Deployment Overview of LAMP on Server¶

Prerequisites and Basic Requirements¶

The following environment requirements must be met before deploying the LAMP stack on the server:

• Operating System: Ubuntu (Jammy 22.04)

• Privileges: Root access or a user with sudo privileges

• Domain: hostkey.in

• Required Ports:

• Port 8080 (Internal application port)

• Port 443 (External HTTPS port)

FQDN of the Final Panel¶

The application is accessible via the following fully qualified domain name (FQDN) format on the hostkey.in domain:

• Format: lamp<Server ID>.hostkey.in:443

• Internal path mapping: /

• External path mapping: /

File and Directory Structure¶

The deployment creates the following directory structure and files:

• Web root: /var/www/html

• PHP info test file: /var/www/html/info.php

• Nginx user configuration: /data/nginx/user_conf.d

• Nginx secrets storage: /etc/letsencrypt

• MariaDB GPG keyring: /usr/share/keyrings/mariadb-keyring.gpg

• Nginx environment file: /data/nginx/nginx-certbot.env

Application Installation Process¶

The LAMP stack is installed using the following components and versions:

• Web Server: Apache 2

• Database: MariaDB 10.11

• Language: PHP 8.2

• Reverse Proxy: Nginx (via Docker container)

The installation includes:

• Updating and upgrading APT packages

• Installing Apache 2

• Adding the MariaDB GPG key and repository for version 10.11 on Ubuntu Jammy

• Installing mariadb-server and mariadb-client

• Adding the ppa:ondrej/php repository

• Installing PHP 8.2 and the following modules:

• php8.2

• libapache2-mod-php8.2

• php8.2-mysql

• php8.2-curl

• php8.2-cgi

• Restarting the Apache service to apply changes

Docker Containers and Their Deployment¶

A reverse proxy is deployed using a Docker container with the following configuration:

• Image: jonasal/nginx-certbot:latest

• Restart Policy: unless-stopped

• Network Mode: host

• Environment Variable: [email protected]

• Volumes:

• nginx_secrets mapped to /etc/letsencrypt

• /data/nginx/user_conf.d mapped to /etc/nginx/user_conf.d

• External Volume: nginx_secrets

The container configuration is defined in the compose.yml file.

Proxy Servers¶

The system utilizes Nginx as a reverse proxy with the following configuration:

• Image: jonasal/nginx-certbot:latest

• SSL/TLS: Handled automatically by the Certbot image

• Custom Domain: Configured via the nginx-certbot.env file located at /data/nginx/nginx-certbot.env

• User Configuration: Custom Nginx configurations are stored in /data/nginx/user_conf.d

• External Port: 443 (HTTPS)

• Internal Port: 8080

Databases¶

The database configuration is as follows:

• Database Engine: MariaDB 10.11

• Root Password: Configured to match the SSH password ({{ ansible_ssh_pass }})

• Storage Location: Default MariaDB data directories on the host

• Connection: Localhost connection for the Apache/PHP stack

Permission Settings¶

The following permissions are applied during deployment:

• PHP Info File: /var/www/html/info.php is set to 0644

• Nginx Configuration Directory: Read/Write access for the Nginx container via volume mounts

• Let's Encrypt Certificates: Stored in /etc/letsencrypt via Docker volume

Available Ports for Connection¶

The following ports are available for connecting to the services:

• 8080: Internal port for the Apache web server

• 443: External port for the Nginx reverse proxy (HTTPS)

Starting, Stopping, and Updating¶

Service management commands for the native components are as follows:

• Apache:

• Start: systemctl start apache2

• Stop: systemctl stop apache2

• Restart: systemctl restart apache2

• Status: systemctl status apache2

• MariaDB:

• Start: systemctl start mariadb

• Stop: systemctl stop mariadb

• Restart: systemctl restart mariadb

• Status: systemctl status mariadb

For the Nginx Docker container, use standard Docker commands:

• Start: docker compose up -d

• Stop: docker compose down

• Restart: docker compose restart

• Update Image: docker compose pull followed by docker compose up -d