Friday, April 6, 2012

Notes on setting up a new LAMP server on Amazon EC2

Just my general notes on setting up a new LAMP server on Amazon EC2.
I apologize for the briefness and non-tutorial format, but if you can connect to the server using your SCP client the notes below should point you in a pretty good direction to get started.

First, setup the AMI Linux 64 bit.

Install Apache
sudo yum -y install httpd
Install MySql
sudo yum -y install mysql mysql-server
Install PHP
sudo yum -y install php php-cli php-gd php-intl php-mbstring php-mysql php-pdo php-soap php-xml php-xmlrpc php-pspell php-pear

Make sure services start on boot
sudo /sbin/chkconfig httpd on
sudo /sbin/chkconfig mysqld on
   sudo /sbin/service httpd start
sudo /sbin/service mysqld start

Copy website files to (You could also substitute any other desired directory here)
/home/ec2-user/www/

allow document root to be read by others
chmod 755 /home/ec2-user
allow apache user to write to any needed folders
chown apache /home/ec2-user/www/Uploads
chown apache /home/ec2-user/www/htdocs/cxapp/uploaded_config
chown apache /home/ec2-user/www/htdocs/Templates/cache
chown apache /home/ec2-user/www/htdocs/Templates/compile


Update PHP.ini (includes disabling deprecation notices)
error_reporting = E_ALL & ~E_DEPRECATED
error_log = /var/log/php_errors.log
post_max_size = 300M
upload_max_filesize = 300M
date.timezone =America/New_York
[mbstring]
mbstring.internal_encoding = UTF-8

create PHP error log file and allow access to it
touch /var/log/php_errors.log
chown apache /var/log/php_errors.log

Install needed PHP Pear modules
[update pear] pear channel-update pear.php.net
pear install mail
pear install mail_mime
pear install Services_JSON
pear install Net_SMTP

Install way to locate files on server
sudo yum install mlocate
[then use]
updatedb
locate

MySql Setup

Set up MySql and set root password
/usr/bin/mysql_secure_installation

Or
Setup mysql root user with new password (FROM: http://dev.mysql.com/doc/refman/5.0/en/default-privileges.html)
shell> mysql -u root
mysql>
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd');
mysql>
SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('newpwd');
mysql>
SET PASSWORD FOR 'root'@'%' = PASSWORD('newpwd');
Restore mysql database
$ mysql -u{username} -p{password} < dbbackup.sql

Set MySql Configuration
$ nano /etc/my.cnf

[mysqld]
port            = 3306
init_connect='SET collation_connection = utf8_unicode_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
query-cache-type = 1
query-cache-size = 20M
default-character-set=utf8

Log Rotation
sudo vi /etc/logrotate.d/httpd
"/var/log/php-error.log" /var/log/httpd/*log {
   rotate 5
   size=10M
   missingok
   notifempty
   sharedscripts
   delaycompress
   postrotate
      /sbin/service httpd reload > /dev/null 2>/dev/null || true
   endscript
}


edit apache config
[/etc/httpd/conf/httpd.conf]
ServerAdmin youremail@address.com
DocumentRoot “/home/ec2-user/www/htdocs”
MaxKeepAliveRequests 256

#allow case insensitivity
CheckCaseOnly on
CheckSpelling on


#this helps cache pages that haven't changed
<IfModule expires_module>
   ExpiresActive on
   ExpiresDefault “access plus 1 months”
</IfModule>
FileETag none

<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>

<Directory “/home/ec2-user/www/htdocs”>

DirectoryIndex index.html index.html.var index.php default.htm

Setup CRON jobs [minute hour day month dayofweek command]
[add execute bit]
chmod +x /home/ec2-user/www/include/newsfeed_collector.php
[create cron tasks]
crontab -e
25 4 * * * /home/ec2-user/www/include/newsfeed_collector.php

News - 4am

Install SVN
yum install svn
[create dirs and set permissions]
sudo mkdir /home/ec2-user/svn
sudo mkdir /home/ec2-user/svn/repos
sudo chgrp svn /home/ec2-user/svn/repos
sudo chmod g+w /home/ec2-user/svn/repos
sudo chmod g+s /home/ec2-user/svn/repos
sudo usermod -a -G svn ec2-user
[create repositories]
umask 002
svnadmin create /home/ec2-user/svn/repos/htdocs
umask 022
[Setup config]
/home/ec2-user/svn/repos/{above folder}/conf/svnserve.conf
anon-access = none

[set to autostart in cron config]
crontab -e
@reboot svnserve -d -r /home/ec2-user/svn/repos
[create authentication]
mkdir /home/ec2-user/svn/.ssh
cp /home/ec2-user/.ssh/authenticated_keys /home/ec2-user/svn/.ssh
# the key
command="/usr/bin/svnserve -t -r /home/svn/repos --tunnel-user=matt",no-port-forwarding,no-pty,no-agent-forwarding,no-X11-forwarding ssh-rsa {content of entire key} cxworx_key
[From] http://www.bunkerhollow.com/blogs/matt/archive/2011/11/06/spin-up-a-free-amazon-linux-ec2-svn-ssh-server.aspx



[dump repository]
$ svnadmin dump /path/to/repo > reponame.dump
[restore repository]
$ svnadmin load /path/to/new/repo < reponame.dump
[Now on client]
$ svnadmin load /path/to/new/repo < reponame.dump
[Configure TortoiseSVN as needed]
[relocate to new server]
svn+ssh://cxworx_aws/home/ec2-user/svn/repos/htdocs