Tianhe Gao

Ubuntu 安装 LAMP 并开启 https

Refers:

  1. https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-22-04
  2. https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-22-04

安装 Apache 更新防火墙

1    # Installing Apache and Updating the Firewall
2    sudo apt update
3    sudo apt install apache2
4    sudo ufw app list

输出:

    Available applications:
      Apache
      Apache Full
      Apache Secure
      OpenSSH

1    # To only allow traffic on port 80, use the Apache profile
2    sudo ufw allow in "Apache"
3    sudo ufw status

输出:

    Status: active

    To                         Action      From
    --                         ------      ----
    OpenSSH                    ALLOW       Anywhere                                
    Apache                     ALLOW       Anywhere                  
    OpenSSH (v6)               ALLOW       Anywhere (v6)                    
    Apache (v6)                ALLOW       Anywhere (v6)

现在可以通过 IP 访问初始页面了。

找服务器的公网 IP 地址:

1    ip addr show ens3 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

如果有域名绑定到这个 IP 上,也可以用域名 =http://example.com:80=

安装 MySQL 和 PHP

1    # Installing MySQL
2    sudo apt install mysql-server
3    sudo mysql_secure_installation

第一步点击 Y,接下来根据情况选择。我进行到这几步时,密码验证总是通不过。但也能进入 Mysql shell 里。

1    # Installing PHP
2    sudo apt install php libapache2-mod-php php-mysql
3    php -v
4    # Creating a Virtual Host for your Website
5    sudo mkdir /var/www/your_domain
6    sudo chown -R $USER:$USER /var/www/your_domain
7    sudo nano /etc/apache2/sites-available/your_domain.conf

your_domain.conf 文件内容:

    <VirtualHost *:80>
        ServerName your_domain
        ServerAlias www.your_domain # 如果只有一个域名,可用 # 注释掉
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/your_domain
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
    </VirtualHost>

1    # use a2ensite to enable the new virtual host
2    sudo a2ensite your_domain
3    # disable the default website
4    sudo a2dissite 000-default
5    # make sure your configuration file doesn’t contain syntax errors
6    sudo apache2ctl configtest
7    # reload Apache
8    sudo systemctl reload apache2
9    vim /var/www/your_domain/index.html # 任意添加内容

注意:默认情况下,index.html 比 index.php 的优先级高。如果想反过来,可进行如下修改:

1    sudo vim /etc/apache2/mods-enabled/dir.conf

修改后的结果:

    <IfModule mod_dir.c>
            DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
    </IfModule>

1    sudo systemctl reload apache2
2    # Testing PHP Processing on your Web Server
3    vim /var/www/your_domain/info.php

=info.php=:

    <?php
    phpinfo();

访问 =http://server_domain_or_IP/info.php=,会出现一个页面描述 php 的配置信息。

 1    # 删除,防止别人利用
 2    sudo rm /var/www/your_domain/info.php
 3    # Testing Database Connection from PHP
 4    sudo mysql
 5    mysql> CREATE DATABASE example_database;
 6    mysql> CREATE USER 'example_user'@'%' IDENTIFIED BY 'password';
 7    mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
 8    mysql> GRANT ALL ON example_database.* TO 'example_user'@'%';
 9    mysql> exit
10
11    mysql -u example_user -p
12    mysql> SHOW DATABASES;

输出:

    +--------------------+
    | Database           |
    +--------------------+
    | example_database   |
    | information_schema |
    +--------------------+
    2 rows in set (0.000 sec)

1    mysql> CREATE TABLE example_database.todo_list (
2    	item_id INT AUTO_INCREMENT,
3    	content VARCHAR(255),
4    	PRIMARY KEY(item_id)
5    );
6    mysql> INSERT INTO example_database.todo_list (content) VALUES ("My first important item");
7    mysql> SELECT * FROM example_database.todo_list;

输出:

    +---------+--------------------------+
    | item_id | content                  |
    +---------+--------------------------+
    |       1 | My first important item  |
    +---------+--------------------------+
    4 rows in set (0.000 sec)

1    mysql> exit
2
3    vim /var/www/your_domain/todo_list.php

=todo_list.php=:

    <?php
    $user = "example_user";
    $password = "password";
    $database = "example_database";
    $table = "todo_list";

    try {
      $db = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
      echo "<h2>TODO</h2><ol>"; 
      foreach($db->query("SELECT content FROM $table") as $row) {
        echo "<li>" . $row['content'] . "</li>";
      }
      echo "</ol>";
    } catch (PDOException $e) {
        print "Error!: " . $e->getMessage() . "<br/>";
        die();
    }

访问 =http://your_domain_or_IP/todo_list.php=

开启 HTTPS

1    sudo apt update
2    sudo apt install certbot python3-certbot-apache
3    # Allowing HTTPS Through the Firewall
4    sudo ufw status

输出:

    Status: active

    To                         Action      From
    --                         ------      ----
    OpenSSH                    ALLOW       Anywhere                  
    Apache                     ALLOW       Anywhere             
    OpenSSH (v6)               ALLOW       Anywhere (v6)             
    Apache (v6)                ALLOW       Anywhere (v6)

1    sudo ufw allow 'Apache Full'
2    sudo ufw delete allow 'Apache'
3    sudo ufw status

输出:

    Status: active

    To                         Action      From
    --                         ------      ----
    OpenSSH                    ALLOW       Anywhere                  
    Apache Full                ALLOW       Anywhere                  
    OpenSSH (v6)               ALLOW       Anywhere (v6)             
    Apache Full (v6)           ALLOW       Anywhere (v6)

1    # Obtaining an SSL Certificate
2    sudo certbot --apache
3    # Verifying Certbot Auto-Renewal
4    sudo systemctl status certbot.timer # active
5    # 模拟运行
6    sudo certbot renew --dry-run

No notes link to this note

Welcome to tell me your thoughts via "email"
UP