I re-built my LEMP web-server fresh on Ubuntu 22.04 and learned some things along the way. This is my base build outline mostly created for my own notes.
php php-curl php-fpm php-gd php-mysql php-xmlrpc php-memcache php-uploadprogress php-cli php-intl
sendmail (for local mailing services)
unzip zip (was already installed)
ffmpeg (for video-based sites)
imagemagick (to generate thumbnails for video-driven sites)
Ubuntu came with ufw pre-installed and blocking all inbound web traffic. As this doesn't work for a web-server, I simply removed it entirely:
apt purge ufw
Why not just set it up properly? Because I use my cloud host's network-based firewall instead.
Apache was installed by default, and it conflicts with NGINX, causing it not to start properly. Let's get rid of it.
apt purge apache2
CHECK HOSTS / HOSTNAME
Check /etc/hosts and /etc/hostname to make sure you have a proper FQDN. If not, set it with
In my case, I had to prevent cloud-init from overriding the hosts file:
Comment out this line:
- update etc-hosts
I. To enable sendmail to use STARTTLS, you need to:
1) Add this line to /etc/mail/sendmail.mc and optionally to /etc/mail/submit.mc:
3) Restart sendmail
I. Enable password auth (needed for PHPMYADMIN)
mysql -u root
UPDATE user SET plugin='mysql_native_password' WHERE User='root';
systemctl restart mysql.service
* Set root mysql password.
* Do not use the validation plugin because it doesn't work with PHPMYADMIN.
After looking at various sample PHP configs, I found just a few key variables in php.ini that are most often tweaked:
I. Data Handling / File Uploads
post_max_size = 512 (as you like)
upload_max_filesize= 512 (as you like)
register_argc_argv = Off default / On for video-driven sites
II. Resource Limits
max_execution_time = 30 default / 7200 for video-driven sites
max_input_time = 60 default / 7200 for video-driven sites
max_input_vars = 1000 default / 5000 for video-driven sites
memory_limit = 128 default / uploadsize+1MB for video-driven sites
III. Language Options
output_buffering = Off (Joomla wants this)
INSTALL / SETUP PHPMYADMIN
apt install phpmyadmin
I. Setup Self-Signed SSL Certs
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/nginx/ssl/selfssl.key -out /etc/nginx/ssl/selfssl.crt
Reconfigure any cron jobs from the old server:
crontab -e -u www-data
Linux - Specify From Address W...
I struggled a bit with figuring out how to specify the from email address when sending mail on the Linux command line. In short, you need to use the -r option....
Nginx - How to Block or Redire...
I've been figuring out how to block or redirect web traffic in Nginx based on the country geoIP. NOTES* You need the package nginx-extras for this because this...
KVM - Enable Direct PCI Pass-T...
This example was done on Ubuntu server.* Enable VM direct I/O in the BIOS.* Open /etc/default/grub using an editor like nano or something.* Find GRUB_CMDLINE_LI...
Combine Image File and Audio F...
I wanted to figure out a way to quickly and easily combine an image file (jpg) and audio file (mp3) into a video file (mov) using the free media converter tool ...