So… in my quest to create the perfect web server, I stumbled into an issue.
An easy(ish) way to manage it.
There aren’t too many control panels for nGinx that setup the server the way I need it to, in order to get the performance and scalability needed for the sites I run.
I initially thought about developing a web based control panel, and still eventually may, however, due to security concerns with the methods needed to create and manage these sites, I figured it’d be best left to shell.
So… without any further ado, I will explain what I did and how I did it. Please keep in mind this is an ongoing w.i.p.
First and foremost, we need our OS. For me, I find Ubuntu extremely stable, so I would highly recommend using it. I chose Ubuntu Server 16.04 LTS which you can pick up the ISO for over at Ubuntu.
Once you download the ISO, burn it off to a DVD, or use something like unetbootin and create a bootable USB stick.
Pop your device or disk into your PC and boot from it to start the installation.
You can setup how you wish, just make sure to install only the minimals needed for it to run. I happen to choose OpenSSH and Samba since I am local to my server, as I need to be able to access everything. At the very least you should install OpenSSH so you can shell into the server to manage it.
During the partitioning phase I setup LVM, with the following partition scheme. I would recommend utilizing LVM, if nothing more than the ability to add storage on the fly. I have 2 – 256GB SSD’s, I setup in RAID for mirroring, and partitioned it as follows, with a single partition set aside for boot.
Once the install finishes, reboot the machine, fire up a shell session, and run/configure the following:
service apparmor stop && update-rc.d -f apparmor remove && apt-get -y remove apparmor apparmor-utils
ufw allow http ufw allow https ufw allow ftp ufw allow 30000:50000/tcp ufw allow 30000:50000/udp ufw allow ssh ufw enable
Our server is now ready to setup LEMP Commander.
This setup step is pretty easy to do, but does require some user intervention through the process. We’ll need to pay attention 😉 and configure the way we’ll use exim, how we’ll secure MySQL, and how we’ll configure phpMyAdmin… so pay attention! 😉
In shell, make sure you are logged in as a sudo user, via running: sudo -s
Next, make sure you are in your “home” directory, and run:
git clone https://github.com/kpirnie/LEMP-Command.git && cd LEMP-Command
This will download our repository and allow you to keep it up to date with the latest code I will release to it 🙂
Once it is finished downloading you will be in it’s main directory, so to install it, simply run:
./installer and go grab a coffee or 2.
The installer will first update and upgrade your server, I have found that this definately takes the longest, and unfortunately, there is very little that can be done about it to make it any quicker (other than upgrading your ISP)
Check back every one in a while so you can secure your MySQL install, configure exim, and configure phpMyAdmin as I stated earlier. Securing MySQL is a simple process, just select Y, put in a username and password combo, and done. For exim, I run this configuration due to my ISP’s restrictions, and for phpMyAdmin I select no webserver, yes to dbconfig-common, and a random password. Set these up how you see fit.
Once the installer is complete, you will probably see a message that you will need to reboot your machine. Go ahead and do that now.
Once the machine is restarted your server is officially setup as a highly scalable, highly performant web server.
Now that your server is setup, we can let the real fun begin. It’s time to setup a couple of administrative tasks that will help keep your server up to date, malware/virus free, backed up, and running in tip-top shape.
For this step we’ll need to be back in sudo mode, and run
crontab -e to set the following:
15 0 * * * scanner# Performs a nightly virus/malware scan
30 0 * * * nbl-updater# Nightly updates the nGinx Ban list according to: http://stopforumspam.com/
30 1 * * * backup# Backs up all sites and databases you may have on your server. As of now, I have it built to auto-remove backups older than 30 days as well
*/2 * * * * service-up# Just a quick check to make sure everything is still running. If anything is stopped, it will restart it
Please change the times here how you see fit.
restore USER YYYY-MM-DD
That’s it for now folks, I will update this post as more gets created/fixed for this, I will leave you with 2 pieces of advise.