PHP + Apache|Nginx + MySql|MariaDB + ExtFW

Download from Debian -- Obtener Debian

# sudo apt upgrade
# sudo apt full-upgrade
# sudo apt update
# sudo apt install openssh-server unzip
# sudo /etc/init.d/ssh start

#PHP

# sudo apt install php php-fpm 
# echo ' /var/www/html/test.php
# sudo service php8.2-fpm start

#MySQL / MariaDb

# sudo apt install php-mysql mariadb-server

CREATE DATABASE `dbname` DEFAULT CHARACTER SET utf8 COLLATE utf8_spanish_ci; CREATE USER dbuser@'%' IDENTIFIED BY 'dbpass'; GRANT USAGE ON *.* TO dbuser@'%' IDENTIFIED BY 'dbpass' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ; GRANT ALL PRIVILEGES ON dbname.* TO dbuser@'%' WITH GRANT OPTION ;

#Apache2

# sudo apt install apache2 openssl
# sudo a2enmod ssl
# sudo a2enmod rewrite
# sudo vi /etc/apache2/apache2.conf

AllowOverride ALL

# sudo mkdir /etc/apache2/certs
# cd /etc/apache2/certs
# sudo openssl req -new -newkey rsa:4096 -x509 -sha256 -days 5475 -nodes -out apache.crt -keyout apache.key

Country Name (2 letter code) [AU]:ES State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:localhost Email Address []:email@addr.ess

sudo vi /etc/apache2/sites-enabled/000-default.conf

ServerAdmin webmaster@localhost DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLEngine on SSLCertificateFile /etc/apache2/certs/apache.crt SSLCertificateKeyFile /etc/apache2/certs/apache.key

# sudo /etc/init.d/apache2 start

#ExtFW ExtraLAB Framework

# mkdir /var/www/media
# sudo vi /var/www/html/fix.sh

#!/bin/bash find /var/www/html -type f -exec chmod 666 {} \; & find /var/www/html -type d -exec chmod 1775 {} \; & find /var/www/html -exec chown ${USER}:www-data {} \; & find /var/www/html/media -exec chown ${USER}:www-data {} \; & find /var/www/media -type d -exec chmod 1755 {} \; & find /var/www/media -type f -exec chmod 666 {} \; & find /var/www/media -exec chown ${USER}:www-data {} \; & jobs

# sh  /var/www/html/fix.sh
# cd /var/www/html
# sudo wget https://software.extralab.net/jux_installer.zip
# unzip jux_installer.zip

Load https://{IP}/install.php in browser

#Nginx

Enlaces:
https://makarainen.net/how-to-install-nginx-php-letsencrypt-ssl-on-ubuntu-cheat-sheet
https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-on-debian-8
https://askubuntu.com/questions/1379425/system-has-not-been-booted-with-systemd-as-init-system-pid-1-cant-operate

# sudo apt install nginx
# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt

Country Name (2 letter code) [AU]:ES State or Province Name (full name) [Some-State]:MURCIA Locality Name (eg, city) []:SAN_JAVIER Organization Name (eg, company) [Internet Widgits Pty Ltd]:SMS Organizational Unit Name (eg, section) []:HULAMM Common Name (e.g. server FQDN or YOUR name) []:localhost Email Address []:informatica_hla@listas.carm.es

# sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
# sudo vi /etc/nginx/snippets/self-signed.conf

ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;

# sudo vi /etc/nginx/snippets/ssl-params.conf

# from https://cipherli.st/ # and https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; ssl_ecdh_curve secp384r1; ssl_session_cache shared:SSL:10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; # Disable preloading HSTS for now. You can use the commented out header line that includes # the "preload" directive if you understand the implications. #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; ssl_dhparam /etc/ssl/certs/dhparam.pem;

# sudo vi /etc/nginx/sites-available/default

server { listen 443 ssl default_server; listen [::]:443 ssl default_server; include snippets/self-signed.conf; include snippets/ssl-params.conf; root /var/www/html; index index.php index.html index.htm index.nginx-debian.html; server_name _; location / { try_files $uri $uri/ @ci_index; } location @ci_index{ rewrite ^(.*) /index.php?$1 last; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php8.2-fpm.sock; # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; } }

# sudo service php8.2-fpm stop
# sudo service php8.2-fpm start

Activar cambis en Nginx

# sudo nginx -t

Instalar módulos php en NGINX

# sudo apt install php-module
# sudo apt install php-zip
# sudo apt install php-mbstring
# sudo /etc/init.d/php8.2-fpm reload

Cambiar entre a php8.0 y php 8.2

# sudo apt install php8.0 php8.0-cli php8.0-{bz2,curl,mbstring,intl,fpm}
# a2disconf php8.2-fpm && a2enconf php8.0-fpm && systemctl reload [apache2|nginx] // de 8.2 a 8.0
# a2disconf php8.0-fpm && a2enconf php8.2-fpm && systemctl reload [apache2|nginx] // de 8.0 a 8.2

#Services

sudo systemctl start apache2.service
sudo systemctl start mariadb.service

sudo systemctl stop apache2.service
sudo systemctl stop mariadb.service

sudo systemctl enable mariadb.service
sudo systemctl enable mariadb-server.service
sudo systemctl enable apache2.service

sudo systemctl disable mariadb.service
sudo systemctl disable mariadb-server.service
sudo systemctl disable apache2.service

sshpass -p "Password" rsync -e "ssh -o StrictHostKeyChecking=no" -a usuario@nombre_maquina:/PRUEBA_RSYNC /