh/sshd_config

UPDATE: PermitRootLogin no

SAVE & EXIT

Restart SSH server

sudo systemctl restart sshd

Lid close action, do nothing

Run a personal linux server on a laptop, you bet. Great use of older hardware.

sudo nano /etc/systemmd/logind.conf

Uncomment & UPDATE: HandleLidSwitch=ignore

SAVE & EXIT

Restart login service

sudo systemctl restart systemd-logind.service

Update server hostname

sudo nano /etc/hostname

UPDATE hostname

SAVE & EXIT

Reboot server

sudo reboot

Install Apache

sudo zypper update

sudo zypper -y install apache2

sudo systemctl enable apache2

sudo systemctl start apache2

firewall-cmd --add-port=80/tcp --permanent

firewall-cmd --add-port=443/tcp --permanent

sudo firewall-cmd --reload

Check Apache version

sudo httpd -v

Output

Server version: Apache/2.4.33 (Linux/SUSE)
Server built: 2020-02-25 09:51:10.000000000 +0000

Install PHP

sudo zypper install php php-mysql php-gd php-mbstring apache2-mod_php7 php7-curl php7-zip php7-pdo php7-json php7-openssl

sudo a2enmod php7

sudo systemctl restart apache2

Verify PHP installation information by creating a PHP test file

phpinfo() will display installed and configured PHP options.

echo "<?php phpinfo(); ?>" | sudo tee /srv/www/htdocs/info.php

Open a web browser and navigate to the address: http://SERVER_IP/info.php

Verify the PHP configuration details

Install MariaDB

sudo zypper install mariadb

sudo systemctl enable mariadb

sudo systemctl start mariadb

Secure the MariaDB installation with the following command

sudo mysql_secure_installation/p>

Check MariaDB version

mysql --version

Output

mysql Ver 15.1 Distrib 10.2.31-MariaDB, for Linux (x86_64) using EditLine wrapper

Install phpMyAdmin

phpMyAdmin is a browser based tool to administer your database. phpMyAdmin site.

sudo zypper install phpmyadmin

Test phpMyAdmin

Open a browser to http://SERVER_IP/phpmyadmin

Install Webmin

Webmin is a browser based tool to help administer many server aspects. Webmin site.

sudo zypper install openssl openssl-devel

sudo zypper install perl perl-Net-SSLeay perl-Crypt-SSLeay

sudo wget http://prdownloads.sourceforge.net/webadmin/webmin-1.941-1.noarch.rpm

sudo rpm -ivh webmin-1.941-1.noarch.rpm

sudo firewall-cmd --add-port=10000/tcp --permanent

sudo firewall-cmd --reload

Test Webmin

Open a browser to https://SERVER_IP:10000

SSL(Optional)

Enable SSL

sudo a2enmod ssl

Prepare SSL Cert(Optional)

Generate a Certificate Signing Request

openssl req -new -newkey rsa:2048 -nodes -keyout YOURDOMAIN.key -out YOURDOMAIN.csr

Enter CERT information

Country Name (2 letter code) []:US

State or Province Name (full name) [Some-State]:YOUR STATE

Locality Name (eg, city) []:YOUR CITY

Organization Name (eg, company) []:SOME COMPANY

Common Name (e.g. server FQDN or YOUR name) []:DOMAIN.NAME

NOTE: For email address and optional company name, press ENTER to leave them blank as these are legacy fields.

Install SSL Cert(Optional)

This varies based on server and local configuration and not required for self-signed certs.

Create Virtual Host

Create new virtual host file for your DOMAIN

sudo cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/DOMAIN.conf

UPDATE DOMAIN.CONF

sudo nano /etc/apache2/vhosts.d/DOMAIN.conf

DocumentRoot "/srv/www/htdocs"

ServerName www.example.com:443

SSLEngine on

SSLCertificateFile /etc/apache2/PATH/DOMAIN.crt

SSLCertificateKeyFile /etc/apache2/PATH/DOMAIN.key

SSL Help

General CSR Creation Guidelines(digicert)

How to Install an SSL Certificate(digicert)

Update Logon Banner

Add a custom banner when you logon with SSH

Install Figlet

sudo apt-get install figlet

Create a bash script to run figlet at logon to display some text and make it executable

sudo nano /etc/profile.d/99-logon.sh

sudo chmod +x /etc/profile.d/99-logon.sh