Bash & Linux CLI

Jannis Seemann -
/

Jannis Seemann - Bash & Linux CLI

Why this chapter

► In my existing web development courses, students

sometimes want to see a full setup of a webserver
► But this needs quite a bit of Linux knowledge, so it's a bit
difficult to provide there
► I'm thus providing this in this course:
► However, this chapter might require some web
development knowledge
► This chapter is only for existing web developers
► Feel free to skip it!

Jannis Seemann - Bash & Linux CLI

Setting up a Webserver
► In this chapter, we will create a webserver based on:
► Linux
► Apache (httpd)
► MySQL
► PHP
► Unfortunately:
► The setup of this is quite different on Ubuntu / CentOS
► CentOS:
► Uses the upstream way to configure Apache
► upstream = the way it's meant from the original authors (Apache Foundation)
► Debian / Ubuntu:
► They have their own management tools on top
► Those tools greatly simplify the management of Apache

Jannis Seemann - Bash & Linux CLI

How do we solve it in this chapter?
► In this chapter, we have 4 different types of lectures:
► Theory lectures:
► In those lectures, I will explain the concepts and how everything works
► CentOS:
► After the theory, we will have a look at how we put the theory into practice on
CentOS
► Ubuntu:
► And after that, how the same thing works on Ubuntu
► Centos / Ubuntu:
► Those lectures apply to both operating systems
► Important for you:
► Even if you use Ubuntu, I highly recommend you watch the CentOS lectures as
well (without following along)
► This will give you a better understanding of Apache

Jannis Seemann - Bash & Linux CLI

Adding a firewall,...

► In a later chapter, we will be adding a firewall (firewalld) to our server

► If you plan to use this server in production, I more than highly
recommend you to also watch this chapter

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
LAMP

► In this lecture, we will analyze the LAMP setup

► L: Linux - we already know that
► But we should have a close look at the rest

Jannis Seemann - Bash & Linux CLI

LAMP: Apache HTTP Server
► What is the Apache HTTP Server?
► An open-source web server software
► Developed and maintained by Apache Software Foundation
► What are the key features?
► It's highly configurable, and we can configure it for our needs
► It can be extended with additional modules
► Supports various server-side scripting languages
► SSL and TLS support for encrypted connections
► It powers a significant percentage of the world's websites

Jannis Seemann - Bash & Linux CLI

LAMP: MySQL / MariaDB
► MySQL:
► MySQL is a popular, open-source relational database management
system (RDBMS)
► It is being developed by Oracle nowadays (since 2010)
► Key Features:
► Supports standard SQL (Structured Query Language)
► The idea with SQL:
► We declare our schema ahead
(example: one user can have a username, a password an an email)
► And then we can easily store and query entries with SQL:
► SELECT username, email FROM users
► Provides multi-user access to databases

Jannis Seemann - Bash & Linux CLI

LAMP: MySQL / MariaDB
► MariaDB:
► A fork of MySQL, created by original MySQL developers
► A community-developed, open-source relational database
management system
► Key Features:
► Compatible with MySQL and offers more storage engines
► Includes GIS and JSON features

Jannis Seemann - Bash & Linux CLI

MySQL or MariaDB?

► For most applications, the differences between those

database systems are minor
► We can even use a python MySQL connector to connect to a
MariaDB server
► Here in this course, we will focus on MySQL

Jannis Seemann - Bash & Linux CLI

LAMP: PHP
► PHP:
► PHP is an open-source scripting language
► Particularly suited for web development
► It can easily be embedded in HTML
► Key features:
► Gentle learning curve
► We can easily write bad code
► But it also has extensive object-oriented capabilities
=> we can also create large applications, and structure our code properly

Jannis Seemann - Bash & Linux CLI

/

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
[CentOS]: Installing LAMP
► On CentOS, we need to install the following tools:
► Apache: httpd
► MySQL:
► mysql: The MySQL client for the command line
► mysql-server: The MySQL server
► PHP: php
► So the command we need to execute is:
► dnf install httpd mysql mysql-server php
► How to launch Apache (httpd):
► httpd will install a unit file (httpd.service)
► But we need to enable and launch it manually:
► systemctl enable --now httpd.service
► We should now be able to access Apache:
► http://localhost/

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
[Ubuntu]: Important
► If you had installed php through a third-party repository (PPA) in
the chapter about package management on Ubuntu:
► Be sure to remove:
► This repository (should be a file in /etc/apt/sources.list.d)
► And remove all installed PHP from your system:
► apt remove --purge 'php*'
► apt remove --purge 'libapache2-mod-php*'

Jannis Seemann - Bash & Linux CLI

[Ubuntu]: Installing LAMP
► On Ubuntu, we need to install the following tools:
► Apache:
► The name of this package is: apache2
► MySQL:
► mysql-server: Installs the MySQL server
► mysql-client: Allows us to connect to the MySQL server
through the command line.
► PHP:
► The name of the package is: php
► Also, it might be necessary to also install libapache2-mod-php
► Thus:
► apt install apache2 mysql-server mysql-client php
libapache2-mod-php

Jannis Seemann - Bash & Linux CLI

[Ubuntu]: How Apache is launched
► Apache2 installs a systemd unit file (apache2.service)
► This should be enabled by default

► We can inspect this service by checking its status:

► systemctl status apache2.service

► If it is not enabled, we can do this through systemctl:

► systemctl enable --now apache2.service

► We should now be able to access Apache:

► http://localhost/

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
How does Apache (httpd) work?
► Apache HTTP Server (httpd) is a web server that serves HTTP requests from clients
► Main operations:
► Listens for incoming requests from clients (web browsers)
► Interprets the request, often mapping it to a file in its directory
► Sends the requested file or an error message back to the client
► Module-based system:
► Apache's functionality can be extended using modules
► Modules can enable features like URL rewriting, PHP support, SSL, etc.
► VirtualHosts:
► Supports serving multiple websites from a single Apache server
► Each site appears to have its own domain and configuration

Jannis Seemann - Bash & Linux CLI

The architecture of apache / httpd
► In order to serve multiple clients at once, apache / httpd starts
several worker processes
► Thus, we got:
► A main process to coordinate all of them
► And several worker processes that do the actual work of serving
the website

Jannis Seemann - Bash & Linux CLI

How can we configure apache / httpd?
► The idea on both distributions:
► We have one main configuration file
► And this one will include all the other required files
► By splitting up the configuration into multiple files, the configuration remains
more clear
► And additional packages (apt / dnf) can just add additional configuration files
► On CentOS, the configuration can be found in several files:
► /etc/httpd/conf/httpd.conf
► /etc/httpd/conf.modules.d/*.conf
► /etc/httpd/conf.d/*.conf
► On Ubuntu, the configuration can be found in several files:
► /etc/apache2/apache2.conf
► /etc/apache2/conf-enabled/*.conf
► /etc/apache2/sites-enabled/*.conf

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
What is a VirtualHost?
► The problem:
► We would like to be able to serve multiple pages from
the same apache / httpd instance
► Thus, the webserver needs to detect which website
was requested
► And then serve the corresponding website
► The solution:
► We can create a "VirtualHost" for each of them
► And use them to override certain configuration
► Such as the folder from where to serve files
► This allows us to serve multiple domains!

Jannis Seemann - Bash & Linux CLI

VirtualHost?
► Let's say Firefox requests the following website:
► http://server.local
► In that case:
► First, the IP is resolved to the corresponding computer
► In this case: server.local is the hostname of a virtual machine in
my local network, and we can just connect to it
► Firefox will then send an HTTP request to port 80 on this server
► The server will see Firefox has requested the site of "server.local"
► And if we find a VirtualHost for this website, we can serve a
different website
► Let's have a look at how Firefox tells this to the apache2 / httpd
server!

Jannis Seemann - Bash & Linux CLI

How can we configure a VirtualHost?
► A VirtualHost will inherit all configuration of the main configuration file
► But we can override many features
► Example of a VirtualHost definition:
► <VirtualHost *:80>
ServerName server.local
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/server.local
ErrorLog /var/log/httpd/server.local.error.log
CustomLog /var/log/httpd/server.local.log combined
</VirtualHost>
► Important:
► VirtualHost just defines the mapping from a request that is received by
apache to an override of the default configuration

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
How can we use PHP with apache?
► How can we use PHP with apache?
► For many websites, we want to use PHP to execute scripts on our server
► How can we connect Apache with PHP?
► Usually, this should happen automatically
► But it happens differently on CentOS than on Ubuntu!

Jannis Seemann - Bash & Linux CLI

How to use PHP with apache (CentOS)
► On CentOS:
► PHP will be configured through php-fpm (FastCGI)
► It's a separate service that is just responsible for running PHP
► We can see this:
► systemctl status php-fpm.service
► The advantage:
► It integrates better into SELinux (more on that later)
► It's a separate process, different user / group possible
► But:
► Additional overhead for the communication between 2
processes

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
How to use PHP with apache (Ubuntu)
► On Ubuntu:
► By default, it will be configured as an Apache module
► This means:
► PHP is being executed by the Apache worker processes
► The performance is slightly better, slightly less overhead

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
MySQL architecture
► MySQL Server
► MySQL Client that connects to the MySQL server
► This allows several clients to share the same database

MySQL Server MySQL Client (CLI)

MySQL Client (PHP, WordPress)

MySQL Client (PHP, WordPress)

MySQL Client (PHP, phpmyadmin)

MySQL Client (backup script)

Jannis Seemann - Bash & Linux CLI

Setting up MySQL
► The next step is:
► We need to setup our MySQL server
► So that we can run phpmyadmin
► This luckily works (almost) the same on CentOS vs. Ubuntu
► First:
► We need to make sure MySQL is launched:
► CentOS:
► systemctl status mysqld
► systemctl enable --now mysqld
► Ubuntu:
► systemctl status mysql
► Usually, there should be no need for a systemctl enable

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
Setting up MySQL
► We now want to create an admin user for our database
► We can do this with the following commands:
► USE mysql;
► CREATE USER 'admin'@'localhost' IDENTIFIED BY 'password';
► GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
► FLUSH PRIVILEGES;

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
Bash & Linux CLI

Jannis Seemann -
What is WordPress?
► WordPress:
► A free, open-source content management system (CMS)
► Primarily written in PHP & MySQL
► Key Features:
► Highly customizable with themes and plugins
► User-friendly interface for managing content
► Supports various media types
► Uses:
► Widely used for creating blogs, websites, e-commerce
platforms, etc.
► We can download WordPress here:
► https://wordpress.org

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
How does configuration work
Main configuration of httpd / apache2

Configuration for each VirtualHost

Per-directory configuration via .htaccess

Jannis Seemann - Bash & Linux CLI

What is a .htaccess?
► A .htaccess file allows us to override certain options of our apache
configuration for a specific directory (and its sub-folders)
► Example .htaccess:
► Deny from all
► This will deny all requests to this directory

► We might have to configure our webserver to allow .htaccess overrides

► We can do this by adding the following entry to our VirtualHost declaration:
► <Directory /var/www/html>
AllowOverride All
</Directory>

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
Password-protected directory
► For this, we first need to create a password file
► This file will contain our passwords in an encrypted format
► We can do this through the following command:
► htpasswd [file] [user]
► Best practices:
► Filename: .htpasswd
► File is in the same folder as the .htaccess

► After this, we can create a .htaccess with the following content:

► AuthType Basic
AuthName "Restricted area"
Require valid-user
AuthUserFile [full-path-to-htpasswd]

Jannis Seemann - Bash & Linux CLI

Bash & Linux CLI

Jannis Seemann -
SSH Tunnel
► SSH Tunnel:
► It allows us to redirect a port on our machine and send it through the
SSH connection
► We can use it the following way:
► ssh -L 8088:localhost:80 ubuntu.local -p 222
► This will forward our port 8088 through the SSH connection
► The destination is "localhost:80" - according to the remote server

Jannis Seemann - Bash & Linux CLI