Web Server on AMI Linux 2
Welcome in 2019 – it’s time to upgrade out outdated LAMP stack series articles, with new “How To” setup basic web server for our stack.
So… we have nice and shinny EC2 instance of Amazon Linux 2 . On the website, we can read “Extras in Amazon Linux 2 provides you with bleeding edge software on a stable base of Amazon Linux 2. You no longer need to tradeoff stability for software freshness.” So… it should be easier this time. So let’s see what we have here:
amazon-linux-extras
0 ansible2 available [ =2.4.2 =2.4.6 ]
2 httpd_modules available [ =1.0 ]
3 memcached1.5 available [ =1.5.1 ]
4 nginx1.12 available [ =1.12.2 ]
5 postgresql9.6 available [ =9.6.6 =9.6.8 ]
6 postgresql10 available [ =10 ]
8 redis4.0 available [ =4.0.5 =4.0.10 ]
9 R3.4 available [ =3.4.3 ]
10 rust1 available \
[ =1.22.1 =1.26.0 =1.26.1 =1.27.2 =1.31.0 ]
11 vim available [ =8.0 ]
13 ruby2.4 available [ =2.4.2 =2.4.4 ]
_ php7.2 available \
[ =7.2.0 =7.2.4 =7.2.5 =7.2.8 =7.2.11 ]
16 php7.1=latest enabled [ =7.1.22 ]
_ lamp-mariadb10.2-php7.2 available \
[ =10.2.10_7.2.0 =10.2.10_7.2.4 =10.2.10_7.2.5
=10.2.10_7.2.8 =10.2.10_7.2.11 ]
18 libreoffice available [ =5.0.6.2_15 =5.3.6.1 ]
19 gimp available [ =2.8.22 ]
20 docker=latest enabled \
[ =17.12.1 =18.03.1 =18.06.1 ]
21 mate-desktop1.x available [ =1.19.0 =1.20.0 ]
22 GraphicsMagick1.3 available [ =1.3.29 ]
23 tomcat8.5 available [ =8.5.31 =8.5.32 ]
24 epel=latest enabled [ =7.11 ]
25 testing available [ =1.0 ]
26 ecs available [ =stable ]
27 corretto8 available [ =1.8.0_192 ]
28 firecracker available [ =0.11 ]
29 golang1.11 available [ =1.11.3 ]
Pretty slick… let’s kick off with EPEL repo, and php7.1
amazon-linux-extras install php7.1
And from now, we can use yum
yum install php-opcache php-mbstring php-gd php-xml php-pecl-mcrypt
Let’s do some configuration php.ini
date.timezone = "Australia/Sydney"
expose_php = Off
upload_max_filesize=20M
post_max_size=32M
We can just run PHP-FPM with
systemctl start php-fpm.service
We also make sure that out server lives in correct Time Zone:
cd /etc/
sudo rm -rf localtime && sudo ln -s /usr/share/zoneinfo/Australia/Sydney localtime
date
Thu Jan 10 21:06:05 AEDT 2019
Looks like in the pretty good spot. Time to install actual web server. You can go with Apache, but I’m huge fan of Caddy server . It’s light, it’s fast and configuration is super easy. You can pull it from the website, compile it locally:
cd /usr/local/bin
wget ...
chmod a+x caddy
setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy
groupadd caddy
useradd -g caddy --home-dir /var/www/html --no-create-home --shell /usr/sbin/nologin --system caddy
mkdir /etc/caddy
chown -R root:caddy /etc/caddy
touch /etc/caddy/Caddyfile
chown caddy:caddy /etc/caddy/Caddyfile
chmod 444 /etc/caddy/Caddyfile
./caddy -version
Caddy (untracked dev build) (unofficial)
basic config file:
nano /etc/caddy/Caddyfile
*:80 {
root /var/www/html
gzip
log /var/log/access.log
errors /var/log/error.log
fastcgi / /run/php-fpm/www.sock php
}
At this time it’s worthwhile to upgrade our PHP configuration:
nano /etc/php-fpm.d/www.conf
We have to replace user apache with caddy
; RPM: apache user chosen to provide access to the same directories as httpd
user = caddy
; RPM: Keep a group allowed to write in log dir.
group = caddy
And. restart php-fpm:
systemctl restart php-fpm.service
At this stage we should be able to run working webserver:
/usr/local/bin/caddy -conf=/etc/caddy/Caddyfile
Looks cool – isn’t it ? Finally we can add service to run our caddy in magical way. Won’t describe it in detail, just look here for detailed instructions.