Skip to content

Instantly share code, notes, and snippets.

@mattiasghodsian

mattiasghodsian/readme.md

Last active October 19, 2019 00:32
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mattiasghodsian/e3ffd72a9e5e8481e762d35886bca1cc to your computer and use it in GitHub Desktop.
Save mattiasghodsian/e3ffd72a9e5e8481e762d35886bca1cc to your computer and use it in GitHub Desktop.
Download ZIP
How to install OpenLiteSpeed on Ubuntu 18.04
Raw
readme.md

How to install OpenLiteSpeed on Ubuntu 18.04

OpenLiteSpeed is a open source web server version of LiteSpeed Web Server Enterprise by LiteSpeed Technologies. Known for being lightweight, PageSpeed Optimization, Intelligent Cache Acceleration and more.

Getting Started

In this How to, we'll guide you step by step to install apps OpenLiteSpeed on your Ubuntu 18.04 machine.

NOTE

Successfully tested with WSL (Windows Subsystem for Linux) Ubuntu 18.04 LTS (19/07/2019)

Step 1: Update your system

$ sudo apt-get update && sudo apt-get upgrade

Step 2: Remove any HTTP web servers

Remove any HTTP web server installed on your system (apache,nginx)

$ dpkg -l | grep 'apache\|nginx'

Step 3: Install required dependencies

$ sudo apt-get install build-essential
$ sudo apt-get install rcs libpcre3-dev libexpat1-dev libssl-dev libgeoip-dev libudns-dev zlib1g-dev libxml2 libxml2-dev libpng-dev openssl

Step 4: Add LiteSpeedTech Repository

$ wget -O - http://rpms.litespeedtech.com/debian/enable_lst_debain_repo.sh | bash
$ sudo apt-get update

if bash Permission denied (else skip to next Step)

If you received permission denied flags while previous command failed to execute and received similar message blow:

bash: line 32: /etc/apt/sources.list.d/lst_debian_repo.list: Permission denied register LiteSpeed GPG key /etc/apt/trusted.gpg.d/lst_debian_repo.gpg: Permission denied /etc/apt/trusted.gpg.d/lst_repo.gpg: Permission denied update the repo

Solution: wget enable_lst_debain_repo.sh to your home directory

wget http://rpms.litespeedtech.com/debian/enable_lst_debain_repo.sh

Change permissions to

chmod -x enable_lst_debain_repo.sh

Execute bash (Same issue? sudo on your own risk)

bash enable_lst_debain_repo.sh

Step 7: Install OpenLiteSpeed

The default directory is /usr/local/lsws after installation

$ apt-get install openlitespeed

To start the server

$ /usr/local/lsws/bin/lswsctrl start

Navigate to http://ip-here:8088 in your browser. If OpenLiteSpeed logo and a text saying Congratulations, well you know what that means. To stop the server, run the above command and replace start with stop.

To access the WebAdmin console navigate to http://ip-here:7080 (Port can be changed) with default login credensional admin : 123456

Step 8: Install PHP

OpenLiteSpeed does not come with PHP 7.2 included.

$ sudo apt-get install lsphp72 lsphp72-common lsphp72-curl lsphp72-dbg lsphp72-dev lsphp72-imap lsphp72-intl lsphp72-json lsphp72-ldap lsphp72-modules-source lsphp72-mysql lsphp72-opcache lsphp72-pgsql lsphp72-pspell lsphp72-pspell lsphp72-recode lsphp72-snmp lsphp72-sqlite3 lsphp72-sybase lsphp72-tidy

All avalible PHP versions can be found here or in your terminal:

$ apt-cache pkgnames lsphp

PHP will be located in /usr/local/lsws/lsphpXX after version you installed.

Step 9: Firewall configurations (optional)

If a firewall is installed on the machine, ensure ports to be open:

  • 80
  • 443
  • 8080
  • 7080

For IPTABLE

iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
iptables -I INPUT -p tcp --dport 7080 -j ACCEPT

For ufw

$ sudo ufw allow http
$ sudo ufw allow https
$ sudo ufw allow 8088/tcp
$ sudo ufw allow 7080/tcp
$ sudo ufw reload

Step 10: Configure port 80

OpenLiteSpeed default http port is 8080. In the WebAdmin console, go to Listeners under Listeners List locate adminListener and click on the Listeners Name to View.

Locate Address Settings and on its right hand side you will find the edit button. Change the fields to your needs. For sake of this guide, we will only change port 8080 to 80. For the changes to take effect you need to do a Graceful restart by pressing the Green button next to LSWS PID.

Step 11: Configure PHP 7.2 as new handler

Navigate to Server Configuration then External App and locate LiteSpeed SAPI App and edit. Make the following changes from data below.

Field New value
Name lsphp72
Address uds://tmp/lshttpd/lsphp72.sock
Max Connections 35
Environment PHP_LSAPI_MAX_REQUESTS=500
PHP_LSAPI_CHILDREN=35
Command $SERVER_ROOT/lsphp72/bin/lsphp

Save and find Script Handler tab and locate LiteSpeed SAPI and edit. Change Handler Name to lsphp72 hit Save and do Graceful restart

Step 12: Cant access WebAdmin Console port problem

If you by mistake edit the port and/or cant access WebAdmin Console, stop the server and edit /usr/local/lsws/admin/conf/admin_config.conf and change adress under listener adminListener.

Authors

  • Mattias Ghodsian

Was this useful ?

Buy Me A Coffee

Donate with Ethereum

@mattiasghodsian
Copy link
Author

mattiasghodsian commented Jul 19, 2019
edited

Install MariaDB ("MySQL")

apt-get -y -f --force-yes install mariadb-server

or

sudo apt-get install mariadb-server mariadb-client

Start MySQL

service mysql start

If you encounter issues starting MariaDB try a rollback

mysqld --tc-heuristic-recover=ROLLBACK

or

mysqld_safe --tc-heuristic-recover=COMMIT

if this still doesn't work please purge MariaDB and MySQL and try again

sudo apt-get remove --purge mariadb-* 
sudo apt-get autoremove 
sudo apt-get autoclean 

rm -rf /var/lib/mysql/
rm -rf /etc/mysql/

MySQL Secure Installation

mysql_secure_installation

Configure MySQL Socket address (If needed)

By default the MySQL socket should be located /var/run/mysqld/mysqld.sock, to fix this we need to define the correct path in php.ini file.

nano /usr/local/lsws/lsphp72/etc/php/7.2/litespeed/php.ini

Hit CTRL+W to search and type pdo_mysql.default_socket and change the path like so

pdo_mysql.default_socket= /var/run/mysqld/mysqld.sock

Hit CTRL+O to save and CTRL + X to edit

Error establishing a database connection

If you have problems connecting to MySQL from your site, change the plugin and set the password with command

sudo mysql -u root

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'test';

FLUSH PRIVILEGES;

exit;

For production sites its recommended to create another user with access to only its table

@mattiasghodsian
Copy link
Author

Upgrade Digitalocean VPS

sudo apt-get update && sudo apt-get dist-upgrade

@mattiasghodsian
Copy link
Author

mattiasghodsian commented Aug 3, 2019
edited

Setup SSL with Let’s Encrypt and OpenLiteSpeed

Generate SSL certificates with Certbot / Let's Encrypt

Update your system

sudo apt-get update

Install Common software properties

apt-get install software-properties-common

Add Certbot Repository

Generate SSL certificates with Certbot / Let's Encrypt

add-apt-repository ppa:certbot/certbot

sudo apt-get update

Create a certificate

Let's not jump ahead and execute this command right away! Make sure you have pointed your domain to your server's public IP address

certbot certonly --webroot -w /usr/local/lsws/example/html/ -d example.com

Certbot will now ask you a few questions as bellow

Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree
in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: A

Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: A

Certbot will prompt information about your certificate on success. In the IMPORTANT NOTES: locate fullchain.pem and privkey.pem in the message and save the paths somewhere for now

Configure SSL in OpenliteSpeed

Access the OpenliteSpeed WebAdmin console http://ip-here:7080 and navigate to Listeners and hit the plus sign to the right to Add new listener with values below and Save

Field Value
Listener Name SSL - Bitxo.se
IP Address ANY
Port 443
Binding Leave empty
Secure Yes
Notes HTTPS

Locate Virtual Host Mappings hit the plus sign on the right to map your Virtual host to this Listener

Field Value
Virtual Host bitxo.se
Domains bitxo.se

Save and wait until the page has finished loading and then navigate to the SSL tab. On SSL Private Key & Certificate hit the edit button. Remember we temporarily stored two certificates paths? Here is where OpenLiteSpeed needs to know where they are located.

Field Value
Private Key File /etc/letsencrypt/live/bitxo.se/privkey.pem
Certificate File /etc/letsencrypt/live/bitxo.se/fullchain.pem
Chained Certificate Yes
CA Certificate Path Leave empty
CA Certificate File Leave empty

Save the new values and On SSL Protocol hit the edit button set with values below.

Protocol Version

  • SSL v3.0
  • TLS v1.0
  • TLS v1.1
  • TLS v1.2
  • TLS v1.3

Leave everything else as is and Save and follow up by doing a Graceful restart by pressing the Green button next to LSWS PID. Open a new tab in your browser and navigate to https://bitxo.se.

TO NOTICE

On Wordpress sites go to Settings > General and change http:// to https:// and Save

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment