Differences

This shows you the differences between two versions of the page.

--- nndocs:lamp [2024/09/13 17:02] – [LAMP stack done.] remove unnecessary section naptastic
+++ nndocs:lamp [2024/09/17 13:51] (current) – [First, create the Universe...] We're on Debian 12 now, lol naptastic
@@ Line 3: / Line 3: @@
 In this guide, I'm just gonna do everything as root unless otherwise specified.
-Install Debian 7, following the [[nndocs:initial|Naptastic Initial]] guide. During the install process:
+Install Debian, following the [[nndocs:initial|Naptastic Initial]] guide. During the install process:
   * De-select Graphical Desktop Environment and Laptop.
@@ Line 40: / Line 40: @@
   <IfModule mpm_event_module>
-      StartServers         16
+      StartServers         2
       ServerLimit          16
       MaxClients         1024
@@ Line 52: / Line 52: @@
 What we're doing here is tuning Apache to handle the largest possible number of simultaneous connections while consuming the least resources and producing the fewest errors.
-''ThreadLimit'' and ''ThreadsPerChild'' are set to 64. This is a good value, and also convenient because on the Apache scoreboard, each line is 64 clients wide, so it makes it easier to read.
+''ThreadLimit'' and ''ThreadsPerChild'' are set to 64. This is a good value, and also convenient. On the Apache scoreboard, each line is 64 clients wide, so it makes it easier to read.
+  # apache2ctl status
+                 Apache Server Status for localhost (via 127.0.0.1)
+     Server Version: Apache/2.4.62 (Debian) SVN/1.14.2 OpenSSL/3.0.14
+            mod_perl/2.0.12 Perl/v5.36.0
+     Server MPM: event
+     Server Built: 2024-07-18T05:29:16
+       __________________________________________________________________
+     Current Time: Saturday, 14-Sep-2024 20:17:57 MDT
+     Restart Time: Saturday, 14-Sep-2024 20:16:11 MDT
+     Parent Server Config. Generation: 1
+     Parent Server MPM Generation: 0
+     Server uptime: 1 minute 45 seconds
+     Server load: 0.24 0.16 0.06
+     Total accesses: 8 - Total Traffic: 85 kB - Total Duration: 816
+     CPU Usage: u.07 s.03 cu0 cs0 - .0952% CPU load
+     .0762 requests/sec - 828 B/second - 10.6 kB/request - 102 ms/request
+requests currently being processed, 0 workers gracefully restarting,
+idle workers
+  Slot PID  Stopping   Connections      Threads       Async connections
+                     total accepting busy graceful idle writing keep-alive closing
+    1343 no       0     yes       1    0        63   0       0          0
+  Sum  1    0        0               1    0        63   0       0          0
+  ................................................................
+  ______________W_________________________________________________
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+  ................................................................
+     Scoreboard Key:
+     "_" Waiting for Connection, "S" Starting up, "R" Reading Request,
+     "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup,
+     "C" Closing connection, "L" Logging, "G" Gracefully finishing,
+     "I" Idle cleanup of worker, "." Open slot with no current process
 ''MaxClients'' needs to be equal to ''ThreadsPerChild'' * ''ServerLimit''.
@@ Line 60: / Line 110: @@
 == Timeout ==
-Then find the ''Timeout'' variable and change it to 15 instead of 300. This is how long Apache will wait for a new connection to send a request before giving up on it. Having it so long allows attackers to just saturate the server with new connections. Lowering it makes that kind of attack more difficult. (20 times more difficult, to be precise.) You could probably lower this to 10 or 5 seconds, but... let's not get too crazy, eh?
+Then find the ''Timeout'' variable and change it to 15 instead of 300. This is how long Apache will wait for a new connection to send a request before giving up on it. Having it so long allows attackers to just saturate the server with new connections. Lowering it makes that kind of attack more difficult. (20 times more difficult, to be precise.) Having a very short timeout set increases the risk of errors for users on slow connections, or with slow applications. Users are not especially patient; I can imagine someone waiting 15 seconds for a website to respond, but not 300, and if my connection or application is that slow, it probably should just fail.
 == KeepAlive ==
@@ Line 80: / Line 130: @@
   * Don't give users the root password or grant them privileges on *.*.
   * chmod 600
-==== PHP ====
-You'll need these:
-  * ''apt-get -y install libxml2-dev zlib1g-dev libbz2-dev libcurl4-openssl-dev libjpeg8-dev libpng12-dev libmcrypt-dev libaspell-dev libpspell-dev libtidy-dev libxslt1-dev''
-Download and build PHP to include everything we'll need:
-  * ''cd''
-  * ''<nowiki>curl http://www.php.net/get/php-7.0.16.tar.xz/from/this/mirror | xz -d | tar -x</nowiki>''
-  * ''cd php-7.0.16/''
-  * ''<nowiki>./configure --enable-fpm --prefix=/opt/php70 --enable-bcmath --enable-calendar --enable-ftp --enable-libxml --enable-mbstring --with-gd --with-jpeg-dir=/usr --with-png-dir=/usr --enable-gd-native-ttf --with-mcrypt --enable-pdo --enable-soap --enable-sockets --enable-wddx --with-pcre-regex --with-pdo-mysql=shared --with-pic --with-pspell --with-tidy --with-xmlrpc --with-xsl --with-zlib --with-curl --with-mysqli
-</nowiki>''
-  * ''make''
-  * ''make install''
-FIXME Path is wrong
-Install ''php.ini'':
-  * ''cp php.ini-production /usr/local/lib/php.ini''
-FIXME We use systemd service definition files now, not init scripts.
-Install the initscript:
-  * ''cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm''
-  * ''chown root. !$''
-  * ''chmod 755 !$''
-  * ''update-rc.d php-fpm defaults''
-FIXME Path is wrong
-Install the FPM-specific configuration files.
-  * ''mkdir -p /usr/local/etc/pools.d/''
-FIXME Path is wrong
-Edit the file ''/usr/local/etc/php-fpm.conf'' and put this in it:
-  include=/usr/local/etc/pools.d/*.conf
-  [global]
-  pid = /usr/local/var/run/php-fpm.pid
-  error_log = /var/log/php-fpm.log
-FIXME Path is wrong
-In ''/usr/local/etc/pools.d/'', you need to create a pool definition file for every user who will be using PHP scripts. I name them ''$username.conf''.
-Here's what you put in each pool definition file:
-  [david]
-  user = david
-  group = david
-  listen = /usr/local/var/run/php-fpm/david.sock
-  listen.owner = www-data
-  listen.group = www-data
-  listen.mode = 0660
-  pm = dynamic
-  pm.max_children = 24
-  pm.start_servers = 1
-  pm.min_spare_servers = 1
-  pm.max_spare_servers = 2
-  pm.max_requests = 32768
-  ;pm.status_path = /fpm-status
-FIXME Path is wrong
-Of course, change 'david' to whatever username you're using. And you might have to create /usr/local/var/run/php.fpm
-At this point, PHP-FPM is ready to start if you want.
-  * ''service php-fpm start''