!SEXY CAT! X-VPS-COMPATIBLE LEMP STACKSCRIPT: Install the Lot ;)




new password?
login
X

LEMP Stack: *10 Minute* VPS Install 4 Lucid 10.04

12 May 10
lynx cat Ubuntu logo image

Run this script on an Ubuntu distro & your domain is set up and ready to browse to: new user, Nginx, PHP-FPM, Suhosin, XCache, MySQL, Postfix for email, iptables, SSH keys, SSHD security and more, the whole darn lot totally tweaked-tastic!

This script is a beast. After you have launched a new Ubuntu 10.04 LTS distribution, switched the nameservers and setup your DNS within your VPS control panel .. run this script and within minutes you can surf to your domain.

It is that simple *.

Setup Unmanaged VPS: The Ubuntu-Nginx Guide

Take your virtual private server from zero to hero

  .. from blank box to cute-as server ..  

with this easy-to-follow copy/paste guide.

22+ parts with video, here’s the index.

* There are some caveats. Let’s be frank:-

CAVEAT  10 MINUTES? For real, below you can see the list of what is installed in that execution time, and it’s all top of the range. But. This assumes you’ve launched the distro, sorted the DNS in your VPS CP and the nameservers are pointed already.

.. This tut shows you how to do that lot anyhow.

CAVEAT  VPS providers vary. Your host’s Lucid distribution may vary, slightly, from those that this script has been tested on. In theory, perhaps edited a fraction, this will work on any half-decent virtual private server but, if an error is thrown, I’ll help you with that in the new stackscript forum.

It works flawlessly on a Linode 360 .. all vpsBible stacks have free-support for cross-VPS-compatibility.

CAVEAT  This script has only been tested on Ubuntu Lucid Lynx 10.04 32 bit. If you want Ubuntu, that is almost certainly the kernel you want. I’ll be releasing a slightly adjusted Debian 5 equivalent next week and, in due course, further OS and web server forks. For news on new stacks check out the forum.

& a Request  Please give me feedback. Here’s the deal: you help me test this script and I will help you set up a stunning server and, relatively, you’ll hardly have to think nor to trawl through all those docs (and my dodgy jokes, mind you a few slipped in here so sorry in advance.)

So, whether you are a webmaster needing to launch multiple machines or you’re just fed up of crunching the console, this script will save you anything from an hour’s time per box to a few days of research and toil.

Cross-VPS Lucid/LEMP Stackscript: Package Spec

Here’s the order of installation:-

  • system update/upgrade
  • locale settings
  • USER with SuperUser (visudo) privileges & /home/USER directory
  • embedded public authentication key
  • hardened SSHD security
  • an iptables firewall
  • Postfix for email (ideal for Google Apps)
  • MySQL, secured **
  • PHP with PHP-FPM (‘separate’ compiled from source)
  • .. secured with Suhosin
  • caching with bespoke XCache
  • Nginx web server (compiled from source)

** Once you execute the script this is the single instance when you are prompted to enter a password manually and answer a few simple questions. When you launch the script, wait about 90 seconds for this prompt and answer the questions – I’ll give you the answers in a mo – then leave the thing to run to its termination and automatic reboot. Then, provided your DNS has propagated, you can surf to your domain name.

The one key thing that is missing, IMHO, is DNS Setup using Bind. I intend to add this functionality to speed the setup process further and to assist those without a DNS Manager at their VPS host.

All packages are, AFAIK, the latest stable versions. The script is designed to easily update versions and I’ll keep a watch on that, and welcome your opinions.

How to Run the StackScript

1. Launch an Ubuntu Lucid 10.04 LTS * 32 bit distribution from your VPS provider’s control panel. Here is how – Set Up a VPS Linux Distribution.

* LTS = Long Term Support  LTS versions are released every 2 years and are supported with official Ubuntu updates for longer, the server editions longer still. Lucid 10.04 will keep us liquid until April 2015. The last LTS, Hardy Heron 8.04, remains supported until April 2013. (Probably this script will run fine on that, someone tell me!) By contrast, a regular release like the upcoming Maverik Meercat 10.08, due in October 2010, will be supported only until April 2012. This is why Lucid, a kingpin edition, is so important. And yes, the names are silly.

2. Point your domain to your VPS providers nameservers  They will be called something like ns1.vpsprovider.com, ns2.vpsprovider.com, ns3.vpsprovider.com and so on, depending on how many there are (generally just two). Once you have the ns1.correctSyntax.com, log into your domain registrar account (where you bought the domain name, else to where you transferred the registration) and change the values in the nameserver input boxes .. and wait for propagation. How long it takes can be anything from minutes to about 72 hours, depending on the registrar, it’s web location and who-knows-what.

.. you can do this last. For a seamless move with an existing site, it must be last. Read Moving Day! How to Move Your Blog or Site for tips.

3. Setup your DNS, those settings creating registration records for your domain with your VPS provider. Follow Add a Domain Zone to Your VPS for how to do that. I’ll build this into this StackScript using Bind but, hey, it’s a few minutes manually and generally very easy anyway.

4. Log into your VPS using a terminal ..

5. Create SSH authentication keys  My SSH directions, boxed in below, may sound scary but if you read the linked tutorials this is dead easy so no excuses. And bloomin’ ‘eck it’s worth it for the added security and the ease of password-free remote login.

Again, this bit varies depending on your *local* PC flavor:-

Windows locally?

Follow Encrypt Data with OpenSSH & Auto-Login with PuTTY, stopping before the section Add the Public Key to Your Remote VPS (read that section though). I’d recommend you also to carry out the later section Even Faster Login Using Pageant (on your local machine) although for our purpose it’s not essential.

As the above linked tutorial spells out, you want your local private key somewhere safe on your PC. For the public key, open its file with Notepad because we will be copy/pasting that into the stackscript as shown in a moment.

Linux locally?

Follow Create a Basic Local to Remote Server SSH Connection but do not upload the public key.

.. I’m not sure that tutorial is quite as clear as it might be for this job so here’s a brief recap (read the tutorial too because I am only filling in some blanks) ..

Create the keys on Linux with the command:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

.. following the terminal prompts to create a passphrase.

Open the public key with, say, the gedit text editor:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

.. and you’ll be copying that key in a moment, pasting as explained in our stackscript.

6. Edit the stackscript  Bear in mind that the server we end up with is highly configured, especially when it comes to security but also, for instance, to enhance performance based on the resources of your VPS slice. To make that possible we have to edit some variables and, for some, to carry out some basic research.

To make life as easy as possible I’ve produced 2 identical scripts here (in terms of execution). They look different because one has comments to explain those all-important values. They do exactly the same thing.

Click on this link    ..    Show Me the Commented Script

Toggle to and fro as you prefer, perhaps using the comment-strewn script to guide you while filling out the values on the tidier script, copied to your text editor. (That way you’re less likely to miss a value.)

.. Well come on, get on with it .. the notes are in the script now .. I’m taking a nap ..


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

Zzzzzzzzzzzzzzzz, yaaawwnnn .. er, right, er, all done, jolly good.

Problems Logging into the VPS?

As covered above and in linked tutorials, you log into your newly launched VPS server using the terminal’s syntax:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

.. where 12.34.56.78 is your IP address. If you don’t know what that is, look for IP address in the DNS setting section of your VPS provider control panel.

You’ll be asked to accept the connection .. do. And give the password you gave when you launched the Linux distribution (not the one in your PASSWORD value, necessarily).

If you’ve launched a new distro on a VPS (and its IP address) that you’ve used before, you may be given a warning telling you that you can’t log in.

.. In that case, you need to delete a line from your local hosts (Windows) or known-hosts(Linux) file, as directed in the message. So basically do what the message says, then try logging in again.

Let me be clear. Put another way, if you receive a warning and cannot log in – most likely if you have redeployed a new Linux distribution with a previously used IP address – you’ll need to delete a redundant key from your hosts file. Read the message carefully as it pinpoints the precise line and from what file to delete that line. The file itself can be found:-

Windows  C:WINDOWSsystem32driversetchosts

Linux  /home/USERNAME/.ssh/known-hosts

.. Very likely the line in question is the very last one, most particularly if you are relaunching from a failed setup immediately before.

.. And that’s the prerequisites done-dusted. We are ready to rock. I advise some very loud music.

Deploying the Stackscript

OK, you’re logged in remotely as root and therefore with Super-User permissions. Let’s go to town.

Type this:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

.. and within the new file, paste CTRL-SHIFT-v the entire contents of the script (with values amended).

Save and close the file .. CTRL-x > y > ENTER

Type this to give root permissions to execute the file:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

And kick up some dust:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

As I mentioned above, wait for the script to stop. It will soon ask you for your MySQL password, the one you used for your export MYSQL_PASSWORD=”some_password” value.

Having entered that, you’ll be asked yes or no to 5 pretty comprehensive questions. Here is the sequence of my suggested answers. After each, hit ENTER:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

The script will resume executing all manner of stuff. The PHP section in particular will take a long time as it – and Nginx afterwards – is being bespoke compiled with custom bells and whistles.

This is a perfect opportunity for a cup of tea.

After a 10 minute run (at least on my Linode 360 machine, but give or take) the script runs out of things to do, gets bored and issues a sulky reboot.

(Your VPS, by the way, is by now quite the sex kitten. Hmmn, I’ll shut up.)

Give a minute for the reboot to do its thing and again log into your VPS, this time as the USER you specified in the script and using the custom port you reserved in the PORT variable:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

.. the -P means we’re about to specify a port to connect with, by the way. (No other port will work.)

Troubleshooting Lockouts & Errors

Explosions aside I can envisage two scenarios.

I’m Locked Out

If you can’t get in that’s because you copied incorrectly the public key into its PUBLIC_KEY variable, coupled with the fact you opted not to allow PASSWORDAUTHENTICATION.

Relaunch the Linux distribution from scratch and be really careful with those values, with all the values.

This Script Sucks

While it’s highly unlikely that this script could provide a login problem with any Lucid VPS, as I say, there is the chance that it isn’t compatible with your VPS.

.. Fortunately though, the glitch will (famous last..) be pretty basic and pretty straight-forward to rectify.

Copy any error messages you see on running the script and paste them to me in the forum and I’ll do my utmost to help. Indeed, I’d be grateful to press out any creases.

Delete the Stackscript

Now we’re in, let’s get rid of that executable now. As you are not logged in as root, assume it:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

And, having given the root password (the one you used to deploy the distro) .. trash the script:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

Check Your Nginx-powered Domain

You may as well check to make sure you have a webpage:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

And edit it (deleting my automated spiel in the process) to check out your PHP, its extensions and XCache:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

.. but then delete that phpinfo request too, else you’re offering clues to hackers:-


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

Then head to your VPS forum and tell everyone how cool this is, and I’ll be seriously grateful.

(.. that last bit’s pretty important) :P

Cue the inspiration to this super-stacked cute cat ..

Setup Unmanaged VPS: The Ubuntu-Nginx Guide

Take your virtual private server from zero to hero

with this easy-to-follow copy/paste guide.

“My local PC runs Windows” Show me for Linux/Mac

22+ parts with video, here’s the index ..

Manage Unmanaged VPS: Ubuntu-Nginx Administration

Already set it up? We’d best maintain it then.

Toggle to the ..  Ubuntu-Nginx Admin Index

Manage Unmanaged VPS: Ubuntu-Nginx Administration

Maintain your virtual private server with ..

.. cheatsheets, tutorials, tips & guides.

Head back to the ..  Ubuntu-Nginx Installation Index

Nginx Admin: In the Works ..

This lot’s marked for addition already:-

  • Setup or Edit DNS using Bind
  • Network Tools Troubleshooting Guide
  • The Comprehensive Permissions Guide
  • Configuring Nginx Rewrites
  • Custom Website Error Page
  • Setting up Cron Jobs
  • Rsync for Incremental Remote-to-Local Backup
  • Cron & Rsync for Automatic Backup
  • Cron & mysqldump for Auto DB Backup
  • Safeguard Bandwidth with Hotlink Protection
  • Block Access with Nginx’ IP Deny


«
»

Got a Question? Want to Comment?

This site has no comments system. We've got a better system!

Please use the link at the top of the post and goto this topic's forum thread:-

  • to help build community
  • for a superior knowledge base
  • to keep info in one place, not diluted between forum & comments.

For those posts ported from Guvnr.com (pre-Feb/2010), archive comments remain.

Handy info from these comments is in the process of being ported to the forum and attributed to the original author.

If you think this idea sucks, let me know.

Thank you.