Install required packages
sudo add-apt-repository universe
sudo apt update && sudo apt dist-upgrade && sudo apt autoremove
sudo apt-get install -y build-essential nginx git redis-server wget htop apache2-utils unzip mysql-server nginx mysql-client certbot
sudo apt-get install -y php7.4-fpm php7.4-curl php7.4-intl php7.4-mysql php7.4-opcache php7.4-xml php7.4-zip php7.4-common php7.4-cli php7.4-dev php7.4-mbstring php7.4-json php7.4-readline php7.4-soap php7.4-sqlite3 php7.4-gd php7.4-cli
sudo apt-get install -y php-redis php-memcached php-memcache
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php
php -r "unlink('composer-setup.php');"
chmod +x composer.phar
sudo mv composer.phar /usr/local/bin/composer
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
chmod +x wp-cli.phar
sudo mv wp-cli.phar /usr/local/bin/wp
wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash
Setup Nginx
sudo truncate -s0 /etc/nginx/sites-available/default
sudo nano /etc/nginx/sites-available/default
Simple Nginx conf
#marketing website
server {
listen 80 default_server;
root /home/ubuntu/sites/website;
index index.php index.html index.htm;
server_name www.website.com website.com;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.ht {
deny all;
}
client_max_body_size 5M;
gzip on;
gunzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 1000;
gzip_types text/plain text/css application/json image/png image/jpeg application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
error_log /var/log/nginx/website_nginx_error.log warn;
}
Setup php fpm
sudo truncate -s0 /etc/php/7.4/fpm/pool.d/www.conf
sudo nano /etc/php/7.4/fpm/pool.d/www.conf
[www]
user = ubuntu
group = ubuntu
listen = /run/php/php7.4-fpm.sock
listen.owner = ubuntu
listen.group = ubuntu
listen.mode = 0660
request_slowlog_timeout = 5s
slowlog = /var/log/php7.4-fpm/slowlog-site.log
pm = dynamic
pm.max_children = 15
pm.start_servers = 5
pm.min_spare_servers = 3
pm.max_spare_servers = 8
pm.max_requests = 500
emergency_restart_threshold = 10
emergency_restart_interval = 1m
process_control_timeout = 10s
php_admin_value[memory_limit] = 128M
php_admin_value[upload_max_filesize] = 5M
php_admin_value[post_max_size] = 5M
Install certbot
sudo certbot --nginx -d www.website.com -d website.com
Setup crontab for certbot auto-renew
sudo crontab -e
0 7 * * * certbot renew --post-hook "service nginx restart"
Setup basic auth for nginx
htpasswd -c /etc/ubuntu/.htpasswd web_user
Add following line in nginx conf file
...
auth_basic "Website User Login";
auth_basic_user_file /home/ubuntu/.htpasswd;
...
Posted by Tushar to Tushar's deck (2020-09-11 16:35)