LCMP (Linux, Caddy, MariaDB, and PHP)
[ad_1]
Caddy Web Server Since the release of v2.6, HTTP/3 has been supported by default. It can be said to be the earliest Web Server to support HTTP/3, but Nginx did not start to experience support until version 1.25.0 on May 23, 2023.
As for Apache httpd, I don’t know that it won’t support HTTP/3 until the Year of the Monkey.
Under systems such as CentOS 7 or CentOS Stream 8 / Rocky Linux 8 / AlmaLinux 8 or CentOS Stream 9 / Rocky Linux 9 / AlmaLinux 9, follow this tutorial to build an LCMP (Linux + Caddy + MariaDB + PHP) environment.
LCMP one-click installation
Updated November 6, 2023
Just want to simply build a web server that supports MariaDB and PHP, but are impatient to compile and install it?
It doesn’t matter, come on, LCMP (Linux + Caddy2 + MariaDB + PHP) can be set up in just 10 minutes.
support system:
Enterprise Linux 7 (CentOS 7, RHEL 7)
Enterprise Linux 8 (CentOS 8, RHEL 8, Rocky Linux 8, AlmaLinux 8, Oracle Linux 8)
Enterprise Linux 9 (CentOS 9, RHEL 9, Rocky Linux 9, AlmaLinux 9, Oracle Linux 9)
Debian 10
Debian 11
Debian 12
Ubuntu 20.04
Ubuntu 22.04
Details:https://github.com/teddysun/lcmp
1. Prepare in advance
Disable SElinux
cat /etc/selinux/config
if not found SELINUX=disabled This line needs to be disabled.
sed -i 's@^SELINUX.*@SELINUX=disabled@g' /etc/selinux/config setenforce 0
If the system is Enterprise Linux 9 (CentOS 9, RHEL 9, Rocky Linux 9, AlmaLinux 9), you need to disable it using the following method.
grubby --update-kernel ALL --args selinux=0
and then execute reboot Restart the system. SElinux is disabled until the restart is complete.
Set up firewall firewall
firewall-cmd --state
If the display is running status, you need to release ports 80 and 443, that is, http and https services.
default_zone=$(firewall-cmd --get-default-zone)
firewall-cmd --permanent --add-service=https --zone=${default_zone}
firewall-cmd --permanent --add-service=http --zone=${default_zone}
firewall-cmd --permanent --add-masquerade
firewall-cmd --reload
firewall-cmd --list-all
2. Install and set up Caddy Web Server
Introduce caddy repo and install caddy
If the system is Enterprise Linux 9 (CentOS 9, RHEL 9, Rocky Linux 9, AlmaLinux 9), Enterprise Linux 8 (CentOS 8, RHEL 8, Rocky Linux 8, AlmaLinux 8)
dnf install -y dnf-plugins-core dnf copr enable @caddy/caddy -y && dnf install -y caddy && caddy version
If the system is RHEL 7 or CentOS 7
yum install -y yum-plugin-copr && yum copr enable @caddy/caddy -y && yum install -y caddy
Create the necessary directories and set directory permissions
mkdir -p /data/www/default mkdir -p /var/log/caddy/ mkdir -p /etc/caddy/conf.d/ chown -R caddy.caddy /data/www/default chown -R caddy.caddy /var/log/caddy/
The root directory of the website is /data/www/defaultand after the entire installation process is completed, the application can be placed in this directory and run.
Edit caddy default configuration file /etc/caddy/Caddyfile
{
admin off
}
:80 {
# Set this path to your site's directory.
root * /data/www/default
encode gzip
# Enable the static file server.
file_server {
index index.html
}
# Serve a PHP site through php-fpm:
php_fastcgi unix//run/php-fpm/www.sock
log {
output file /var/log/caddy/access.log
}
}
import /etc/caddy/conf.d/*.conf
caddy only opens port 80 by default. If you want to build your own website, you need to manually create a configuration file and restart the caddy service.
Create a website to www.example.com For example.
Create the /etc/caddy/conf.d/www.example.com.conf configuration file with the following content:
www.example.com {
header {
Strict-Transport-Security "max-age=31536000; preload"
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
}
# Set this path to your site's directory.
root * /data/www/default
encode gzip
# Serve a PHP site through php-fpm:
php_fastcgi unix//run/php-fpm/www.sock
# Enable the static file server.
file_server {
index index.html
}
log {
output file /var/log/caddy/ssl_access.log {
roll_size 100mb
roll_keep 3
roll_keep_for 7d
}
}
}
3. Install and set up MariaDB
Introduce MariaDB repo and install MariaDB
wget -qO mariadb_repo_setup.sh https://downloads.mariadb.com/MariaDB/mariadb_repo_setup chmod +x mariadb_repo_setup.sh
The current maintained versions are: 10.3, 10.4, 10.5, 10.6, 10.11 (maintained for 5 years), 10.8, 10.9, 10.10, 11.0 (maintained for one year)
The current long-term support versions of MariaDB are 10.3, 10.4, 10.5, 10.6, and 10.11. Just select 10.11.
./mariadb_repo_setup.sh --mariadb-server-version=mariadb-10.11
After the above script is executed, the MariaDB repo is introduced, and the installation of MariaDB begins.
dnf install -y MariaDB-common MariaDB-server MariaDB-client MariaDB-shared MariaDB-backup
After installation, edit /etc/my.cnf.d/server.cnf so that its default encoding is utf8mb4
lnum=$(sed -n '/\(mariadb\)/=' /etc/my.cnf.d/server.cnf)
sed -i "${lnum}acharacter-set-server = utf8mb4\n\n\(client-mariadb\)\ndefault-character-set = utf8mb4" /etc/my.cnf.d/server.cnf
Start MariaDB
systemctl start mariadb
Modify user root password, delete the test database and unnecessary user names.
db_pass="Thisisdbrootpassword"
mysql -e "grant all privileges on *.* to root@'127.0.0.1' identified by \"${db_pass}\" with grant option;"
mysql -e "grant all privileges on *.* to root@'localhost' identified by \"${db_pass}\" with grant option;"
mysql -uroot -p${db_pass} 2>/dev/null <<EOF
drop database if exists test;
delete from mysql.db where user="";
delete from mysql.db where user="PUBLIC";
delete from mysql.user where user="";
delete from mysql.user where user="mysql";
delete from mysql.user where user="PUBLIC";
flush privileges;
exit
EOF
4. Install and set up PHP
Introduce PHP repo
If the system is Enterprise Linux 9 (CentOS 9, RHEL 9, Rocky Linux 9, AlmaLinux 9) x86_64 aarch64
dnf config-manager --set-enabled crb dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm dnf install -y https://rpms.remirepo.net/enterprise/remi-release-9.rpm
If the system is Enterprise Linux 8 (CentOS 8, RHEL 8, Rocky Linux 8, AlmaLinux 8) x86_64
dnf config-manager --set-enabled powertools dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm dnf install -y https://rpms.remirepo.net/enterprise/remi-release-8.rpm
If the system is RHEL 7 or CentOS 7 x86_64
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm yum install -y https://rpms.remirepo.net/enterprise/remi-release-7.rpm yum install -y yum-utils
Install PHP
If the system is Enterprise Linux 9 (CentOS 9, RHEL 9, Rocky Linux 9, AlmaLinux 9), Enterprise Linux 8 (CentOS 8, RHEL 8, Rocky Linux 8, AlmaLinux 8)
dnf module reset -y php dnf module install -y php:remi-8.2
If the system is RHEL 7 or CentOS 7 x86_64
yum-config-manager --disable 'remi-php*' yum-config-manager --enable remi-php82
Then install other necessary components of PHP.
dnf install -y php-cli php-bcmath php-embedded php-gd php-imap php-mysqlnd php-dba php-pdo php-pdo-dblib php-pgsql php-odbc php-enchant php-gmp php-intl php-ldap php-snmp php-soap php-tidy php-opcache php-process php-pspell php-shmop php-sodium php-ffi php-brotli php-lz4 php-xz php-zstd dnf install -y php-pecl-imagick-im7 php-pecl-zip php-pecl-mongodb php-pecl-swoole5 php-pecl-grpc php-pecl-yaml php-pecl-uuid
Confirm the installed PHP version and modules.
php -v php -m
Edit PHP’s php-fpm configuration file /etc/php-fpm.d/www.conf to support caddy
sed -i "s@^user.*@user = caddy@" /etc/php-fpm.d/www.conf sed -i "s@^group.*@group = caddy@" /etc/php-fpm.d/www.conf sed -i "s@^listen.acl_users.*@listen.acl_users = apache,nginx,caddy@" /etc/php-fpm.d/www.conf sed -i "s@^;php_value\(opcache.file_cache\).*@php_value\(opcache.file_cache\) = /var/lib/php/opcache@" /etc/php-fpm.d/www.conf
Change the directory permissions of PHP to support caddy
chown root.caddy /var/lib/php/session chown root.caddy /var/lib/php/wsdlcache chown root.caddy /var/lib/php/opcache
Edit the PHP configuration file /etc/php.ini to make it more consistent with the production environment and support MariaDB connection
sed -i "s@^disable_functions.*@disable_functions = passthru,exec,shell_exec,system,chroot,chgrp,chown,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore@" /etc/php.ini
sed -i "s@^max_execution_time.*@max_execution_time = 300@" /etc/php.ini
sed -i "s@^max_input_time.*@max_input_time = 300@" /etc/php.ini
sed -i "s@^post_max_size.*@post_max_size = 50M@" /etc/php.ini
sed -i "s@^upload_max_filesize.*@upload_max_filesize = 50M@" /etc/php.ini
sed -i "s@^expose_php.*@expose_php = Off@" /etc/php.ini
sed -i "s@^short_open_tag.*@short_open_tag = On@" /etc/php.ini
sock_location="/var/lib/mysql/mysql.sock"
sed -i "s#mysqli.default_socket.*#mysqli.default_socket = ${sock_location}#" /etc/php.ini
sed -i "s#pdo_mysql.default_socket.*#pdo_mysql.default_socket = ${sock_location}#" /etc/php.ini
5. Start PHP and caddy services
Start PHP’s php-fpm service
systemctl start php-fpm
Start caddy service
systemctl start caddy
Allow mariadb, php-fpm, caddy services to start automatically at boot
systemctl enable mariadb systemctl enable php-fpm systemctl enable caddy
Confirm mariadb, php-fpm, caddy service status
systemctl status mariadb systemctl status php-fpm systemctl status caddy
Confirm the processes of mariadb, php-fpm, and caddy services
ps -ef | grep -v grep | grep "/usr/bin/caddy" ps -ef | grep -v grep | grep php-fpm ps -ef | grep -v grep | grep mariadbd
6. Things to note when upgrading PHP version
When there is a new version of PHP that needs to be upgraded, just execute the following command.
yum update -y php-*
It should be noted that after upgrading PHP, the previously changed PHP directory permissions will be overwritten, so the following directory permissions need to be modified again.
chown root.caddy /var/lib/php/session chown root.caddy /var/lib/php/wsdlcache chown root.caddy /var/lib/php/opcache
When there is a new version of MariaDB that needs to be upgraded, just execute the following command.
yum update -y MariaDB-*
When there is a new version of Caddy that needs to be upgraded, just execute the following command.
yum update -y caddy
After installing phpmyAdmin, its configuration information is as follows: