Skip to content

Instantly share code, notes, and snippets.

@ansulev
Last active August 2, 2018 07:17
Show Gist options
  • Save ansulev/9ecf2092888522aa98bab8a6a826633c to your computer and use it in GitHub Desktop.
Save ansulev/9ecf2092888522aa98bab8a6a826633c to your computer and use it in GitHub Desktop.
Install LEMP + HHVM on AWS and GCP with Ubuntu 16.04 (Xenial)
# update system
apt update -y && apt upgrade -y && apt autoremove -y && apt autoclean
# reboot
reboot
# remove dash
dpkg-reconfigure dash
# stop and disable sendmail if enabled
#service sendmail stop; update-rc.d -f sendmail remove
# remove apparmor if enabled
#service apparmor stop update-rc.d -f apparmor remove
#apt -y remove apparmor apparmor-utils
# ntp if needed
#apt -y install ntp ntpdate
# install mariadb client or/and server if needed
#apt -y install mariadb-client mariadb-server
# stop and disable apache2 if exist
#service apache2 stop
#update-rc.d -f apache2 remove
# create ssl certificate if needed
#mkdir /etc/ssl/private
#chmod 700 /etc/ssl/private
#sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
#openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
# install nginx fcgiwrap
apt -y install nginx fcgiwrap
service nginx start
# install php-fpm and some common modules - PHP 7.0
apt -y install php7.0-opcache php7.0-fpm php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php-pear php-auth php7.0-mcrypt mcrypt imagemagick libruby php7.0-curl php7.0-intl php7.0-pspell php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring php-apcu
# install php-fpm and some common modules - PHP 7.1
apt -y install software-properties-common
add-apt-repository -y ppa:ondrej/php
apt-get -y update
# all modules
apt -y install php7.1 php7.1-apc php7.1-bz2 php7.1-cgi php7.1-cli php7.1-common php7.1-curl php7.1-dev php7.1-enchant php7.1-fpm php7.1-gd php7.1-gmp php7.1-imap php7.1-interbase php7.1-intl php7.1-json php7.1-ldap php7.1-mbstring php7.1-mcrypt php7.1-mysql php7.1-odbc php7.1-opcache php7.1-pgsql php7.1-phpdbg php7.1-pspell php7.1-readline php7.1-recode php7.1-snmp php7.1-sqlite3 php7.1-sybase php7.1-tidy php7.1-xmlrpc php7.1-xsl php7.1-zip
# most common
apt -y install php7.1 php7.1-cli php7.1-common php7.1-json php7.1-opcache php7.1-mysql php7.1-mbstring php7.1-mcrypt php7.1-zip php7.1-fpm
# PHP 7.2 - TODO
# enable needed modules
phpenmod mcrypt && phpenmod mbstring
# install apache2 if needed and module (correct php version)
apt install -y install apache2 libapache2-mod-php7.0
# for nginx - fix pathinfo (replace correct php version)
vim /etc/php/7.0/fpm/php.ini
[...]
cgi.fix_pathinfo=0
[...]
date.timezone=UTC
[...]
service php7.0-fpm reload
#????
vim /etc/nginx/nginx.conf
[...]
http {
[...]
## Detect when HTTPS is used
map $scheme $fastcgi_https {
default off;
https on;
}
[...]
}
[...]
#????
service nginx reload
apt -y install software-properties-common
# Key rotation is in progress as of November 2017; this is the old key:
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0x5a16e7281be7a449
# And this is the new key:
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xB4112585D386EB94
add-apt-repository "deb http://dl.hhvm.com/ubuntu xenial main"
apt update -y && apt -y install hhvm
add-apt-repository -y ppa:certbot/certbot
apt update -y && apt -y install certbot
certbot certonly --standalone --renew-by-default -d domain.xxx -d www.domain.xxx
#apt install ufw
vim /etc/nginx/sites-available/default
service nginx reload
vim /var/www/html/info.php
# install some useful tools
apt -y install htop iotop iftop nethogs elinks fail2ban
# and some dev tools
apt install -y git nodejs npm composer nano tree vim curl ftp -y
# clean up and reboot
apt -y autoremove && apt -y autoclean && apt -y clean
reboot
# list netstat
netstat -tlpn
# list running services
systemctl list-units --state=running | grep -v systemd | awk '{print $1}' | grep service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment