Article

  • 3 years

    5 months

    YetiShare / Core

    21364

Yetishare v5 Install: HestiaCP, Ubuntu 20.04, Nginx, PHP-FPM, MySQL - New Server Setup Guidance

New server install on Ubuntu 20.04 64bit. Do not use this guide for other Linux distros or version numbers (other than for guidance).

This will install:

  • NGINX Web
  • PHP 7.4 (Optionally PHP8)
  • Bind DNS Server
  • Exim Mail Server
  • Dovecot POP3/IMAP Server
  • MariaDB Database Server
  • Vsftpd FTP Server
  • Firewall (Iptables) + Fail2Ban Access Monitor

Important: This document is supplied without support. Our support covers script related issues so this guidance is provided as-is, without warranty. You should contact your server admin for support on server related issues. If you would prefer us to manage the installation and configuration on your servers, we can arrange this at a cost, see here.

Install HestiaCP:

SSH (via Putty) to your server via 'root'.

cd /root
wget https://raw.githubusercontent.com/hestiacp/hestiacp/release/install/hst-install.sh
bash hst-install.sh -w yes -t no -c no -x yes -z yes -b yes -i yes -m yes -a no -o yes -v no

Enter your hostname (yourdomain.com) and the admin email address when prompted. Once installed, make note of your new HestiaCP access details.

* If you see an error relating to "admin user already exists", execute "groupdel admin"


Setup the Database:

Now create a MySQL database and user for the script. Open your new HestiaCP area using the details you where issues earlier. i.e. https://[your_ip_address]:8083

  • Navigate to 'DB'.
  • Click the green '+' symbol.
  • Choose a database name and user (such as 'yeti').
  • Generate a password and make note of your new database details.
  • Click 'Add' to submit the form.

Install the Script:

Using WinSCP login as root to your server.

  • Go to /home/admin/web/yourdomain.com/public_html
  • Remove the default site files in your webroot:
rm /home/admin/web/yourdomain.com/public_html/index.html
rm /home/admin/web/yourdomain.com/public_html/robots.txt

  • Download YetiShare from our website and upload it using WinSCP to the above path. Once uploaded, extract the archive using your SSH session (Putty).
cd /home/admin/web/yourdomain.com/public_html
unzip File_Hosting_Script_*
rm File_Hosting_Script_*
chmod 755 _config.inc.php
chmod 755 plugins/
chmod 755 files/
chmod 755 logs/
chmod 755 cache/

  • Load the installation wizard in your browser - http://yourdomain.com/install/
  • If the initial checks for permissions fail, try CHMOD 777 on all the paths above instead.
  • Click 'next'.
  • Set the database details you configured above and click 'test'.
  • If it connects fine, enter the admin username and password you want to setup and click 'next/install'.
  • If everything installs fine you'll see the final confirmation page. You'll need to setup these crons on your server to enable the background tasks so keep this page in your browser for now.

Setup cron tasks:

Via SSH, enter:

$ crontab -e

  • Press the 'i' key.
  • Go back to your installation confirmation page and copy the 6 cron lines.
  • Back in your SSH session, right click or paste the lines.
  • Press the 'escape' key.
  • Type ':w' without the quote and press enter.
  • This will confirm the crontab has been saved.
  • Type ':q' without the quotes and press enter to exit.

Setup the Nginx rewrite rules (On the HTTPS URL):

Via SSH (Putty):

$ nano /home/admin/conf/web/yourdomain.com/nginx.ssl.conf_yetishare

Set:

    client_max_body_size 5G;

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
        if (!-e $request_filename) { rewrite ^/(.*) /index.php?_page_url=$1 last; }
        fastcgi_pass unix:/run/php/php8.1-fpm-yourdomain.com.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
        include /etc/nginx/fastcgi_params;
    }

     #location / {
        if (!-e $request_filename) {
            rewrite ^/(.*) /index.php?_page_url=$1 last;
        }
     #}

    location /files/ {
        internal;
    }

    # these locations would be hidden by .htaccess normally
    location /logs/ {
        deny all;
    }

  • Press 'ctrl + x', then 'Y', then enter to save. Restart Nginx:

$ service nginx restart

  • You'll see sub-pages on the site will now work fine, i.e. https://yoursite.com/register


Server Performance Improvements:

Via SSH (Putty) execute all the following commands. These will amend your configuration files to work best with the script. Note that these have been prepared for Ubuntu, do not use them on any other Linux distro. Instead use this guide.

PHP settings: (change PHP path to the correct PHP version)

cp /etc/php/8.0/fpm/php.ini /etc/php/8.0/fpm/php-ORIG.ini
sed -i 's/memory_limit = .*/memory_limit = 512M/' /etc/php/8.0/fpm/php.ini
sed -i 's/upload_max_filesize = .*/upload_max_filesize = 5G/' /etc/php/8.0/fpm/php.ini
sed -i 's/post_max_size = .*/post_max_size = 5G/' /etc/php/8.0/fpm/php.ini
sed -i 's/max_execution_time = .*/max_execution_time = 180/' /etc/php/8.0/fpm/php.ini
sed -i 's/max_input_time = .*/max_input_time = 180/' /etc/php/8.0/fpm/php.ini
sed -i 's/output_buffering = .*/output_buffering = 4096/' /etc/php/8.0/fpm/php.ini
sed -i 's/;output_handler =.*/output_handler =/' /etc/php/8.0/fpm/php.ini
sed -i 's/zlib.output_compression = .*/zlib.output_compression = Off/' /etc/php/8.0/fpm/php.ini
sed -i 's/zlib.output_compression_level = .*/zlib.output_compression_level = -1/' /etc/php/8.0/fpm/php.ini
sed -i 's/;zlib.output_handler =.*/zlib.output_handler =/' /etc/php/8.0/fpm/php.ini

NGINX settings:

cp /etc/nginx/nginx.conf /etc/nginx/nginx-ORIG.conf
sed -i '/http {/a fastcgi_keep_conn on;' /etc/nginx/nginx.conf
sed -i '/http {/a fastcgi_buffering off;' /etc/nginx/nginx.conf
sed -i '/http {/a proxy_buffering off;' /etc/nginx/nginx.conf
sed --in-place '/gzip /d' /etc/nginx/nginx.conf
sed -i '/http {/a gzip off;' /etc/nginx/nginx.conf
sed --in-place '/worker_connections /d' /etc/nginx/nginx.conf
sed -i '/events {/a worker_connections 10000;' /etc/nginx/nginx.conf
cp /etc/php/8.0/fpm/pool.d/yoursite.com.conf /etc/php/8.0/fpm/yoursite.com-ORIG.conf
sed --in-place '/pm = dynamic/d' /etc/php/8.0/fpm/pool.d/yoursite.com.conf
sed --in-place '/pm.max_children = /d' /etc/php/8.0/fpm/pool.d/yoursite.com.conf
sed -i -e '$arequest_terminate_timeout = 300' /etc/php/8.0/fpm/pool.d/yoursite.com.conf
sed -i -e '$apm = ondemand' /etc/php/8.0/fpm/pool.d/yoursite.com.conf
sed -i -e '$apm.max_children = 75' /etc/php/8.0/fpm/pool.d/yoursite.com.conf
sed -i -e '$apm.process_idle_timeout = 10s' /etc/php/8.0/fpm/pool.d/yoursite.com.conf
cp /usr/local/hestia/install/deb/templates/web/php-fpm/default.tpl /usr/local/hestia/install/deb/templates/web/php-fpm/default-ORIG.tpl
sed --in-place '/pm.max_children = /d' /usr/local/hestia/install/deb/templates/web/php-fpm/default.tpl
sed -i -e '$apm.max_children = 75' /usr/local/hestia/install/deb/templates/web/php-fpm/default.tpl
cp /usr/local/hestia/install/deb/php-fpm/multiphp.tpl /usr/local/hestia/install/deb/php-fpm/multiphp-ORIG.tpl
sed --in-place '/pm.max_children = /d' /usr/local/hestia/install/deb/php-fpm/multiphp.tpl
sed -i -e '$apm.max_children = 75' /usr/local/hestia/install/deb/php-fpm/multiphp.tpl

MYSQL settings:

cp /etc/mysql/my.cnf /etc/mysql/my-ORIG.cnf
sed -i 's/max_connections.*/max_connections=600/' /etc/mysql/my.cnf

Restart all services:

$ service mysqld restart or service mariadb restart
$ service nginx restart
$ service php8.0-fpm restart

Your new server is done! Have a break :)


Setup File Servers (optional)

Set your "direct" file server using the "Install HestiaCP" guide shown above.

Remove the default site files in your webroot:

$ rm /home/admin/web/fs1.yourdomain.com/public_html/index.html
$ rm /home/admin/web/fs1.yourdomain.com/public_html/robots.txt

Copy all files including the _config.inc.php from the main server to the file server. You can do this via SFTP or by using rsync like below:

$ rsync -avh --progress --exclude 'files/*' --exclude 'logs/*' --exclude 'cache/*' --exclude '___OLD_SITE/*' /home/admin/web/yourdomain.com/public_html/ [email protected]:/home/admin/web/fs1.yourdomain.com/public_html

In the rsync command above, set yourdomain.com values, IP address (currently 1.1.1.2) with your main server IP and the fs1.yourdomain.com with the web root path on your file server.

Once completed, on your file server edit the _config.inc.php file. Set the first 3 constants:

define("_CONFIG_SITE_HOST_URL", "fs1.yourdomain.com");
define("_CONFIG_SITE_FULL_URL", "fs1.yourdomain.com");

define("_CONFIG_DB_HOST", "1.1.1.1"); /* database ip address */


  • Apply the Nginx rewrite rules to your file server. (as above)
  • Apply the performance configuration changes. (as above)
  • Add the file server to your admin area within the script.
  • Setup remote database access on your main server:

$ nano /etc/mysql/mariadb.conf.d/50-server.cnf

By ensuring "bind-address" is commented out:

#bind-address = 127.0.0.1

  • Exit and save.
  • Add the remote MySQL user (set this to the same username & password as your localhost one, replace 1.2.3.4 with your file server IP):
$ mysql -uroot
> CREATE USER 'yeti_username'@'1.2.3.4' IDENTIFIED BY 'yeti_password';
> GRANT ALL ON *.* TO 'yeti_username'@'1.2.3.4';
> FLUSH PRIVILEGES;

  • Open port 3306 via the Hestia control panel settings.
  • Restart MariaDB on your main server:

$ service mysqld restart or service mariadb restart

  • Setup or amend the existing MySQL user so it can access the database remotely. You can test this by connecting from the file server on the command line (SSH) to the remote database.


Troubleshooting:

Issue:
After starting the install, the script errors with "Error: apt-get upgrade failed".

Fix:
$ apt-get upgrade