One place for hosting & domains

      How To Install WordPress with a Managed Database on Ubuntu 18.04


      A previous version of this tutorial was written by Justin Ellingwood

      Introduction

      WordPress is the most popular CMS (content management system) on the internet. It’s a great choice for getting a website up and running quickly, and after the initial setup, almost all administration can be done through the web frontend.

      WordPress is designed to pull content – including posts, comments, user profiles, and other data – from a database backend. As a website grows and must satisfy more and more traffic, it can eventually outgrow its initial database. To resolve this, one can scale up their database by migrating their data to a machine with more RAM or CPU, but this is a tedious process that runs the risk of data loss or corruption. This is why some WordPress developers choose to build their websites on managed databases, which allow users to scale their database automatically with a far lower risk of data loss.

      In this guide, we’ll focus on setting up a WordPress instance with a managed MySQL database and an Ubuntu 18.04 server. This will require you to install PHP and Apache to serve the content over the web.

      Prerequisites

      In order to complete this tutorial, you will need:

      • Access to an Ubuntu 18.04 server: This server should have a non-root sudo-enabled user and a firewall configured. You can set this up by following our Ubuntu 18.04 initial server setup guide.
      • A managed MySQL database: To provision a Managed MySQL Database from DigitalOcean, see our Managed Databases product documentation. Note that this guide will refer to DigitalOcean Managed Databases in examples, but the instructions provided here should also generally work for managed MySQL databases from other cloud providers.
      • A LAMP stack installed on your server: In addition to a database, WordPress requires a web server and PHP to function correctly. Setting up a complete LAMP stack (Linux, Apache, MySQL, and PHP) fulfills all of these requirements. Follow this guide to install and configure this software. As you follow this guide, make sure that you set up a virtual host to point to a domain name that you own. Additionally, be sure to skip Step 2, as installing mysql-server on your machine will make your managed database instance redundant.
      • TLS/SSL security implemented for your site: If you have a domain name, the easiest way to secure your site is with Let’s Encrypt, which provides free, trusted certificates. Follow our Let’s Encrypt guide for Apache to set this up. Note that this will also require you to obtain a domain name and set up DNS records on your server. Follow this introduction to DigitalOcean DNS for details on how to configure this. Altneratively, if you don’t have a domain name, you use a self-signed certificate for your site.

      When you are finished with the setup steps, log into your server as your non-root user and continue below.

      Step 1 – Adding the MySQL Software Repository and Installing mysql-client

      In order to configure your managed MySQL instance, you will need to install a client that will allow you to access the database from your server. This step will walk you through the process of installing the mysql-client package.

      In many cases, you can just install mysql-client with the apt command, but if you’re using the default Ubuntu repositories this will install version 5.7 of the program. In order to access a DigitalOcean Managed MySQL database, you will need to install version 8.0 or above. To do so, you must first add the MySQL software repository before installing the package.

      Begin by navigating to the MySQL APT Repository page in your web browser. Find the Download button in the lower-right corner and click through to the next page. This page will prompt you to log in or sign up for an Oracle web account. You can skip that and instead look for the link that says No thanks, just start my download. Right-click the link and select Copy Link Address (this option may be worded differently, depending on your browser).

      Now you’re ready to download the file. On your server, move to a directory you can write to:

      Download the file using curl, remembering to paste the address you just copied in place of the highlighted portion of the following command. You also need to pass two command line flags to curl. -O instructs curl to output to a file instead of standard output. The L flag makes curl follow HTTP redirects, which is necessary in this case because the address you copied actually redirects to another location before the file downloads:

      • curl -OL https://dev.mysql.com/get/mysql-apt-config_0.8.13-1_all.deb

      The file should now be downloaded in your current directory. List the files to make sure:

      You will see the filename listed in the output:

      Output

      mysql-apt-config_0.8.13-1_all.deb . . .

      Now you can add the MySQL APT repository to your system's repository list. The dpkg command is used to install, remove, and inspect .deb software packages. The following command includes the -i flag, indicating that you'd like to install from the specified file:

      • sudo dpkg -i mysql-apt-config*

      During the installation, you'll be presented with a configuration screen where you can specify which version of MySQL you'd prefer, along with an option to install repositories for other MySQL-related tools. The defaults will add the repository information for the latest stable version of MySQL and nothing else. This is what we want, so use the down arrow to navigate to the Ok menu option and hit ENTER.

      Selecting mysql-apt-config configuration options

      Following that, the package will finish adding the repository. Refresh your apt package cache to make the new software packages available:

      Next, you can clean up your system a bit and delete the file you downloaded, as you won't need it in the future:

      Note: If you ever need to update the configuration of these repositories, just run the following command to select your new options:

      • sudo dpkg-reconfigure mysql-apt-config

      After selecting your new options, run the following command to refresh your package cache:

      Now that you've added the MySQL repositories, you're ready to install the actual MySQL client software. Do so with the following apt command:

      • sudo apt install mysql-client

      Once that command finishes, check the software version number to ensure that you have the latest release:

      Output

      mysql Ver 8.0.17-cluster for Linux on x86_64 (MySQL Community Server - GPL)

      You're now able to connect to your managed database and begin preparing it to function with WordPress.

      Step 2 – Creating a MySQL Database and User for WordPress

      WordPress uses MySQL to manage and store site and user information. Assuming you have completed all the prerequisite tutorials, you will have already provisioned a managed MySQL instance. Here, we'll take the preparatory step of creating a database and a user for WordPress to use.

      Most managed database providers provide a uniform resource identifier (URI) used for connecting to the database instance. If you're using a DigitalOcean Managed Database, you can find the relevant connection information in your Cloud Control Panel.

      First, click Databases in the left-hand sidebar menu and select the MySQL database you want to use for your WordPress installation. Scroll down to the Connection Details section and copy the link in the host field. Then paste this link into the following command, replacing host_uri with the information you just copied. Likewise, copy the port number in the port field – which will be 25060 on a DigitalOcean Managed Database – and replace port with that number. Additionally, if this is your first time connecting to your managed database and you've not created your own administrative MySQL user, copy the value in the username field and paste it into the command, replacing user:

      • mysql -u user -p -h host_uri -P port

      This command includes the -p flag, which will prompt you for the password of the MySQL user you specified. For a DigitalOcean Managed Database's default doadmin user, you can find this by clicking the show link in the Connection Details section to reveal the password. Copy and paste it into your terminal when prompted.

      Note: If you are not using a DigitalOcean Managed Database, your connection options may differ. If that's the case, you should consult your provider's documentation for instructions on connecting third party applications to your database.

      From the MySQL prompt, create a new database that WordPress will control. You can call this whatever you would like, but we will use the name wordpress in this guide to keep it simple. Create the database for WordPress by typing:

      • CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

      Note: Every MySQL statement must end in a semi-colon (;). Check to make sure this is present if you are running into any issues.

      Next, create a new MySQL user account that you will use exclusively to operate on the new database. Creating single-purpose databases and accounts is a good idea from a management and security standpoint. We will use the name wordpressuser in this guide, but feel free to change this if you'd like.

      Run the following command, but replace your_server_ip with your Ubuntu server's IP address. Be aware, though, that this will limit wordpressuser to only be able to connect from your LAMP server; if you plan to manage WordPress from your local computer, you should enter that machine's IP address instead. Additionally, choose a strong password for your database user:

      • CREATE USER 'wordpressuser'@your_server_ip IDENTIFIED WITH mysql_native_password BY 'password';

      Note: If you do not know what your server's public IP address is, there are a number of ways you can find it. Usually, this is the address you use to connect to your server through SSH.

      One method is to use the curl utility to contact an outside party to tell you how it sees your server. For example, you can use curl to contact an IP-checking tool like ICanHazIP:

      • curl http://icanhazip.com

      This command will return your server's public IP address in your output.

      Then grant this user access to the database you just created. Do so by running the following command:

      • GRANT ALL ON wordpress.* TO 'wordpressuser'@your_server_ip;

      You now have a database and user account, each made specifically for WordPress. Next, you need to flush the privileges so that the current MySQL session recognizes the changes you've made:

      Following that, exit out of MySQL by typing:

      That takes care of configuring your managed MySQL database to function with WordPress. In the next step, you will install a few PHP extensions in order to get more functionality out of the CMS.

      Step 3 – Installing Additional PHP Extensions

      Assuming you followed the prerequisite LAMP stack tutorial, you will have installed a few extensions intended to get PHP to properly communicate with MySQL. WordPress and many of its plugins leverage additional PHP extensions to add additional functionalities.

      To download and install some of the more popular PHP extensions for use with WordPress, run the following command:

      • sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip

      Note: Each WordPress plugin has its own set of requirements. Some may require you to install additional PHP packages. Check your plugin documentation to see which extensions it requires. If they are available, they can be installed with apt as demonstrated above.

      You will restart Apache to load these new extensions in the next section. If you're returning here to install additional plugins, though, you can restart Apache now by typing:

      • sudo systemctl restart apache2

      Otherwise, continue on to Step 4.

      Step 4 – Adjusting Apache's Configuration to Allow for .htaccess Overrides and Rewrites

      In order for Apache to be able to properly serve your WordPress installation, you must make a few minor adjustments to your Apache configuration.

      If you followed the prerequisite tutorials, you should already have a configuration file for your site in the /etc/apache2/sites-available/ directory. We'll use /etc/apache2/sites-available/your_domain.conf as an example here, but you should substitute the path to your configuration file where appropriate.

      Additionally, we will use /var/www/your_domain as the root directory in this example WordPress install. You should use the web root specified in your own configuration.

      Note: It's possible you are using the 000-default.conf default configuration (with /var/www/html as your web root). This is fine to use if you're only going to host one website on this server. If not, it's best to split the necessary configuration into logical chunks, one file per site.

      Currently, the use of .htaccess files is disabled. WordPress and many WordPress plugins use these files extensively for in-directory tweaks to the web server's behavior.

      Open the Apache configuration file for your website:

      • sudo nano /etc/apache2/sites-available/your_domain.conf

      To allow .htaccess files, you need to set the AllowOverride directive within a Directory block pointing to your document root. Add the following block of text inside the VirtualHost block in your configuration file, being sure to use the correct web root directory:

      /etc/apache2/sites-available/your_domain.conf

      <Directory /var/www/your_domain>
          AllowOverride All
      </Directory>
      

      When you are finished, save and close the file.

      Next, enable mod_rewrite so that you can employ the WordPress permalink feature:

      Before implementing the changes you've just made, check to make sure there aren't any syntax errors in your configuration file:

      • sudo apache2ctl configtest

      The output might have a message that looks like this:

      Output

      AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message Syntax OK

      If you wish to suppress the top line, just add a ServerName directive to your main (global) Apache configuration file at /etc/apache2/apache2.conf. The ServerName can be your server's domain or IP address. However, this is just a message; it doesn't affect the functionality of your site and as long as the output contains Syntax OK, you're all set to continue.

      Restart Apache to implement the changes:

      • sudo systemctl restart apache2

      With that, you're ready to download and set up WordPress itself.

      Step 5 – Downloading WordPress

      Now that your server software is configured, you can install and configure WordPress. For security reasons, it is always recommended to get the latest version of WordPress from their site.

      First, navigate to into a writable directory. /tmp will work for the purposes of this step:

      Then download the compressed release by typing:

      • curl -O https://wordpress.org/latest.tar.gz

      Extract the compressed file to create the WordPress directory structure:

      You will move these files into your document root momentarily. Before doing so, add a dummy .htaccess file so that this will be available for WordPress to use later.

      Create the file by typing:

      • touch /tmp/wordpress/.htaccess

      Also, copy over the sample configuration file to the filename that WordPress actually reads:

      • cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php

      Create an upgrade directory, so that WordPress won't run into permissions issues when trying to do this on its own following an update to its software:

      • mkdir /tmp/wordpress/wp-content/upgrade

      Then copy the entire contents of the directory into your document root. The following command uses a period at the end of the source directory to indicate that everything within the directory should be copied, including hidden files (like the .htaccess file you just created):

      • sudo cp -a /tmp/wordpress/. /var/www/your_domain

      That takes care of downloading WordPress onto your server. At this point, though, you still won't be able to access the WordPress setup interface in your browser. To fix that, you'll need to make a few changes to your server's WordPress configuration.

      Step 6 – Configuring the WordPress Directory

      Before going through the web-based WordPress setup, you need to adjust some items in your WordPress directory. One important configuration change involves setting up reasonable file permissions and ownership.

      Start by giving ownership of all the files to the www-data user and group. This is the user that the Apache web server runs as on Debian and Ubuntu systems, and Apache will need to be able to read and write WordPress files in order to serve the website and perform automatic updates.

      Update the ownership of your web root directory with chown:

      • sudo chown -R www-data:www-data /var/www/your_domain

      Next run the following two find commands to set the correct permissions on the WordPress directories and files:

      • sudo find /var/www/your_domain/ -type d -exec chmod 750 {} ;
      • sudo find /var/www/your_domain/ -type f -exec chmod 640 {} ;

      These should be a reasonable permissions set to start with. Be aware, though, that some plugins and procedures might require additional updates.

      Now, you need to make some changes to the main WordPress configuration file.

      When you open the file, the first order of business will be to replace some secret keys to provide security for your installation. WordPress provides a secure generator for these values so that you do not have to try to come up with good values on your own. These are only used internally, so it won't hurt usability to have complex, secure values here.

      To grab secure values from the WordPress secret key generator, run the following command:

      • curl -s https://api.wordpress.org/secret-key/1.1/salt/

      You will get back unique values that look something like this:

      Warning! It is important that you request unique values each time. Do NOT copy the values shown here!

      Output

      define('AUTH_KEY', '1jl/vqfs<XhdXoAPz9 DO NOT COPY THESE VALUES c_j{iwqD^<+c9.k<J@4H'); define('SECURE_AUTH_KEY', 'E2N-h2]Dcvp+aS/p7X DO NOT COPY THESE VALUES {Ka(f;rv?Pxf})CgLi-3'); define('LOGGED_IN_KEY', 'W(50,{W^,OPB%PB<JF DO NOT COPY THESE VALUES 2;y&,2m%3]R6DUth[;88'); define('NONCE_KEY', 'll,4UC)7ua+8<!4VM+ DO NOT COPY THESE VALUES #`DXF+[$atzM7 o^-C7g'); define('AUTH_SALT', 'koMrurzOA+|L_lG}kf DO NOT COPY THESE VALUES 07VC*Lj*lD&?3w!BT#-'); define('SECURE_AUTH_SALT', 'p32*p,]z%LZ+pAu:VY DO NOT COPY THESE VALUES C-?y+K0DK_+F|0h{!_xY'); define('LOGGED_IN_SALT', 'i^/G2W7!-1H2OQ+t$3 DO NOT COPY THESE VALUES t6**bRVFSD[Hi])-qS`|'); define('NONCE_SALT', 'Q6]U:K?j4L%Z]}h^q7 DO NOT COPY THESE VALUES 1% ^qUswWgn+6&xqHN&%');

      These are configuration lines that you can paste directly into your configuration file to set secure keys. Copy the output you received now.

      Then, open the WordPress configuration file:

      • sudo nano /var/www/your_domain/wp-config.php

      Find the section that contains the dummy values for those settings. It will look something like this:

      /var/www/your_domain/wp-config.php

      . . .
      
      define('AUTH_KEY',         'put your unique phrase here');
      define('SECURE_AUTH_KEY',  'put your unique phrase here');
      define('LOGGED_IN_KEY',    'put your unique phrase here');
      define('NONCE_KEY',        'put your unique phrase here');
      define('AUTH_SALT',        'put your unique phrase here');
      define('SECURE_AUTH_SALT', 'put your unique phrase here');
      define('LOGGED_IN_SALT',   'put your unique phrase here');
      define('NONCE_SALT',       'put your unique phrase here');
      
      . . .
      

      Delete those lines and paste in the values you copied from the command line:

      /var/www/your_domain/wp-config.php

      . . .
      
      define('AUTH_KEY',         'VALUES COPIED FROM THE COMMAND LINE');
      define('SECURE_AUTH_KEY',  'VALUES COPIED FROM THE COMMAND LINE');
      define('LOGGED_IN_KEY',    'VALUES COPIED FROM THE COMMAND LINE');
      define('NONCE_KEY',        'VALUES COPIED FROM THE COMMAND LINE');
      define('AUTH_SALT',        'VALUES COPIED FROM THE COMMAND LINE');
      define('SECURE_AUTH_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
      define('LOGGED_IN_SALT',   'VALUES COPIED FROM THE COMMAND LINE');
      define('NONCE_SALT',       'VALUES COPIED FROM THE COMMAND LINE');
      
      . . .
      

      Next you need to modify some of the database connection settings at the beginning of the file. First, update the 'DB_NAME', 'DB_USER', and 'DB_PASSWORD' fields to point to the database name, database user, and the associated password that you configured within MySQL:

      /var/www/your_domain/wp-config.php

      . . .
      /** The name of the database for WordPress */
      define('DB_NAME', 'wordpress');
      
      /** MySQL database username */
      define('DB_USER', 'wordpressuser');
      
      /** MySQL database password */
      define('DB_PASSWORD', 'password');
      
      . . .
      

      You will also need to replace localhost in the 'DB_HOST' field with your managed database's host. Additionally, append a colon (:) and your database's port number to the host:

      /var/www/wordpress/wp-config.php

      . . .
      
      /** MySQL hostname */
      define( 'DB_HOST', 'managed_database_host:managed_database_port' );
      
      . . .
      

      The last change you need to make is to set the method that WordPress will use to write to the filesystem. Since you've already given the web server permission to write where it needs to, you can explicitly set the filesystem method to direct port. Failure to set this with your current settings would result in WordPress prompting for FTP credentials when you perform certain actions.

      This setting can be added below the database connection settings, or anywhere else in the file:

      /var/www/your_domain/wp-config.php

      . . .
      
      define('FS_METHOD', 'direct');
      . . .
      

      Save and close the file when you are finished.

      After making those changes, you're all set to finish the process of installing WordPress in your web browser. However, there's one more step that we recommend you complete to add an extra layer of security to your configuration.

      At this point, your WordPress installation is communicating with your managed MySQL database. However, there's no guarantee that data transfers between the two machines are secure. In this step, we will configure WordPress to communicate with your MySQL instance over a TLS/SSL connection to ensure secure communications between the two machines.

      To do so, you'll need your managed database's CA certificate. For a DigitalOcean Managed Database, you can find this by once again navigating to the Databases tab in your Control Panel. Click on your database, and find the Connection Details section. There will be a button there that reads Download the CA certificate. Click this button to download the certificate to your local machine.

      Then transfer this file to your WordPress server. If your local machine is running Linux or macOS, you can use a tool like scp:

      • scp /path/to/file/ca-certificate.crt sammy@your_server_ip:/tmp

      If your local machine is running Windows, you can use an alternative tool like WinSCP.

      Once the CA certificate is on your server, move it to the /user/local/share/ca-certificates/ directory, Ubuntu's trusted certificate store:

      • sudo mv /tmp/ca-certificate.crt /usr/local/share/ca-certificates/

      Following this, run the update-ca-certificates command. This program looks for certificates within /usr/local/share/ca-certificates, adds any new ones to the /etc/ssl/certs/ directory, and generates a list of trusted SSL certificates based on its contents:

      • sudo update-ca-certificates

      Then, reopen your wp-config.php file:

      • nano /var/www/your_domain/wp-config.php

      Somewhere in the file, add the following line:

      /var/www/your_domain/wp-config.php

      . . .
      define('MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL);
      . . .
      

      Save and close the file.

      Following that, WordPress will securely communicate with your managed MySQL database.

      Step 8 – Completing the Installation Through the Web Interface

      Now that the server configuration is complete, you can complete the installation through the WordPress web interface.

      In your web browser, navigate to your server's domain name or public IP address:

      https://server_domain_or_IP
      

      Assuming there aren't any errors in your WordPress or Apache configurations, you'll see the WordPress language selection splash page. Select the language you would like to use:

      WordPress language selection

      After selecting your language, you will see the main setup page.

      Select a name for your WordPress site and choose a username (it is recommended not to choose something like "admin" for security purposes). A strong password is generated automatically. Save this password or enter an alternative strong password.

      Enter your email address and select whether you want to discourage search engines from indexing your site:

      WordPress setup installation

      When you click ahead, you will be taken to a page that prompts you to log in:

      WordPress login prompt

      Once you log in, you will be taken to the WordPress administration dashboard:

      WordPress login prompt

      From here, you can begin customizing your new WordPress site and start publishing content. If this is your first time using WordPress, we encourage you to explore the interface a bit to get acquainted with your new CMS.

      Conclusion

      By completing this guide, you will have WordPress installed and ready to use on your server. Additionally, your WordPress installation is dynamically pulling posts, pages, and other content from your managed MySQL database.

      Some common next steps are to choose the permalinks setting for your posts. This setting can be found under Settings > Permalinks. You could also select a new theme in Appearance > Themes. Once you start loading some content into your site, you could also configure a CDN to speed up your site's asset delivery.



      Source link

      How To Install Webmin on Debian 10


      Introduction

      Webmin is a modern web control panel that allows you to administer your Linux server through a browser-based interface. With Webmin, you can manage user accounts, configure DNS settings, and change settings for common packages on the fly.

      In this tutorial, you’ll install and configure Webmin on your server and secure access to the interface with a valid certificate from Let’s Encrypt. You’ll then use Webmin to add new user accounts, and update all packages on your server from the dashboard.

      Prerequisites

      To complete this tutorial, you will need:

      Step 1 — Installing Webmin

      First, we need to add the Webmin repository so that we can install and update Webmin using our package manager. We do this by adding the repository to the /etc/apt/sources.list file.

      Open the file in your preferred editor. Here, we’ll use nano:

      • sudo nano /etc/apt/sources.list

      Then add this line to the bottom of the file to add the new repository:

      /etc/apt/sources.list

       . . . 
      deb http://download.webmin.com/download/repository sarge contrib
      

      Save the file and exit the editor. If you used nano, do so by pressing CTRL+X, Y, then ENTER.

      Next, you’ll add the Webmin PGP key so that your system will trust the new repository. In order to do that, though, you must install the gnupg1 package, which is GNU’s tool for secure communication and data storage.

      Update your server’s package index if you’ve not done so recently:

      Then install gnupg1:

      Following that, download the Webmin PGP key with wget:

      • wget http://www.webmin.com/jcameron-key.asc

      Then add the package key:

      • sudo apt-key add jcameron-key.asc

      Next, update the list of packages again in order to include the now-trusted Webmin repository:

      Then install Webmin:

      Once the installation finishes, you'll be presented with the following output:

      Output

      . . . Webmin install complete. You can now login to https://your_server:10000 as root with your root password, or as any user who can use sudo.

      Note: If you installed and enabled ufw during the prerequisite step, you will need to run the following command in order to allow Webmin through the firewall:

      For extra security, you may want to configure your firewall to only allow access to this port from certain IP ranges.

      Let's secure access to Webmin by adding a valid certificate.

      Step 2 — Adding a Valid Certificate with Let's Encrypt

      Webmin is already configured to use HTTPS, but it uses a self-signed, untrusted certificate. Let's replace it with a valid certificate from Let's Encrypt.

      Navigate to https://your_domain:10000 in your web browser, replacing your_domain with the domain name pointing to your server's IP address.

      Note: When logging in for the first time, you will see an "Invalid SSL" warning. This warning may say something different depending on your browser, but the reason for it is that the server has generated a self-signed certificate. Allow the exception and proceed to your domain so you can replace the self-signed certificate with one from Let's Encrypt.

      You'll be presented with a login screen. Sign in with the non-root user you created while fulfilling the prerequisites for this tutorial.

      Once you log in, the first screen you will see is the Webmin dashboard. Before you can apply a valid certificate, you have to set the server's hostname. Look for the System hostname field and click on the link to the right, as shown in the following figure:

      Image showing where the link is on the Webmin dashboard

      This will take you to the Hostname and DNS Client page. Locate the Hostname field, and enter your Fully-Qualified Domain Name into the field. Then click the Save button at the bottom of the page to apply the setting.

      After you've set your hostname, click on the Webmin dropdown menu in the left-hand navigation bar, and then click on Webmin Configuration.

      From the Webmin Configuration page, select SSL Encryption from the list of icons, and then click on the Let's Encrypt tab. You'll see a screen like the following figure:

      Image showing the Let's Encrypt tab of the SSL Encryption section

      On this page, you'll tell Webmin how to obtain and renew your certificate. Let's Encrypt certificates expire after 3 months, but you can instruct Webmin to automatically attempt to renew the Let's Encrypt certificate every month. Let's Encrypt looks for a verification file on the server, so we'll configure Webmin to place the verification file inside the folder /var/www/your_domain, which is the folder that the Apache web server you configured in the prerequisites uses. Follow these steps to set up your certificate:

      1. Fill in Hostnames for certificate with your FQDN.
      2. For Website root directory for validation file, select the Other Directory button and enter your website's document root. Assuming you followed the prerequisite Apache tutorial this will be /var/www/your_domain.
      3. For Months between automatic renewal section, deselect the Only renew manually option by typing 1 into the input box, and select the radio button to the left of the input box.

      Click the Request Certificate button. After a few seconds, you will see a confirmation screen.

      To use the new certificate, click the Return to Webmin configuration button on the confirmation screen. From that page, scroll down and click the Restart Webmin button. Wait around 30 seconds, and then reload the page and log in again. Your browser should now indicate that the certificate is valid.

      Step 3 – Using Webmin

      You've now set up a secured working instance of Webmin. Let's look at how to use it.

      Webmin has many different modules that can control everything from the BIND DNS Server to something as simple as adding users to the system. Let's look at how to create a new user, and then explore how to update your system's packages using Webmin.

      Managing Users and Groups

      Let's explore how to manage the users and groups on your server.

      First, click the System dropdown menu in the left-hand sidebar, and then click the link for Users and Groups. From here, you can add and manage users and groups.

      Let's create a new user called deploy which you can use to host web applications. When creating a user, you can set options for password expiry, the user's shell, and whether or not they are allowed a home directory.

      To add a user, click Create a new user, which is located at the top of the users table. This displays the Create User screen, where you can supply the username, password, groups and other options. Follow these instructions to create the user:

      1. Fill in Username with deploy.
      2. Select Automatic for User ID.
      3. Fill in Real Name with a descriptive name like Deployment user.
      4. For Home Directory, select Automatic.
      5. For Shell, select /bin/bash from the dropdown list.
      6. For Password, select Normal Password and type in a password of your choice.
      7. Jump down to Primary Group and select New group with same name as user.
      8. For Secondary Group, select sudo from the All groups list. This should automatically be added to the In groups list, but if it isn't press the -> button to add it.

      After making those selections, press Create. This will create the deploy user in short order.

      Next, let's look at how to install updates to our system.

      Updating Packages

      Webmin lets you update all of your packages through its user interface. To update all of your packages, first, click the Dashboard button above the left-hand sidebar, and then locate the Package updates field. If there are updates available, you'll see a link that states the number of available updates.

      Click this link, and then press Update selected packages to start the update. You may be asked to reboot the server, which you can also do through the Webmin interface.

      Conclusion

      You now have a secured working instance of Webmin and you've used the interface to create a user and update packages. Webmin gives you access to many things you'd normally need to access through the console, and it organizes them in an intuitive way. For example, if you have Apache installed, you would find the configuration tab for it under Servers, and then Apache.

      Explore the interface, or read the Official Webmin wiki to learn more about managing your system with Webmin.



      Source link

      How To Write and Run Your First Program in Node.js


      The author selected the Open Internet/Free Speech Fund to receive a donation as part of the Write for DOnations program.

      Introduction

      Node.js is a popular open-source runtime environment that can execute JavaScript outside of the browser using the V8 JavaScript engine, which is the same engine used to power the Google Chrome web browser’s JavaScript execution. The Node runtime is commonly used to create command line tools and web servers.

      Learning Node.js will allow you to write your front-end code and your back-end code in the same language. Using JavaScript throughout your entire stack can help reduce time for context switching, and libraries are more easily shared between your back-end server and front-end projects.

      Also, thanks to its support for asynchronous execution, Node.js excels at I/O-intensive tasks, which is what makes it so suitable for the web. Real-time applications, like video streaming, or applications that continuously send and receive data, can run more efficiently when written in Node.js.

      In this tutorial you’ll create your first program with the Node.js runtime. You’ll be introduced to a few Node-specific concepts and build your way up to create a program that helps users inspect environment variables on their system. To do this, you’ll learn how to output strings to the console, receive input from the user, and access environment variables.

      Prerequisites

      To complete this tutorial, you will need:

      Step 1 — Outputting to the Console

      To write a “Hello, World!” program, open up a command line text editor such as nano and create a new file:

      With the text editor opened, enter the following code:

      hello.js

      console.log("Hello World");
      

      The console object in Node.js provides simple methods to write to stdout, stderr, or to any other Node.js stream, which in most cases is the command line. The log method prints to the stdout stream, so you can see it in your console.

      In the context of Node.js, streams are objects that can either receive data, like the stdout stream, or objects that can output data, like a network socket or a file. In the case of the stdout and stderr streams, any data sent to them will then be shown in the console. One of the great things about streams is that they're easily redirected, in which case you can redirect the output of your program to a file, for example.

      Save and exit nano by pressing CTRL+X, when prompted to save the file, press Y. Now your program is ready to run.

      Step 2 — Running the Program

      To run this program, use the node command as follows:

      The hello.js program will execute and display the following output:

      Output

      Hello World

      The Node.js interpreter read the file and executed console.log("Hello World"); by calling the log method of the global console object. The string "Hello World" was passed as an argument to the log function.

      Although quotation marks are necessary in the code to indicate that the text is a string, they are not printed to the screen.

      Having confirmed that the program works, let's make it more interactive.

      Step 3 — Receiving User Input via Command Line Arguments

      Every time you run the Node.js “Hello, World!” program, it produces the same output. In order to make the program more dynamic, let's get input from the user and display it on the screen.

      Command line tools often accept various arguments that modify their behavior. For example, running node with the --version argument prints the installed version instead of running the interpreter. In this step, you will make your code accept user input via command line arguments.

      Create a new file arguments.js with nano:

      Enter the following code:

      arguments.js

      console.log(process.argv);
      

      The process object is a global Node.js object that contains functions and data all related to the currently running Node.js process. The argv property is an array of strings containing all the command line arguments given to a program.

      Save and exit nano by typing CTRL+X, when prompted to save the file, press Y.

      Now when you run this program, you provide a command line argument like this:

      • node arguments.js hello world

      The output looks like the following:

      Output

      [ '/usr/bin/node', '/home/sammy/first-program/arguments.js', 'hello', 'world' ]

      The first argument in the process.argv array is always the location of the Node.js binary that is running the program. The second argument is always the location of the file being run. The remaining arguments are what the user entered, in this case: hello and world.

      We are mostly interested in the arguments that the user entered, not the default ones that Node.js provides. Open the arguments.js file for editing:

      Change console.log(process.arg); to the following:

      arguments.js

      console.log(process.argv.slice(2));
      

      Because argv is an array, you can use JavaScript's built-in slice method that returns a selection of elements. When you provide the slice function with 2 as its argument, you get all the elements of argv that comes after its second element; that is, the arguments the user entered.

      Re-run the program with the node command and the same arguments as last time:

      • node arguments.js hello world

      Now, the output looks like this:

      Output

      [ 'hello', 'world' ]

      Now that you can collect input from the user, let's collect input from the program's environment.

      Step 4 — Accessing Environment Variables

      Environment variables are key-value data stored outside of a program and provided by the OS. They are typically set by the system or user and are available to all running processes for configuration or state purposes. You can use Node's process object to access them.

      Use nano to create a new file environment.js:

      Add the following code:

      environment.js

      console.log(process.env);
      

      The env object stores all the environment variables that are available when Node.js is running the program.

      Save and exit like before, and run the environment.js file with the node command.

      Upon running the program, you should see output similar to the following:

      Output

      { SHELL: '/bin/bash', SESSION_MANAGER: 'local/digitalocean:@/tmp/.ICE-unix/1003,unix/digitalocean:/tmp/.ICE-unix/1003', COLORTERM: 'truecolor', SSH_AUTH_SOCK: '/run/user/1000/keyring/ssh', XMODIFIERS: '@im=ibus', DESKTOP_SESSION: 'ubuntu', SSH_AGENT_PID: '1150', PWD: '/home/sammy/first-program', LOGNAME: 'sammy', GPG_AGENT_INFO: '/run/user/1000/gnupg/S.gpg-agent:0:1', GJS_DEBUG_TOPICS: 'JS ERROR;JS LOG', WINDOWPATH: '2', HOME: '/home/sammy', USERNAME: 'sammy', IM_CONFIG_PHASE: '2', LANG: 'en_US.UTF-8', VTE_VERSION: '5601', CLUTTER_IM_MODULE: 'xim', GJS_DEBUG_OUTPUT: 'stderr', LESSCLOSE: '/usr/bin/lesspipe %s %s', TERM: 'xterm-256color', LESSOPEN: '| /usr/bin/lesspipe %s', USER: 'sammy', DISPLAY: ':0', SHLVL: '1', PATH: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin', DBUS_SESSION_BUS_ADDRESS: 'unix:path=/run/user/1000/bus', _: '/usr/bin/node', OLDPWD: '/home/sammy' }

      Keep in mind that many of the environment variables you see are dependent on the configuration and settings of your system, and your output may look substantially different than what you see here. Rather than viewing a long list of environment variables, you might want to retrieve a specific one.

      Step 5 — Accessing a Specified Environment Variable

      In this step you'll view environment variables and their values using the global process.env object and print their values to the console.

      The process.env object is a simple mapping between environment variable names and their values stored as strings. Like all objects in JavaScript, you access an individual property by referencing its name in square brackets.

      Open the environment.js file for editing:

      Change console.log(process.env); to:

      environment.js

      console.log(process.env["HOME"]);
      

      Save the file and exit. Now run the environment.js program:

      The output now looks like this:

      Output

      /home/sammy

      Instead of printing the entire object, you now only print the HOME property of process.env, which stores the value of the $HOME environment variable.

      Again, keep in mind that the output from this code will likely be different than what you see here because it is specific to your system. Now that you can specify the environment variable to retrieve, you can enhance your program by asking the user for the variable they want to see.

      Step 6 — Retrieving An Argument in Response to User Input

      Next, you'll use the ability to read command line arguments and environment variables to create a command line utility that prints the value of an environment variable to the screen.

      Use nano to create a new file echo.js:

      Add the following code:

      echo.js

      const args = process.argv.slice(2);
      console.log(process.env[args[0]]);
      

      The first line of echo.js stores all the command line arguments that the user provided into a constant variable called args. The second line prints the environment variable stored in the first element of args; that is, the first command line argument the user provided.

      Save and exit nano, then run the program as follows:

      Now, the output would be:

      Output

      /home/sammy

      The argument HOME was saved to the args array, which was then used to find its value in the environment via the process.env object.

      At this point you can now access the value of any environment variable on your system. To verify this, try viewing the following variables: PWD, USER, PATH.

      Retrieving single variables is good, but letting the user specify how many variables they want would be better.

      Step 7 — Viewing Multiple Environment Variables

      Currently, the application can only inspect one environment variable at a time. It would be useful if we could accept multiple command line arguments and get their corresponding value in the environment. Use nano to edit echo.js:

      Edit the file so that it has the following code instead:

      echo.js

      const args = process.argv.slice(2);
      
      args.forEach(arg => {
        console.log(process.env[arg]);
      });
      

      The forEach method is a standard JavaScript method on all array objects. It accepts a callback function that is used as it iterates over every element of the array. You use forEach on the args array, providing it a callback function that prints the current argument's value in the environment.

      Save and exit the file. Now re-run the program with two arguments:

      You would see the following output:

      Output

      /home/sammy /home/sammy/first-program

      The forEach function ensures that every command line argument in the args array is printed.

      Now you have a way to retrieve the variables the user asks for, but we still need to handle the case where the user enters bad data.

      Step 8 — Handling Undefined Input

      To see what happens if you give the program an argument that is not a valid environment variable, run the following:

      • node echo.js HOME PWD NOT_DEFINED

      The output will look similar to the following:

      Output

      /home/sammy /home/sammy/first-program undefined

      The first two lines print as expected, and the last line only has undefined. In JavaScript, an undefined value means that a variable or property has not been assigned a value. Because NOT_DEFINED is not a valid environment variable, it is shown as undefined.

      It would be more helpful to a user to see an error message if their command line argument was not found in the environment.

      Open echo.js for editing:

      Edit echo.js so that it has the following code:

      echo.js

      const args = process.argv.slice(2);
      
      args.forEach(arg => {
        let envVar = process.env[arg];
        if (envVar === undefined) {
          console.error(`Could not find "${arg}" in environment`);
        } else {
          console.log(envVar);
        }
      });
      

      Here, you have modified the callback function provided to forEach to do the following things:

      1. Get the command line argument's value in the environment and store it in a variable envVar.
      2. Check if the value of envVar is undefined.
      3. If the envVar is undefined, then we print a helpful message indicating that it could not be found.
      4. If an environment variable was found, we print its value.

      Note: The console.error function prints a message to the screen via the stderr stream, whereas console.log prints to the screen via the stdout stream. When you run this program via the command line, you won't notice the difference between the stdout and stderr streams, but it is good practice to print errors via the stderr stream so that they can be easier identified and processed by other programs, which can tell the difference.

      Now run the following command once more:

      • node echo.js HOME PWD NOT_DEFINED

      This time the output will be:

      Output

      /home/sammy /home/sammy/first-program Could not find "NOT_DEFINED" in environment

      Now when you provide a command line argument that's not an environment variable, you get a clear error message stating so.

      Conclusion

      Your first program displayed "Hello World" to the screen, and now you have written a Node.js command line utility that reads user arguments to display environment variables.

      If you want to take this further, you can change the behavior of this program even more. For example, you may want to validate the command line arguments before you print. If an argument is undefined, you can return an error, and the user will only get output if all arguments are valid environment variables.



      Source link