Hello everyone,

I've been testing and setting up various kinds of webserver configurations lately, and realized that it would save me a lot of time if I had a script to automatically do a base install" whenever I spin up a fresh new server to benchmark. Had a some spare time this afternoon so I wrote one(two) scripts and figured others might find it useful somehow.

I know there are many low footprint install scripts around like the lowendbox's lowendscript and Centmin posted a few months back. But being a Debian person myself, I prefer Apache over nginx and none of the scripts offer the Debian + Apache combo.

Anyway, lets get down to details. The scripts automatically sets up the following :-

Serversetup Script http://tuxlite.com (http://tuxlite.com/)

- Basic server configuration such as setting the hostname, SSHD ports etc.
- Choice of 3 LAMP setups (switching setup from 1 to 2 or 3 works fine, but I've not tested the other way round)
1. mpm_prefork + mod_php
2. mpm_worker + mod_fcgid
3. mpm_worker + mod_fastcgi + PHP-FPM
- Optimizes LAMP config for low memory usage.
- Extra options to setup rtorrent and cronjobs for backups

Domainsetup Script [/URL]http://tuxlite.com (http://dl.dropbox.com/u/21727036/domainsetup.sh)

- Quickly add a domain to Apache virtualhost config
- Setup awstats + phpmyadmin for each domain with daily log rotation
- Option to remove domain from server


To use the scripts, download them and make them executable. E.g.

wget http://tuxlite.com (http://tuxlite.com/)
chmod +x serversetup.sh
./serversetup.sh[U]

Why Use These Scripts?

- Setup server, add your domain, set your DNS and you'll be hosting sites within minutes.
- Memory usage is ~50MB under Xen or KVM using mpm_worker setup.
- Apache mpm-worker config gives comparable/adequate performance to nginx for most situations. Setup is also compatible with the latest mpm-event module as well.
- ALL packages are from official Debian repositories, therefore configurations are standard and its easy to keep your server updated
- Functions are coded in simple "english", and some personal preferences of mine are commented out to keep installs as stock as possible. You can easily configure the functions to your liking.


Who Should Use These Scripts?

- Debian 6 users. Scripts will work with Debian 5 (lenny) as well, but remember to change sources.list to oldstable or lenny if you are using the script to reconfigure apt.
- Those using VPS to host personal sites, and do not require multi user / shared hosting environment.
- People who are lazy like me and wants things automated
- People who loves messing about with various LAMP stacks because Apache is win and life is meaningless without .htaccess support :stickout:
- You are l33t and prefer not to use control panels with pretty GUIs



Bear in mind that my shell scripting skills are anything but good, and some of the code is adapted from various sources.
So if you find something off do let me know and I'll update the scripts accordingly.

Thanks, what an excellent contribution!! :agree:

I just deployed a "lampworker" configuration in 3m19s including interactive parts and it seems to have worked very nicely straight out-of-the-box :)

One one warning:

By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]
- Dropping test database...
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
... Failed! Not critical, keep moving...

Welcome!
For the mysql issue, its probably because Debian packages mysql without the "test" database. The warning message can be ignored.

Thanks, what an excellent contribution!! :agree:

I just deployed a "lampworker" configuration in 3m19s including interactive parts and it seems to have worked very nicely straight out-of-the-box :)

One one warning:

By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]
- Dropping test database...
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
... Failed! Not critical, keep moving...

Made some changes to the script to fix some (harmless) typos.
Anyone using the scripts before this reply should download them again :)

Might want to stick suhosin in there. I feel so naked without it :) But thanks for sharing!

Does this happen to secure /tmp etc? That would be a great feature to have.


I have always wanted to use debian with a major website but I wanted to test centmin first. Now that the owner has disappear from the forum and the latest update was to my disliking I am stuck with it since the server has about 100gb of data on it that cannot be backed up.

Although, I am thinking it is time to dump the 100gb of data just to try this :)

Might want to stick suhosin in there. I feel so naked without it :) But thanks for sharing!

Both the suhosin source patch and the extension is installed by default Debian PHP package. Fire up a phpinfo page and you'll see it loaded :)


Does this happen to secure /tmp etc? That would be a great feature to have.

I have always wanted to use debian with a major website but I wanted to test centmin first. Now that the owner has disappear from the forum and the latest update was to my disliking I am stuck with it since the server has about 100gb of data on it that cannot be backed up.

Although, I am thinking it is time to dump the 100gb of data just to try this :)

Just added two new options to secure /tmp. I didn't include it earlier because securing /tmp can be very machine specific, especially if you plan to run stuff like eaccelerator that needs huge cache directories. Be sure to know what you're doing before copy-pasting codes from the interwebs.

As for your data, why not rsync it to a backup server and move them back after you're done setting up? That's a lot of data to lose :(

Great script! Have you done any performance tests to see how the different options scale with traffic? I'm going to see if any of my test hosts offer Deb 6 and run them through loadimpact and compare it to some of the php/Nginx setups, but ~50MB is really sweet for Apache. Good job!

On memory/cpu limited VPS, I find that the mpm-worker (option 2 or 3) config scales much better, especially with concurrent connections. The config that I use for the script is very conservative and will only use ~100MB memory on full load. However it should have no problems handling >50 req/sec for a wordpress site. >200 req/sec if using supercache and I'm getting up to 2000 req/sec when I place varnish in front of it all. This is on a 1CPU 512mb test box.

Though if you have massive amount of RAM and CPU allocation, the vanilla LAMP stack with mpm-prefork should in theory be slightly faster.

It will work with Debian 5 if you don't select the php-fpm option, or else the sources.list needs to be edited because it assumes a Debian 6 OS.

Great stuff : ). Would be great if you could include Varnish part too (or separate script maybe? ) in future..

WHere can I donate? :D

On memory/cpu limited VPS, I find that the mpm-worker (option 2 or 3) config scales much better, especially with concurrent connections. The config that I use for the script is very conservative and will only use ~100MB memory on full load. However it should have no problems handling >50 req/sec for a wordpress site. >200 req/sec if using supercache and I'm getting up to 2000 req/sec when I place varnish in front of it all. This is on a 1CPU 512mb test box.

I know some of the other scripts (CentOS) are getting an extreme amount of requests per second. It would be cool if you could include a secondary script that tweaks server settings as traffic grows to better manage to load. Such as installing varnish.



As for your data, why not rsync it to a backup server and move them back after you're done setting up? That's a lot of data to lose :(
Gave away my backup type vps after a buddy's host got shut down. I guess I will download it to my hard drive and then take the drive to a local data-center and borrow there connection (They allow it for a small fee)

Great stuff : ). Would be great if you could include Varnish part too (or separate script maybe? ) in future..

WHere can I donate? :D

I know some of the other scripts (CentOS) are getting an extreme amount of requests per second. It would be cool if you could include a secondary script that tweaks server settings as traffic grows to better manage to load. Such as installing varnish.


Just added another 2 functions to quickly turn varnish on and off. :) As usual just re-download the scripts from the same links.

My test box is hitting 8000 req/sec for phpinfo. Do post your results as well if you folks are doing any benchmarks.

Just added another 2 functions to quickly turn varnish on and off. :) As usual just re-download the scripts from the same links.

My test box is hitting 8000 req/sec for phpinfo. Do post your results as well if you folks are doing any benchmarks.

This has massive potential, I would get a site setup and get a community going myself. I see it doing great for the average unmanaged user with little to no experience who are running a single forum and such.

Do you recommend lamp setup #2 or #3? Also, may I share this with others? If so do you have any places I may link to in order to provide you the credit of making it?

This has massive potential, I would get a site setup and get a community going myself. I see it doing great for the average unmanaged user with little to no experience who are running a single forum and such.

Do you recommend lamp setup #2 or #3? Also, may I share this with others? If so do you have any places I may link to in order to provide you the credit of making it?

I'd go with setup #2 because its a safe config, as in you can swap #1 and #2 repeatedly as you wish without breaking anything.

Setup #3 is the "better" way of using PHP, but using experimental packages means you don't get timely security updates. I'd personally only use this setup to test out PHP-FPM's features and nothing more. Also once you go option #3, its much harder to revert back to #1 or #2.

And sure, go ahead and share this with anyone, I've posted it in public after all :) Linking back here will be best until I find a more suitable place to host the scripts. Unless of course WHT mods give me access to edit my first post.
If you find it useful and want to treat me coffee, I'd be happy to oblige :D

I just ran the lampworker install on a new server... It said leave the mysql password blank if I did not have it setup, but I am getting access denied. Any ideas?


Also running ./serversetup.sh basic it would be nice if it told you what the ssh port was changed to. Although not needed it makes it easier to see what it is right off the bat.

Using the add user command shows "Current Kerberos password:"

I just ran the lampworker install on a new server... It said leave the mysql password blank if I did not have it setup, but I am getting access denied. Any ideas?


Also running ./serversetup.sh basic it would be nice if it told you what the ssh port was changed to. Although not needed it makes it easier to see what it is right off the bat.

Using the add user command shows "Current Kerberos password:"

Can no longer edit my post.

Ignore this, it never saved the edited file. Before running the script. My fault :blush:

Those parameters must be set first by editing the script variables. Look at the line at the beginning that says

#Edit values below before using script

Looks like you ran the script using the default values so your mysql password would be abcd1234 and the ssh port is 1234.

And oh before I forget, need to thank RavC for helping to make the script readable :)

All issues are fixed besides one... Whats the Current Kerberos password: ?

I have never seen this used before. Seems to be on though haha.

I always have issues with these scripts for some reason but once I learn them it saves me tons of time.

That is unusual, did you run the script on a fresh Debian 5/6 OS? The scripts doesn't have a "install kerberos" function at all.

Unless... if you accidently used the "apt" function, it may have pulled that package from Sid repos. If thats the case try removing the package using the command below :-

aptitude purge libpam-krb5

That is unusual, did you run the script on a fresh Debian 5/6 OS? The scripts doesn't have a "install kerberos" function at all.

Unless... if you accidently used the "apt" function, it may have pulled that package from Sid repos. If thats the case try removing the package using the command below :-

aptitude purge libpam-krb5

Works thanks. I also installed a few extra packages so it may be a borked template with my new host.

Works thanks. I also installed a few extra packages so it may be a borked template with my new host.

No prob, glad its working :)

I updated the script menu to give more info about the "apt" function. Its optional so not everyone needs to use it. I hope you didn't execute ALL of the available functions :D

No prob, glad its working :)

I updated the script menu to give more info about the "apt" function. Its optional so not everyone needs to use it. I hope you didn't execute ALL of the available functions :D

On one server I did. On my proper vps I ran two commands and thats it. I like to see what happens when the wrong things are done :D


Anyways it is now working great but using 433 mb of ram just running the script the secures the ports and lamp stack #2 - Running openvz but it should not make that much of a difference vs xen.



CPU MeM
25836 mysql 15 0 152m 17m 5428 S 0 1.7 0:00.12 mysqld
24500 root 18 0 9396 5064 3320 S 0 0.5 0:00.22 apache2
5267 root 16 0 8320 2820 2292 S 0 0.3 0:00.10 sshd
3528 root 16 0 8320 2788 2264 S 0 0.3 0:00.08 sshd
26256 root 18 0 5772 1852 1500 S 0 0.2 0:00.01 master
26266 postfix 18 0 5832 1812 1464 S 0 0.2 0:00.00 qmgr
26268 postfix 15 0 5788 1776 1436 S 0 0.2 0:00.01 pickup


Not really a big deal but just in-case you wanted to see the memory usage that others are having.

Anyways it is now working great but using 433 mb of ram just running the script the secures the ports and lamp stack #2 - Running openvz but it should not make that much of a difference vs xen.



CPU MeM
25836 mysql 15 0 152m 17m 5428 S 0 1.7 0:00.12 mysqld
24500 root 18 0 9396 5064 3320 S 0 0.5 0:00.22 apache2
5267 root 16 0 8320 2820 2292 S 0 0.3 0:00.10 sshd
3528 root 16 0 8320 2788 2264 S 0 0.3 0:00.08 sshd
26256 root 18 0 5772 1852 1500 S 0 0.2 0:00.01 master
26266 postfix 18 0 5832 1812 1464 S 0 0.2 0:00.00 qmgr
26268 postfix 15 0 5788 1776 1436 S 0 0.2 0:00.01 pickup
Not really a big deal but just in-case you wanted to see the memory usage that others are having.


400MB sounds about right for OpenVZ, and yes the difference can be that big if you don't use Xen/KVM. If you look at the mysql memory usage, its taking up 152MB while Xen/KVM would only use 17MB.

Delete the serversetup.sh script, download it again. Then run optimizelamp function. Should drop your memory usage by 100MB or so. I've just edited mysql tuning part a little bit.

Of course a long term solution would be to avoid OpenVZ entirely :)

400MB sounds about right for OpenVZ, and yes the difference can be that big if you don't use Xen/KVM. If you look at the mysql memory usage, its taking up 152MB while Xen/KVM would only use 17MB.

Delete the serversetup.sh script, download it again. Then run optimizelamp function. Should drop your memory usage by 100MB or so. I've just edited mysql tuning part a little bit.

Of course a long term solution would be to avoid OpenVZ entirely :)

Thats odd. The centmin script was running about 70mb ram but was also nginx and included mysql.
used free shared buffers cached
67 188 0 0 0
67 188




It is now using 329 memory after running the optimizer. Although the memory usage is higher then it should be for some odd reason I must say pages load AMAZINGLY FAST, compared to most scripts or guides found online. I ran a test site and websites loaded over 35% faster using the identical script and server vs a standard lamp install. Reverting back to a centos install using centmin or the lowend box actually had about a 45% slower load speed then this lamp setup script for me.

Thats odd. The centmin script was running about 70mb ram but was also nginx and included mysql.

It is now using 329 memory after running the optimizer. Although the memory usage is higher then it should be for some odd reason I must say pages load AMAZINGLY FAST, compared to most scripts or guides found online. I ran a test site and websites loaded over 35% faster using the identical script and server vs a standard lamp install. Reverting back to a centos install using centmin or the lowend box actually had about a 45% slower load speed then this lamp setup script for me.

The optimizer is meant to set a modest config for a small VPS, so its not going to break any low-memory records. :) Also, because of the way Apache works, it won't be able to compete memory wise with nginx on a OpenVZ VPS without crippling the config to something stupidly minimal.

Though, I'm surprised that your pages are loading faster. :D Perhaps its something to do with the Centmin config but I'll need to take a look at the source code later on to be sure.

The optimizer is meant to set a modest config for a small VPS, so its not going to break any low-memory records. :) Also, because of the way Apache works, it won't be able to compete memory wise with nginx on a OpenVZ VPS without crippling the config to something stupidly minimal.

Though, I'm surprised that your pages are loading faster. :D Perhaps its something to do with the Centmin config but I'll need to take a look at the source code later on to be sure.

It may just be apache is better at serving the specific files used in the site. I am just happy the site seems instant now ;)

In all honesty, if you developed this more and had some kind of feature that would take care of all administration needs and tons of script installers with it (Pretty much already does) and provide an option to see the commands used for learning while it is executing, I would purchase it in a heart beat!

Seems like something unmanaged VPS providers could easily give to there new clients so they are up and running, lowering support costs.

It may just be apache is better at serving the specific files used in the site. I am just happy the site seems instant now ;)

In all honesty, if you developed this more and had some kind of feature that would take care of all administration needs and tons of script installers with it (Pretty much already does) and provide an option to see the commands used for learning while it is executing, I would purchase it in a heart beat!

Seems like something unmanaged VPS providers could easily give to there new clients so they are up and running, lowering support costs.

Are you testing it with the site on your sig ? Would love to see how it loads on my end as well.

Its pretty complete as it is if both the scripts are used together. The only thing left to do is to have a backup procedure in place. You can always check out the code if you want to find out what its doing.

Though if you need something 100% automated, ISPconfig 3 looks like a very nice & free choice :)

p.s Do not use the Varnish cache function if you're on OpenVZ. Your VPS will not be happy.

Are you testing it with the site on your sig ? Would love to see how it loads on my end as well.



p.s Do not use the Varnish cache function if you're on OpenVZ. Your VPS will not be happy.

Varnish is one of the reasons I tried it. Have not enabled it yet but I will try anyways. I do know I could restart it once it eats up all of my openvz memory which it is prone to do. So after 200mb of usage have it restart. Although that is not a great method to use. (If only buyvm had xen :) )

The site in the sig was not the one tested since it is not owned by me. I just own the domain which is pointed to a friends setup. But I could try importing the whole thing into wordpress and then testing it also.




Since the majority of the posts are from me :D Thanks again for what seems to be the only reliable debian Lamp setup.

Varnish is one of the reasons I tried it. Have not enabled it yet but I will try anyways. I do know I could restart it once it eats up all of my openvz memory which it is prone to do. So after 200mb of usage have it restart. Although that is not a great method to use. (If only buyvm had xen :) )


You could get the vmware machines at BuyVM/Frantech. That shouldn't have the problem either.


Since the majority of the posts are from me :D Thanks again for what seems to be the only reliable debian Lamp setup.

There, now you can continue posting. :D

You could get the vmware machines at BuyVM/Frantech. That shouldn't have the problem either.

There, now you can continue posting. :D

:D I'm guessing techjr is on the affordable buyvm VPS so the frantech plans will be a huge increase in price.

Hi Scientist
Thx for your great script first.

I just install lampworker mode, and also download the domain script to add domains, but I cant access others' "https:/xxx.com/p" , either "xxx.com"

I set the hostname samed as the domain I add by the domain script, is that the reason ?

If your A records are already pointing to your server, and your http links are working, it means that the ssl certs are missing. Use optimizelamp function to generate them.

Thx it works

Hey Scientist, want to request getting this moved over to VPS tutorials? I had a hard time digging this up again :P

Yeah why not. Now I just need to figure out how do I go about requesting the move :D

The first post needs updating as well as the scripts have changed quite a bit since I first started the topic.

What about the same for NGINX or LIGHTTPD? ;)

Its fairly easy to setup Nginx + PHP-FPM on Debian 6. The problem is when trying to include phpmyadmin, its won't be as "clean" as far as standard configs go. Of course this is speaking in terms of using 100% official Debian packages so that even the non sysadmin can keep their setup updated and secure.

Personally, I don't see the point of using nginx except for very high traffic sites because for most cases the memory savings are negligible if you use Apache + mpm-worker. Nonetheless, my test VPS is sitting idle now so I may just give the ready-to-go nginx setup another go.

p.s Do people still use lighttpd ? :D

p.s Do people still use lighttpd ? :DDepends on how many people (http://royal.pingdom.com/2011/01/04/apache-web-server-hit-a-home-run-in-2010/) ;)

Depends on how many people (http://royal.pingdom.com/2011/01/04/apache-web-server-hit-a-home-run-in-2010/) ;)

Oh wow, still a good million users or so. Figured it'd be less because nginx performs just as well minus the memory leaks.

I'm new to VPS and I'm about to start playing with Mware and Debian 6. I'd like to know do I need to install apache, php5, mysql before running this script or script would install everything for me? Thank you in advance.

It installs everything for you so a fresh OS is actually recommended.

For some reason I got plenty of errors on a fresh installed Debian 6. Do I have to install packages manually?



root@testingpc:/home/user1/Desktop# ./serversetup.sh lampworker optimizelamp

Couldn't find any package whose name or description matched "libapache2-mod-fcgid"
Couldn't find any package whose name or description matched "apache2-mpm-worker"
No candidate version found for php5-cgi
Couldn't find any package whose name or description matched "php5-suhosin"
Couldn't find any package whose name or description matched "php-apc"
No candidate version found for php5-mysql
Couldn't find any package whose name or description matched "php5-dev"
Couldn't find any package whose name or description matched "php5-curl"
No candidate version found for php5-gd
Couldn't find any package whose name or description matched "php5-imagick"
No candidate version found for php5-mcrypt
Couldn't find any package whose name or description matched "php5-memcache"
Couldn't find any package whose name or description matched "php5-mhash"
Couldn't find any package whose name or description matched "php5-pspell"
Couldn't find any package whose name or description matched "php5-snmp"
No candidate version found for php5-sqlite
Couldn't find any package whose name or description matched "php5-xmlrpc"
Couldn't find any package whose name or description matched "php5-xsl"
Couldn't find any package whose name or description matched "libapache2-mod-fcgid"
Couldn't find any package whose name or description matched "apache2-mpm-worker"
No candidate version found for php5-cgi
Couldn't find any package whose name or description matched "php5-suhosin"
Couldn't find any package whose name or description matched "php-apc"
No candidate version found for php5-mysql
Couldn't find any package whose name or description matched "php5-dev"
Couldn't find any package whose name or description matched "php5-curl"
No candidate version found for php5-gd
Couldn't find any package whose name or description matched "php5-imagick"
No candidate version found for php5-mcrypt
Couldn't find any package whose name or description matched "php5-memcache"
Couldn't find any package whose name or description matched "php5-mhash"
Couldn't find any package whose name or description matched "php5-pspell"
Couldn't find any package whose name or description matched "php5-snmp"
No candidate version found for php5-sqlite
Couldn't find any package whose name or description matched "php5-xmlrpc"
Couldn't find any package whose name or description matched "php5-xsl"
No packages will be installed, upgraded, or removed.
0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B of archives. After unpacking 0 B will be used.

Couldn't find any package whose name or description matched "awstats"
No candidate version found for imagemagick
Couldn't find any package whose name or description matched "awstats"
No candidate version found for imagemagick
No packages will be installed, upgraded, or removed.
0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B of archives. After unpacking 0 B will be used.

./serversetup.sh: line 145: a2dismod: command not found
./serversetup.sh: line 146: a2dismod: command not found
./serversetup.sh: line 147: a2dismod: command not found
./serversetup.sh: line 148: a2enmod: command not found
./serversetup.sh: line 149: a2enmod: command not found
./serversetup.sh: line 150: a2enmod: command not found
./serversetup.sh: line 151: a2enmod: command not found
./serversetup.sh: line 154: /etc/apache2/mods-available/fcgid.conf: No such file or directory
./serversetup.sh: line 176: /etc/apache2/conf.d/php-fcgid.conf: No such file or directory

That looks like a broken OS template to me. Can you paste the output of

cat /etc/apt/sources.list

Also, you should only execute 1 function at a time, and not combine them. E.g.
./serversetup.sh lampworker
./serversetup.sh optimizelamp

Thank you for your quick response and the output is in the attachment.


That looks like a broken OS template to me. Can you paste the output of

cat /etc/apt/sources.list

Ah... your sources.list isn't configured properly so to speak. I assume this is a local install and not on a VPS? The full Debian DVD is A LOT more than just 1 DVD so you're going to lose out a lot of packages if you don't include all of them.

Execute "./serversetup apt" to reconfigure your sources.list then run the lampworker function again.

First of all I just want to say a big thank you. Your script worked like a charm.

I wish to get VPS server very soon and now I'm just practicing how to get everything working with Mware Debian 6 (virual os) on my local Windows PC. I've been using wampserver on my Windows7 PC but using Debian is not the same. I wish to run Joomla cms on my future VPS and I'd like to know what should I know about VPS besides setting up apache, mysql? Should I just setup ftp server for www folder? Thanks again

The best place to start is Linode library or Slicehost articles. Spend a day or two reading up and test out as much possible. No harm tinkering and breaking things because you can reload the OS in a matter of minutes from the VPS control panel. Might be even better for learning if you setup things manually instead of using my scripts.

Avoid using FTP unless you really need it. You should instead use SFTP (with filezilla, winscp etc) to upload files to your www folder. That way you don't have to install a FTP daemon which some might consider as a security risk :)

awesome, sftp would even require less ram than running as a server and it is more secure. I'll be working and modifying your script to get what I need. I just noticed it installed the latest version of PHP5 but I'd prefer to use php 5.2.11 so should I use 'aptitude' command or just apt-get and php5.2.11 package and the same for apache? I don't think the latest apache works well with older php version.

I think the compatibility concerns you're talking about is with regards to PHP5.3 and CMS scripts like drupal, joomla etc. AFAIK, those are all now resolved if you use updated versions of the scripts. Apache has no issues at all working with PHP5.3.

There isn't a apt-get php5.2.11 or anything like the sort. If you need PHP 5.2, stick to Debian 5 for the time being. Otherwise it'll take some work to get it working with Debian 6. You'll either have to pin the LAMP packages to the Lenny repo, or compile PHP from source.

I'm using custom components for Joomla and I remember when I was trying PHP 5.3.x then I had a lot of errors especially with sessions and quotes. So you are saying by default debian 5 using php 5.2.x? Would you say Debian 5 would be even better for 256mb-512mb ram for VPS? I found a good link tutorial and would that work just by changing to PHP instead of mysql? http://www.robo47.net/blog/193-Installing-Mysql-Workbench-5.2.11-from-source-on-Debian-6.0-Squeeze

Yep Debian 5 uses PHP5.2. The packages in Deb5 are a little old now for my liking, but if you just need a straight up LAMP stack it should do just fine. Personally I would just fix the custom Joomla code for PHP 5.3 as more and more platforms are defaulting to it now.

BTW, the link you provided shows the installation for mysql-workbench, not PHP.

Lovely script. This is proving to be invaluable.

However, I did run in an obstacle.

PHPmyadmin gives me the following error:
phpMyAdmin -

Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly.


What I've done is the next steps on a fresh Debian 6.0 box:

lampworker
optimizelamp
tmpfs
varnish on

add mydomain.com ip
addip ip
phpmyadmin on


I thought the error could be related to this: wiki.phpmyadmin.n*t/pma/session.save_path

but it's not. I checked my session.save_path and it's correctly /tmp and the script on that site works fine. It's not related to session.save_path, the problem I mean.



Do you have any pointers what could be behind this? I've been googling like crazy and really haven't come up with an answer.



For what's it worth, when I restart apache, I get the following errors, but I think they are not in relation to my phpmyadmin -error.

Restarting web server: apache2apache2: Could not reliably determine the server's fully qualified domain name, using xxx.xxx.xxx.xxx for ServerName
[Thu Mar 03 20:43:31 2011] [warn] NameVirtualHost xxx.xxx.xxx.xxx:8080 has no VirtualHosts
... waiting apache2: Could not reliably determine the server's fully qualified domain name, using xxx.xxx.xxx.xxx for ServerName
[Thu Mar 03 20:43:32 2011] [warn] NameVirtualHost xxx.xxx.xxx.xxx has no VirtualHosts



Anyway, even if you don't have any ideas, thanks anyway for this script.

I tested my joomla cms again and it is working under 5.3. Thanks to your script and hard work I probably saved at least 20-30 hours. I installed webmin and it looks like it disabled phpmyadmin but anyway I'd like to confirm with you a few steps I've done and what I'm missing?
./serversetup.sh lampworker
installed webmin

transferred my website to www folder and created database. Ran ./serversetup.sh optimizelamp. Changed passwords for root admin. Seems to be too easy with your script. What else m'I missing? Do I need to setup firewall or secure any folders with 512mb ram vps?

I fixed my phpmyadmin problem by: dpkg-reconfigure -plow phpmyadmin

Ran the install wizard again and now it works. Beats me.

Lovely script. This is proving to be invaluable.

However, I did run in an obstacle.

PHPmyadmin gives me the following error:
phpMyAdmin -

Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly.


What I've done is the next steps on a fresh Debian 6.0 box:

lampworker
optimizelamp
tmpfs
varnish on

add mydomain.com ip
addip ip
phpmyadmin on


I thought the error could be related to this: wiki.phpmyadmin.n*t/pma/session.save_path

but it's not. I checked my session.save_path and it's correctly /tmp and the script on that site works fine. It's not related to session.save_path, the problem I mean.



Do you have any pointers what could be behind this? I've been googling like crazy and really haven't come up with an answer.



For what's it worth, when I restart apache, I get the following errors, but I think they are not in relation to my phpmyadmin -error.

Restarting web server: apache2apache2: Could not reliably determine the server's fully qualified domain name, using xxx.xxx.xxx.xxx for ServerName
[Thu Mar 03 20:43:31 2011] [warn] NameVirtualHost xxx.xxx.xxx.xxx:8080 has no VirtualHosts
... waiting apache2: Could not reliably determine the server's fully qualified domain name, using xxx.xxx.xxx.xxx for ServerName
[Thu Mar 03 20:43:32 2011] [warn] NameVirtualHost xxx.xxx.xxx.xxx has no VirtualHosts



Anyway, even if you don't have any ideas, thanks anyway for this script.


For your phpmyadmin error. The optimizelamp function forces phpmyadmin to only accept secure connections. If you access phpmyadmin without HTTPS it sometimes throw out the errors. So to avoid that problem just use https://domain.com/p

Or you can remove the "FORCESSL" line at the end of /etc/phpmyadmin/config.inc.php


For the [warn] NameVirtualHost xxx.xxx.xxx.xxx has no VirtualHosts, those warnings are normal. Its a little hard to describe why here, but read up a little on virtualhost blocks and namevirtualhosts and you'll see what I mean.

Also, you seem to have forgotten to edit the script variables, therefore your hostname isn't set correctly. Edit them then run "basic" function.

I tested my joomla cms again and it is working under 5.3. Thanks to your script and hard work I probably saved at least 20-30 hours. I installed webmin and it looks like it disabled phpmyadmin but anyway I'd like to confirm with you a few steps I've done and what I'm missing?
./serversetup.sh lampworker
installed webmin

transferred my website to www folder and created database. Ran ./serversetup.sh optimizelamp. Changed passwords for root admin. Seems to be too easy with your script. What else m'I missing? Do I need to setup firewall or secure any folders with 512mb ram vps?

Its dead easy because its meant to do all the configuration for you :D. Think of it as a one click installer for all the LAMP setup guides. I've not tested my script with webmin so I'm not sure how it'll work together, no clue why it disabled phpmyadmin there.

But for starters, this is my usual sequence.

./serversetup.sh basic
./serversetup.sh add "normal_user"
./serversetup.sh lampworker (or lampfpm)
./serversetup.sh optimizelamp
./serversetup.sh tmpfs

If you have a strong password and you're the only user, you should be fairly safe without a firewall. Otherwise look into installing fail2ban, denyhosts, CSF etc.

I'll be the only user running my future vps. After checking what webmin can do and now I'm thinking do I really even need one since your script have done all the work? I'm just guessing once everything is setup do I even need to check/touch my vps server? I was thinking to do all backups from my home PC just downloading database and www folder.

For your phpmyadmin error. The optimizelamp function forces phpmyadmin to only accept secure connections. If you access phpmyadmin without HTTPS it sometimes throw out the errors. So to avoid that problem just use https://domain.com/p

Or you can remove the "FORCESSL" line at the end of /etc/phpmyadmin/config.inc.php


For the [warn] NameVirtualHost xxx.xxx.xxx.xxx has no VirtualHosts, those warnings are normal. Its a little hard to describe why here, but read up a little on virtualhost blocks and namevirtualhosts and you'll see what I mean.

Also, you seem to have forgotten to edit the script variables, therefore your hostname isn't set correctly. Edit them then run "basic" function.

Yeah, I tried to edit my post with this, but the 15min limit had expired:
Interesting though. If I go to htxp://mydomain.com/p, phpmyadmin gives the error I described in my previous post.

I mean, when you go to htxp://mydomain.com/p, the address is automatically changed to htxps://mydomain.com/p?collation_connection=utf8_general_ci&token=aada80e4d45315ba322e7aa69d7f6d55&phpMyAdmin=ii243osn1jiba9fucra3nnlpqq8v3obf, but still gives the error. If you refresh, it keeps giving that error.

Only if i manually type in the url bar htxps://mydomain.com/p, phpmyadmin works fine.

Why does it break if forgetting that https and only typing http... the redirect for some reason don't work.

I tried removing that forceSSL line in phpmyadmin's config.inc.php, but it had no effect on that error. Still, if you go directly to htxps://mydomain.com/p, phpmyadmin works, but if you go to htxp://mydomain.com/p, it tries to redirect it to htxps://mydomain.com/p and gives the error. Why, I don't know, and probably shouldn't care but for some reason I'd like to know why it does that...


And yeah, hostname problems got fixed.


Will report back if I figure out why the http -> https redirect doesn't work. And even when I have removed the ForceSSL line from phpmyadmin's config, why does it force it to go to https.


But dear goodness these scripts save a lot of time. Thanks again =)

I suppose it'll be a matter of preference if you prefer a graphical interface to manage apache/mysql etc. I don't use it myself because I like to keep my servers lean and clean.

Your only duty would be to ensure packages are updated, basically run this command every now and then.
aptitude update && aptitude -y safe-upgrade

Once you've installed denyhosts and made sure files in the "www" folder are owned by "www-data", theres probably nothing else that needs doing.

Will report back if I figure out why the http -> https redirect doesn't work. And even when I have removed the ForceSSL line from phpmyadmin's config, why does it force it to go to https.


But dear goodness these scripts save a lot of time. Thanks again =)

I'm guessing its picking up the domain redirect from your browser's cache or perhaps varnish is caching it. Try clearing browser cache and disabling varnish to see if it behaves. In Debian 5 this wasn't an issue but I've noticed the redirect problem myself in Deb6. Sometimes I forget to use https too :D Regardless, the domainsetup script should have given a reminder about the use of HTTPS with phpmyadmin.

However, glad you found them scripts useful :)

and
P.S. Sorry for choosing your site to leave a message about

I'm guessing its picking up the domain redirect from your browser's cache or perhaps varnish is caching it. Try clearing browser cache and disabling varnish to see if it behaves. In Debian 5 this wasn't an issue but I've noticed the redirect problem myself in Deb6. Sometimes I forget to use https too :D Regardless, the domainsetup script should have given a reminder about the use of HTTPS with phpmyadmin.



Nope, disabling varnish didn't help. Neither clearing browser cache.

It looks like there's some kind of a rewrite rule somewhere, the http -> https change is so instant.

Actually, I would prefer that http -> https redirect in case of phpmyadmin if phpmyadmin worked in that way, but it gives that weird error...

What happens in that http -> https redirect that breaks phpmyadmin (which works fine when accessed directly with https...)

It'll be interesting to see whether or not my other web apps work fine or will I encounter some other problems. This is the first time I'm using fcgi, usually used mod_php. And first time using Varnish for that matter.

Oh well, gotta get some sleep... >

Nope, disabling varnish didn't help. Neither clearing browser cache.

It looks like there's some kind of a rewrite rule somewhere, the http -> https change is so instant.

Actually, I would prefer that http -> https redirect in case of phpmyadmin if phpmyadmin worked in that way, but it gives that weird error...

What happens in that http -> https redirect that breaks phpmyadmin (which works fine when accessed directly with https...)

It'll be interesting to see whether or not my other web apps work fine or will I encounter some other problems. This is the first time I'm using fcgi, usually used mod_php. And first time using Varnish for that matter.

Oh well, gotta get some sleep... >

Mine works without https, just tested after removing the forcessl value. There aren't any redirect rules for phpmyadmin so its probably the cache still. I know Chrome annoyingly keeps cache for a while even after I've cleared them.

Also I figured out why its error-ing out during the redirect. If you change your virtualhost blocks in /etc/apache2/sites-available/domain.com so they look like *:80 and *:443 the redirect will go smoothly. Alternatively just add your domains without providing an IP.

Mine works without https, just tested after removing the forcessl value. There aren't any redirect rules for phpmyadmin so its probably the cache still. I know Chrome annoyingly keeps cache for a while even after I've cleared them.

Also I figured out why its error-ing out during the redirect. If you change your virtualhost blocks in /etc/apache2/sites-available/domain.com so they look like *:80 and *:443 the redirect will go smoothly. Alternatively just add your domains without providing an IP.

Thanks mate,

changing the virtualhost blocks to *: fixed that redirect: no more errors.

However, I think I do need to specify the IPs in the future when I have more than one IP and more than one domain setup (one IP per domain). The redirect will probably break then again and need to figure out why, or is it even possible to have the redirect working at the same time as having IPs specified in the virtualhost blocks.


but hey, you should really make a small website for these scripts, with changelogs etc. these really do have great potential.


for example I have a bit more powerful dedicated server which I got dirt cheap so I'm not really sure if the optimizations in the script are really the most optimal optimizations for my a bit more powerful than the usual VPS. but maybe they are, things are looking really fast and pages loading quickly. I'm not complaining. - but maybe a few different versions of the script (with different optimizations, or one script with a few possible optimization settings, for vps, for dedi etc...)

over and out, thanks once again, I love the fact that there really are helpful guys like you around

The *:80 mismatch issue is something I decided on because its much easier to get Varnish enabled that way. Though it does cause a slight annoyance with accessing phpmyadmin as you already know. For now its probably the cleanest approach but I'll look into updating the script slightly to work around it.

I have a list of changelog and a README which I've requested a post edit for, but the mods are surely taking their time in responding back. Might just host it on a website when I find the time to do it :D

With a dedicated server you can definitely tune the LAMP stack for much higher traffic. Have a look at the optimizelamp function to see the sort of configs to tweak.


Thanks mate,

changing the virtualhost blocks to *: fixed that redirect: no more errors.

However, I think I do need to specify the IPs in the future when I have more than one IP and more than one domain setup (one IP per domain). The redirect will probably break then again and need to figure out why, or is it even possible to have the redirect working at the same time as having IPs specified in the virtualhost blocks.


but hey, you should really make a small website for these scripts, with changelogs etc. these really do have great potential.


for example I have a bit more powerful dedicated server which I got dirt cheap so I'm not really sure if the optimizations in the script are really the most optimal optimizations for my a bit more powerful than the usual VPS. but maybe they are, things are looking really fast and pages loading quickly. I'm not complaining. - but maybe a few different versions of the script (with different optimizations, or one script with a few possible optimization settings, for vps, for dedi etc...)

over and out, thanks once again, I love the fact that there really are helpful guys like you around

I'm just curious for some reason if I use command ./serversetup.sh basic, it just makes webmin to work very slow. It takes about 30-40 seconds just to load the page. webmin is running on perl and I'm running a server over my lan using vmware. Could it be a hostname?

It may well be the case if its trying to resolve to an invalid hostname. Not sure how webmin does things but that "basic" function doesn't do anything else apart from what it says on the description.

It appears there is something wrong with the domain setup script.

Is anyone else having an issue? I am unable to download it with my server.

Fixed my first error.

I have another one now.

When trying to access phpmyadmin (http://testing.clardyhost.com), I get an error.

Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly.

Any ideas? It is being redirected to the https:// version, but just not working.

Here are the steps that I have ran:

basic
add
lampworker
optimizelamp
tmpddd

Domain script:

add domain testing.clardyhost.com
wordpress testing.clardyhost.com

**Edit**

It appears that it is the redirect issue as well. Accessing it correctly, solves the problem.

Looks like you've figured it out now.
I think its fair to say the domainsetup script needs a one line README that recommends users to add domains without entering an IP :D

Well. I did not enter an IP.

Maybe the issue is somewhere else?

Try using the addip function to sort out your namevirtualhost to see if it helps.

How to auto install FTP？
use
apt-get install vsftp ??

Yep that will do.

I setup rtorrent to backup one of my folders....is there some sort of way to install a GUI onto this?

There isn't one :) Its meant to be used from command line with Byobu which is much easier (and safer) to use once you learn its commands.

If you want a GUI you will have to do the rest of the setup yourself which involves compiling rtorrent from source to enable xmlrpc.

There isn't one :) Its meant to be used from command line with Byobu which is much easier (and safer) to use once you learn its commands.

If you want a GUI you will have to do the rest of the setup yourself which involves compiling rtorrent from source to enable xmlrpc.

Thanks.. I ran torrentflux on my centos setup but for some reason running everything the same on the debian server, the downloads dont start. Click download, stays at 0%.

Just looked at rtorrent again and the extra overhead 24/7 is not to my liking so I am not sure what other program to try.

Thanks.. I ran torrentflux on my centos setup but for some reason running everything the same on the debian server, the downloads dont start. Click download, stays at 0%.

Just looked at rtorrent again and the extra overhead 24/7 is not to my liking so I am not sure what other program to try.

Are you referring to memory overheads? rtorrent is one of the lightest clients out there so you shouldn't even notice its running.

There is a slight learning curve to torrenting from command line, but it'll only take 10 minutes or so to master. PM me if you need guidance :)

I just got this installed, and I am surprised by the performance. It actually runs 1 second faster on page loads then my nginx server running the same thing. The only thing that I need to figure out now is how to update wordpress through the backend!

Thanks for this. I will probably be setting up manually on my production box, but it works like a charm.

Looks like you enabled Varnish so its not really fair to compare against nginx in terms of raw webserver performance.

As for wordpress, auto-update via the admin panel works just fine, unless you are referring to something else?

I've been preparing a different version of the script to have virtualhosts under /home/user rather than /srv/www. Turns out some people prefer it that way, especially those coming from cPanel/Directadmin.
Also in the works is a script installer for commonly used scripts.
Now I just need to get a site up to host em :)

If you need a VPS to host them on, I can help you out with that. It still is faster.

The updating didn't work for me. I guess that you are setting owner and group to www-data:www-data.

Yep, they have to be www-data:www-data. If you prefer username:username permissions then I can PM you the link to the new scripts.

Some nice folks have already given me a OpenVZ box to test the scripts on, so I'm good for the time being. Just procrastinating on setting up the site :stickout:

Alright, I have a few buyvm vps that I would be willing to donate to the cause.

Can you send me the pm for the username scripts? Maybe I am wrong, but I thought that it was better to run them that way?

Its safer but less convenient to have the webserver serving sites as a seperate user (e.g www-data). That way, any vulnerabilities won't give access to a user's home directory.

Though with the new scripts, you can dedicate one user to serving webpages to achieve the similar security model.

I guess I thought making the directory owned by www-data:www-data was not safe. If it is not a big deal, I will just run them that way for now.

I will check out the other ones you sent as well.

Yep, they have to be www-data:www-data. If you prefer username:username permissions then I can PM you the link to the new scripts.

Some nice folks have already given me a OpenVZ box to test the scripts on, so I'm good for the time being. Just procrastinating on setting up the site :stickout:

That's actually one problem I ran in.

When I had Varnish enabled, it somehow broke the www-data thing. Apache didn't have any write permissions to /srv/www/*

When I disabled Varnish, everything worked again...

Do you have any idea how to fix this? I'm going to look into Varnish' config next but I'm scared it'll too complicated.

Thanks.

..

That's actually one problem I ran in.

When I had Varnish enabled, it somehow broke the www-data thing. Apache didn't have any write permissions to /srv/www/*

When I disabled Varnish, everything worked again...

Do you have any idea how to fix this? I'm going to look into Varnish' config next but I'm scared it'll too complicated.

Without having a look it'll be hard to figure out whats going on, but I'm guessing you are using IP:80 in your virtualhost blocks instead of *:80 ?


Thanks.

..

No prob! :)

Another nice feature would be to add mail server option such as Postfix with Dovecot IMAP/POP3 + Sasl Authentication. It would make a complete server for VPS.

I actually ran that for a while, but it was way too much work (and RAM) for something we take for granted everyday. I'd say leave your domain server as it is, and run a dedicated mail server with something like iredmail or zimbra.

I'd like to have 2-3 emails (admin@mydomain, support@mydomain) on my VPS server with POP3/IMAP and SMTP and be able to forward them to my gmail or hotmail account. What would you recommend such as iredmail, zimbra or postfix with sasl and dovcot?

Why not use google apps? It's free.

Why not use google apps? It's free.

What do you mean? I must be able to have my domain name at the end of email.

http://www.google.com/apps/intl/en/business/gmail.html

It is free for up to 50 accounts. They host it for you, and it will be to admin@somedomain.com.

This link is better.

http://www.google.com/apps/intl/en/group/index.html

This link is better.

http://www.google.com/apps/intl/en/group/index.html

That is awesome. It looks like it should have all the features like POP3/IMAP and no overhead on my server. Thank you.

Yeah it is a pretty cool service that they are just giving away. Plus, it allows you to get a smaller VPS or something so you can cut back on cost.

Yep, Google Apps is what I use as well. I might try out Zoho mail later on because Google Apps doesn't handle multiple domains very well unless you upgrade to the paid version.

I cleaned up the scripts a little bit to simplify the installation process. The wordpress installer much much more intuitive as well. Its now hosted on its own site, courtesy of rockstarvps. Check out http://tuxlite.com for the updated scripts :)

I can log in to phpmyadmin and create new database, but can't import database through phpmyadmin, and can only import database by SSH access to mysql. How to solve this?


Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, admin@testbak.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Your problem is that your database upload is taking too long. Increase the

IPCCommTimeout 60 in /etc/apache2/mods-available/fcgid.conf to
IPCCommTimeout 300

Edit: Then restart apache
/etc/init.d/apache2ctl restart

I can log in to phpmyadmin and create new database, but can't import database through phpmyadmin, and can only import database by SSH access to mysql. How to solve this?

Your problem is that your database upload is taking too long. Increase the

IPCCommTimeout 60 in /etc/apache2/mods-available/fcgid.conf to
IPCCommTimeout 300

Edit: Then restart apache
/etc/init.d/apache2ctl restart

I have done according to what said, but still can't solve the problem.

I have done according to what said, but still can't solve the problem.

What is the file size of your database?
You probably need to increase upload_max_filesize in /etc/php5/cgi/php.ini if it is a very large file.

@Scientist,

I am attempting to use your current script to build an auto-installer for ispConfig. Do you know of a way to update /etc/fstab to include usrquota,grpquota section? It just need to be added to the mount point /

Another thing that I noticed. It doesn't appear that the skip-innodb is being properly added.


sed -i '/myisam_sort_buffer_size/ a\skip-innodb' /etc/mysql/my.cnf

I can not find it added to /etc/mysql/my.cnf anywhere.

I just fixed that one earlier, but haven't uploaded the new copy yet because I'm finishing up an auto installer for nginx. The skip-innodb line needs to be out of the IF loop.

For your fstab question. I suppose the way I'll do it is by first grepping the / mount point line, append the usrquota and replace the line with sed.

Since, I have no experience with bash. I am just going to skip that for now I guess. I will try to figure it out.


Thanks.

Might be best to leave out automating that though. Different systems will have different (and unpredictable) /etc/fstab entries so it may cause the fstab to break.

Yeah. I guess that I will have to get them to do those steps manually or something.

Yeah. I guess that I will have to get them to do those steps manually or something.
Yep, that should be the safest way.

Btw, I just uploaded the Nginx version of my scripts. After spending some time on their wiki, it turns out that the configuration isn't too alien after all.
http://tuxlite.com/lnmp.tar.gz
Instructions are on the site if anyone is interested in testing it.

I will take a look at it. Does this one include varnish as well?

If not, how do you set it up to serve files based on vhost. I installed it on NginX, but I couldn't get it to serve the different files. I should look into it some more.

Yep Varnish will work as usual if you use the domain script that comes with it. Bear in mind I've only tested it on Debian squeeze so no clue if it'll work at all for lenny.

The Nginx vhost blocks needs some manual configuration depending on how your site runs, so maybe try something simple like wordpress first. The wordpress script should sort you out.

Alright. I will use your script to see how you configured varnish for NginX. I have it up and running serving my site, but I wanted to try varnish in front of it. It just wouldn't serve domain.com. It only served the default site no matter what domain I typed in.

I run about 6 on one box.

Ah, you probably need to disable the default site first or make sure the ports are set correctly on it. Otherwise Varnish won't be able to listen on port 80.

That was what was weird. All ports were changed. NginX was bound to 8080 and varnish to 80. I bet going through your files will let me figure it out.

Odd... today, trying to connect to the https phpmyadmin directory it says "Unable to connect

Firefox can't establish a connection to the server at"

Works fine if I use a different domain that is on the server though.

Odd indeed. It will load unless there is a temporary glitch with the domain's DNS.
Somewhat related, if you are using multiple domains you may want to have
NameVirtualHost *:443

just before Listen 443 in /etc/apache2/ports.conf

Hey Scientist,

I just noticed that my MySQL stuff is all MyISAM. Did the serversetup.sh set my mysql 5.1.x to default to MyISAM?

I would like to use InnoDB (the software I'm using suggest that you use InnoDB)...

if you have the time, could you suggest what do I need to do to achieve that. I guess I need to change my.cnf & change the engine type from MyISAM to InnoDB in existing databases.

I'm sure I'll find a tutorial or something using google, but I'm just wondering if there's anything special your script did.

Thanks :)

As far as I know, InnoDB only became the default storage engine in mysql 5.5 so the 5.1 shipped with Deb 6 will default to myisam.

The mysql documentation says to put default-storage-engine=innodb in your my.cnf. Also make sure that skip-innodb isn't in your my.cnf. The newer versions of my script has that included. However, I'm not familiar with the consequences of a mixed storage engine database. Do backup your db before trying it out.

Finaly I got my vps server today and I setup your script. After I used an option domain.sh add ..... it created a new folder /srv/www/mydomain..... When I open my site in internet explorer it still uses /var/www site. What could be a problem? Thank you in advance

Was it a subdomain that you added, or a normal domain? The reason I'm asking is that this will happen if your server's hostname is the same as your subdomain.

Honestly I don't really need any subdomains. I'm only using vps for one domain and that's it. My host and sub is the same name. Should I just not use the command domain.sh add... and just use /var/www?

You can do that if you wish, but you will need to add your virtualhost entries and so on manually. The domain.sh script does all that for you.

I think you have your server's hostname configured wrongly, can you PM me the first 2 lines of your options.conf? I assume you are using the latest version of my scripts from the site in my siggy.

I just PM'd you the first two lines. Domain.sh did an amazing job and entered all the info for me and enabled htaccess file as well. Would you recommend to add another domain name with a different name? Should I just delete the folder or just setup the server again from scratch to remove all these entries?



You can do that if you wish, but you will need to add your virtualhost entries and so on manually. The domain.sh script does all that for you.

I think you have your server's hostname configured wrongly, can you PM me the first 2 lines of your options.conf? I assume you are using the latest version of my scripts from the site in my siggy.

Use the "remove" function. Removing a domain entry using domain.sh cleans up everything as if the domain never existed. So there is no need to re-setup your server.
I've replied to your PM as well :)

I'm having problems using awstats. When I open domain.com/stats it gives me an error Symbolic link not allowed. What could be a problem?

Have you waited 24 hours for the stats to be generated? If you want to access your stats page sooner, run the awstats code for that domain. You can find the line under /etc/logrotate.d/domain-domain.com

Have you waited 24 hours for the stats to be generated? If you want to access your stats page sooner, run the awstats code for that domain. You can find the line under /etc/logrotate.d/domain-domain.com


Worked like a charm. THANK YOU

No prob :D

It is a little bit off topic but I’d like to give it a shot. I’m having a little problem with image file uploading using any browser. If I upload a small image file I’d say less than 50kb then it works fine but if I upload image file 1mb then after upload, it gives me 500 error. I’m just guessing but it could be a problem with php.ini settings. In my php.ini file_uploads = On, upload_max_filesize = 25M, max_file_uploads = 20. What could be a problem and why would it only allow uploading small files? If you can please just point me to the right direction so I can play with settings. Thank you in advance.

You need to increase your upload time if your uploads can't complete in time.

The two values to edit are =

max_input_time in php.ini
IPCCommTimeout in fcgid.conf

Refer here for more info http://tuxlite.com/lamp-readme/

You need to increase your upload time if your uploads can't complete in time.

The two values to edit are =

max_input_time in php.ini
IPCCommTimeout in fcgid.conf

Refer here for more info http://tuxlite.com/lamp-readme/


I already tried everything and the problem doesn't go away. I can upload only small files less than 80-100kb and for all other image files I get 500 error. I'm just guessing here but could it be a problem with suhosin or mod_security?

What version of php are you using? Are you updating the php.ini for the correct version?

What version of php are you using? Are you updating the php.ini for the correct version?

PHP 5.3.3-7

Are you using FPM?

I am guessing that you need to edit /etc/php5/fpm/php.ini

Are you using FPM?

I am guessing that you need to edit /etc/php5/fpm/php.ini

No, I used an option lampworker

What version of the script did you use? Can you paste the link to it here?

I mean for what OS. Like Ubuntu or debian?

What version of the script did you use? Can you paste the link to it here?

added: The version I used for Debian 6

I used version 1.1 The latest from tuxlite.com I believe the problem should be in suhosin area. I'll be playing with settings and I hope to find a solution soon :)

I don't think that it is there, but you can look.

Did you use the script for debian or ubuntu?

I don't think that it is there, but you can look.

Did you use the script for debian or ubuntu?

The version I used for Debian 6

Can you see which of these files you have edited?

/etc/php5/fpm/php.ini -- this one should not exist on your setup
/etc/php5/cgi/php.ini -- this is the one you should edit for the installation you choose
/etc/php5/apache2/php.ini -- will not change anything if you make changes to it

Might be stating the obvious but have you restarted Apache after making the changes? Or is your upload speed extremely slow? I just tried uploading a 6MB file on the default settings on my test box and it went fine.

I keep editing /etc/php5/cgi/php.ini file. I'm trying to disable suhosin.session.encrypt by entering disable suhosin.session.cryptua and suhosin.session.cryptua=Off in php.ini but they still show up as ON in system info. Some of the options of suhosin blocks upload. I'll keep playing, I just need to find the right command and option to turn it off. Everything else script worked like a charm.

Finally after playing with settings I found solution. I added in fcgid.conf MaxRequestLen 15555555 and it removed file size restriction during upload.

Ah nice find! :D Completely overlooked that one.
I suppose some of the heavier scripts like joomla/drupal etc might need more than the default value.

Scientist: I've used your previous domainsetup.sh and serversetup.sh, they are old versions (back when I posted here first time)

Can I remove those scripts and download the updated ones? Will they work just fine? Are they compatible with what the previous scripts updated/did?

Thanks :)

Yes they are, except for the domain script because it has been updated quite considerably. If you want to use the new domain script, do the following:-

1. Backup your domain's public_html and log directory to a temporary location
2. Remove the domain using the old domainsetup.sh
3. Re-add the domain using the new domain.sh
4. Move the backed up files back

Depending on which version you have, the older AWStats data may need to be manually moved as well.

I'd like AWSTATS log rotate hourly instead of daily. I changed /etc/logrotate.d/domain-domain.com file "daily" to "hourly" but it doesn't work. Any suggestions? Thank you

Logrotate is only called daily so a better way would be to put your awstats line in /etc/cron.d/awstats

Say something like

@hourly www-data (insert awstats line here)

I created a cron job and ran command /usr/share/awstats/tools/awstats_buildstaticpages.pl -update -config=mydomain****.com -dir=/srv/www/mydomain***.com/awstats -awstatsprog=/usr/l$

but when I check my awstats page it shows "Content-type: text/html; charset=utf-8 Cache-Control: public Last-Modified: Tue Apr 26 08:00:48 2011 Expires: Tue Apr 26 08:00:48 2011"

If I enter the same command in telnet it works fine. I'm doing something wrong as usual. :(

Please Disregard my post. Problem solved. Thanks a lot for your help. :agree:


I created a cron job and ran command /usr/share/awstats/tools/awstats_buildstaticpages.pl -update -config=mydomain****.com -dir=/srv/www/mydomain***.com/awstats -awstatsprog=/usr/l$

but when I check my awstats page it shows "Content-type: text/html; charset=utf-8 Cache-Control: public Last-Modified: Tue Apr 26 08:00:48 2011 Expires: Tue Apr 26 08:00:48 2011"

If I enter the same command in telnet it works fine. I'm doing something wrong as usual. :(

How much ram does the LNMP configuration use? And which Linux flavor is better for RAM usage? Performance? Ease of use? Thanks in advance.

The default LNMP uses about 120MB on full load (wordpress serving apachebench), or more depending on how hard you hit MySQL/PHP. Can also be reduced to ~60MB if you limit PHP-FPM to a single process pool.

Distros are a very subjective thing. I find Debian and its derivative distros (Ubuntu) to have saner default configs. E.g. vhosts in webserver/sites-available and automated startup scripts for services etc. Debian's APT memory consumption and dependency handling is also the best around.

Though, if running LNMP I would probably use Ubuntu 11.04 which is to be released today.

The default LNMP uses about 120MB on full load (wordpress serving apachebench), or more depending on how hard you hit MySQL/PHP. Can also be reduced to ~60MB if you limit PHP-FPM to a single process pool.

Distros are a very subjective thing. I find Debian and its derivative distros (Ubuntu) to have saner default configs. E.g. vhosts in webserver/sites-available and automated startup scripts for services etc. Debian's APT memory consumption and dependency handling is also the best around.

Though, if running LNMP I would probably use Ubuntu 11.04 which is to be released today.

Cool. I have 2 more questions:

Would a CentOS LNMP or a Ubuntu LNMP stack work better for a small VPS? I'm about to get a 192MB VPS with 256MB burst and I want to make sure I have enough memory to run a LNMP stack without trouble.

What operating system do you recommend for a linux beginner?

Use Ubuntu or Debian for a low memory VPS. Ubuntu is probably better since there is a massive amount of guides and tutorials to help you get started.
LNMP will fit into 192MB for sure but I suggest getting a Xen/KVM based VPS. Memory usage is less predictable with OpenVZ so avoid if possible.

I have the old issue of PHP ( Worpress) not being interpreted

im using apache

^ Have you posted in the wrong thread??

nope, why you say so?

I have an issue of not having a PHP handler interpreting the PHP files.



Thanks

nope, why you say so?

Disregard this post.

nope, why you say so?

I have an issue of not having a PHP handler interpreting the PHP files.

Thanks

You'll need to provide more information if you're expecting help. :)
What OS? What config? Error output ?

Disregard this post.


Debian/Ubuntu LAMP and LNMP setup script.


Ill try again ( ive formated the box as it was a test box )and keep you posted .

Many thanks

is tuxlite.com down?

It's down for me also.

My host is carrying out hardware upgrades on the host node so it'll be down until they're done.
PM me which script you need and I can email it over :)

I've setup three boxes with Scientist's script and it's been such a pleasure. Quick and likely more professional than I could myself do.

Thanks again mate :)

Glad to hear its been working out well for ya :) Though, would be interesting to know if any of your sites are getting more traffic than the default config can handle.

This has been interesting to read.

What I'm having issues with lately is getting a panel like Froxlor or OpenPanel to actually work. I really wanted Froxlor + nginx + fastCGI, on either Debian 5 or Ubuntu 10.10. Apache would have sufficed, if nginx not possible. So far, no working setup.

I'm curious if that's something you'd care to tackle?

The scripts sets up Nginx or Apache + PHP-FPM (fastcgi) for either Debian or Ubuntu so as far as the web stack is concerned you're covered. Most management tasks are also handled by the scripts but you'll need to get your hands dirty with basic command line as there won't be any web based GUI.

I haven't tried Froxlor myself but it does look quite interesting. Did their support get back to you about your issues?

I've not yet contacted support, because I've not completely eliminated user error just yet. I'm a seasoned Windows admin, and control panel user, but still a bit weak on Linux via CLI -- never setup "from scratch" like this. It's one thing that brought me to this post. I don't know that I had the stacks setup as needed. The Froxlor instructions are a little thin in that area.

I've tried to install Tuxlite a few times, but keep running into a MySQL password issue. But I know the password, and it's set correctly in the options file. So not sure what's going on there. Trying again right now. (Uninstalled mysql-server manually, reinstalled, fine now.)

The one thing I'd like to know is how to restore root access, in case I need it or want it. Tuxlite removed SSH root access, and I'm not quite comfortable with that. I may need it later, and have no idea how to revert it.

A good practise would be to login as a normal user and then gain root using the "su -" command.
If you prefer to have root ssh enabled (and risk getting rooted from brute force attacks), you can re-enable by editing /etc/ssh/sshd_config

Change "PermitRootLogin no" to yes and reload ssh.
/etc/init.d/ssh reload

I've got a weird problem.

Using Ubuntu 11.04 = lamp-natty-multiuser.tar.gz (V1.2 – PHP-FPM)

Used the script as per instructions on a new Ubuntu 11.04 Server.

Everything seemed to install fine.

However, xenForo's default Friendly URLs .htaccess (which worked fine in my last Debian installation) is giving me headache.

The .htaccess file is as follows:
# Mod_security can interfere with uploading of content such as attachments. If you
# cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
# SecFilterEngine Off
# SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>
RewriteEngine On

# If you are having problems with the rewrite rules, remove the "#" from the
# line that begins "RewriteBase" below. You will also have to change the path
# of the rewrite to reflect the path to your XenForo installation.
#RewriteBase /

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(data|js|styles|install) - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
</IfModule>

When that .htaccess is enabled, Apache's error log gives me this:
Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

I changed LogLevel to debug and then tried accessing the site (with .htaccess enabled) again, log was this:
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 16:53:23 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php


And this results in Internal Server Error 500.


When I rename .htaccess to anything else, the site loads fine, but of course the friendly urls don't work.


What could I do to fix this?



Could the problem somehow be related to /etc/apache2/mods-available/fastcgi.conf
#Original fastcgi.conf contents
#<IfModule mod_fastcgi.c>
# AddHandler fastcgi-script .fcgi
# #FastCgiWrapper /usr/lib/apache2/suexec
# FastCgiIpcDir /var/lib/apache2/fastcgi
#</IfModule>

<IfModule mod_fastcgi.c>
FastCgiIpcDir /var/lib/apache2/fastcgi
FastCGIExternalServer /srv/www/fcgi-bin.d/php5-fpm -pass-header Authorization -socket /var/run/php5-fpm-www-data.sock

Alias /php5-fcgi /srv/www/fcgi-bin.d
AddHandler php-fpm .php
Action php-fpm /php5-fcgi/php5-fpm

<Location "/php5-fcgi/php5-fpm">
Order deny,allow
Allow from env=REDIRECT_STATUS
</Location>
</IfModule>

At least the php5-fcgi/php5-fpm part would suggest it is related somehow. Considering the redirects go there and then back to index.php, etc. As quoted previously in this message..

And for what it's worth, the /etc/apache2/sites-enabled/mysite.com (name changed) is:

<VirtualHost *:80>

ServerName mysite.com
ServerAlias www.mysite.com
ServerAdmin admin@mysite.com
DocumentRoot /home/mixture/domains/mysite.com/public_html/
ErrorLog /home/mixture/domains/mysite.com/logs/error.log
CustomLog /home/mixture/domains/mysite.com/logs/access.log combined
LogLevel debug
FastCGIExternalServer /home/mixture/domains/mysite.com/public_html/php5-fpm -pass-header Authorization -idle-timeout 120 -socket /var/run/php5-fpm-mixture.sock
Alias /php5-fcgi /home/mixture/domains/mysite.com/public_html

<Directory /home/mixture/domains/mysite.com/public_html>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Location /cgi-bin>
Options +ExecCGI
</Location>

</VirtualHost>


<IfModule mod_ssl.c>
<VirtualHost *:443>

ServerName mysite.com
ServerAlias www.mysite.com
ServerAdmin admin@mysite.com
DocumentRoot /home/mixture/domains/mysite.com/public_html/
ErrorLog /home/mixture/domains/mysite.com/logs/error.log
CustomLog /home/mixture/domains/mysite.com/logs/access.log combined

Alias /php5-fcgi /home/mixture/domains/mysite.com/public_html

<Directory /home/mixture/domains/mysite.com/public_html>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Location /cgi-bin>
Options +ExecCGI
</Location>

SSLEngine on
SSLCertificateFile /etc/ssl/localcerts/apache.pem
SSLCertificateKeyFile /etc/ssl/localcerts/apache.key

<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>

<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

</VirtualHost>
</IfModule>


And to make clear: I haven't configured anything myself. First I did install.sh & then added the domains as per tuxlite.com's instructions. And all of this was done on a clean, just installed Ubunty 11.04.. =(

Try for the simple fix first. Its probably worth removing the hash as suggested by the htaccess file. The part that says ...


# If you are having problems with the rewrite rules, remove the "#" from the
# line that begins "RewriteBase" below. You will also have to change the path
# of the rewrite to reflect the path to your XenForo installation.
#RewriteBase /

to

# If you are having problems with the rewrite rules, remove the "#" from the
# line that begins "RewriteBase" below. You will also have to change the path
# of the rewrite to reflect the path to your XenForo installation.
RewriteBase /

Of course change the "/" line to "/forum" or wherever Xenforo is installed.

Thanks, did it, .htaccess now:
# Mod_security can interfere with uploading of content such as attachments. If you
# cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
# SecFilterEngine Off
# SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>
RewriteEngine On

# If you are having problems with the rewrite rules, remove the "#" from the
# line that begins "RewriteBase" below. You will also have to change the path
# of the rewrite to reflect the path to your XenForo installation.
RewriteBase /

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(data|js|styles|install) - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
</IfModule>

.htaccess is located at: /home/mixture/domains/mysite.com/public_html

xenforo is located in the same directory, thus RewriteBase / is the correct way I think.


Didn't work. Accessed the site: Internal Server Error 500.

Apache error log still states the following:
[Mon Jul 11 18:45:43 2011] [debug] core.c(3065): [client 84.248.xxx.xxx] r->uri = /index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /php5-fcgi/php5-fpm/index.php
[Mon Jul 11 18:45:43 2011] [debug] core.c(3071): [client 84.248.xxx.xxx] redirected from r->uri = /index.php


Grrh :(


EDIT:

Btw, this is the only thing I can find on Google that relates to this problem: http://forum.froxlor.org/index.php?/topic/917-php-fpm-htaccess-request-exceeded-the-limit-of-10-internal-redirects/

But those rewrite rules aren't the same as for what xenforo .htaccess is... but the apache errors look somewhat alike, except not exactly, the paths differ a bit.


Thanks for trying to help

It does look like the mod_fastcgi/PHP-FPM is conflicting with the way Xenforo does rewrites. The fix posted in froxlor forums works for Wordpress but not for Xenforo for some reason. I'll have to look into it more later when I have time but at the moment I'm tempted to suggest using the Nginx version of the script.

Yup.

With nginx it works great. No problems whatsoever.

Seems a bit faster too, the site I mean.

Thanks =)

But just to make note:

On Debian (on my previous server) I used "2. mpm_worker + mod_fcgid"

That option doesn't seem to be available with the multi user scripts...


And the mpm_worker + mod_fcgid combo worked fine with xenforo. the php-fpm thing somehow breaks it.


If it wouldn't be too much trouble, would maintaining mpm_worker + mod_fcgid for multiuser script be possible?

EDIT: The above just goes for me thinking my next box...

Ubuntu 11.04 + Apache2 + mpm_worker + mod_fcgid + multiuser probably would be my dream setup. nginx is nice but I like my htaccess support and I've gotten used to apache..

That setup is available for Debian, although it hasn't been thoroughly tested by myself yet :p

Take a look at lamp-debian-multiuser-suexec.tar.gz (http://tuxlite.com/scripts/lamp-debian-multiuser-suexec.tar.gz)

It should only take a few minutes to package one for Ubuntu 11.04, so if you test out the Debian version and it works for you, I can put up a link later today for it.

Actually, I'm gonna deploy it on my Vooservers test VPS now since their Ubuntu templates are awesome. If all goes well you should see the link to the Ubuntu 11.04 version in the next few minutes :)

downloading the new version :)

The bug with Fastcgi and PHP-FPM has been fixed. Quite a strange one so many thanks for reporting it :)

I've re-uploaded the scripts as well.

Did u just upload it?
Any fix with the ubuntu 11.04

Have you guys tried it? How was it so far? Looking forward in using this if it works. :)

Also, what security related stuffs does this implement? :)

Did u just upload it?
Any fix with the ubuntu 11.04

Yeap, the Ubuntu 11.04 version is fixed as well.

The bug with Fastcgi and PHP-FPM has been fixed. Quite a strange one so many thanks for reporting it :)

I've re-uploaded the scripts as well.


Could you elaborate a little? What was the bug and how you fixed it?

Just thinking it would be nice to know since it really bugged the he*l out of me and google didn't help at all.

Could you elaborate a little? What was the bug and how you fixed it?

Just thinking it would be nice to know since it really bugged the he*l out of me and google didn't help at all.

By luck I noticed that any htaccess files outside the root folder would work fine. All other config was correct so I changed the fastcgiexternalserver "filename" (behaves like a socket) to a directory that is higher than the virtualhost root and rewrites worked fine afterwards.

FastCgiExternalServer /home/user/domains/domain.com/public_html to...

FastCgiExternalServer /home/user/domains/domain.com


Have you guys tried it? How was it so far? Looking forward in using this if it works. :)

Also, what security related stuffs does this implement? :)

The scripts does basic sysctl harderning and disables root logins. Use a strong password or public key auth and you'll be fine.

Hey Scientis
First, thanks your installer

I translate your packs into my own language, and upload to the same kind of forum like WHT, someone told me that, there's a little bug in this installer,

in this file /etc/apache2/conf.d/php-fcgid.conf
#Define a new handler "php-fcgi" for ".php" files, plus the action that must follow
AddHandler php-fcgi .php
~~~~~~~~~~~~~~~~~~~~
this defines that all the files with ".php" could possibly run by php-fcgi, this may occur some security issue, like when someone upload a file named "aaa.php.rar"could possibly been run in php-fcgi.
Action php-fcgi /fcgi-bin/php-fcgi-wrapper

#Define the MIME-Type for ".php" files
AddType application/x-httpd-php .php

he told me to make a little fix like this：
#only if the name of the file end by .php .php3 .phtml .phps can been run in php-fcgi

<FilesMatch "\.ph(p3?|tml|ps)$">
AddHandler php-fcgi .php
Action php-fcgi /fcgi-bin/php-fcgi-wrapper

#Define the MIME-Type for ".php" files
AddType application/x-httpd-php .php
</FilesMatch>


hope it could help you improve this installer better,

Hi ehane2,

That is a very good suggestion. I've added the config and re-uploaded all the LAMP scripts although its not quite a bug, but rather a security measure.

It only affect users who use poorly coded PHP scripts that allow untrusted users to upload files without sanitizing the input. If anyone is using such a script, there are much bigger issues to worry about :stickout:

its not quite a bug

I know:D
However better be not without the fix, I was wonder you design this installer as better as possible, even possibly be the best:stickout:

i installed it on a debian vps 128/256, but i uses without varnisg 222Mb memory. What can i do to lower that?

Is that on OpenVZ? If yes, the easiest solution is to use a virtualization technology with proper memory accounting. E.g. Xen or KVM
Otherwise, look into tweaking these two

/etc/mysql/my.cnf
/etc/apache2/apache2.conf

i am on openvz yes, and using nginx, not apache2
how can i limit php5/fpm to one procespool?

There ya go

http://tuxlite.com/lnmp-readme/

These are the settings I use (max 2 procceses)

pm.max_children = 2
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 1

1 other trouble i have: when i turn off varnish, i cannot access pma anymore through http://domain/p
is that correct?

Yeah, have you installed + enabled PMA in the first place?

Yeah, alway be careful of the "pink" message that Scientist make, they are all very helpful:)

yes, i have installed it and when varnish is running it worx
when i disablke varnish, phpmyadmnin doesn't load anymore

He told u to run ./domain.sh pma on not install it

yes, i have installed it and when varnish is running it worx
when i disablke varnish, phpmyadmnin doesn't load anymore

The Varnish function doesn't shouldn't affect phpmyadmin at all. If it loads with Varnish it should load without it as well. Unfortunately, I can't seem to replicate your issue on my test box. What is the error message when you try to load it?

Yeah, alway be careful of the "pink" message that Scientist make, they are all very helpful:)

Eek... my messages are pink in color ?! :blush::D

Yeah, all the messages are showed as pink in my putty.
And when I first time to install, its truly helpful, even after I translate it, everyone from my town should notice the basic instruction code, very easy to understand!

i cannot check it right now, but if i remember right:
www.domain.com/p redirects(with varnish) to www.domain.com:8080/p
after disabling varnish, www.domain.com:8080/p just doesn't load anymore

i cannot check it right now, but if i remember right:
www.domain.com/p redirects(with varnish) to www.domain.com:8080/p
after disabling varnish, www.domain.com:8080/p just doesn't load anymore

Port 8080 is used with Varnish. Remove :8080 from the URL when Varnish is disabled. If it is still not working then clear your browser's cache and try again.

Also, do not use Varnish on a OpenVZ VPS, especially on a low memory 128/256 one. I can't imagine it behaving very well on OpenVZ.

Yeah, all the messages are showed as pink in my putty.
And when I first time to install, its truly helpful, even after I translate it, everyone from my town should notice the basic instruction code, very easy to understand!

Ahhh those pink text. I actually intended them to be purple but either way I think it does its job to stand out. LOL :D

ok, of course, sorry :(

otherwise everything is running great, except that awstats is not being updated. When i manually run logrotate its ok, but somehow the cron doesn't start logrotate, any idea?

Seems like a broken OS template. Here are a few steps to troubleshoot

1) Check to see if cron daily has an entry under /etc/crontab
2) Check to see if logrotate is working. Easiest way is to see if you have mysql.log.1...2,3 and so on under /var/log
3) Test the logrotate config for errors. "logrotate -d"
4) Check if logrotate is in /etc/cron.daily

1:
# m h dom mon dow user command
25 * * * * root cd / && run-parts --report /etc/cron.hourly
41 4 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
6 2 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
46 5 8 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
2: .1 is only there the time i run it manually
3: logrotate -d /etc/logrotate.conf runs with no errors
4: root@vps2:~# ls -la /etc/cron.daily/
total 20
drwxr-xr-x 2 root root 4096 Jul 16 01:01 .
drwxr-xr-x 86 root root 4096 Jul 22 20:00 ..
lrwxrwxrwx 1 root root 33 Jul 13 22:55 automysqlbackup -> /root/automysqlbackup-2.5.1-01.sh
-rwxr-xr-x 1 root root 89 May 27 17:32 logrotate
-rwxr-xr-x 1 root root 876 Jul 15 09:27 mysqlbackup4
-rwxr-xr-x 1 root root 1222 May 27 17:32 sysklogd
root@vps2:~#

everything seems ok, but logroate doesn't run automatically

Yeah, the entries appear to look ok. Try running this and see analyze the output.

logrotate -v /etc/logrotate.conf

like i said, thats running ok, awstats pages are generated
it just doesn't happen automatically

Well, if logrotate doesn't run when it should then it might be worth asking your provider what did they do to the Debian template.
It does seem like they changed something as the cron times are very off from the defaults.

i asked, but according to them this is the standard template for openvz...they did not edit anything

If "logrotate -d /etc/logrotate.conf" doesn't show any errors, I suppose you can force the rotation with your own cronjob with something like

@daily logrotate -f /etc/logrotate.conf

Not the most elegant solution but should work. I'm curious though if logrotate works at all on a fresh OS reload.

i have your script running opn 2 vps'es(debian6) with different providers, and both have the same issue
what i did read on some other forum is that entries in f.i. /etc/cron.daily/ in debain cannot have a . in the name, maybe the same goes for logrotate?

Again, does logrotate work at all with a fresh OS? Check system logs to see if they are rotated.
The scripts does nothing to logrotate apart from adding a new entry. And yes this has been tested on OpenVZ VPS-es without any issues.

script is excellent, thanks.


just a minimal type error:

5. Install Fail2Ban to protect your server from brute force SSH login attempts. Ensure that you edit /etc/fail2ban/jain.conf to reflect your actual SSH port.



jail
http://tuxlite.com/installation/

thanks again for all the effort

woop! Corrected that typo. Thanks!

hi
I setup using your script Ubuntu 11.04 lamp v1.3
and follow your instructions. I can access my site huatcai.com but not subdomain vigo.huatcai.com

Your A records for vigo.huatcai.com doesn't point to huatcai.com's server IP. Best to double check your DNS settings.

Your A records for vigo.huatcai.com doesn't point to huatcai.com's server IP. Best to double check your DNS settings.
Hi thanks for your reply.
Do you meant the dns record on my dns provider?
I still learning.

Hi thanks for your reply.
Do you meant the dns record on my dns provider?
I still learning.

Yeah. For any domain or subdomain that you want to host on your own VPS, the "A record" must be pointing the IP address of the server.

Just want to say I love the script and works great. I'm using 1.1ver. I only have one issue with phpmyadmin uploading files. When I try to import/upload a file in phpmyadmin bigger than 2mb it gives me an error even though it is setup for 25mb upload. I already tried changing ini files and the same problem. I'm missing something simple and I can't figure it out. Any suggestions?

Another question :) I'd like to host another domain name on my server. My Debian6 server already setup for Domain1.com and works great. Now I'd like to create Domain2.com website and point to my server. What is the best way to add domain2.com to my existing server?

Thanks in advance

Opps, only noticed your post today Almaz. I'm guessing you are using the LAMP script with PHP5-FPM.

The earlier versions had a very quick timeout for the fastcgiexternalserver directive, which can be resolved by adding "-idle-timeout 120" to it. Feel free to PM me if you're unsure on setting this.

If using the fastcgid, edit this file
/etc/apache2/mods-available/fcgid.conf

increase IPCCommTimeout to 120 and MaxRequestLen to 25485760

For question 2, simply use the domain.sh script to add another vhost to your server.

Opps, only noticed your post today Almaz. I'm guessing you are using the LAMP script with PHP5-FPM.

The earlier versions had a very quick timeout for the fastcgiexternalserver directive, which can be resolved by adding "-idle-timeout 120" to it. Feel free to PM me if you're unsure on setting this.

If using the fastcgid, edit this file
/etc/apache2/mods-available/fcgid.conf

increase IPCCommTimeout to 120 and MaxRequestLen to 25485760

For question 2, simply use the domain.sh script to add another vhost to your server.


Thank you I'll try the settings. Just to clarify in regards to my question 2. I'd like to setup a website for my friend and I just want to host it for him on my VPS. Where are the exact settings located to tell which site to open when you click on domain.com or domainSecond.com?

When you add a new domain using "domain.sh", a new vhost config is created in

/etc/apache2/sites-available/domainsecond.com

or

/etc/nginx/sites-available/domainsecond.com