Debian LAMP + nginx installation for high-loaded webservers



Debian LAMP + nginx installation for high-loaded webservers

All below steps have been done on the server which have the latest version of Debian pre-installed. I will setup a standard LAMP installation for a web-server and will install and configure nginx to serve static content for better performance.

Set the host name:

echo "www" > /etc/hostname

Alter /etc/hosts with new hostname (replace x.x.x.x with your ip address):

x.x.x.x www.sysadmin.md sysadmin.md www

Install utilities:

apt-get install tcpdump links htop nmap mc screen sysv-rc-conf sudo

Tune the server by editing /etc/network/options. Here's an example /etc/network/options file:

spoofprotect=yes
syncookies=yes

Launch this tool and disable unneded services:

sysv-rc-conf

Edit /etc/inittab. Find the section of the file that contains the following:

1:2345:respawn:/sbin/getty 38400 tty1
2:23:respawn:/sbin/getty 38400 tty2
3:23:respawn:/sbin/getty 38400 tty3
4:23:respawn:/sbin/getty 38400 tty4
5:23:respawn:/sbin/getty 38400 tty5
6:23:respawn:/sbin/getty 38400 tty6

Make the following changes:

1:2345:respawn:/sbin/getty 38400 tty1
2:23:respawn:/sbin/getty 38400 tty2
3:23:respawn:/sbin/getty 38400 tty3
#4:23:respawn:/sbin/getty 38400 tty4
#5:23:respawn:/sbin/getty 38400 tty5
#6:23:respawn:/sbin/getty 38400 tty6

The above changes will insure that this copy of Linux only creates three terminals on startup

Before proceeding to install, update the necessary packages with Debian with this command:

apt-get update
apt-get upgrade

Install Apache + PHP:

apt-get install apache2 php5 libapache2-mod-php5

Configure Apache. Edit /etc/apache2/apache2.conf and alter the following variables to match like this:

ServerSignature Off
ServerTokens Prod

Prepare webserver folders:

mkdir -p /home/sysadmin.md/{public_html,logs}
chown -R www-data:www-data /home/sysadmin.md

Create a file /etc/apache2/sites-available/sysadmin.md to match like this:

<VirtualHost *>
        ServerAdmin webmaster@sysadmin.md
        ServerName www.sysadmin.md
        ServerAlias sysadmin.md
        DocumentRoot /home/sysadmin.md/public_html

                Options -Indexes FollowSymLinks
                AllowOverride None
                Order allow,deny
                allow from all

        ErrorLog /home/sysadmin.md/logs/sysadmin.md-error_log
        CustomLog /home/sysadmin.md/logs/sysadmin.md-access_log common
</VirtualHost>

Test the config and enable the site:

apache2ctl configtest
a2ensite sysadmin.md

Alter /etc/apache2/ports.conf:

Listen 127.0.0.1:80

Restart the Apache and test if it is running on 127.0.0.1:80

/etc/init.d/apache2 restart
netstat -nalp

Install nginx:

apt-get install nginx

Move default config to another location:

mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.default

Create a new one to match like this (replace x.x.x.x with your IP address)

user www-data;
worker_processes  2;
error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;
events {
    worker_connections  8192;
}
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    access_log  /var/log/nginx/access.log;
    sendfile        on;
    tcp_nopush     on;

    keepalive_timeout  65;
    tcp_nodelay        on;

    gzip  on;

    server {
        listen       x.x.x.x:80;
        server_name  sysadmin.md www.sysadmin.md;

        access_log  /home/sysadmin.md/logs/nginx.sysadmin.md.access.log;

        location / {
            proxy_pass         http://127.0.0.1:80/;
            proxy_redirect     off;

            proxy_set_header   Host             $host;
            proxy_set_header   X-Real-IP        $remote_addr;
            proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

            client_max_body_size       10m;
            client_body_buffer_size    128k;

            proxy_connect_timeout      90;
            proxy_send_timeout         90;
            proxy_read_timeout         90;

            proxy_buffer_size          16k;
            proxy_buffers              32 32k;
            proxy_busy_buffers_size    64k;
            proxy_temp_file_write_size 256M;
        }

	# for static files
       location /s/  {
                root /home/sysadmin.md/;
                access_log  /home/sysadmin.md/logs/nginx.static.sysadmin.md.access.log;
        }

        # redirect server error pages to the static page /50x.html
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /var/www/nginx-default;
        }
    }
}

Install MySQL Database Server + phpMyadmin:

apt-get install mysql-server mysql-client-5.0 php5-mysql phpmyadmin

Configure it:

mysql -u root
mysql> USE mysql;
mysql> UPDATE user SET Password=PASSWORD('new-password') WHERE user='root';
mysql> FLUSH PRIVILEGES;

Set up phpMyAdmin - include the following line to /etc/apache2/apache2.conf:

Include /etc/phpmyadmin/apache.conf

Now restart Apache:

/etc/init.d/apache2 restart

And reboot:

reboot