Install LAMP Stack (Apache, MariaDB 11.4, PHP 8.3) on Ubuntu 24.04

Install LAMP (Apache, MariaDB 11.4, PHP 8.3) di Ubuntu 24.04

  • Update repository ubuntu
apt update && apt upgrade -y

Install Apache

  • Install Apache
apt install apache2 -y
  • Cek versi apache2
apache2 -v
---<output>---
Server version: Apache/2.4.58 (Ubuntu)
Server built:   2024-04-18T15:13:41
  • Akses web server apache lewat browser: http://ip_address_ubuntu atau http://domain (http://lamp.sys-ops.id.sideka.my.id)

Install PHP 8.3

  • Secara default repository ubuntu 24.04 sudah support php 8.3 tanpa harus menambahkan repository ppa:ondrej/php
  • Jika ingin menginstall php selain versi 8.3 bisa menggunakan repository ppa:ondrej/php
add-apt-repository ppa:ondrej/php
apt install -y php8.3 php8.3-{common,cli,gd,curl,mysql,xml,mbstring,zip,ldap,xmlrpc,curl,intl,fpm,imagick,dev,imap,opcache,soap,memcached,redis}
  • Cek versi php
php -v
---<output>---
PHP 8.3.7 (cli) (built: May 13 2024 15:38:35) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.7, Copyright (c) Zend Technologies
    with Zend OPcache v8.3.7, Copyright (c), by Zend Technologies
  • Setting PHP-FPM
a2dismod mpm_prefork
a2enmod mpm_event proxy_fcgi setenvif
a2enconf php8.3-fpm
systemctl restart apache2
---------------------------------------------
nano /etc/php/8.3/fpm/pool.d/www.conf
---<edit file>---
user = www-data
group = www-data
listen = /run/php/php8.3-fpm.sock
listen.allowed_clients = 127.0.0.1
pm.max_children = 30
pm.start_servers = 10
pm.min_spare_servers = 10
pm.max_spare_servers = 30
pm.process_idle_timeout = 30s
  • Setting php.ini
nano /etc/php/8.3/fpm/php.ini

upload_max_filesize = 100M
post_max_size = 100M
memory_limit = 512M
max_execution_time = 300
max_input_time = 300
date.timezone = Asia/Jakarta
zlib.output_compression = On
zlib.output_compression_level = 6
  • Restart service apache dan php-fpm
systemctl restart php8.3-fpm
systemctl restart apache2
  • Verifikasi php-fpm
nano /var/www/html/info.php

<?php phpinfo();

Setting Virtual Host

  • Buat directory untuk domain lamp.sys-ops.id.sideka.my.id (sesuaikan dengan domain anda)
mkdir -p /var/www/lamp.sys-ops.id.sideka.my.id
  • Download sample file webite dan copy ke folder /var/www/lamp.sys-ops.id.sideka.my.id
git clone https://github.com/sideka-cloud/web-test.git
cp -R web-test/* /var/www/lamp.sys-ops.id.sideka.my.id/
chown -R www-data:www-data /var/www/lamp.sys-ops.id.sideka.my.id/
  • Buat file config virtual host untuk domain lamp.sys-ops.id.sideka.my.id
  • Ganti nama domain lamp.sys-ops.id.sideka.my.id dengan domain yang diinginkan
nano /etc/apache2/sites-available/lamp.sys-ops.id.sideka.my.id.conf
ServerTokens Prod
ServerSignature Off
<VirtualHost *:80>
     ServerAdmin [email protected]
     ServerName lamp.sys-ops.id.sideka.my.id
     ServerAlias www.lamp.sys-ops.id.sideka.my.id
     DocumentRoot /var/www/lamp.sys-ops.id.sideka.my.id

     <Directory /var/www/lamp.sys-ops.id.sideka.my.id>
        Options -Indexes +FollowSymLinks
        Require all granted
        DirectoryIndex index.php index.html
        AllowOverride All
        Order allow,deny
        Allow from all
        Header unset X-Powered-By

        Header set Access-Control-Allow-Headers "ORIGIN, X-REQUESTED-WITH, CONTENT-TYPE"
        Header set Access-Control-Allow-Origin "*"
        Header set Access-Control-Allow-Methods "GET, POST, OPTIONS"
        Header set X-XSS-Protection 1;mode=block
        Header set X-Frame-Options SAMEORIGIN
        Header set X-Content-Type-Options nosniff
        Header set Strict-Transport-Security "max-age=15552000; includeSubDomains;preload"
        Header set Referrer-Policy strict-origin-when-cross-origin
        Header set Access-Control-Max-Age 60000
        Header set Permissions-Policy "microphone=(), geolocation=(self), fullscreen=()"
        Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https:; img-src 'self' data: https:; font-src 'self' data: https:; frame-src 'self' data: https: blob:"
     </Directory>

     <DirectoryMatch "^/.*/\..*/(?!\.well-known/).*$">
        Require all denied
     </DirectoryMatch>

     <FilesMatch "\.(ini|log|conf|txt|bak|old)$">
        Require all denied
     </FilesMatch>

     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
  • Verifikasi file konfigurasi apache, pastikan tidak ada error
apachectl -t
---<output>---
Syntax OK
  • Enable rewrite module, headers module, dan konfigurasi domain lamp.sys-ops.id.sideka.my.id
a2enmod rewrite
a2enmod headers
a2ensite lamp.sys-ops.id.sideka.my.id.conf
a2enmod http2
a2dissite 000-default
systemctl restart apache2
  • Akses domain lewat browser http://domain (http://lamp.sys-ops.id.sideka.my.id)

Install MariaDB 11.4 LTS

  • Install MariaDB 11.4
  • Secara default ubuntu 24.04 menggunakan mariadb versi 10.11 LTS
curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version=11.4
apt install mariadb-server mariadb-client -y
  • Cek versi mariadb
mariadb -V
---<output>---
mariadb from 11.4.2-MariaDB, client 15.2 for debian-linux-gnu (x86_64) using  EditLine wrapper
  • mariadb secure installation
mariadb-secure-installation
---<output>---
   Enter current password for root (enter for none):  <enter>
   Switch to unix_socket authentication [Y/n] n
   Change the root password? [Y/n] Y
   Remove anonymous users? [Y/n] Y
   Disallow root login remotely? [Y/n] Y
   Remove test database and access to it? [Y/n] Y
   Reload privilege tables now? [Y/n] Y
  • Login ke dalam mariadb
mariadb -u root -p
---<output>---
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 34
Server version: 11.4.2-MariaDB-ubu2404 mariadb.org binary distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>
  • Enable user root mariadb password authentication
sudo mariadb

ALTER USER root@localhost identified by 'P@ssw0rd!';
FLUSH PRIVILEGES;

  • Testing koneksi database dengan php
  • Buat database baru
CREATE DATABASE sys_ops_id;
GRANT ALL PRIVILEGES ON sys_ops_id.* TO 'user_ops'@'localhost' IDENTIFIED BY 'P@ssw0rd!';
FLUSH PRIVILEGES;
  • Buat file koneksi.php
nano /var/www/lamp.sys-ops.id.sideka.my.id/koneksi.php
---<isi file>---

<?php
// Koneksi Database
$konek = mysqli_connect("localhost", "user_ops", "P@ssw0rd!", "sys_ops_id");

if (!$konek) {
    echo "Error: Tidak dapat terhubung ke database." . PHP_EOL;
    echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
    echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
    exit;
}
echo "Sukses: Koneksi ke database berhasil terhubung." . PHP_EOL;
echo "Informasi Host: " . mysqli_get_host_info($link) . PHP_EOL;
mysqli_close($link);
?>
  • Verifikasi lewat browser

Install Let’s Encrypt (Free SSL)

  • Install Let’s Encrypt (Free SSL)
apt install certbot python3-certbot-apache -y
certbot --apache --agree-tos --redirect -m [email protected] -d lamp.sys-ops.id.sideka.my.id
  • Verifikasi lewat browser
  • Re-new ssl
certbot renew --dry-run
  • Aktifkan renew ssl pada corn job
crontab -e
   * */12 * * * root /usr/bin/certbot renew >/dev/null 2>&1

systemctl restart cron

herdiana3389

A system administrator with skills in system administration, virtualization, linux, windows, networking, cloud computing, container, etc.