You are here
Configurations on LAMP
How to configure the LAMP server in a virtual machine for Drupal developments. These are the configuration steps before Drupal install.
Fix IP and DNS
To work with NFS and web server, you'll need a fix IP and a domain name for the LAMP server. The quick-and-dirty solution is to edit some files like /etc/hosts and /etc/network/interfaces. Or you can install and config a BIND9 server for DNS and DHCP services. We are going to have the quick-and-dirty solution, so let's login to the LAMP server and type:
sudo nano /etc/network/interfaces
Change this line in the file, where eth0 can be differ in your environment:
iface eth0 inet dhcp ...
to these lines, but use your own IP and gateway addresses:
iface eth0 inet staticaddress 192.168.2.20
netmask 255.255.255.0
gateway 192.168.2.1
I will use in the following 192.168.2.20 as the fixed IP address of the LAMP server. Save (ctrl-o), exit (ctrl-x) and restart the networking:
sudo /etc/init.d/networking restart
Now adjust the hosts file:
sudo nano /etc/hosts
Add the following line at the end:
192.168.2.20 drupal.local drupal 192.168.2.30 host.local
One line refers the developer server (drupal.local), the other one is the hosts static IP address. Don't forget to use your own IP address! Save and exit. I will use in the following drupal.local as the basic domain name on the LAMP server. You can have so many local domain names for your development projects, as you want, you just have to update the /etc/hosts
192.168.2.20 project1.local project1192.168.2.20 project2.local project2
So from now on the LAMP server has a fix IP address, and can be found on your local network as drupal.local. You can check the result with ping from a terminal of an other host:
ping drupal.local
SSH login
We are going to use the SSH protocol to login to the LAMP server. It should work out-of-the-box, but first update the etc/hosts file of your host, as well. So open a terminal from your host, and type:
sudo nano /etc/hosts
Add the following line at the end:
192.168.2.20 drupal.local drupal
Save and exit, then you can login via ssh from a terminal of your host:
ssh user@drupal.local
Type yes, if it complains about the unknown authenticity of the LAMP server, and type your password also. In best case, you are logged in, but here you are some steps for smooth usage.
Public key propagation
This optional part is to upload your public key to the LAMP. If you don't have any public key, you can skip this section, but then you have to always supply your password during SSH login. See more details at http://sial.org/howto/openssh/publickey-auth/.
First, upload public key from host to guest. At the host's terminal:
scp ~/.ssh/id_rsa.pub user@drupal.local:
Next, configure the public key on the LAMP server. Login to LAMP and type:
ssh user@drupal.local
mkdir ~/.ssh cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh
rm ~/id_rsa.pub
Logout and close the terminal. From the next ssh login on, there is no more password needed. Install SSH client on your host If you need an SSH client on your host, type:
sudo apt-get install openssh-client
NFS mount
Instead of copy or ftp the drupal source to the web directory (/var/www) of the LAMP, we are going to setup a NFS mount. So we can store and edit our source away from the LAMP, but can do real-time testing using the LAMP server. We assume here the source are properly exported at this point in your host (host.local), serving as an NFS server. To check it, type in a terminal of your host: exportfs How to setup an NFS server, see: http://www.howtoforge.com/perfect-nfs-on-ubuntu-8.04-amd64
On the LAMP server, start by creating the mounting points at /var/www
cd /var/www
sudo mkdir drupal6
sudo mount host.local:/home/www/projects/drupal-6.6 /var/www/drupal6
To check the mount, switch to /var/www/drupal6 and make a directory listing by ls. You should see the content in the mounting directory If it's OK, then let's set up mounting also in boot time. Open the fstab file:
sudo nano /etc/fstab
and add one line to the end:
host.local:/home/www/projects/drupal-6.6 /var/www/drupal6 nfs defaults 0 0
So, that's it. We have the source code mounted into the LAMP servers web directory. To test it, type df at the LAMP servers terminal. Or go with your browser to: http://drupal.local/drupal6. It should start the drupal install procedure. But stop now here, we have some other steps ahead us.
Adjust the default LAMP configs
We have to activate the Rewrite Engine in Apache. It is needed by Drupals "Clean-URL" feature. sudo a2enmod rewrite Next, we increase the memory limit of 16 MB in PHP5,
sudo nano /etc/php5/apache2/php.ini
Search for memory, and set it at least to 32M. Don't forget to restart the webserver.
sudo /etc/init.d/apache2 force-reload
Firewall
As the last step here, we also configure iptables, the build-in firewall of Ubuntu. You can skip this step, if you will have the LAMP server away from others. So, let's check what we have running now:
sudo iptables -L
You will see something like this:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
As you can see, we are accepting anything from anyone on any port and allowing anything to happen. To edit the firewall rules, dump the present configuration:
sudo iptables-save > ~/iptables.up.rules
Then open this file and replace the content by this:
*filter
# Allows all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0
-A INPUT -i lo -j ACCEPT
-A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
# Accepts all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allows all outbound traffic # You can modify this to only allow certain traffic
-A OUTPUT -j ACCEPT
# Allows HTTP and HTTPS connections from anywhere (the normal ports for websites)
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
# Allows SSH connections
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
# Allows ping
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
# Allows NFS connections
-A INPUT -p tcp --dport 111 -j ACCEPT
-A INPUT -p tcp --dport 2049 -j ACCEPT
-A INPUT -p tcp --dport 32771 -j ACCEPT
# log iptables denied calls
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
# Reject all other inbound - default deny unless explicitly allowed policy
-A INPUT -j REJECT
-A FORWARD -j REJECT COMMIT
Then load this new configuration to the firewall by:
sudo iptables-restore < ~/iptables.up.rules
To check it, type:
sudo iptables -L
If it looks good, then move the config file to its place:
sudo mv iptables.up.rules /etc/iptables.up.roles
To switch on these rules at boot, edit the interface file:
sudo nano /etc/network/interfaces
Add this line to the loopback interface:
pre-up iptables-restore < /etc/iptables.up.rules
It should look like this:
# The loopback network interface
auto lo
iface lo inet loopback pre-up iptables-restore < /etc/iptables.up.rules
Please note, this rule set is not the strongest one. We could also change the default ports, and so on. But for Drupal development, it should be enough.