Slicehost (and Linode) LAMP Cheatsheet

I have set up several Slicehost slices as Ubuntu LAMP servers, but since I’m not a server admin, I always have to reference the tutorials to remember the steps. So, I’ve compiled the list of steps here, as concisely as possible. This process sets up everything you need for hosting multiple sites on a single server, and it works equally well for most servers running Ubuntu including Slices and Linodes.

Disclaimer
Please use these only if you already know the whys and wherefores. If you don’t generally understand one or more of these steps, consult the Slicehost Articles or the Linode Articles before asking questions here. Most of the information here comes from the Slicehost Articles for Ubuntu. I have also added a few extra steps from sources cited in the footnotes.
Helping Me Out
If you need to sign up for a Slicehost or Linode account, and you plan on using this article as a guide to configure your server, please use these referral links:
Corrections to this article are also appreciated. Please note, however, that corrections != personal preference. If you have a different way of doing something, you’ll need to present a convincing case as to why it is better.
Assumptions
This guide/cheatsheet assumes you have already created a virtual server with Ubuntu installed.
You should also set up your DNS. If you’re using Slicehost, my Slicehost DNS script will help.
Conventions
For this article, I’m using:
  • xxx.xxx.xxx.xxx to indicate the IP address of your server
  • bob as the server’s name (hostname)
  • example.com as the domain name
  • demo as the admin user
  • nano as my editor because I have no vi skills.

Configure Server for Terminal.app (Mac users only)

Terminal.app behaves as dtterm, but Ubuntu doesn’t have the dtterm entry in its terminfo database. This fixes that.1

Save Terminal Info to a File

On your Mac (local machine)…

  1. infocmp > /tmp/dtterm
  2. scp /tmp/dtterm root@xxx.xxx.xxx.xxx:/tmp

Import Terminal Info

  1. Log into your server as root
  2. tic /tmp/dtterm

Some Basic Package Setup

Aptitude Upgrade

Still logged in as root…

  1. Make sure you have access to the universe repositories nano /etc/apt/sources.list and uncomment the universe repositories
  2. Update
    aptitude update
  3. Upgrade
    aptitude safe-upgrade aptitude full-upgrade

Install Build Essentials

  1. Install
    aptitude install build-essential

Install CURL

  1. Install
    aptitude install curl
  2. Install ca-certificates for ssl connections aptitude install ca-certificates

SSH and Users

Create New User and Allow sudo

Still logged in as root…

  1. Change root password, if desired passwd
  2. Add user
    adduser demo
  3. Set up sudo config
    visudo and add demo ALL=(ALL) ALL to the end
  4. Log out or switch to your local machine

Set up SSH Keys

  1. On your local machine, copy local public ssh key to server (assuming you have already created your public key on your local machine) scp ~/.ssh/id_rsa.pub demo@xxx.xxx.xxx.xxx:/home/demo/
  2. Switch back to your server or log back in as root
  3. Create authorized_keys file
    cd /home/demo mkdir .ssh mv id_rsa.pub .ssh/authorized_keys
  4. Set permissions chown -R demo:demo .ssh chmod 700 .ssh chmod 600 .ssh/authorized_keys

Configure sshd

  1. Open sshd_config nano -w /etc/ssh/sshd_config
  2. Set these:
    Port 30000 (change to a port of your choosing)
    Protocol 2
    PermitRootLogin no
    PasswordAuthentication no
    X11Forwarding no
    UsePAM no
    UseDNS no
    AllowUsers demo

Setup iptables

  1. Dump existing rules cd /etc iptables-save > iptables.up.rules
  2. Copy rules file from Slicehost example curl -o iptables.test.rules http://articles.slicehost.com/assets/2007/9/4/iptables.txt
  3. Edit it and set port number for sshd nano -w iptables.test.rules
  4. Load it iptables-restore < iptables.test.rules
  5. Check the new rules iptables -L
  6. Save the new rules iptables-save > iptables.up.rules
  7. Make sure the new rules are read every time nano -w network/interfaces and make it look like this:
    ...
    auto lo
    iface lo inet loopback
    pre-up iptables-restore < /etc/iptables.up.rules
    
    # The primary network interface
    ...

Restart and Test sshd

  1. Reload sshd
    /etc/init.d/ssh reload
  2. Try to log in from another terminal
  3. If successful, logout

User Config

Logged in as demo...

Configure Nano

  1. Set some configuration cp /etc/nanorc ~/.nanorc nano -w ~/.nanorc
  2. Uncomment these lines:
    # set brackets ""')>]}"
    # set nowrap (should be set by default in recent versions) # set tabsize 8
  3. Change tabsize to 2 or 4 or something:
    set tabsize 4

Add Bash Aliases

  1. Create aliases file nano -w .bash_aliases and add:
    alias lo='logout'
    alias mksite='sudo /usr/local/a2mksite/a2mksite.sh'
    alias free='free -m'
    alias ag='sudo apache2ctl graceful'
    if [ "$TERM" != "dumb" ] && [ -x /usr/bin/dircolors ]; then
        eval "`dircolors -b`"
        alias ls='ls -la --color=auto'
    fi
    
    # Git
    alias gst='git status'
    # alias gl='git pull'
    alias ga='git add'
    alias gp='git push'
    alias gd='git diff | mate'
    alias gc='git commit -v'
    alias gca='git commit -v -a'
    alias gb='git branch'
    alias gba='git branch -a'
    alias gco='git checkout'
    alias glog='git log --pretty=format:"# %aD : %an%n%n* %s%n%n%b%n"'
    alias glt='glog --since=yesterday'
    alias gly='glog --since="2 days ago" --until="1 day ago"'
  2. If necessary, activate aliases in .bashrc nano -w .bashrc and uncomment the part that loads .bash_aliases
  3. Get the aliases working source ~/.bashrc

Basic Server Config

Set Hostname2

  1. Name your server by setting a short hostname in /etc/hostname sudo nano /etc/hostname and type bob.example.com
  2. Set the fully-qualified domain name in hosts
    sudo nano /etc/hosts and add xxx.xxx.xxx.xxx bob.example.com bob
    below the 127.0.0.1 localhost entry
  3. Reboot sudo reboot
  4. Check hostname
    hostname
  5. Check FQDN
    hostname -f

Set Locale

  1. Generate locale info
    sudo locale-gen en_US.UTF-8
  2. Update locale
    sudo /usr/sbin/update-locale LANG=en_US.UTF-8

Set Timezone

  1. Start up timezone configurator and follow instructions
    sudo dpkg-reconfigure tzdata

Git

Install Git

  1. Install
    sudo aptitude install git-core

Subversion

Install svn

  1. Install
    sudo aptitude install subversion

Web Server

Install a2mksite

a2mksite is a script that I wrote that allows you to create an Apache virtual host with one command (including the document root, config files, log rotation, etc). One thing you should know is that it creates a directory structure for multiple web sites (virtual hosts), placing each site's public and log directories in its own directory like so: /var/www/sites/example.com

Read the description here to learn more about what it does.

  1. Clone a2mksite from Github git clone git://github.com/postpostmodern/a2mksite.git
  2. Move it to /usr/local sudo mv a2mksite /usr/local
  3. CHOWN it to root sudo chown 0:0 /usr/local/a2mksite
  4. Make sure you have the script aliased as mksite in your .bash_aliases file (see Bash Aliases snippet earlier in this post).

Install Logrotate

  1. Install
    sudo aptitude install logrotate

Install Apache

  1. Install sudo aptitude install apache2 apache2.2-common apache2-mpm-prefork apache2-utils libexpat1 ssl-cert
  2. Set up basic config using my httpd.conf as an example wget https://raw.github.com/gist/236374/httpd.conf sudo mv httpd.conf /etc/apache2/httpd.conf sudo nano /etc/apache2/httpd.conf
  3. Enable Modules
    sudo a2enmod auth_digest dav dav_lock rewrite
  4. Create errors dir
    sudo mkdir /var/www/errors
  5. Create maintenance dir
    sudo mkdir /var/www/maintenance
  6. CHOWN them
    sudo chown -R demo:demo /var/www/errors /var/www/maintenance
  7. Create global 404
    nano -w /var/www/errors/404.html
  8. Create maintenance page
    nano -w /var/www/maintenance/index.html
  9. Make default site
    mksite default and overwrite the original default

MySQL

Install MySQL

  1. Install
    sudo aptitude install mysql-server mysql-client libmysqlclient15-dev
  2. Set root password (follow instructions during installation)

PHP

Install PHP

  1. Install PHP sudo aptitude install libapache2-mod-php5 php5 php5-common php5-curl php5-dev php5-gd php5-imagick php5-mcrypt php5-memcache php5-mhash php5-mysql php5-pspell php5-snmp php5-sqlite php5-xmlrpc php5-xsl php5-xcache
  2. Edit xcache.ini sudo nano /etc/php5/apache2/conf.d/xcache.ini and set xcache.var_size to something other than zero
  3. Edit php.ini sudo nano /etc/php5/apache2/php.ini and set error output, max upload size, etc.
  4. Restart Apache sudo /etc/init.d/apache2 restart

Mail (for sending via PHP)

Reverse DNS

  1. Set Reverse DNS in SliceManager or Linode Manager to your server's FQDN, i.e. what you see when you type hostname -f
  2. Check it
    sudo aptitude install dnsutils dig -x xxx.xxx.xxx.xxx

Postfix

  1. Install Postfix
    sudo aptitude install postfix mailx
  2. Test Postfix
    mail someone@somewhereelse.com and send a message. Don't forget: ctrl-d ends the message.
  3. Optionally continue configuration as described here

A Backup Solution

The following is my own backup solution for my web sites. It backs up the MySQL databases and web site files. Then, it sends a copy to Amazon S3.

Install Ruby for S3Sync

  1. Install Ruby sudo aptitude install ruby1.8-dev ruby1.8 ri1.8 rdoc1.8 irb1.8 libreadline-ruby1.8 libruby1.8 libopenssl-ruby sqlite3 libsqlite3-ruby1.8
  2. Symlink locations sudo ln -s /usr/bin/ruby1.8 /usr/bin/ruby sudo ln -s /usr/bin/ri1.8 /usr/bin/ri sudo ln -s /usr/bin/rdoc1.8 /usr/bin/rdoc sudo ln -s /usr/bin/irb1.8 /usr/bin/irb
  3. Install Ruby Gems (optional) wget http://production.cf.rubygems.org/rubygems/rubygems-1.3.7.tgz tar xzvf rubygems-1.3.7.tgz cd rubygems-1.3.7 sudo ruby setup.rb cd .. rm -R rubygems-1.3.7* sudo ln -s /usr/bin/gem1.8 /usr/bin/gem
  4. Update gems sudo gem update sudo gem update --system

Install S3Sync

  1. Download and move S3Sync wget http://s3.amazonaws.com/ServEdge_pub/s3sync/s3sync.tar.gz tar xvzf s3sync.tar.gz sudo mv s3sync /usr/local/ sudo chown 0:0 /usr/local/s3sync/ rm s3sync.tar.gz
  2. Make sure you installed the ca-certificates package earlier (see "Install CURL" above)

Install Web Server Backup Script

  1. Clone it from Github sudo git clone git://github.com/postpostmodern/web-server-backup.git /usr/local/web-server-backup
  2. Configure it according to the README sudo nano /usr/local/web-server-backup/backup.sh
  3. Test Run sudo /usr/local/web-server-backup/backup.sh

Schedule the Backup with Cron

  1. Create a cron job sudo nano /etc/cron.d/web_server_backup
  2. Make it look something like this:
    SHELL=/bin/bash
    PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
    MAILTO=demo@example.com
    HOME=/root
    
    30 4 * * * root /usr/local/web-server-backup/backup.sh > /dev/null

There is no step 54.

Okay. That was a lot of steps, but everything should be running properly now. Though this article is mostly for my own reference, your comments are welcome.

  1. OS X Terminal Emulation Woes ↑ back up there
  2. Linux Hostname Configuration ↑ back up there

comment feed And the ensuing discussion…

  1. 1

    Nov 17th, 2009 at 6:00 pm Trey Piepmeier

    Thanks for writing that up. I was about to offer you a steak dinner if you’d tell me how to install S3Sync. That saved me some cash!

  2. 2

    Nov 17th, 2009 at 6:17 pm Jason Johnson

    Aw crap. I should have waited a little longer.

  3. 3

    Nov 26th, 2009 at 4:52 pm Matthew

    I get this any ideas??? Thanks

    mksite default -bash: mksite: command not found

    Nice site by the way!!

  4. 4

    Nov 26th, 2009 at 11:06 pm Jason Johnson

    Hey Matthew. Make sure you have mksite aliased in your .bash_aliases like so:

    alias mksite='sudo /usr/local/a2mksite/a2mksite.sh'

    It is in the sample .bash_aliases code under ‘User Config’ above.

    Glad you like the site!

  5. 5

    Nov 26th, 2009 at 11:11 pm Jason Johnson

    I updated the a2mksite section of this article with a reminder to check the alias.

  6. 6

    Nov 27th, 2009 at 3:46 am Matthew

    Thanks for the response. I will give it a go later.

    Yes found your article very informative and great looking design to the site. I hope you keep up the good work. I’ve added it to my bookmarks :-)

  7. 7

    Mar 1st, 2010 at 4:43 am James

    Thanks, will possibly use something like this. There’s a typo in the apache section, the link to your http conf goes to the wrong one.

  8. 8

    May 2nd, 2010 at 5:51 pm Jason Johnson

    Thanks for letting me know, James. I’ve updated the link.

  9. 9

    Sep 30th, 2010 at 11:22 am Joel

    ThankyouThankyouThankyouThankyouThankyou. I had slugged my way though most of this (gets better with time) but this helped so much. Bookmarked definitely!

  10. 10

    Feb 18th, 2011 at 11:28 am Steve

    When Restart and Test sshd I had to use ssh -p 1121 username@hostname to login from a new terminal. 1121 was the new port I assigned earlier in the setup.

    Great so far. Thanks.

  11. 11

    Apr 18th, 2011 at 11:58 am Joel

    Not sure on others but I had to install mailutils as well when I installed postfix and mailx. Kept getting mail command not found.

  12. avatar
    12

    Now You



Additional Resources


Tumblelog

Tumblr

Tumblr

Delicious

Delicious

Instructional

Recent Instructional Articles

Slicehost (and Linode) LAMP Cheatsheet

17.11
11

A quick list of steps I use to set up a LAMP server on Slicehost or Linode.

Terminal Tip: Prevent Creation of Mac Dot Files

07.08
1

An environment variable can prevent creation of ._filename files.

Terminal Tip: Delete Those Mac Dot Files

08.06
1

Use the find command to delete all of the ._* and .DS_Store files.

Editorial

Recent Editorial Articles

More Usable Mac: Finder Toolbar

05.12
1

I find it useful to keep a few extra items in my Finder toolbar.

No Multiple-Class Support in IE6

18.11
4

IE6 doesn’t respond to multiple class selectors.

New Skin for the Old Blogish

07.10
3

This blogish is finally back online after an extended period of http silence.

Downloadable

Recent Downloadable Articles

Gitup!

01.02
1

Gitup + Transmit = Really Simple Publishing

Leopard-Style iTerm Icon, Take 2

18.12
3

The newer, bluer version of the iTerm icon.

Leopard-Style iTerm Icon

05.12
1

An updated, Leopard-style icon for iTerm.

About This Site

About the Author

That’s me in the photo above. My current profession is web development. Therefore, it is the subject of this site.

Postpostmodern

Postpostmodern is the name of this site and my alias on most of the web. There's nothing really special about the name Postpostmodern. I studied art in college during the years after postmodernism, and nobody knew how else to classify the state of things other than silly words like postpostmodernism.

Sorta Blogish

I'd call this a blog, but I don't feel it fits the 'log' format. My goal is to publish articles on web-related topics that interest me, and while some articles may be time-sensitive, I would prefer that the organizational focus be on the categories and tags rather than chronology.

More Me

More about me can be found on the about page. Or, look me up in the usual places: