Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Ubuntu 20 LAMP Setup
-- Prerequisites
apt update
apt upgrade
-- Supervisor
apt install supervisor -y
supervisord --version
service supervisor status
echo_supervisord_conf > /etc/supervisor/conf.d/supervisord.conf
-- Apache
apt install apache2
# Add user to Apache group
usermod -aG www-data bmatovu
service apache2 status
-- Firewall
ufw allow in "Apache"
ufw allow ssh
ufw app list
https://xxx.xxx.xxx.xxx
-- MySQL
apt install mysql-server
mysql --version
service mysql status
mysql_secure_installation
mysql -u root -p
telnet localhost 3306
mysql> SHOW GLOBAL VARIABLES LIKE 'PORT';
-- PHP
apt-cache policy php
apt install -y \
php \
libapache2-mod-php \
php-mysql
php --version
apt install -y \
php-cli \
php-dev \
php-pgsql \
php-sqlite3 \
php-gd \
php-curl \
php-memcached \
php-imap \
php-mysql \
php-mbstring \
php-xml \
php-zip \
php-bcmath \
php-soap \
php-intl \
php-readline \
php-pcov \
php-msgpack \
php-igbinary \
php-ldap \
php-redis \
php-xdebug
php -m
-- Composer
php -r "readfile('http://getcomposer.org/installer');" | php -- --install-dir=/usr/bin/ --filename=composer
composer --version
-- NodeJS
curl -sL https://deb.nodesource.com/setup_14.x | bash -
apt install -y nodejs
node --version
npm --version
-- Src
https://www.youtube.com/watch?v=baYfrxay8zM
https://www.youtube.com/watch?v=4d0lir5XWjs
@mtvbrianking

This comment has been minimized.

Copy link
Owner Author

@mtvbrianking mtvbrianking commented Sep 24, 2021

Setup non-root user

# Create user - with home dir and shell
sudo useradd -ms /bin/bash bmatovu

# Set user password
sudo passwd bmatovu

# Add user to sudo group
sudo usermod -aG sudo bmatovu

# Add user to Apache group
sudo usermod -aG www-data bmatovu

# Confirm user details
sudo id bmatovu

# Utilities ---------------

# View users 
cat /etc/passwd | grep bmatovu

# View available groups
cat /etc/group | grep bmatovu

# Delete user
sudo userdel -r bmatovu

https://www.youtube.com/watch?v=ItW_QQ96vzk

@mtvbrianking

This comment has been minimized.

Copy link
Owner Author

@mtvbrianking mtvbrianking commented Sep 25, 2021

Issue #2 - When installing local package

[ErrorException]
  file_put_contents(./composer.lock): failed to open stream: Permission denied

Allow /var/www to non-root users

Set /var/www ownership to apache group

chown -hR www-data:www-data /var/www

All users in the group to edit /var/www

chmod -R g+rwX /var/www

Add user to www-data group

usermod -aG www-data bmatovu
@mtvbrianking

This comment has been minimized.

Copy link
Owner Author

@mtvbrianking mtvbrianking commented Sep 25, 2021

Issue #1 - When installing a global package

  [ErrorException]
  file_put_contents(./composer.json): failed to open stream: Permission denied

Switch to the non-root user - create .composer if non-existent

su - bmatovu
mkdir /home/bmatovu/.composer

If the .composer dir exists - assign it to the non-root user

sudo chown -R $USER ~/.composer
@mtvbrianking

This comment has been minimized.

Copy link
Owner Author

@mtvbrianking mtvbrianking commented Sep 25, 2021

Setup ssh access for non-root user

ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa_bmatovu -C "root@165.227.127.66"

# Host: DigitalOcean
# Account: mtvbrianking@gmail.com
# Droplet: bmatovu
Host bmatovu
    HostName 165.227.127.66
    User root
    PreferredAuthentications publickey
    IdentityFile ~/.ssh/id_rsa_bmatovu

Login into digitalocean
-> username/password

Reset root password if you forgot it
-> Username: root

Launch recovery console
-> Run: "wget -qO- https://repos-droplet.digitalocean.com/install.sh | sudo bash"

Launch console
-> Login with root password

Add your server public to authorized keys

Exit

Access from your server via ssh

---------

chmod 700 ~/.ssh

chmod 600 ~/.ssh/config
chmod 600 ~/.ssh/known_hosts
chmod 600 ~/.ssh/authorized_keys

-- todo

https://shandou.medium.com/testing-out-digitalocean-droplet-1-steps-for-ssh-into-droplet-as-non-root-user-with-sudo-access-c2a7a5229cd6

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment