Setting Node.JS on Ubuntu

info.txt

**Install Node.js**

cd ~
curl -sL https://deb.nodesource.com/setup_8.x -o nodesource_setup.sh
sudo bash nodesource_setup.sh
sudo apt-get install nodejs
sudo apt-get install build-essential

**Install Nginx**
sudo apt-get update
sudo apt-get install nginx

**Adjust the Firewall**
sudo ufw app list    -- to list all available apps
Nginx Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic)
Nginx HTTP: This profile opens only port 80 (normal, unencrypted web traffic)
Nginx HTTPS: This profile opens only port 443 (TLS/SSL encrypted traffic)
sudo ufw allow 'Nginx Full'

**Manage the Nginx Process**
sudo systemctl stop nginx
sudo systemctl start nginx
sudo systemctl restart nginx
sudo systemctl reload nginx


**Set Up Nginx as a Reverse Proxy Server**
sudo nano /etc/nginx/sites-available/default
. . .
    location / {
        proxy_pass http://localhost:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

**Check Nginx syntax**
sudo nginx -t
sudo systemctl restart nginx

installing & configuring osTicket

http://osticket.com

Fixed problem with nginx url routing

Throw error:
URL not supported

I fixed by editing the get_path_info function in /include/class.osticket.php#L366

 function get_path_info() {
        if(isset($_SERVER['PATH_INFO']))
            return $_SERVER['PATH_INFO'];

        if(isset($_SERVER['ORIG_PATH_INFO']))
            return $_SERVER['ORIG_PATH_INFO'];

        //TODO: conruct possible path info.

        return null;
    }

With:

function get_path_info() {
        if(!empty($_SERVER['PATH_INFO']))
            return $_SERVER['PATH_INFO'];

        if(isset($_SERVER['ORIG_PATH_INFO']))
            return $_SERVER['ORIG_PATH_INFO'];

        //
	$path_info = substr($_SERVER['REQUEST_URI'], strlen($_SERVER['SCRIPT_NAME']));
	if (strpos($path_info, '?') !== false) {
		$path_info = substr($path_info, 0, strpos($path_info, "?"));
	}
	if (isset($path_info[0]) && $path_info[0] == '/') {
		return $path_info;
	}

        return null;
    }

Nginx config:

server {
	listen 443 ssl;
	server_name support.picubed.io;
	
	root /home/ubuntu/osticket/upload;
	index index.php index.html index.htm index.nginx-debian.html;
	
	
	client_max_body_size 2000M;
	client_body_buffer_size 100M;
	client_header_buffer_size 10M;
	large_client_header_buffers 2 10M;

	client_body_timeout 12;
	client_header_timeout 12;
	keepalive_timeout 15;
	send_timeout 10;

	gzip             on;
	gzip_comp_level  2;
	gzip_min_length  1000;
	gzip_proxied     expired no-cache no-store private auth;
	gzip_types       text/plain application/x-javascript text/xml text/css application/xml;

	set $path_info "";

	# Deny access to all files in the include directory
	location ~ /include {
		deny all;
		return 403;
	}

	# Requests to /api/* need their PATH_INFO set, this does that
	if ($request_uri ~ "^/api(/[^\?]+)") {
		set $path_info $1;
	}

    # /api/*.* should be handled by /api/http.php if the requested file does not exist
    location ~ ^/api/(tickets|tasks)(.*)$ {
        try_files $uri $uri/ /api/http.php$is_args$args;
    }

    # /scp/ajax.php needs PATH_INFO too, possibly more files need it hence the .*\.php
    if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
        set $path_info $1;
    }

    # Make sure requests to /scp/ajax.php/some/path get handled by ajax.php
    location ~ ^/scp/ajax.php/(.*)$ {
        try_files $uri $uri/ /scp/ajax.php$is_args$args;
    }

    location ~ ^/ajax.php/(.*)$ {
        try_files $uri $uri/ /ajax.php$is_args$args;
    }

    location / {
        index     index.php;
        #try_files $uri $uri/ /index.php$is_args$args;
    }

   location ~ \.php$ {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
	
   
}

More reading..

https://www.rosehosting.com/blog/how-to-install-osticket-on-ubuntu-16-04/

Configure the Nginx virtual host

server {
listen 80;
server_name my-domain.com;
root /var/www/osticket/upload;

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
index index.php index.html index.htm;

gzip on;
gzip_min_length 1000;
gzip_types text/plain application/x-javascript text/xml text/css application/xml;

set $path_info "";

location ~ /include {
deny all;
return 403;
}

if ($request_uri ~ "^/api(/[^\?]+)") {
set $path_info $1;
}

location ~ ^/api/(?:tickets|tasks).*$ {
try_files $uri $uri/ /api/http.php?$query_string;
}

if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
set $path_info $1;
}

location ~ ^/scp/ajax.php/.*$ {
try_files $uri $uri/ /scp/ajax.php?$query_string;
}

location / {
try_files $uri $uri/ index.php;
}

location ~ \.php$ {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}

update system timezone
dpkg-reconfigure tzdata

Installing PhpMyAdmin with Nginx on Ubuntu

Create a directory for PHPMyAdmin and change its ownership to the www-data user.

mkdir /usr/share/phpmyadmin
chown www-data:www-data /usr/share/phpmyadmin

Clone the “STABLE” branch of the PHPMyAdmin GitHub repository into this directory.

cd /usr/share/phpmyadmin
sudo -u www-data -H git clone --depth=1 --branch=STABLE git://github.com/phpmyadmin/phpmyadmin.git .

Do not miss the dot at the end of the Git command.

Edit the desired virtual host file and add the following to it:

location /phpmyadmin {
        alias /usr/share/phpmyadmin;
}
 
location ~ ^/phpmyadmin(.+\.php)$ {
        alias /usr/share/phpmyadmin;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /usr/share/phpmyadmin$1;
        include fastcgi_params;
}
 
location ~ ^/phpmyadmin/(.*\.(eot|otf|woff|ttf|css|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|xls|tar|bmp))$ {
        alias /usr/share/phpmyadmin/$1;
        expires 30d;
        log_not_found off;
        access_log off;
}

Make sure these blocks are placed above the other location blocks.

Create a database and grant the necessary privileges to utilize the extra features of PHPMyAdmin like bookmarking and history.

mysql -u root -p

create database phpmyadmin;

 CREATE USER 'phpmyadminuser'@'localhost' IDENTIFIED BY 'PhpTough@123';

  GRANT ALL PRIVILEGES ON phpmyadmin . * TO 'phpmyadminuser'@'localhost';
  
  FLUSH PRIVILEGES;

Create a config.inc.php file for PHPMyAdmin:

nano /usr/share/phpmyadmin/config.inc.php

Place the following code:

<?php
$i = 0;
 
$i++;
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['connect_type'] = 'socket';
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['user'] = '';
$cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
$cfg['Servers'][$i]['controluser'] = 'pmauser';
$cfg['Servers'][$i]['controlpass'] = 'pmapass';
$cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
$cfg['Servers'][$i]['relation'] = 'pma__relation';
$cfg['Servers'][$i]['table_info'] = 'pma__table_info';
$cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
$cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
$cfg['Servers'][$i]['column_info'] = 'pma__column_info';
$cfg['Servers'][$i]['history'] = 'pma__history';
$cfg['Servers'][$i]['recent'] = 'pma__recent';
$cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
$cfg['Servers'][$i]['users'] = 'pma__users';
$cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
$cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
$cfg['Servers'][$i]['tracking'] = 'pma__tracking';
$cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
$cfg['Servers'][$i]['designer_coords'] = 'pma__designer_coords';
$cfg['Servers'][$i]['favorite'] = 'pma__favorite';
$cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
$cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
 
$cfg['DefaultLang'] = 'en';
$cfg['ServerDefault'] = 1;
$cfg['blowfish_secret'] = 'random-secret';
$cfg['ForceSSL'] = false;
?>

Set ForceSSL to true if you have an SSL certificate installed.

Obtain a randomly generated blowfish secret from this website and add it to the blowfish_secret line.

Do an Nginx configuration test and reload if successful:

sudo service nginx configtest
sudo service nginx reload

Access PHPMyAdmin from the web browser:

http://example.com/phpmyadmin

Configure Cron to periodically check for updates and pull them from GitHub. Edit the cron file of the www-data user.

crontab -u www-data -e

Add the following line:

@daily    cd /usr/share/phpmyadmin/ && git pull -q origin STABLE

That’s it, we have installed the latest version of PHPMyAdmin on Nginx and also configured it.

How to fix connect() to php5-fpm.sock failed (13: Permission denied) while connecting to upstream Nginx error

I encountered this problem after updating PHP to 5.5.12. I use Nginx with PHP5 FPM and after the updating PHP I was seeing 502 Gateway Error pages. Nginx’s error log file (/var/log/nginx/error.log) had the following in it:

2014/05/08 06:22:24 [crit] 24538#0: *292759 connect() to unix:/var/run/php5-fpm.sock failed (13: Permission denied) while connecting to upstream, client: 1.1.1.1, server: websistent.com, request: "GET /wordpress-custom-403-401-error-page/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "websistent.com"

The default value of the listen.mode was 0666 prior 5.5.12. To fix the CVE-2014-0185 vulnerability this was changed to 0660. This is evident from the permissions:

$ ls -l /var/run/php5-fpm.sock
srw-rw---- 1 root root 0 May 1 19:40 /var/run/php5-fpm.sock

Notice the first column of the output srw-rw----, it means users/groups other than root do not have any permissions on this file.
We have two options now:

1. Explicitly set the “listen.mode” to 0666 which make it insecure, or
2. Change the owner and group of the socket file so that Nginx can read/write to it.

Option 2 is highly recommended, find out username used by the Nginx worker processes:

grep 'user' /etc/nginx/nginx.conf

The most common ones are either www-data or nginx. Edit PHP FPM pool configuration file:

/etc/php5/fpm/pool.d/www.conf

Find the following lines:

listen.owner = bob
listen.group = bob

Add the user www-data as a member of secondary group bob

usermod -G bob www-data

Restart the PHP FPM daemon

service php5-fpm restart

Check if the ownership of the socket file has changed

$ ls -l /var/run/php5-fpm.sock
srw-rw---- 1 www-data www-data 0 May 1 22:13 /var/run/php5-fpm.sock

checking which process is running on given port Linux
lsof -i :8000

to kill process running in given port
kill process-id

Some useful Linux commands

To change owner and gropup of file/directory

changes all sub folders too
sudo chown -R username:group directory
changes given folder only
sudo chown username:group directory

The Linux 'unzip' Command
Decompress Single ZIP Files
unzip filename

Decompress Multiple ZIP Files
unzip filename1 filename2 filename3

Exclude Some ZIP Files
unzip filename.zip -x filetoexclude.zip

Extract a ZIP File to a Different Directory
unzip filename.zip -d path/to/extract/to

How to Show the Contents of a Compressed Zip File
unzip -l filename.zip

How to Test If a ZIP File Is Valid
unzip -t filename.zip

Decompress a ZIP File Without Prompting to Overwrite
unzip -n filename.zip

Extract Password-Protected ZIP Files
unzip -P password filename.zip

To compress:

To compress:
zip squash.zip file1 file2 file3

or to zip a directory
zip -r squash.zip dir1

To uncompress:
unzip squash.zip

remove/delete all from directory
rm -rf directoryName

How To Secure Nginx with Let's Encrypt on Ubuntu

Step 1 — Installing Certbot

sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update

And finally, install Certbot's Nginx package with apt-get
sudo apt-get install python-certbot-nginx

Step 2 — Obtaining an SSL Certificate
sudo certbot --nginx -d example.com -d www.example.com

Step 3 — Verifying Certbot Auto-Renewal
sudo certbot renew --dry-run

How to Change MYSQL Root PASSWORD Ubuntu

mysqladmin -u root -p'oldPassword' password 'newPassword'

installing SuiteCRM

cd /tmp && git clone https://github.com/salesagility/SuiteCRM.git suitecrm
sudo mv suitecrm /var/www/suitecrm/

sudo chown -R www-data:www-data /var/www/suitecrm/
sudo chmod -R 755 /var/www/suitecrm/

composer install

To Setup Crontab
In order to run SuiteCRM Schedulers, edit your web server user's crontab file with this command:
sudo crontab -e -u www-data
... and add the following line to the crontab file:
* * * * * cd /var/www/suitecrm; php -f cron.php > /dev/null 2>&1
You should do this only after the installation is concluded.

Read more about this
https://websiteforstudents.com/install-suitecrm-on-ubuntu-16-04-lts-with-nginx-mariadb-php-7-1-and-lets-encrypt-free-ssl-tls/

Detect web traffic source device

http://detectmobilebrowsers.com/mobile