Getting older, not necessarily wiser!
This is the first of a three post series about setting up a LAMP server using Debian Linux. LAMP is an acronym that original stood for Linux Apache MySQL PHP. Where Linux is an Operating System, Apache is a Web Server, MySQL is a relational Database, and PHP is a scripting/Programming language.
Note this is an update, error corrected, and re-checked version to an older series of posts. The links will be updated to point here. This post is being updated to align with a current project I am working on about running a server behind CGNAT. Also, because this is a server setup, I am assuming you have some basic Linux knowledge.
While basically a web server, the LAMP configuration has a very wide range of possible applications. At a basic level this includes basic static and dynamic web pages. Including a data base and programing language on the server adds additional functionality, including web based games and Continent Management Systems (CMS). Some common application that can be run on such servers include programs like Media-Wiki, NextCloud, and Word Press.
In this particular series we will cover initial hardware, operating system, and software setup for the basic LAMP server. Applications that can be run on this server will r=each require their own posts, and are out of scope here.
In most cases personal LAMP servers do not require much in the way of hardware resources. For example, the server I am using, and set up in this series of posts, runs on a ten year old Dell laptop I picked up on the cheap, with the following specifications; Intel Core TM i5-520M 2.4GHz CPU, 4 GB of DDR3 RAM, 100 Mbit Ethernet adapter, and BIOS boot. The only change I made is upgrading the old mechanical hard drive with a larger 1 TB Solid State Drive (SSD).
Interestingly, using a laptop has a few advantages. It is small, quiet, power efficient, and has its own built in battery backup. The reason I bring this up is to demonstrate that a LAMP server can run on most hardware. Last century I used to build LAMP servers on single core Pentium based machines, through I would not recommend that today, especially if you plan on streaming media.
I am going to be using a basic Debian 11 Linux Operating System. While I covered this in a previous post, please completely read that post first, as I basically make some modifications to the initial setup given there.
I am also making a modification to the LAMP software. I will be using MariaDB instead of MySQL.
Note that this server will not have any sort of Graphical User Interface (GUI). It will be command line only. One of the reasons it runs well on older hardware. Plus it is just that much less software to discover bugs and flaws in.
The two major changes to the base Debain install will be a static IP address, and how I partition the hard drive.
Setting up a static IP address involves making changes to the /etc/network/interfaces file. Use your favorite command line text editor (Debian comes by default with vi and nano). See the following general example of what setting up a static IP address looks like (your interface name will be different than mine).
iface enp0s3 inet static
For the 1 TB SSD I will be creating six partition. The below scheme, for a basic Debian LAMP server install, is very generous.
5 GB “/” main partition
2 GB “/home” partition
2 GB “/tmp” partition
4 GB “/var” partition
4 GB “swap” partition
the “/srv” partition will take up the rest of the drive.
A note of explanation is required here. Please refer to the post on partitioning for a general discussion. One thing I am going to do with this LAMP server is create local network cloud storage.
The cloud data will be going into the “/srv” partition to keep it separate. So when doing a data backup, you can just back up the entire partition, or restore it if need be.
The actual web site will be stored in the “/var” partition. So it will need a bit more space.
The “/tmp” partition collects temporary files. A separate “/tmp” partition can help protect/recover from certain types of cyber attacks.
Our next step is to install the additional software packages to make everything work. You can install them one at a time, configuring each as you go. Or you can install them all at once, and then configure each one individually.
I am opting for the all at once method, and I will be getting into configuring and securing in followup posts. For this post we simply want to get things up and running on our local network. The assumption being that we will be limiting access to the server until we get everything configured.
As with any Debian installation, you should initially run the following two commands to make sure the package repository is up to date, and your installed software is up to date.
Yes, I know you just did the install and everything should be fine, but you should get in the habit of doing this periodically. This is not Windows and unless you set it up to do so, the system is not going to update itself, or nag you about it.
For the all at once install we will use the following command.
apt install openssh-server apache2 mariadb-server php libapache2-mod-php php-mysql
Note that nftables should have already been installed but not activated with the base Debian 11 system, so no need to install it again.
Now lets check that our installed programs are running. We will use the systemctl and grep commands to verify some of the services are running. For example, to tell if the apache2 service is running you can use the following.
systemctl | grep apache
You can substitute maria and ssh to see if those services are running. You should also do a normal restart to see if the services start at boot up.
Next you want to point your web browser towards your server IP address and see if the default Debian Apache 2 page is displayed.
Finally we will create a short web page to see if PHP is functioning. Create a simple text file called phpinfo.php in your web root directory. On Debian 11 it should be /var/www/html. Add the following text to the file, and save it.
<?php phpinfo(); ?>
When you point your browser at this file, a very long PHP status page will load.
Note that at this point we are not setting up nftables. If you make a mistake with the configuration files, you can block access to your new server. We will want to set up our nftables firewall before we go live though.
After following the above steps, we should have a functional web server set up. It is capable of running web apps like NextCloud or MediaWiki (applications may have additional requirements listed in their documentation).
In the follow up posts in this series, we will start working on making the server more secure and more productive. We will do this by modifying configurations for some of the default functionality, and setting up basic secure connections and a firewall.
Basic LAMP Server Part 1