F-ika | Search

Search

Items tagged with: PASSWORD=`grep

EDIT | don't follow!

11 months ago

EDIT | don't follow!
11 months ago

LAMP installation

Categories:LAMP, Linux, VPS

LAMP (Linux, Apache, MySQL, PHP)

L -> linux
A -> apache
M -> mysql - phpMyAdmin
P -> PHP, Perl, or Python programming language
https://en.wikipedia.org/wiki/LAMP_(software_bundle)
LAMP is an acronym denoting one of the most common software stacks for many of the web's most popular applications. However, LAMP now refers to a generic software stack model and its components are largely interchangeable.

Install the apache server

https://www.bitcatcha.com/blog/what-is-apache/
"The Apache Server is an open-source, cross-platform web server application. In its essence, it allows users to deploy their websites on the internet for others to be able to access them."
--
The -y in the following command is used to confirm automatically all options/questions that come up in the installation

Categories:LAMP, Linux, VPS

LAMP (Linux, Apache, MySQL, PHP)

Install the apache server

rootname@VPShosting:~$ sudo apt update
rootname@VPShosting:~$ sudo apt install apache2 -y

Install Certbot and Setting up HTTPS

The S in HTTPS stands for "secure transmission" meaning that the information that is transmitted between the web site and the user is encrypted. There for the data isn't readable for others while it is transmitted. You can observe that security detail in the web URL of any web site as it starts with https://.
Certbot installs a standard SSL certificate provided by the Let's encrypt foundation with no charge. Nowadays this is a basic need on the internet and for the privacy of everyone. Even tho it is possible to run any web site as HTTP http:// and there for also a friendica node, nobody should do that and you should set all options of your friendica server to "HTTPS mandatory".

rootname@VPShosting:~$

sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot

rootname@VPShosting:~$ sudo ln -s /snap/bin/certbot /usr/bin/certbot

Installing your SSL certificate

https://www.nequalsonelifestyle.com/2022/07/30/creating-friendica-server-ubuntu/#install-certbot-and-setting-up-https
"You will be prompted for several options. The defaults should be fine for most but there are some things that will be specific to your instance. For the sake of explicitness:
* Enter the email address you want notifications from the Certbot team and that you are comfortable sharing with them and others.
* Select Yes once you’ve read the terms of service
* Select Yes if you want to get more general EFF emails (optional)
* Enter the domain name yourFriendicaDomainName.com for your friendica node. It is important to put the full accurate domain name in. This is what will be used for name matching when the certificate is issued and used.
After you do those options you will get a series of prompts with statuses. When it is completed you should be able to navigate to the HTTPS version of your website. In fact if you intentionally try to go to the HTTP version of your website it should redirect to the HTTPS version instead. Try this out to be sure this step has been completed successfully."

rootname@VPShosting:~$ sudo certbot --apache

Important information in the case of server migration -> installing your SSL certificate

rootname@VPShosting:~$ sudo certbot --apache
For this step in the installation process you do need to have your domain name URL already directed to the IP of your server. Other wise this installation step not only wont be able to finish the setup of the SSL certificate, you will run into problems when you try to setup your friendica instance. This is a particular complication when you want to migrate a live system. Your intention might be for the the old IP to remain as long as possible related to the domain name, even maybe try everything out before a definite migration.
The sugestion as of now would be to try execute this step just after the first gitHub pull and before:

Configure PHP dependencies:
www-data@VPShosting:~$ cd html
www-data@VPShosting:~/html$ bin/composer.phar install --no-dev

There is still some testing needed to confirm the best moment of the SSL certificate installation step in the installation process or eventual work arounds for this tutorial.

Configuring the firewall

https://www.nequalsonelifestyle.com/2022/07/30/creating-friendica-server-ubuntu/#configuring-a-firewall
"A firewall is an important security measure for your server to limit available surfaces that hackers can use. Firewalls can be configured either in your cloud provider or on the local server. Ubuntu Server by default ships with the UFW firewall software. For this tutorial we will configure the firewall locally. The main gist is that you should be only opening up the necessary ports for SSH, HTTP, and HTTPS."

rootname@VPShosting:~$ sudo ufw allow ssh
rootname@VPShosting:~$ sudo ufw allow http
rootname@VPShosting:~$ sudo ufw allow https
rootname@VPShosting:~$ sudo ufw enable
rootname@VPShosting:~$ sudo ufw status

install and configure fail2ban

https://www.nequalsonelifestyle.com/2022/07/30/creating-friendica-server-ubuntu/#configure-fail2ban
"Fail2Ban is another important tool for thwarting hackers. It basically detects if some computer is brute force attacking or excessively hitting your server and applies escalating blocks on that IP address."

rootname@VPShosting:~$

sudo apt install fail2ban -y 
rootname@VPShosting:~$ [code]sudo systemctl enable fail2ban

rootname@VPShosting:~$ sudo systemctl start fail2ban

rootname@VPShosting:~$ systemctl status fail2ban

rootname@VPShosting:~$ sudo reboot

Because of the reboot you will be logged out of your VPS server and will have to log on again to proceed with the installation.

"M" like MySQL/mariaDB and "P" like PHP of "LAMP" installation

DataBase and PHP-HypertextPreprocessor installation || See values inside this spoiler

Values for the prompts you get:
Enter current password for root (enter for none): Just hit enter since you are configured to only allow logins with SSH keys for the root user.
Switch to unix_socket authentication: n
Change the root password?: n
Remove anonymous users? Y
Disallow root login remotely? Y
Remove test database and access to it? Y
Reload privilege tables now? Y[/list]

rootname@VPShosting:~$ sudo apt update

rootname@VPShosting:~$

sudo apt install mariadb-server php libapache2-mod-php \
     php-common php-gmp php-curl php-intl php-mbstring \
	 php-xmlrpc php-mysql php-gd php-imagick php-xml \
	 php-cli php-zip php-sqlite3 curl git -y

rootname@VPShosting:~$ sudo mysql_secure_installation

Creating the DB - data base

If you come to this point straight from the previous mariaDB setup you are already logged into mySQL. You will note this because instead of the print:
rootname@VPShosting:~#
in the console you will see:
MariaDB [(none)]>
Other wise you will have to log into mariaDB first with the following command:
rootname@VPShosting:~# mysql
[spoiler=mariaDB welcome message:]Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 160000
Server version: 10.6.12-MariaDB-0ubuntu0.22.04.1 Ubuntu 22.04
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE friendicadb;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> CREATE USER 'friendica'@'localhost' IDENTIFIED BY '<password>';
Query OK, 0 rows affected (0.002 sec)
MariaDB [(none)]> GRANT ALL ON friendicadb.* TO 'friendica'@'localhost';
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> EXIT;
Bye

rootname@VPShosting:~#

To log from the console into your DB use the following command:
rootname@VPShosting:~# mysql friendicadb

To exit mariaDB:
MariaDB [friendicadb]> Ctrl-C -- exit!
Aborted
rootname@VPShosting:~#

How to change the DB password

rootname@VPShosting:~# mysql
(Welcome to the MariaDB monitor..)
MariaDB [(none)]> USE friendicadb
Database changed
MariaDB [friendicadb]> ALTER USER 'friendica'@'localhost' IDENTIFIED BY 'newpassword';
Query OK, 0 rows affected (0.001 sec)
MariaDB [friendicadb]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.000 sec)
MariaDB [friendicadb]> exit
Bye
rootname@VPShosting:~#
test changes:
rootname@VPShosting:~# mysql -u friendica -p
Enter password:
(Welcome to the MariaDB monitor..)
MariaDB [(none)]>
If you use a wrong password, you might want to check the old one, you'll get the following message:
ERROR 1045 (28000): Access denied for user 'friendica'@'localhost' (using password: YES)

creating a single backup of the MySQL Database with mysqldump

https://www.digitalocean.com/community/tutorials/how-to-backup-mysql-databases-on-an-ubuntu-vps
The MySQL file will be created in the folder you are in when performing the command.
creat a single copy of a MySQL DB
rootname@VPShosting:~# mysqldump -u username -p database_to_backup > backup_name.sql

install auto backup process of the MySQL/mariaDB database | automysqlbackup

https://dev.to/xarala221/how-to-backup-mysql-databases-on-ubuntu-vps-server-automatically-497c
The program installs a cron script with automysqlbackup that runs every day. The daily backup files will be named monday/tuesday/wednesday..and replaced when ever a new bachup is duefor the specific backup. The same goes for weekly and monthly backups. You should tweak these settings in a way that you will be comfortable if something happens. Have in mind that this can mount to an enormous amount of backup data so you might check out tweaks and work arounds to adjust to your server capabilities and monetary possibilities.

install automysqlbackup
rootname@VPShosting:~# sudo apt-get install automysqlbackup
rootname@VPShosting:~# sudo automysqlbackup

information into deep about automysqlbackup

listing automysqlbackup folders
rootname@VPShosting:~# cd /var/lib/automysqlbackup
rootname@VPShosting:~# /var/lib/automysqlbackup# ls
daily monthly weekly
listing daily backed up files:
rootname@VPShosting:/var/lib/automysqlbackup# ls -R /var/lib/automysqlbackup/daily

console print automysqlbackup - daily

/var/lib/automysqlbackup/daily:
friendicaDB sys
/var/lib/automysqlbackup/daily/friendicaDB:
friendicaDB_2023-11-14_21h39m.Tuesday.sql.gz
friendicaDB_2023-11-15_06h25m.Wednesday.sql.gz
/var/lib/automysqlbackup/daily/sys:
sys_2023-11-14_21h39m.Tuesday.sql.gz
sys_2023-11-15_06h25m.Wednesday.sql.gz
rootname@VPShosting:/var/lib/automysqlbackup#

to have a look at automysqlbackup as is:
rootname@VPShosting:~# nano /etc/default/automysqlbackup

automysqlbackup configuracion file

# By default, the Debian version of automysqlbackup will use:
# mysqldump --defaults-file=/etc/mysql/debian.cnf
# but you might want to overwrite with a specific user & pass.
# To do this, simply edit bellow.
# Username to access the MySQL server e.g. dbuser
#USERNAME=`grep user /etc/mysql/debian.cnf | tail -n 1 | cut -d"=" -f2 | awk '{print $1}'`
# Username to access the MySQL server e.g. password
#PASSWORD=`grep password /etc/mysql/debian.cnf | tail -n 1 | cut -d"=" -f2 | awk '{print $1}'`
# Host name (or IP address) of MySQL server e.g localhost
DBHOST=localhost
# List of DBNAMES for Daily/Weekly Backup e.g. "DB1 DB2 DB3"
# Note that it's absolutely normal that the db named "mysql" is not in this
# list, as it's added later by the script. See the MDBNAMES directives below
# in this file (advanced options).
# This is ONLY a convenient default, if you don't like it, don't complain
# and write your own.
# The following is a quick hack that will find the names of the databases by
# reading the mysql folder content. Feel free to replace by something else.
# DBNAMES=`find /var/lib/mysql -mindepth 1 -maxdepth 1 -type d | cut -d'/' -f5 | grep -v ^mysql\$ | tr \\\r\\\n ,\ `
# This one does a list of dbs using a MySQL statement.
DBNAMES=`mysql --defaults-file=/etc/mysql/debian.cnf --execute="SHOW DATABASES" | awk '{print $1}' | grep -v ^Database$ | grep -v ^mysql$ | grep -v ^performance_schema$ | grep -v ^information_schema$ | tr \\\r>
# Backup directory location e.g /backups
# Folders inside this one will be created (daily, weekly, etc.), and the
# subfolders will be database names. Note that backups will be owned by
# root, with Unix rights 0600.
BACKUPDIR="/var/lib/automysqlbackup"
# Mail setup
# What would you like to be mailed to you?
# - log : send only log file
# - files : send log file and sql files as attachments (see docs)
# - stdout : will simply output the log to the screen if run manually.
# - quiet : Only send logs if an error occurs to the MAILADDR.
MAILCONTENT="quiet"
# Set the maximum allowed email size in k. (4000 = approx 5MB email [see
# docs])
MAXATTSIZE="4000"
# Email Address to send mail to? (user@domain.com)
MAILADDR="root"
# ============================================================
# === ADVANCED OPTIONS ( Read the doc's below for details )===
#=============================================================
# List of DBBNAMES for Monthly Backups.
MDBNAMES="mysql $DBNAMES"
# List of DBNAMES to EXLUCDE if DBNAMES are set to all (must be in " quotes)
DBEXCLUDE=""
# Include CREATE DATABASE in backup?
CREATE_DATABASE=yes
# Separate backup directory and file for each DB? (yes or no)
SEPDIR=yes
# Which day do you want weekly backups? (1 to 7 where 1 is Monday)
DOWEEKLY=6
# Which day of the month to execute the monthly backup (00 = no monthly backup)
# Two digit required
DOMONTHLY=01
# Choose Compression type. (gzip or bzip2)
COMP=gzip
# Compress backups on the fly with gzip or bzip2 (yes or no)
COMPDIRECT=no
# Compress communications between backup server and MySQL server?
COMMCOMP=no
# Additionally keep a copy of the most recent backup in a seperate
# directory.
LATEST=no
# The maximum size of the buffer for client/server communication. e.g. 16MB
# (maximum is 1GB)
MAX_ALLOWED_PACKET=
# For connections to localhost. Sometimes the Unix socket file must be
# specified.
# For connections to localhost. Sometimes the Unix socket file must be
# specified.
SOCKET=
# Command to run before backups (uncomment to use)
#PREBACKUP="/etc/mysql-backup-pre"
# Command run after backups (uncomment to use)
#POSTBACKUP="/etc/mysql-backup-post"
# Backup of stored procedures and routines (comment to remove)
ROUTINES=yes
# Mysqldump additional option (like "--single-transaction")
OPTIONS=""

#debian #linux #friendica #fediVerse #fediTutorial

Please wait

View in context

…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup

11 months ago

…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
11 months ago

creating a single backup of the MySQL Database with mysqldump

https://www.digitalocean.com/community/tutorials/how-to-backup-mysql-databases-on-an-ubuntu-vps
The MySQLfile will be created in the folder you are in when performing the command.

creat a copy of the MySQL DB
rootname@VPShosting:~# mysqldump -u username -p database_to_backup > backup_name.sql

installing an auto backup process of the MySQL database that runs once a day | automysqlbackup

https://dev.to/xarala221/how-to-backup-mysql-databases-on-ubuntu-vps-server-automatically-497c
The program installs a cron script with automysqlbackup that runs every day. The backup file will be replaced every day. You should tweak these settings in a way that you will be comfortable if something happens.Have in mind that if something gets screwed up you will only have "one day" to realize that a problem exists and at least make a copy of the DB. There for consider to perform also weekly and

creating a single backup of the MySQL Database with mysqldump

https://www.digitalocean.com/community/tutorials/how-to-backup-mysql-databases-on-an-ubuntu-vps
The MySQLfile will be created in the folder you are in when performing the command.

creat a copy of the MySQL DB
rootname@VPShosting:~# mysqldump -u username -p database_to_backup > backup_name.sql

installing an auto backup process of the MySQL database that runs once a day | automysqlbackup

https://dev.to/xarala221/how-to-backup-mysql-databases-on-ubuntu-vps-server-automatically-497c
The program installs a cron script with automysqlbackup that runs every day. The backup file will be replaced every day. You should tweak these settings in a way that you will be comfortable if something happens.Have in mind that if something gets screwed up you will only have "one day" to realize that a problem exists and at least make a copy of the DB. There for consider to perform also weekly and monthly backups, depending on your routines and needs.

install automysqlbackup
rootname@VPShosting:~# sudo apt-get install automysqlbackup
rootname@VPShosting:~# sudo automysqlbackup

listing automysqlbackup folders
rootname@VPShosting:~# cd /var/lib/automysqlbackup
rootname@VPShosting:~# /var/lib/automysqlbackup# ls
daily monthly weekly

listing daily backed up files:
rootname@VPShosting:~# ls -R /var/lib/automysqlbackup/daily

to have a look at automysqlbackup, as is there is no tweaking neccesary:
rootname@VPShosting:~# nano /etc/default/automysqlbackup

automysqlbackup configuracion file

#USERNAME=`grep #PASSWORD=`grep #PREBACKUP="/etc/mysql-backup-pre #POSTBACKUP="/etc/mysql-backup-post

Please wait

View in context

⇧

Search

Items tagged with: PASSWORD=`grep

EDIT | don't follow! 11 months ago

EDIT | don't follow! 11 months ago

LAMP installation

…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup 11 months ago

…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup 11 months ago

EDIT | don't follow!

11 months ago

EDIT | don't follow!
11 months ago

…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup

11 months ago

…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
11 months ago