LEB Setup script for Debian 6 VPS - Nginx, MySQL, IPtables, etc..
A couple years ago LEA created a debian install script that helped to setup a web server while removing most of the unneeded bloat.
However, the script was missing a firewall (like IPTables), used php-cgi instead of php-fpm and generally lacked some other features. Later that year, people started forking the project and adding new features and improvements.
There are two main branches at this point, sk33lz and mine. Both serve to handle server setup for you making it much easier to get going with your new VPS.
For example, here is the full process I use to setup a new VPS with my lowendscript.
# After login as root...
# Create a new user
adduser demo
# Add demo to the sudo group
usermod -a -G sudo demo
# Check that he does
groups demo
# (from your PC) Copy your ssh-key to the server
ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
# Install git so we can install our server
apt-get install git
# Download the script
git clone git://github.com/Xeoncross/lowendscript.git /root/git/
# Setup locals
dpkg-reconfigure locales
# Run it
cd /root/git
./setup-debian.sh dotdeb
./setup-debian.sh system
./setup-debian.sh dropbear 22
./setup-debian.sh iptables 22
./setup-debian.sh nginx
./setup-debian.sh php
./setup-debian.sh mysql
# Now create a site
./setup-debian.sh site example.com
After you have finished this you will have PHP, Nginx, MySQL (with InnoDB disabled), IPtables, dropbear (SSH), all setup, configured, and working. You can also create new sites and matching MySQL accounts quickly.
./setup-debian.sh site othersite.com
./setup-debian.sh mysqluser othersite.com
Those two commands will create the directories in /var/www/, nginx configs, test page, and mysql user so you can get back to developing.
Comments
just another nice thread/script from xeoncross.. :D
i'll try this script in my KVM box and report back to you if i found some problem..
but, i'm wondering can this script use for OVZ too?
@Mon5t3r, I built it for my OpenVZ box so it should work fine. In fact, I would be interested in whether it works right for your KVM.
Nice work!
Check my blog for more cool *nix tips & tricks!
Will it work for Ubuntu aswell? I tried a Debian 6 script before, but it didn't allow me to continue(it says your OS is not supported). Will be interested to know.
I don't think so.
Most people use ubuntu because that is the first OS they start using linux on. ubuntu has a great deskop OS and is actually built on-top of Debian. Since a VPS doesn't need a GUI (or most of the applications that make ubuntu useful), there is no reason to use it when Debian has a much longer track-record of solid performance.
Basically, use Debian for servers and ubuntu for your desktop.
A minimal Debian install only uses 6MB of RAM while ubuntu uses a whole lot more.
Well of course a minimal install of one uses more than a regular install of another ;)
Ubuntu only uses a lot because of extra services like upstart.
This signature is brought to you by the NSA. Spying on the entire world since 1952!
@jarland I meant a minimal Debian 32bit vs minimal ubuntu 32bit install.
Oh, well mine only uses 3mb so I'm confused but oh well ;)
Adapting for Ubuntu wouldn't be difficult though. Could try it first, might not even have to be.
any stats on memory consumption after all install?
the reason I'm using Ubuntu is because I(think) it has newer packages. anyway, I tried it few minutes ago, it works like charm! I ran System, Nginx, PHP and MySQL. it all works!
But, the memory use is little bit high(55MB of RAM). When I done this manually I used 22~26MB, with same configuration. Do you have any idea why using more ram? even though I'm using the same configurations and less software running?
And finally, your script is really helpful, thanks for sharing it. it just got rid of some mailing software that I don't really care about. and I'm definitely using it(the script) again.
@rev3rse, the majority of the memory goes to PHP-FPM and MySQL. You can change
/etc/php5/fpm/pool.d/www.conf.Check
free -morhtopthen stop each process to see.You can tweak each apps settings to your liking, the default settings try to give PHP and MySQL enough memory to perform decent.
so it`s only for openvz?
You don't have to use the stable packages in Debian, you can add the unstable (latest release) deb.
PHP Looking Glass
If Ubuntu has newer packages it's because they basically fork Debian unstable every 6 months. I read a statistic that about 89% of the packages in Ubuntu come straight from Debian, about 7% from other upstream repos, and then other random stuff thrown in. Obviously this is mostly desktop user stuff, since that's Canonical's target audience.
The entire point of Debian Stable is to not be on the bleeding edge. If that's where you want to be, just change apt repos, and just by changing a few lines you can be ahead of Ubuntu's default packages too.
On a completely different note, it'd be cool to see a version of this that uses lighttpd instead of nginx.
Also the LNMP stack has third party repositories, see dotdeb.
i'll do it today.. sorry :D i'll post a result + some test here later. any idea what kind of script for testing nginx server? does "ab" command should work for nginx aswell?
Yes.
One of those scripts install "PHP Fast CGI" the other "PHP-FPM (v5.3+ with APC installed and configured)" what is 'better' / the difference?
I'd personally choose php-fpm since it is dedicated service to manage php scripts. It is memory wise also. http://php-fpm.org/about/
@bamnael, "PHP FastCGI" was the name given to all the custom bash wrappers that ran the
php-cgibinary. Anyway, the modern way is to use thephp-fpmwrapper which is many times more stable, optimized, and efficient.Getting this error: invoke-rc.d: unknown initscript, /etc/init.d/php5-fpm not found.
Whole installog for php installer: http://pastebin.com/Hk1Mtwwg What I installed: dotdeb -> mysql -> nginx -> php. I did not run the other installers.
You have to run the commands in order. In your case, perhaps the package
php5-fpmwasn't at the correct version because you had not run thesystemsources update.However, the log seems to state it was installed correctly - so perhaps the location of the init script is somewhere else. What version of linux are you using?
Note, you only really have to run the following, the rest are optional:
Oh found the problem; didn't do apt-get update/upgrade after adding the other repos. Did it and now php5-fpm is found there and got installed. Maybe in your script you should add apt-get update/upgrade in the dotdeb part of the installer. I for example did not run your system part of the script because I didn't want to uninstall/install the stuff your script wants to and then there is no update.
in case someone unable to run the script,
set this: chmod +x setup-debian.sh
Good suggestion, I'll do that since it won't hurt even if it's run twice.
While creating the mysqluser using the below command --
./setup-debian.sh mysqluser mysite.com
I am getting the error as --
mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'root'@'localhost' (using password: YES)' ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) MySQL Username: mysite MySQL Password: NzQ1NzA2ZjcxY MySQL Database: mysite
Please note I already have a root mysql user created .. what should I do now.. to add a new mysqluser using this script.
Got it sorted .. By default the script reads the mysql root user from the file "~root/.my.cnf" .. since I have change the root password but didn't changed in this file, thats the reason was getting the above error. So if anone of you just changed their mysql root passwd .. the make changes in ~root/.my.cnf as well..
Happy days :)
Can we have this as an option? I dont like replacing openssh with dropbear
Simply do not run setup-debian.sh dropbear...
@bamnael my bad, didn't see that its not part of "system" or something. Thanks for pointing it out
Any chances we can get the same script for Ubuntu 12.04?
How to make index.php default? right now it looks for index.html or display 403: forbidden
new to nginx, be nice
@Asim I would look in the /etc/nginx/sites-enabled/default file and look for index files ;) and make sure you setup fpm to do PHP.
This signature is brought to you by the NSA. Spying on the entire world since 1952!
Can you add this?
// look for .html then .htm then .php index index.html index.htm index.php
How about
location ~ \.php$ { try_files $uri =404; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; }EDIT: Make sure you have php5-fpm installed (apt-get install php5-fpm) and make sure it is listening on port 9000 (127.0.0.1:9000)
This signature is brought to you by the NSA. Spying on the entire world since 1952!
@Asim and @TheHackBox, I'm not sure what you guys are wanting since what you just posted looks like a stripped down version of what is already there. Can you edit your posts with more information?
Edit: added support for ".htm"
For some odd reason @Xeoncross he is having issues doing PHP on his nginx.
This signature is brought to you by the NSA. Spying on the entire world since 1952!
maybe the php didn't see the files to be served.
asim, you can use this for Ubuntu 12.04 and you can skip dotdeb part. since ubuntu 12.04 already include php5-fpm on its repository.
You still should add the apt-get update/upgrade after the dotdeb package.
@Xeoncross requests, please include phpmyadmin and wordpress installation in it
+1 @asim's request.
I agree with @asim this is something missing from a lot of installations, that would have a lot of value.
And/or sqlbuddy.com
I'm sold on SQL Buddy! Man that's slick...
You should never, ever, ever run development tools like XDebug or phpmyadmin directly on the server. Instead, download it to your local development machine and follow my simple port forwarding tutorial to connect SQLBuddy, MySQL Work bench, phpMyAdmin, or anything else to your VPS server without endangering your production VPS.
When I get some time I'll look into adding Wordpress back in.
Isn't it just possible to simply put phpmyadmin folder with an .htaccess so you first have to enter this pw? Should be pretty save then...
+1 wordpress - must :P
optional joomla/drupal
Boooo to mysql :) why not have PostgreSQL in there also for the free minded non closed source people. I am just kidding thanks for your work :)
It is the mark of an educated man to teach without a thought. - Aristotle