Toggle navigation

LAMP Stack Image Guide

Version 1.2.0

By default, network access is turned off to a ECS instance. You can specify rules in a security group that allows access from an IP address range, port, or ECS security group.

You must specify port numbers (for TCP):

  • 22 (ssh)
  • 80 (http)
  • 443 (https)
  • 21, 20000~30000 (ftp)

Security groups document URL: https://www.alibabacloud.com/help/doc-detail/25475.htm


Image version description

Software version:

  • Apache2.4.26
  • PHP7.1.7,PHP7.0.21, PHP5.6.30, PHP5.5.38,PHP5.4.45,PHP5.3.29
  • MySQL5.6.36 or MariaDB10.1.24
  • Redis3.2.9
  • Memcached1.4.39
  • Jemalloc4.5.0
  • Pure-FTPd1.0.46
  • phpMyAdmin4.4.15.10

Image Feature:

  1. Source compiler installation, download the latest and most stable version from the official, security optimization
  2. Providing multiple PHP versions (PHP-7.1,PHP-7.0, PHP-5.6, PHP-5.5, PHP-5.4, PHP-5.3)
  3. Jemalloc optimize MySQL/MariaDB
  4. Providing add a virtual host script, include Let’s Encrypt SSL certificate
  5. Add ftp acount to apache via the shell script menu
  6. Provide MySQL, PHP, Redis, Memcached, phpMyAdmin upgrade script
  7. Provide local backup and remote backup (rsync between servers),Alibaba cloud OSS backup(Intranet) script

Application Installation Directories

Apache install directory: /usr/local/apache

Database install directory: /usr/local/mysql or /usr/local/mariadb

Database data directory: /data/mysql or /data/mariadb

Database Configuration File: /etc/my.cnf

PHP install directory: /usr/local/php

PHP Configuration Path: /usr/local/php/etc

PHP Configuration File: /usr/local/php/etc/php.ini

PHP Additional .ini File: /usr/local/php/etc/php.d/

Memcached install directory: /usr/local/memcached

Memcached Configuration File: /etc/init.d/memcached

Redis install directory: /usr/local/redis

Redis Configuration File: /usr/local/redis/etc/redis.conf

Web Context document root:  /data/wwwroot/default

phpMyAdmin install directory: /data/wwwroot/default/phpMyAdmin

Web logs directory: /data/wwwlogs

Index demo url: http://<Public net IP>

Opcache Control Panel url: http://<Global IP Address>/ocp.php

phpmyadmin url: http://<Public net IP>/phpMyAdmin  #Pay attention to upper and lower case, rename or delete for security advice

PHP Proberv url: http://<Public net IP>/ proberv.php

The default ip direct access to the contents of the corresponding root directory:/data/wwwroot/default, This directory contains the home pagedemo,Opcache Control Panel,phpinfo,phpMyAdmin,Probes and other documents,Directory inside the file can be deleted, the directory can not be deleted.

How do use scripts to optimize the parameters

Because this image was build based on 1 Core 1G ECS,the configuration and parameters for  MySQL/MariaDB,PHP are original without any change, highly recommended If this is not the case, run the following optimization script:

cd /root/oneinstack  #Must enter the directory execution under oneinstack
./optimize.sh    #Do not sh optimize.sh or bash optimize.sh such execution

As shown below:

NOTE:

  1. It may take 1 minute, do not interrupt
  2. This script will automatically optimize MySQL, PHP and other parameters according to the system configuration
cd  /root/oneinstack  #Must enter the directory execution under oneinstack
./change_php_version.sh  #Do not sh change_php_version.sh such execution

As shown below:

Note:If you purchased a data disk(And only one data disk),It is recommended to mount the data disk first,the site content, database storage data cloud disk,If there is no purchase data cloud disk Ignore the tutorial!

cd  /root/oneinstack  #Must enter the directory execution under oneinstack
./move_auto_fdisk.sh  #mount data disk and migrate

As shown below:

NOTE:

Use following URL to open phpMyAdmin page:

http://<Public net IP>/phpMyAdmin

phpMyAdmin is an application for MySQL databases management. With it you can create, alter, drop, delete, import and export MySQL database tables. You can also run MySQL queries, optimize, repair and check tables, change collation.

Display default MySQL root password

cd  /root/oneinstack  #Must enter the directory execution under oneinstack
grep dbrootpwd options.conf  #Display MySQL root password

As shown below:

Change MySQL root password

cd  /root/oneinstack  # Must enter the directory execution under oneinstack
./reset_db_root_password.sh

As shown below:

Create a MySQL Database

Method 1:
For example: create a database named ‘oneinstack’

# mysql -uroot –p   # enter mysql console

Enter password:    # Enter mysql root password

MySQL [(none)]> create database oneinstack;   # Notice the semicolon at the end

MySQL [(none)]> show databases;

MySQL [(none)]> exit;    # quit mysql console,Notice the semicolon at the end

As shown below:

Method 2:

Use following URL to open phpMyAdmin page:

http://<Public net IP>/phpMyAdmin

Delete a MySQL Database

Method 1:
MySQL [(none)]> drop database oneinstack;  #delete oneinstack database

MySQL [(none)]> exit;    # quit mysql console,Notice the semicolon at the end

As shown below:

Method 2:

Use following URL to open phpMyAdmin page:

http://<Public net IP>/phpMyAdmin

Create a Database User

For security purposes, we usually create a unique database connection account for each web application(Account name can not be root).
E.g:add a user named: db_user,password:123456, Authorization for the localhost to the oneinstack database all permissions,the commands are as follows:

# mysql -uroot -p

MySQL [(none)]> grant all privileges on oneinstack.* to db_user@’localhost’  identified by ‘123456’;   # Notice the semicolon at the end

MySQL [(none)]> flush privileges;

MySQL [(none)]> exit;  # quit mysql console,Notice the semicolon at the end

As shown below:

How to setup a remote MySQL connection

For security reasons, OneinStack only allows the cloud host localhost to connect to the database,if you need a remote connection to the database,the following operations are required:

1. You must open port 3306 for Security groups

2. Database authorization

Remote Connection Create a new account(Account name can not be root)
E.g:add a user named db_user, password db_pass,Authorized as % (% Represents all ip can connect, you can set the designated ip)db_name database all authority, the commands are as follows

# mysql  -uroot  -p

MySQL [(none)]> grant all privileges on db_name.* to db_user@’%’ identified by ‘db_pass’;  # Authorization statement,Special attention to the semicolon

MySQL [(none)]> flush privileges;

MySQL [(none)]> exit;  # Quit the database console, Special attention to the semicolon

As shown below:

How to add a virtual host

cd  /root/oneinstack  # Must enter the directory execution under oneinstack
./vhost.sh  #NOTE: If no SSL certificate is purchased,SSL under Apache please enter n

As shown below:

In the above figure, the directory is the root directory of the Web site,the script is created automatically,Upload the code to the directory when deploying the site(the directory, subdirectories, and file permissions are all:www), correspond Apache the configuration file path is:
/usr/local/apache/conf/vhost/www.oneinstack.com.conf (www.oneinstack.com Is the domain name that is bound)
Add a virtual host will automatically create this directory

How to delete a virtual host

cd  /root/oneinstack  # Must enter the directory execution under oneinstack
./vhost.sh del

As shown below:

cd  /root/oneinstack  # Must enter the directory execution under oneinstack
./pureftpd_vhost.sh  #Do not sh pureftpd_vhost.sh such execution

As shown below:

Backup Set Parameters

cd  /root/oneinstack  # Must enter the directory execution under oneinstack
./backup_setup.sh

As shown below:

Perform the backup immediately:

cd  /root/oneinstack  #Must enter the directory execution under oneinstack
./backup.sh

Set Scheduled Task Automatic Scheduled Backup:

Example:Can be added to scheduled tasks, such as automatic backups every day 1:00

# echo ‘0 1 * * * cd ~/oneinstack;./backup.sh  > /dev/null 2>&1 & ‘  >> /var/spool/cron/root

View the backup:

View the local backup:

ls -l /data/backup/
As shown below:

Apache:

service httpd {start|stop|status|restart}

MySQL:

service mysqld {start|stop|restart|reload|status}

Pure-Ftpd:

service pureftpd {start|stop|restart|status}

Redis:

service redis-server {start|stop|status|restart|reload}

Memcached:

service memcached {start|stop|status|restart|reload}
cd  /root/oneinstack  # Must enter the directory execution under oneinstack
./upgrade.sh  # Do not sh upgrade.sh or bash upgrade.sh such execution

As shown below:

cd  /root/oneinstack  # Must enter the directory execution under oneinstack
./addons.sh   #NOTE: Support install and uninstall function

As shown below:

Some items can be uninstalled separately, such as RDS database, the database can be uninstalled separately

cd  /root/oneinstack  # Must enter the directory execution under oneinstack
./uninstall.sh  # NOTE: Please backup your data

As shown below:

How to deploy a website on a server

  1. Create the database required for the site,reference《Create a database
  2. Add a virtual host,reference《How to add a virtual host
  3. Create an FTP account,reference《How to manage FTP accounts
  4. Deploy the code to the site root directory

NOTE:Ftp upload code do not need to modify permissions,default is already www; Download the code in server , you must modify the site root and subdirectories,Directory file permissions are www; If there is a problem with site permissions,Please refer to《About site root permissions

wget Download the code to deploy a WordPress,As shown below:

Access http://www.oneinstack.com,enter the database address(localhost), user named(root),password(database root password),。

As shown below:

About the PHP opcode cache

by default,in order to reduce PHP compile time,improve performance(Opcache is recommended for production environments), The PHP environment loads the Opcache module by default(PHP7.1,7.0,5.6,5.5), Please refer to the principle:《In-depth understanding of PHP Opcode caching principles

But this will appear PHP code updates, take 2 to 3 minutes to take effect,This affects the efficiency of the site during the commissioning phase suggest that you close or refresh the cache every time there is a code update(Recommended method two)

Method 1:Uninstall Opcache

cd  /root/oneinstack  #Must enter the directory execution under oneinstack
./addons.sh

As shown below:

Method 2:Refresh the PHP cache

Access http://<Public net IP>/ocp.php,

Or direct access http://<Public net IP>/ocp.php?RESET=1

As shown below:

Proper permissions for files/folders

Web site root permissions to follow:

file 644, folder 755, Permissions Users and groups www

If there is a file permissions problem, execute the following three commands:

chown  -R  www.www  /data/wwwroot/
find  /data/wwwroot/  -type  d  -exec  chmod  755  {}  \;
find  /data/wwwroot/  -type  f  -exec  chmod  644  {}  \;

About Redis and Memcached

Redis default port:6379

Memcached default port:11211

default only listen IP:127.0.0.1

How to increase the maximum memory size of Redis?

vi  /usr/local/redis/etc/redis.conf

maxmemory 1024000000  # <bytes>

service redis-server restart   # restart the redis for changes to take effect

How to increase the maximum memory size of memcached?

vi  /etc/init.d/memcached

CACHESIZE=256   #<Megebyte>

service memcached restart  # restart the memcached for changes to take effect

How to change the listening port for redis?

vi  /usr/local/redis/etc/redis.conf

bind 127.0.0.1 changed to bind 0.0.0.0

service redis-server restart   # restart the redis for changes to take effect

How to change the listening port for memcached?

vi /etc/init.d/memcached

OPTIONS=”-l 127.0.0.1″  changed to  OPTIONS=””

service memcached restart  # restart the memcached for changes to take effect

About iptables Firewall

By default,  iptables firewall is not running.