Brighter LAMP: phpmyadmin installation

Install mcrypy for phpmyadmin dependencies:

 

# apt-get install php5-mcrypt

 

Now you need to restart apache for the changes to take effect

 

# /etc/init.d/apache2 restart

 

Now, on to the installation:

# apt-get install phpmyadmin

 

Choose Apache2 when you're prompted

 

 

Answer yes to Configure database for phpmyadmin with dbconfig-common?

 

 

after that,

 

Configure phpmyadmin

 

su – httpd

cd domains/

cd ~domains/debian.portnumber53.local/html

(Create the directory if it doesn't exist)

$ ln -s /usr/share/phpmyadmin .phpMyAdmin

 

 

 

nano /etc/phpmyadmin/config.inc.php

$cfg[‘blowfish_secret’] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

 

 

 

# nano /etc/php5/conf.d/suhosin.ini

Edit the following, keeping in mind that suhosin values may cause issues with some operations

suhosin.request.max_vars 2048
suhosin.request.max_value_length 1000000
suhosin.request.max_array_index_length 256
suhosin.request.max_totalname_length 8192
suhosin.post.max_vars 2048
suhosin.post.max_array_index_length 256
suhosin.post.max_totalname_length 8192
suhosin.post.max_value_length 1000000
suhosin.sql.bailout_on_error Off
suhosin.log.file 0
suhosin.log.phpscript 0
suhosin.log.phpscript.is_safe Off
suhosin.log.sapi 0
suhosin.log.script 0
suhosin.log.use-x-forwarded-for Off

 

 

Disable the warning

 

# nano /etc/phpmyadmin/config.inc.php

$cfg[‘SuhosinDisableWarning’] = true;

 

Setting up a Debian box for development: making a LAMP: php5

Now P for PHP 5:

 

# apt-get install php5 php-pear php5-suhosin

 

# nano /etc/php5/apache2/php.ini

 

max_execution_time = 30
memory_limit = 64M
error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR
display_errors = Off
log_errors = On
error_log = /var/log/php.log
register_globals = Off

 

Add mysql support.

# apt-get install php5-mysql

 

 

 

Setting up a Debian box for development: making a LAMP: mysql

Let's make a lamp

 

First M for Mysql:

# apt-get install mysql-server

The script will ask you to define the password for the root mysql user:

Secure your mysql installation:

# mysql_secure_installation

 

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

You already have a root password set, so you can safely answer 'n'.

Change the root password? [Y/n] n
 … skipping.

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 … Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 … Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 – Dropping test database…
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
 … Failed!  Not critical, keep moving…
 – Removing privileges on test database…
 … Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 … Success!

Cleaning up…

All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!
 

 

Setting up a Debian box for development: making a LAMP: apache2

Add a user for the web stuff

# adduser httpd

Choose a simple (but secure) password.

# apt-get install apache2
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following extra packages will be installed:
  apache2-mpm-worker apache2-utils apache2.2-bin apache2.2-common libapr1 libaprutil1 libaprutil1-dbd-sqlite3
  libaprutil1-ldap
Suggested packages:
  apache2-doc apache2-suexec apache2-suexec-custom
The following NEW packages will be installed:
  apache2 apache2-mpm-worker apache2-utils apache2.2-bin apache2.2-common libapr1 libaprutil1
  libaprutil1-dbd-sqlite3 libaprutil1-ldap
0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded.
Need to get 2,155 kB of archives.
After this operation, 7,266 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://ftp.us.debian.org/debian/ squeeze/main libapr1 amd64 1.4.2-6+squeeze3 [94.2 kB]
Get:2 http://ftp.us.debian.org/debian/ squeeze/main libaprutil1 amd64 1.3.9+dfsg-5 [92.3 kB]
Get:3 http://ftp.us.debian.org/debian/ squeeze/main libaprutil1-dbd-sqlite3 amd64 1.3.9+dfsg-5 [28.1 kB]
Get:4 http://ftp.us.debian.org/debian/ squeeze/main libaprutil1-ldap amd64 1.3.9+dfsg-5 [25.7 kB]
Get:5 http://ftp.us.debian.org/debian/ squeeze/main apache2.2-bin amd64 2.2.16-6+squeeze4 [1,439 kB]
Get:6 http://ftp.us.debian.org/debian/ squeeze/main apache2-utils amd64 2.2.16-6+squeeze4 [164 kB]
Get:7 http://ftp.us.debian.org/debian/ squeeze/main apache2.2-common amd64 2.2.16-6+squeeze4 [308 kB]
Get:8 http://ftp.us.debian.org/debian/ squeeze/main apache2-mpm-worker amd64 2.2.16-6+squeeze4 [2,240 B]
Get:9 http://ftp.us.debian.org/debian/ squeeze/main apache2 amd64 2.2.16-6+squeeze4 [1,396 B]
Fetched 2,155 kB in 5s (423 kB/s)
Selecting previously deselected package libapr1.
(Reading database … 32742 files and directories currently installed.)
Unpacking libapr1 (from …/libapr1_1.4.2-6+squeeze3_amd64.deb) …
Selecting previously deselected package libaprutil1.
Unpacking libaprutil1 (from …/libaprutil1_1.3.9+dfsg-5_amd64.deb) …
Selecting previously deselected package libaprutil1-dbd-sqlite3.
Unpacking libaprutil1-dbd-sqlite3 (from …/libaprutil1-dbd-sqlite3_1.3.9+dfsg-5_amd64.deb) …
Selecting previously deselected package libaprutil1-ldap.
Unpacking libaprutil1-ldap (from …/libaprutil1-ldap_1.3.9+dfsg-5_amd64.deb) …
Selecting previously deselected package apache2.2-bin.
Unpacking apache2.2-bin (from …/apache2.2-bin_2.2.16-6+squeeze4_amd64.deb) …
Selecting previously deselected package apache2-utils.
Unpacking apache2-utils (from …/apache2-utils_2.2.16-6+squeeze4_amd64.deb) …
Selecting previously deselected package apache2.2-common.
Unpacking apache2.2-common (from …/apache2.2-common_2.2.16-6+squeeze4_amd64.deb) …
Selecting previously deselected package apache2-mpm-worker.
Unpacking apache2-mpm-worker (from …/apache2-mpm-worker_2.2.16-6+squeeze4_amd64.deb) …
Selecting previously deselected package apache2.
Unpacking apache2 (from …/apache2_2.2.16-6+squeeze4_amd64.deb) …
Processing triggers for man-db …
Setting up libapr1 (1.4.2-6+squeeze3) …
Setting up libaprutil1 (1.3.9+dfsg-5) …
Setting up libaprutil1-dbd-sqlite3 (1.3.9+dfsg-5) …
Setting up libaprutil1-ldap (1.3.9+dfsg-5) …
Setting up apache2.2-bin (2.2.16-6+squeeze4) …
Setting up apache2-utils (2.2.16-6+squeeze4) …
Setting up apache2.2-common (2.2.16-6+squeeze4) …
Enabling site default.
Enabling module alias.
Enabling module autoindex.
Enabling module dir.
Enabling module env.
Enabling module mime.
Enabling module negotiation.
Enabling module setenvif.
Enabling module status.
Enabling module auth_basic.
Enabling module deflate.
Enabling module authz_default.
Enabling module authz_user.
Enabling module authz_groupfile.
Enabling module authn_file.
Enabling module authz_host.
Enabling module reqtimeout.
Setting up apache2-mpm-worker (2.2.16-6+squeeze4) …
Starting web server: apache2.
Setting up apache2 (2.2.16-6+squeeze4) …

# a2enmod rewrite
Enabling module rewrite.
Run '/etc/init.d/apache2 restart' to activate new configuration!

# nano /etc/apache2/envvars

export APACHE_RUN_USER=httpd
export APACHE_RUN_GROUP=httpd

We will activate the Mass Hosting module for Apache so we can develop a bunch of projects at the same time

We need a file to correct the value of DOCUMENT_ROOT when using such module:

<?php

// Let's fix the document root because of a bug in Apache's mod_vhost_alias not
// setting up the correct $_SERVER[‘DOCUMENT_ROOT’] env variable.
$__mod_vhost_alias_fix_doc_root = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'domains' . DIRECTORY_SEPARATOR . $_SERVER[‘HTTP_HOST’] . DIRECTORY_SEPARATOR . 'html';

if (is_dir($__mod_vhost_alias_fix_doc_root)) {
$_SERVER[‘__MOD_VHOST_FIX_OLD_DOCUMENT_ROOT’] = $_SERVER[‘DOCUMENT_ROOT’];
    $_SERVER[‘DOCUMENT_ROOT’] = $__mod_vhost_alias_fix_doc_root;
}

?>

We create a configuration file for virtual hosts:

nano /etc/apache2/sites-available/vhosts
# get the server name from the Host: header
UseCanonicalName Off

# splittable logs
LogFormat "%{Host}i %h %l %u %t \"%r\" %s %b" vcommon
CustomLog ${APACHE_LOG_DIR}/access_log vcommon

<Directory /home/httpd/domains/portnumber53.local/html>
# ExecCGI is needed here because we can't force
# CGI execution in the way that ScriptAlias does
Options FollowSymLinks ExecCGI
</Directory>

# now for the hard bit

RewriteEngine On

# a ServerName derived from a Host: header may be any case at all
RewriteMap lowercase int:tolower

## deal with normal documents first:
# allow Alias /icons/ to work – repeat for other aliases
RewriteCond %{REQUEST_URI} !^/icons/
# allow CGIs to work
RewriteCond %{REQUEST_URI} !^/cgi-bin/
# do the magic
RewriteRule ^/(.*)$ /home/httpd/domains/${lowercase:%{SERVER_NAME}}/html/$1

## and now deal with CGIs – we have to force a MIME type
RewriteCond %{REQUEST_URI} ^/cgi-bin/
RewriteRule ^/(.*)$ /home/httpd/domains/${lowercase:%{SERVER_NAME}}/cgi-bin/$1 [T=application/x-httpd-cgi]

# that's it!
a2ensite vhosts
a2dissite default
///////////////
mkdir -p /home/httpd/domains/portnumber53.local/html
echo "PortNumber53.local<?php phpinfo(); ?>" > /home/httpd/domains/portnumber53.local/html/index.php

mkdir -p /home/httpd/domains/example.local/html
echo "Example.local<?php phpinfo(); ?>" > /home/httpd/domains/example.local/html/index.php

Let's restart Apache:
service apache2 restart

As long as your windows box solves portnumber53.local and example.local to the IP of your debian web box, try opening these domains in your browser.

 

Setting up a Debian box for development: linux installation

This will be a work in progress series of posts to help people get into the amazing world of developing applications on the web.

Will also give me opportunity to fine tune my knowledge.

 

This will be the L in LAMP, here we go:

 

1. Download a Debian ISO file (6.0.4 has just been release as of this writing)

2. Download LinuxLive USB Creator from http://www.linuxliveusb.com/

3. Run LiLi and create a bootable USB stick with the ISO file you downloaded from Debian website

Choose to format the key in FAT32

 

After following a default installation procedure…. so we're all starting from the same page.

install a few packages:

 

# apt-get update

# apt-get upgrade –show-upgraded

# apt-get install aptitude

# aptitude install sudo rsync

 

 

MySQL: Recover root password

 

 

 

 

# mysql -u root
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
 
# mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

 

 

1 Stop MySQL server:

# service mysql start

 

2. Add –skip-grant-tables to your mysql start script

# nano /etc/rc3.d/S20mysql

 

——————-

 

case "${1:-''}" in
  'start')
        sanity_checks;
        # Start daemon
        log_daemon_msg "Starting MySQL database server" "mysqld"
        if mysqld_status check_alive nowarn; then
           log_progress_msg "already running"
           log_end_msg 0
        else
            # Could be removed during boot
            test -e /var/run/mysqld || install -m 755 -o mysql -g root -d /var/run/mysqld
 
            # Start MySQL!
            /usr/bin/mysqld_safe –skip-grant-tables > /dev/null 2>&1 &
 
            # 6s was reported in #352070 to be too few when using ndbcluster
            for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14; do
———————
 

 

3. Start your server again

 

# service -mysql start

 

4. Log in using mysql root user without entering a password:

# mysql -u root mysql

 

And let's do the actual reset:

 

——-

 

Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 35
Server version: 5.1.49-3 (Debian)
 
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> update user set password=Password('1234') where user='root';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 0
 
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
 
mysql> exit
Bye
 
——————
 
5. Stop the server one more time
 
# service mysql stop
 
6. Remove –skip-grant-table from your mysql startup command
 
# nano /etc/rc3.d/S20mysql
 
 
7. Start your mysqlserver
 
# service mysql start
 
 
8. Enjoy your server:
 
 
———————-
root@debian:~# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 35
Server version: 5.1.49-3 (Debian)
 
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql>
————————-
 

 

Intranet: setup DJBDNS to respond for *.local to help development

 

0. Follow instructions to setup a DNS Cache

 

1. Create an alias for eth0:

# nano /etc/network/interfaces

auto eth0:0
iface eth0:0 inet static
       address 10.0.0.251
       netmask 255.255.255.0
       network 10.0.0.0
       broadcast 10.0.0.255
       gateway 10.0.0.254

2 . restart networking

# /etc/init.d/networking restart

 

3. Use tinydns-conf to setup djbdns 

# tinydns-conf dnscache dnslog /etc/tinydns 10.0.0.251

 

# ln -svf /etc/tinydns /etc/service

# cd /etc/service/tinydns/root/

 

 

4. Setup the "local" domain name:

# ./add-ns local 10.0.0.251

#./add-host a.ns.local 10.0.0.251

 

5. Create the data file for tinydns

# cd /etc/service/tinydns/root/

# nano data

 

.local:10.0.0.251:a:259200
=a.ns.local:10.0.0.251:86400
+*.local:10.0.0.250:86400

 
In the sample file above:
– 10.0.0.251 is the IP address of the DNS server, so it is the one responsibe for domain name responses
– 10.0.0.250 is the IP address of your future Web server
 
Save and update data/cdb
# make
 
 
 
6. Edit /etc/resolv.conf
search portnumber53.local
nameserver 10.0.0.251

 

 

7. Let dnscache know about your *.local domain names:

# cd /etc/service/dnscache

# echo 10.0.0.251 > root/servers/local

# chmod 644 root/servers/local

 

8. Restart dnscache

# svc -t .

 

 

 

Intranet: Setup a DNSCACHE for your network using DJBDNS

On this tutorial you will learn how to using DJBDNS to setup a DNS cache to help speed up queries for your local network.

 

I like using Debian, so that is the distribution I'll be using for most of my tutorials. Current version as of this, is Squeeze.

 

0.Install build-essential and daemontools and ucspi-tcp so we can get started:

# apt-get install build-essential ucspi-tcp daemontools daemontools-run

 

You can do everything as root, to make your life easier…. or just do the make commands (if you're paranoid):

 

1. Download and untar DjbDNS

# wget -q http://cr.yp.to/djbdns/djbdns-1.05.tar.gz
# tar -zxvvf djbdns-1.05.tar.gz

 

2. Add users for DjbDNS to /etc/passwd

# echo 'dnscache:*:54321:54321:dnscache:/dev/null:/dev/null' >> /etc/passwd
# echo 'dnslog:*:54322:54322:dnslog:/dev/null:/dev/null' >> /etc/passwd

 

3. Compile DjbDNS nameserver

# cd djbdns-1.05
# echo gcc -O2 -include /usr/include/errno.h > conf-cc

 

4. Compile it

# make

 

5. Install the binaries

# make setup check

 

 

6. Copy the list of IP addresses of the global DNS root servers in /etc/

# cp -rpf dnsroots.global /etc/

 

7.  Configure dnscache:

# ./dnscache-conf dnscache dnslog /etc/dnscache <IP address of this box>

 

8. Allow your network to use the DNS cache

# cd /etc/dnscache/root/ip
# touch 10.0.0

* This assumes you're using a network class A, like 10.0.0.0/24

 

9. Start the daemon

# ln -sf /etc/dnscache /etc/service/dnscache
# ps ax|grep -i readproc
 1071 ?        S      0:00 readproctitle service errors: ................................................................................................................................................................................................................................................................................................................................................................................................................
 1206 pts/1    S+     0:00 grep -i readproc
You can later check it's running using:
 
svstat /etc/service/dnscache
 
10. As root, add:
 
nameserver <IP address of this box>

 

to /etc/resolv.conf

 
 
11. Do a quick test:
(
If you're using ArchLinux, use:
pacman -Syu dnsutils
to install "host"
)
# host portnumber53.com <eth0 IP address>
Using domain server:
Name: localhost
Address: 127.0.0.1#53
Aliases:

portnumber53.com has address 205.186.185.42
portnumber53.com mail is handled by 20 ALT2.ASPMX.L.GOOGLE.com.
portnumber53.com mail is handled by 30 ASPMX2.GOOGLEMAIL.com.
portnumber53.com mail is handled by 20 ALT1.ASPMX.L.GOOGLE.com.
portnumber53.com mail is handled by 30 ASPMX3.GOOGLEMAIL.com.
portnumber53.com mail is handled by 30 ASPMX4.GOOGLEMAIL.com.
portnumber53.com mail is handled by 30 ASPMX5.GOOGLEMAIL.com.
portnumber53.com mail is handled by 10 ASPMX.L.GOOGLE.com.
 
 
12. Report success:
# ( echo 'First M. Last'; cat `cat SYSDEPS` ) \
# | mail djb-sysdeps@cr.yp.to

 

 

 

 

 

 

Don't forget to replace First M. Last with your full name.
 
 

Later on you can monitor what's going under the hood by using:

# tail -f /etc/service/dnscache/log/main/current

 

If you installed following ArchLinux AUR packages, this may work better:

 

#tail -f /etc/dnscache/log/main/current

 

 

Git: Prepare your repository – step 1

 

Here I’ll explain how you can create a new repository for your projects and use GIT for your version control needs.
 
 
For this, I’ll assume everything is already installed (git and stuff). This also assumes you’re using an Operating System and not the Vermont thing.
 
Replace “example.com” with your own domain.
 
1. Create a base repository
 
$ mkdir example.com && cd example.com

$ git init
 
 
2. Create a standard .gitignore file
 
$ nano .gitignore
 
—————————-
cgi-bin/*

upload/

.idea/*

# Compiled source #

###################

*.com

*.class

*.dll

*.exe

*.o

*.so

# Packages #

############

# it's better to unpack these files and commit the raw source

# git has its own built in compression methods

*.7z

*.dmg

*.gz

*.iso

*.jar

*.rar

*.tar

*.zip

# Logs and databases #

######################

*.log

*.sql

*.sqlite

# OS generated files #

######################

.DS_Store*

ehthumbs.db

Icon?

Thumbs.db
—————————-
 
3. Add and commit the file to your local repository.
$ git add .gitignore

$ git commit -m "Added standard gitignore file"
 
4. Prepare your local repository for transportation:
$ cd ..

$ git clone --bare example.com example.com.git

$ touch example.com.git/git-daemon-export-ok
 
5. Copy it to your server
$ scp -r example.com.git SERVER:~/PATH_ON_THE_SERVER/example.com.git
 
6. Finish preparing your repository on the server:
 
$ ssh SERVER

$ cd ~/PATH_ON_THE_SERVER/example.com.git

$ git --bare update-server-info

$ cd hooks

$ mv post-update.sample post-update

$ chmod a+x post-update
 
From this point on, you should be able to clone your repository and start working.
 
Drop me a line if this does not work for you, and I'll be glad to try and help.
 

 

  • IGlr