This weekend I overhauled my quick-lemp scripts for automating part of the server setup and LEMP stack installation process. The basic functionality is the same: standard new server setup is performed and a fully functioning LEMP stack is installed along with a sample Flask applications. What has changed is the way the scripts are divided and how they configure the components during the actual LEMP stack installation.
Basic basic new server configuration
- Creates a new user with sudo and www-data membership.
- Configures sshd to listen on a different port, disable root logins, and allow only the newly created member.
- Installs Uncomplicated Firewall (ufw) to manage iptables rules.
- Blocks all incoming traffic except for WWW, HTTPS, and the reassigned SSH port.
- Checks for updates and upgrades applicable packages.
curl -LO https://raw.github.com/jbradach/quick-lemp/master/quicklemp-trusty-setup.sh chmod +x quicklemp-trusty-setup.sh ./quicklemp-trusty-setup.sh
LEMP stack installation
- Installs Nginx, MariaDB, and uWSGI.
- Nginx is installed from PPA to get the latest stable version. A single IPv6-friendly server block is added along with configuration files from the HTML5 Boilerplate team. Optionally adds a self-signed certificate and enables HTTPS.
- MariaDB 10.1 is installed from a customized repository instead of MySQL. The root password is set during installation.
- uWSGI is configured in Emperor mode with /etc/uwsgi for vassals.
- Creates and sets permissions for /srv/www.
- Installs dependencies for build, SSL, and Python.
- Installs virtualenv and pip
- Deploys a very simple Flask application to test the LEMP stack.
curl -LO https://raw.github.com/jbradach/quick-lemp/master/quicklemp-trusty-stack.sh chmod +x quicklemp-trusty-stack.sh ./quicklemp-trusty-stack.sh
These scripts were designed for Ubuntu 14.04 (Trusty). Other releases may work as well, especially just for the LEMP stack installation, but have they have not been tested. It would be a good idea to review each file prior to running them so you know exactly what they’re doing.