Install PHP-FPM

Install the latest version of PHP FPM. If there is a new version, select that version for installation.

sudo apt-get install php8-1-fpm

Check Service Status:

sudo systemctl status php8-1-fpm.service

Output:

rahil@localhost:$ sudo systemctl status php8.1-fpm.service
● php8.1-fpm.service - The PHP 8.1 FastCGI Process Manager
     Loaded: loaded (/lib/systemd/system/php8.1-fpm.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2023-09-25 18:28:47 UTC; 23min ago
       Docs: man:php-fpm8.1(8)
    Process: 14322 ExecStartPost=/usr/lib/php/php-fpm-socket-helper install /run/php/php-fpm.sock /etc/php/8.1/fpm/pool.d/www.conf 81 (code=exited, status=0/SUCCESS)
   Main PID: 14319 (php-fpm8.1)
     Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec"
      Tasks: 3 (limit: 1013)
     Memory: 11.1M
        CPU: 83ms
     CGroup: /system.slice/php8.1-fpm.service
             ├─14319 "php-fpm: master process (/etc/php/8.1/fpm/php-fpm.conf)" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
             ├─14320 "php-fpm: pool www" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "">
             └─14321 "php-fpm: pool www" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "">

Sep 25 18:28:47 localhost systemd[1]: Starting The PHP 8.1 FastCGI Process Manager...
Sep 25 18:28:47 localhost systemd[1]: Started The PHP 8.1 FastCGI Process Manager.

Configuring PHP-FPM Pool

Create group for WordPress site:

sudo groupadd wordpress_demo

sudo useradd -g wordpress_demo wordpress_demo

Next, let’s navigate to the PHP-FPM folder path to create a new configuration file:

cd /etc/php/8.1/fpm/pool.d/

Inside this folder create a new configuration file called wordpress_demo_pool.conf

sudo vi wordpress_demo_pool.conf

[wordpress_demo_site]
user = wordpress_demo
group = wordpress_demo
listen = /var/run/php/php8.1-fpm-wordpress-demo-site.sock
listen.owner = www-data
listen.group = www-data
php_admin_value[disable_functions] = exec,passthru,shell_exec,system
php_admin_flag[allow_url_fopen] = off
; Choose how the process manager will control the number of child processes. 
pm = dynamic 
pm.max_children = 75 
pm.start_servers = 10 
pm.min_spare_servers = 5 
pm.max_spare_servers = 20 
pm.process_idle_timeout = 10s
env[HOSTNAME] = $HOSTNAME
env[TMP] = /tmp

Insert the below command. Definition of each item is provided below:

• [wordpress_demo_site]: This is a unique identifier for the pool, ensuring no two pools share the same name.
• user and group: Specifies which user and group the pool operates under.
• listen: Defines the socket file’s name associated with this pool.
• listen.owner and listen.group: These should align with the user and group that NGINX operates under. For this scenario, it’s www-data.
• php_admin_value: Enables the setting of specific PHP configuration parameters.
• php_admin_flag: Used to define PHP boolean settings.
  pm: Manages processes, with the “Dynamic” value indicating that child process numbers adjust based on subsequent directives.
• pm.max_children: Indicates the peak number of concurrently active child processes.
• pm.start_servers: Represents the count of child processes initiated upon startup.
• pm.min_spare_servers: Denotes the least number of idle child processes. If idle processes drop below this, new ones are spawned.
• pm.max_spare_servers: Represents the upper limit for idle child processes. If this number is exceeded, some processes will be terminated.
• pm.process_idle_timeout: Specifies the ideal maximum for idle server processes. This is relevant only when the pm setting is “dynamic”. Beyond these configurations, it’s feasible to relay certain system environment variables to the php-fpm service, like using env[‘PHP_FOO’] = $bar. For instance, integrating the subsequent options in the mentioned configuration will assign the hostname and temporary directory path to the PHP environment.

PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites with high traffic. One of the key features of PHP-FPM is its ability to manage PHP processes. The process manager (pm) is responsible for controlling the number of child processes, which in turn handle the PHP requests.

Here’s a breakdown of the PHP-FPM process manager for more details:

1. Types of Process Managers:
   PHP-FPM offers several ways to manage PHP processes:

• Static (pm = static): A fixed number of child processes are created. The number is specified by the pm.max_children directive. This mode is straightforward and can be efficient if you know the exact number of processes you need. However, it lacks flexibility.
• Dynamic (pm = dynamic): The number of child processes is set dynamically based on the following directives: pm.max_children, pm.start_servers, pm.min_spare_servers, and pm.max_spare_servers. This mode offers more flexibility and can adjust based on the demand.
• On-demand (pm = ondemand): Processes are spawned as needed. No child processes are created at startup, but they’re created on demand when there’s a request. This mode is the most flexible and can be efficient for sites with fluctuating traffic.

Benefits:

• Adaptability: PHP-FPM can adjust the number of child processes based on the traffic, ensuring efficient resource usage.
• Performance: By managing processes effectively, PHP-FPM can handle a large number of requests without overloading the server.
• Isolation: Each PHP request can be processed in a separate child process, providing isolation and security.
• Custom Configuration: PHP-FPM allows for pool-specific configurations, enabling fine-tuned settings for different websites or applications on the same server.

In summary, the PHP-FPM process manager provides a way to efficiently handle PHP requests by managing child processes. Depending on the configuration and the type of process manager chosen, PHP-FPM can offer a balance between performance and flexibility.

Restart fpm service to apply new changes:

sudo systemctl restart php8.1-fpm && sudo systemctl status php8.1-fpm --no-pager

Configure Nginx for PHP-FPM

server {
            listen 80;
            root /var/www/html/wordpress_blog/public_html;
            index index.php index.html;
            server_name blog.wordpress.xyz;

            access_log /var/log/nginx/wordpress_blog.access.log;
            error_log /var/log/nginx/wordpress_blog.error.log;

            location / {
                         try_files $uri $uri/ /index.php?$args;
            }

            location ~ \.php$ {
                         include snippets/fastcgi-php.conf;
                         fastcgi_pass unix:/run/php/php8.1-fpm-wordpress-demo-site.sock;
            }

            location ~ /\.ht {
                         deny all;
            }

            location = /favicon.ico {
                         log_not_found off;
                         access_log off;
            }

            location = /robots.txt {
                         allow all;
                         log_not_found off;
                         access_log off;
           }

            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                         expires max;
                         log_not_found off;
           }
}

Next, test Nginx configuration.

sudo nginx -t

Restart Nginx Service:

sudo systemctl restart nginx

Testing PHP-FPM Nginx Configuration

To verify that the aforementioned NGINX configuration file is utilizing the newly established FPM pool, generate a PHP info file within the web root. In the above NGINX configuration file, I have designated /var/www/html/wordpress_blog/public_html as the web root. Modify this value to suit your setup.

echo "<?php echo phpinfo();?>" > info.php

Setting Permissions For WordPress

How we have set up PHP-FPM, it is crucial to set permissions to public_html folder. Execute the below commands:

sudo chmod -R 755 *
sudo chmod -R 664 *.php *.txt *.html
sudo chown -R wordpress_demo:www-data *

The post Configure PHP-FPM for Multiline WordPress Sites With Nginx appeared first on TEKSpace Blog.

1. Standard Output (stdout) Redirection: The standard output (usually the terminal) can be redirected to a file. This means that instead of seeing the output on your screen, it’ll be saved to a file.

• Overwrite a file: command > filename This will overwrite the filename with the output of the command.
• Append to a file:
  bash command >> filename
  This will append the output of command to filename without overwriting its current content.

1. Standard Error (stderr) Redirection: Sometimes commands generate errors, and these errors are sent to stderr.

• Overwrite a file: command 2> errorfile This will overwrite errorfile with the error messages from command.
• Append to a file:
  bash command 2>> errorfile
  This will append the error messages from command to errorfile.

1. Redirect Both stdout and stderr: If you want to redirect both standard output and standard error to the same file:

• Overwrite a file: command > filename 2>&1
• Append to a file: command >> filename 2>&1 The 2>&1 syntax tells the shell to redirect the standard error (file descriptor 2) to the same location as the standard output (file descriptor 1).

1. Pipes (|): The pipe operator allows you to use the output of one command as the input of another. This is very useful for chaining commands together.

   command1 | command2

The output of command1 is used as the input to command2.

5. Input Redirection: You can also redirect the input of a command:

   command < inputfile

This will use inputfile as the input to command.

6. Discarding Output: If you want to discard the output (or errors) of a command, you can redirect it to the special file /dev/null:

   command > /dev/null 2>&1

This discards both standard output and standard error.

NOTE: the order of redirections matters. For example, command > filename 2>&1 is not the same as command 2>&1 > filename. The first command redirects both the standard output (stdout) and standard error (stderr) to a file named “filename”. The second command redirects the standard output to the “filename” file, while keeping the standard error in its original location, typically the terminal.

The post How To Use Standard Redirection to Input or Output Commands appeared first on TEKSpace Blog.

1. Open the Crontab Editor:
   To edit the current user’s crontab, use the following command:

   crontab -e

2. Understand the Cron Time Format:
   Each cron job has a specific format:

   * * * * * /path/to/command

The five asterisks represent:

• Minute (0 – 59)
• Hour (0 – 23)
• Day of the month (1 – 31)
• Month (1 – 12)
• Day of the week (0 – 7, where both 0 and 7 represent Sunday)

1. Add Your Cron Job:
   For example, if you want to run /path/to/script.sh every day at 3:30 AM, you would add the following line to the crontab:

   30 3 * * * /path/to/script.sh

4. Save and Exit:
   After adding your cron job, save and exit the editor. The method to save and exit depends on the default editor set on your system:

• For vi/vim: Press Esc, type :wq, and press Enter.
• For nano: Press CTRL + O, press Enter, and then press CTRL + X.

4. View Current Cron Jobs:
   To view the current user’s cron jobs, use:

   crontab -l

6. Remove a Cron Job:
   If you want to remove a cron job, edit the crontab (crontab -e) and simply delete the line containing the job you want to remove. Then save and exit.
7. Manage Other User’s Cron Jobs:
   If you have superuser privileges, you can view or edit the crontab of another user with:

   crontab -u username -l   # To view
   crontab -u username -e   # To edit

8. Cron Job Output:
   By default, the output of the cron job will be mailed to the user the job runs as. If you want to redirect the output to a file or discard it, you can use standard redirection:

   30 3 * * * /path/to/script.sh > /path/to/logfile.log 2>&1

9. Ensure the Cron Daemon is Running:
   The cron jobs rely on the cron daemon to be running. You can check its status (on systems using systemd) with:

   systemctl status cron

10. Set Environment Variables:
    If your script relies on specific environment variables, you can set them at the top of the crontab file. For example:

   PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
   30 3 * * * /path/to/script.sh

Make sure that the script or command you schedule with cron has the right permissions to run. Also, use absolute paths for any paths inside the script, since cron jobs have a limited environment.

Using Standard Redirection to output cron job

Let’s explore some examples of using redirection with cron jobs. This will help you understand how to handle the output and errors generated by cron tasks.

1. Redirecting Standard Output to a File:
   If you have a cron job that generates output and you want to save that output to a file:

   0 0 * * * /path/to/script.sh > /path/to/output.log

This will run script.sh every day at midnight and save its output to output.log.

2. Redirecting Errors to a Separate File:
   If you want to save error messages to a separate file:

   0 0 * * * /path/to/script.sh > /path/to/output.log 2> /path/to/error.log

This will save standard output to output.log and errors to error.log.

3. Appending Output and Errors to Existing Files:
   If you don’t want to overwrite the log files but instead want to append to them:

   0 0 * * * /path/to/script.sh >> /path/to/output.log 2>> /path/to/error.log

4. Combining Output and Errors in a Single File:
   If you want both the standard output and errors in the same file:

   0 0 * * * /path/to/script.sh > /path/to/output_and_error.log 2>&1

5. Discarding Output and Errors:
   If you’re not interested in the output or errors of a cron job:

   0 0 * * * /path/to/script.sh > /dev/null 2>&1

6. Sending Output and Errors via Email:
   By default, cron will email the user with the output and errors of a job. If you want to explicitly set an email address to receive these messages, you can use the MAILTO variable:

   MAILTO="your_email@example.com"
   0 0 * * * /path/to/script.sh

7. Using Pipes with Cron Jobs:
   Let’s say you want to filter the output of a script and save only lines containing the word “ERROR” to a log file:

   0 0 * * * /path/to/script.sh | grep ERROR > /path/to/error.log

8. Running Multiple Commands:
   If you want to run multiple commands in a single cron job and redirect their output:

   0 0 * * * /path/to/first_script.sh && /path/to/second_script.sh > /path/to/output.log

NOTE: when working with cron jobs, always use absolute paths for commands, scripts, and files to avoid any ambiguity. Also, test your scripts manually before scheduling them with cron to ensure they work as expected.

How to Check CronJob Logs

Execute the below command to get all the execution logs from CronJobs.

sudo grep CRON /var/log/syslog

The post How to Setup CronJob On A Linux Server appeared first on TEKSpace Blog.

Step 1: Using stat and chmod: First, get the permissions of the source file using stat:

stat -c "%a" source_file

This will return the permissions of source_file in octal format.

Then, apply these permissions to the target file using chmod:

chmod $(stat -c "%a" source_file) target_file

Using a one-liner: You can combine the above commands into a single one-liner:

chmod --reference=source_file target_file

The --reference option allows chmod to take the permissions from the file specified (in this case, source_file) and apply them to target_file.

Remember to replace source_file with the name of the file from which you want to copy the permissions, and target_file with the name of the file to which you want to apply the permissions.

The post How To Copy Permissions From One File to Another On Linux appeared first on TEKSpace Blog.

On Linux, swap is a space on a hard drive or SSD that functions as an extension of a system’s physical memory (RAM). In case the RAM memory is fully occupied, the Linux operating system has the ability to transfer less frequently used data to the swap space. This smart approach ensures that the most essential and frequently accessed data remains within the RAM, optimizing system performance. This process helps in preventing system crashes due to memory exhaustion, but accessing data from swap is slower than accessing it from RAM. Therefore, while swap can provide a safety net for systems with limited RAM, relying on it excessively can degrade system performance.

In this tutorial, I am using Ubuntu 22.04. What I will do is turn off existing swap and apply new swap with extra space.

Show existing swap size:

sudo swapon --show

Output:

rahil@localhost:$ sudo swapon --show
[sudo] password for rahil:
NAME     TYPE      SIZE USED PRIO
/dev/sdb partition 512M   0B   -2

As you can see in the above output, the size of swap is 512M. This should be fine if your server is lightly used or has higher memory available. In my VPS server, I only have 2 GB of RAM and I would like to add more swap space so that I can use swap as my server load increases. I plan to run multiple WordPress websites and this will be beneficial to have extra swap space.

Next, we will implement a new swap with 2 GB of space.

Step 1: Remove the existing swap from the server:

sudo rm /swapfile

Step 2: Create a new Swap file with a new size per your desire:

sudo fallocate -l 2G /swapfile

If the `fallocate` command is not available on your Linux system, you can try the dd command:

sudo dd if=/dev/zero of=/swapfile bs=1M count=2048

Step 3: Set permissions:

sudo chmod 600 /swapfile

Step 4: Format the new Swap file you created:

sudo mkswap /swapfile

Output:

rahil@localhost:$ sudo mkswap /swapfile
Setting up swapspace version 1, size = 2 GiB (2147479552 bytes)
no label, UUID=79ca27fb-28bf-4aa5-a887-dd310ee73703

Step 5: Enable new Swap:

sudo swapon /swapfile

Step 6: Confirm swap creation by executing the below command:

ls -hl /swapfile

Output:

rahil@localhost:$ ls -hl /swapfile
-rw------- 1 root root 2.0G Sep 22 18:52 /swapfile

Step 7: Add entry in fstab file to keep the swap when the system reboots:

Note: If you see old swap in fstab, please go ahead and delete or comment it out so that old swap settings are disabled.

sudo vi /etc/fstab

In the last line add below:

/swapfile       swap            swap    defaults          0     0

Your file should look like this or similar:

# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
/dev/sda        /               ext4    errors=remount-ro 0     1
#/dev/sdb        none           swap    sw                0     0
/swapfile       swap            swap    defaults          0     0
~                                                                     

Step 8: Now the last step is to reboot the server to apply and active swap on restart:

sudo reboot

This is it! You are done.

The post How To Increase Swap size on Ubuntu Linux appeared first on TEKSpace Blog.

The unzip command is a versatile tool that simplifies the process of extracting files from ZIP archives. It comes pre-installed in most Ubuntu distributions, making it readily available for various compression-related tasks.

The basic syntax of the unzip command is straightforward:

unzip [options] zipfile.zip

Here, zipfile.zip is the name of the ZIP archive you want to extract.

• -l or --list: List the contents of the ZIP file without extracting.
• -d <directory>: Specify the directory where extracted files will be placed.
• -q or --quiet: Quiet mode, suppresses output.
• -o or --overwrite: Overwrite existing files without prompting.

• Extracting a ZIP File: unzip archive.zip This command extracts all files from archive.zip into the current directory.
• Extracting to a Specific Directory: unzip archive.zip -d target_directory Using the -d option, you can extract files to a designated directory, such as target_directory.
• Listing Contents of a ZIP File:
  unzip -l archive.zip
  This command provides a detailed list of files contained within the archive.zip without actually extracting them.

If a ZIP archive is password-protected, you’ll be prompted to enter the password when using the unzip command. For example:

unzip secured.zip

unzip archive.zip file1.txt file2.txt

This command extracts only file1.txt and file2.txt from archive.zip.

unzip data.zip '*.csv'

Using wildcards, you can extract all CSV files from data.zip.

unzip -v archive.zip

The -v option provides a more verbose output, displaying the progress and details of extraction.

unzip -K archive.zip

The -K option preserves the permissions of extracted files, ensuring they retain their original attributes.

unzip -o updated_files.zip

The -o option overwrites existing files without prompting, which is useful when updating files.

unzip '*.zip'

This command extracts files from all ZIP archives in the current directory.

These additional examples showcase the versatility of the unzip command and how it can be tailored to suit various extraction scenarios. By combining different options and using wildcards, you can efficiently manage and manipulate compressed files in your Linux environment.

Conclusion:
The unzip command in Ubuntu Linux is a versatile tool that simplifies the extraction of files from ZIP archives. By mastering its usage and understanding the provided options, you can efficiently manage compressed files and streamline your workflow.

Whether you’re dealing with software distributions, compressed archives, or sharing files, the unzip command provides a straightforward solution to access the content within ZIP files. You can customize the extraction process to meet your specific needs with the various options available. This makes it an important tool in your Linux toolkit.

So, next time you encounter a ZIP archive, remember the power of the unzip command to effortlessly unzip and access its contents.

The post Unzipping Files in Ubuntu Linux: A Comprehensive Guide appeared first on TEKSpace Blog.

Prerequisites

Before we get started, we need to make sure Nginx web server is set up. Use the below link to set up Nginx server on Ubuntu.

• How to install Nginx on Ubuntu Linux.
• Ensuring that the domain name is correctly directed to the appropriate server.

NOTE: DNS setup is beyond the scope of the article. Please ensure domain name is pointing to correct server before proceeding with the below guide.

sudo apt-get update && \
  sudo apt-get install -y dotnet-sdk-7.0

Output:

rahil@ubuntu:~$ sudo apt-get update && \
  sudo apt-get install -y dotnet-sdk-7.0
[sudo] password for rahil:
Hit:1 http://mirrors.digitalocean.com/ubuntu jammy InRelease
Get:2 http://mirrors.digitalocean.com/ubuntu jammy-updates InRelease [119 kB]
Hit:3 https://repos-droplet.digitalocean.com/apt/droplet-agent main InRelease
Get:4 http://mirrors.digitalocean.com/ubuntu jammy-backports InRelease [109 kB]
Get:5 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:6 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages [722 kB]
Get:7 http://security.ubuntu.com/ubuntu jammy-security/main Translation-en [160 kB]
Get:8 http://security.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [767 kB]
Get:9 http://security.ubuntu.com/ubuntu jammy-security/restricted Translation-en [123 kB]
Fetched 2109 kB in 6s (379 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  aspnetcore-runtime-7.0 aspnetcore-targeting-pack-7.0 dotnet-apphost-pack-7.0 dotnet-host-7.0 dotnet-hostfxr-7.0
  dotnet-runtime-7.0 dotnet-targeting-pack-7.0 dotnet-templates-7.0 liblttng-ust-common1 liblttng-ust-ctl5 liblttng-ust1
  netstandard-targeting-pack-2.1-7.0
The following NEW packages will be installed:
  aspnetcore-runtime-7.0 aspnetcore-targeting-pack-7.0 dotnet-apphost-pack-7.0 dotnet-host-7.0 dotnet-hostfxr-7.0
  dotnet-runtime-7.0 dotnet-sdk-7.0 dotnet-targeting-pack-7.0 dotnet-templates-7.0 liblttng-ust-common1 liblttng-ust-ctl5
  liblttng-ust1 netstandard-targeting-pack-2.1-7.0
0 upgraded, 13 newly installed, 0 to remove and 61 not upgraded.
Need to get 136 MB of archives.
...

sudo apt-get update && \
  sudo apt-get install -y aspnetcore-runtime-7.0

Output:

rahil@ubuntu:~$ sudo apt-get update && \
  sudo apt-get install -y aspnetcore-runtime-7.0
Hit:1 http://mirrors.digitalocean.com/ubuntu jammy InRelease
Hit:2 https://repos-droplet.digitalocean.com/apt/droplet-agent main InRelease
Hit:3 http://mirrors.digitalocean.com/ubuntu jammy-updates InRelease
Hit:4 http://mirrors.digitalocean.com/ubuntu jammy-backports InRelease
Hit:5 http://security.ubuntu.com/ubuntu jammy-security InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
aspnetcore-runtime-7.0 is already the newest version (7.0.110-0ubuntu1~22.04.1).
aspnetcore-runtime-7.0 set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 61 not upgraded.

As an alternative to the ASP.NET Core Runtime, you also can install the .NET Runtime. The package doesn’t include ASP.NET Core support. You can replace aspnetcore-runtime-7.0 in the previous command with dotnet-runtime-7.0.

sudo apt-get install -y dotnet-runtime-7.0

In my case, I will stick with option one as I am using ASP.NET Core in my WebApp.

In this tutorial, I am using a sample app I created here. You can setup CICD pipeline to build and deploy the package directly on Ubuntu web server if you prefer. For the purpose of this tutorial, I will follow manual download, unzip, and staging of package to hosting path.

wget https://github.com/tekspace-io/DotNetWebApp/archive/refs/heads/master.zip

Output:

rahil@ubuntu:~$ wget https://github.com/tekspace-io/DotNetWebApp/archive/refs/heads/master.zip
--2023-08-31 16:24:22--  https://github.com/tekspace-io/DotNetWebApp/archive/refs/heads/master.zip
Resolving github.com (github.com)... 192.30.255.112
Connecting to github.com (github.com)|192.30.255.112|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/tekspace-io/DotNetWebApp/zip/refs/heads/master [following]
--2023-08-31 16:24:22--  https://codeload.github.com/tekspace-io/DotNetWebApp/zip/refs/heads/master
Resolving codeload.github.com (codeload.github.com)... 192.30.255.121
Connecting to codeload.github.com (codeload.github.com)|192.30.255.121|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/zip]
Saving to: ‘master.zip’

Extract zip file that was downloaded on your Ubuntu server.

Install unzip, if the command doesn’t exist.

sudo apt-get install unzip

We will execute unzip command to extract master.zip file that we downloaded from GitHub repository.

unzip master.zip -d webapp

Output:

rahil@ubuntu:~$ unzip master.zip -d webapp
Archive:  master.zip
bd1ef2df340c39be5bebd55dd2f5938dd3679677
   creating: webapp/DotNetWebApp-master/
  inflating: webapp/DotNetWebApp-master/.gitattributes
  inflating: webapp/DotNetWebApp-master/.gitignore
  inflating: webapp/DotNetWebApp-master/DotNetWebApp.sln
   creating: webapp/DotNetWebApp-master/DotNetWebApp/
  inflating: webapp/DotNetWebApp-master/DotNetWebApp/DotNetWebApp.csproj
   creating: webapp/DotNetWebApp-master/DotNetWebApp/Pages/
  inflating: webapp/DotNetWebApp-master/DotNetWebApp/Pages/Error.cshtml
  inflating: webapp/DotNetWebApp-master/DotNetWebApp/Pages/Error.cshtml.cs
  inflating: webapp/DotNetWebApp-master/DotNetWebApp/Pages/Index.cshtml
  inflating: webapp/DotNetWebApp-master/DotNetWebApp/Pages/Index.cshtml.cs
  inflating: webapp/DotNetWebApp-master/DotNetWebApp/Pages/Privacy.cshtml
  inflating: webapp/DotNetWebApp-master/DotNetWebApp/Pages/Privacy.cshtml.cs
   creating: webapp/DotNetWebApp-master/DotNetWebApp/Pages/Shared/
...

Now navigate to the solution path ~/webapp/DotNetWebApp-master

cd ~/webapp/DotNetWebApp-master

Run dotnet publish to compile the code and publish.

dotnet publish --configuration Release

Output:

rahil@ubuntu:~/webapp/DotNetWebApp-master$ dotnet publish --configuration Release
MSBuild version 17.4.8+6918b863a for .NET
  Determining projects to restore...
  Restored /home/rahil/webapp/DotNetWebApp-master/DotNetWebApp/DotNetWebApp.csproj (in 102 ms).
  DotNetWebApp -> /home/rahil/webapp/DotNetWebApp-master/DotNetWebApp/bin/Release/net7.0/DotNetWebApp.dll
  DotNetWebApp -> /home/rahil/webapp/DotNetWebApp-master/DotNetWebApp/bin/Release/net7.0/publish/

Upon publish, you will notice the runtime code was created under ~/webapp/DotNetWebApp-master/DotNetWebApp/bin/Release/net7.0. We will copy the files from the published location to /var/www/demo_tekspace_io/.

NOTE: I am using /var/www/demo_tekspace_io/ path based on Nginx & let’s encrypt tutorial. If you would like to update demo_tekspace_io to your preferred folder name, you can do so as per your requirements.

Copy net.7.0 folder from ~/webapp/DotNetWebApp-master/DotNetWebApp/bin/Release to /var/www/demo_tekspace_io/.

sudo cp -r ~/webapp/DotNetWebApp-master/DotNetWebApp/bin/Release/net7.0/ /var/www/demo_tekspace_io/

To confirm if net7.0 was copied to the hosting path, execute ls -l /var/www/demo_tekspace_io/:

rahil@ubuntu:~$ ls -l /var/www/demo_tekspace_io/
total 8
drwxr-xr-x 2 rahil rahil 4096 Aug 30 21:20 html
drwxr-xr-x 3 root  root  4096 Aug 31 18:13 net7.0

Run the below command to change ownership of net7.0 from root to logged in sudo user.

sudo chown -R $USER:$USER /var/www/demo_tekspace_io/net7.0

You only need to do this if the folder is owned by root user.

If you have followed along our previous tutorial to set up Nginx server and Let’s Encrypt guide. Below is the server block setup by Nginx and CertBot. We will modify this file and add dotnet-related configuration to host the WebApp we are referencing for this tutorial.

rahil@ubuntu:~$ cat /etc/nginx/sites-available/demo_tekspace_io
server {

        root /var/www/demo_tekspace_io/html;
        index index.html index.htm index.nginx-debian.html;

        server_name demo.tekspace.io www.demo.tekspace.io;

        location / {
                try_files $uri $uri/ =404;
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/demo.tekspace.io/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/demo.tekspace.io/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = demo.tekspace.io) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
        listen [::]:80;

        server_name demo.tekspace.io www.demo.tekspace.io;
    return 404; # managed by Certbot


}

Next, we will add a reverse proxy configuration to tell Nginx web server to serve all the traffic that is served on port 80 or 443 to localhost with port 5000.

Edit file with nano editor:

sudo nano /etc/nginx/sites-available/demo_tekspace_io

Add the following content inside location / {

proxy_pass         http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_set_header   Upgrade $http_upgrade;
proxy_set_header   Connection keep-alive;
proxy_set_header   Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header   X-Forwarded-Proto $scheme;

Next, replace root /var/www/demo_tekspace_io/html; with root /var/www/demo_tekspace_io/net7.0;

Save the file. Your server block content should look like this:

server {

        root /var/www/demo_tekspace_io/net7.0/publish/wwwroot;
        index index.html index.htm index.nginx-debian.html;

        server_name demo.tekspace.io www.demo.tekspace.io;

        location / {
                try_files $uri $uri/ =404;
                proxy_pass         http://127.0.0.1:5000;
                proxy_http_version 1.1;
                proxy_set_header   Upgrade $http_upgrade;
                proxy_set_header   Connection keep-alive;
                proxy_set_header   Host $host;
                proxy_cache_bypass $http_upgrade;
                proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header   X-Forwarded-Proto $scheme;
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/demo.tekspace.io/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/demo.tekspace.io/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = demo.tekspace.io) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
        listen [::]:80;

        server_name demo.tekspace.io www.demo.tekspace.io;
    return 404; # managed by Certbot


}

Now, we will test Nginx configuration by executing the below command:

sudo nginx -t

If you see below output, that means your configurations are set correctly.

rahil@ubuntu:~$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

First, we will create a service definition file:

sudo nano /etc/systemd/system/kestrel-webapp.service

Enter below configuration and make changes to hosting path as needed:

[Unit]
Description=Example .NET Web API App running on Linux

[Service]
WorkingDirectory=/var/www/demo_tekspace_io/net7.0/publish
ExecStart=/usr/bin/dotnet /var/www/demo_tekspace_io/net7.0/publish/DotNetWebApp.dll
Restart=always
# Restart service after 10 seconds if the dotnet service crashes:
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=dotnet-example
User=rahil
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false

[Install]
WantedBy=multi-user.target

Save the file and enable the service:

sudo systemctl enable kestrel-webapp.service

Output:

rahil@ubuntu:~$ sudo systemctl enable kestrel-webapp.service
Created symlink /etc/systemd/system/multi-user.target.wants/kestrel-webapp.service → /etc/systemd/system/kestrel-webapp.service.

Next, we will start the service:

sudo systemctl start kestrel-webapp.service

Next, we will check the status of the service to make sure it has started successfully.

sudo systemctl status kestrel-webapp.service

Output:

rahil@ubuntu:~$ sudo systemctl status kestrel-webapp.service
● kestrel-webapp.service - Example .NET Web API App running on Linux
     Loaded: loaded (/etc/systemd/system/kestrel-webapp.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2023-08-31 19:57:03 UTC; 15s ago
   Main PID: 30099 (dotnet)
      Tasks: 16 (limit: 512)
     Memory: 22.3M
        CPU: 383ms
     CGroup: /system.slice/kestrel-webapp.service
             └─30099 /usr/bin/dotnet /var/www/demo_tekspace_io/net7.0/publish/DotNetWebApp.dll

Aug 31 19:57:03 ubuntu systemd[1]: Started Example .NET Web API App running on Linux.
Aug 31 19:57:03 ubuntu dotnet-example[30099]: info: Microsoft.Hosting.Lifetime[14]
Aug 31 19:57:03 ubuntu dotnet-example[30099]:       Now listening on: http://localhost:5000
Aug 31 19:57:03 ubuntu dotnet-example[30099]: info: Microsoft.Hosting.Lifetime[0]
Aug 31 19:57:03 ubuntu dotnet-example[30099]:       Application started. Press Ctrl+C to shut down.
Aug 31 19:57:03 ubuntu dotnet-example[30099]: info: Microsoft.Hosting.Lifetime[0]
Aug 31 19:57:03 ubuntu dotnet-example[30099]:       Hosting environment: Production
Aug 31 19:57:03 ubuntu dotnet-example[30099]: info: Microsoft.Hosting.Lifetime[0]
Aug 31 19:57:03 ubuntu dotnet-example[30099]:       Content root path: /var/www/demo_tekspace_io/net7.0/publish

If you see the service status as active (running), that means all your setup is configured successfully.

Before we end the tutorial, we need to make sure the Nginx has been reloaded to apply new changes we make to Nginx server block.

sudo systemctl reload nginx

Once the Nginx service has been reloaded, browse the app via the URL you set up in the server block. In my case, I will browse demo.tekspace.io.

You will see the HTML page load on your browser. If you see all the css and js file load correctly, that means the app is configured successfully to run on Nginx web server.

The post How To Setup DotNet WebApp with Nginx and Lets Encrypt on Ubuntu appeared first on TEKSpace Blog.

In this tutorial, we will guide you on how to install and nginx web server to host applications.

• Ubuntu 22.04 server on your local PC or on Cloud.
• Configure DNS or IP settings (optional).

To install Nginx, we will use apt command to pull new packages and initiate installation.

First, we must make sure our Ubuntu server has all the latest updates.

sudo apt update

Second, install NGINX package.

sudo apt install nginx

nginx will add itself as a service to firewall settings upon installation. To see the application configurations, execute the below command:

sudo ufw app list

This will show all the application services as shown in below output:

rahil@ubuntu:~$ sudo ufw app list
Available applications:
  Nginx Full
  Nginx HTTP
  Nginx HTTPS
  OpenSSH

In the above output, you will see three NGINX profiles:

• Nginx Full: This configuration unlocks both port 80 (standard, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic).
• Nginx HTTP: This setup specifically enables port 80 for handling standard, unencrypted web traffic.
• Nginx HTTPS: This configuration solely accesses port 443 (TLS/SSL encrypted traffic).

For this tutorial, I will enable both HTTP and HTTPS on port 80 and 443 by using `Nginx Full`. Use the below command to allow traffic:

sudo ufw allow 'Nginx Full'

Output:

rahil@ubuntu:~$ sudo ufw allow 'Nginx Full'
Rules updated
Rules updated (v6)

Next, we will output the status of what is allowed from the firewall.

sudo ufw status

Output:

rahil@ubuntu:~$ sudo ufw status
Status: inactive

If you see the above status as inactive, you can use enable to start the firewall on Ubuntu.

sudo ufw enable

Output:

rahil@ubuntu:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? Y
Firewall is active and enabled on system startup

Now, let’s see the status one more time.

rahil@ubuntu:~$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
Nginx Full                 ALLOW       Anywhere
Nginx Full (v6)            ALLOW       Anywhere (v6)

As you can see in the above status, NGINX is allowed both on IP v4 and IP v6.

Once, you have completed NGINX server installation and firewall configuration. It’s time to test out to see if your web server is up and running.

Execute below command to check NGINX service status.

systemctl status nginx

Output:

rahil@ubuntu:~$ systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2023-08-30 20:14:38 UTC; 25min ago
       Docs: man:nginx(8)
    Process: 8855 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Process: 8856 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
   Main PID: 8952 (nginx)
      Tasks: 2 (limit: 512)
     Memory: 5.7M
        CPU: 57ms
     CGroup: /system.slice/nginx.service
             ├─8952 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
             └─8955 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""

From the above output, you can see that the NGINX service is in active status.

Now we need to verify from the browser to make sure we can browse the default NGINX HTML page. You can browse using your Ubuntu server IP address.

That’s it! If you see above page, your NGINX server is up and running.

In Nginx web server, you can use server blocks to encapsulate configuration details and host multiple domains on a single server. In this guide, we’ll configure a domain named “demo.tekspace.io”; however, ensure to substitute this with your actual domain name.

By default, Nginx on Ubuntu 20.04 includes a single enabled server block configured to serve documents from the /var/www/html directory. While this setup suits a single site, it can become cumbersome for multiple sites. Instead of modifying the /var/www/html directory, we’ll establish a directory structure within /var/www for our “demo.tekspace.io” site. This approach keeps /var/www/html as the default directory for serving content when a client request doesn’t match any other sites.

To create the directory for “demo.tekspace.io,” use the following command, utilizing the -p flag to generate any requisite parent directories:

sudo mkdir -p /var/www/demo_tekspace_io/html

Now, we need to set permissions to allow current non-root users to be able to access the folder. You can use any username you like. In my case I will use user rahil.

sudo chown -R $USER:$USER /var/www/demo_tekspace_io/html

If you haven’t altered your umask value, which determines the default file permissions, your web roots’ permissions should be accurate. To check if the owner has the necessary permissions to read, write, and execute files, while giving only read and execute permissions to groups and others, use this command:

sudo chmod -R 755 /var/www/demo_tekspace_io

Next, we will create a new HTML file to serve a simple HTML page.

sudo nano /var/www/demo_tekspace_io/html/index.html

Paste this simple HTML content:

<html>
    <head>
        <title>Welcome to Tekspace!</title>
    </head>
    <body>
        <h1>Your Tekspace landing page is working properly.</h1>
    </body>
</html>

Save the file by pressing Ctrl+O and then enter. To close the file press Ctrl+X and then enter.

Next, to serve above content, we need to create a server block file. Execute the below command to create a new file under /etc/nginx/sites-available/:

sudo nano /etc/nginx/sites-available/demo_tekspace_io

Paste the below content and save and exit the file:

server {
        listen 80;
        listen [::]:80;

        root /var/www/demo_tekspace_io/html;
        index index.html index.htm index.nginx-debian.html;

        server_name demo.tekspace.io www.demo.tekspace.io;

        location / {
                try_files $uri $uri/ =404;
        }
}

Observe that we’ve revised the root configuration to correspond with our new directory and adjusted the server_name to align with our domain name.

Subsequently, we’ll activate the file by establishing a link from it to the sites-enabled directory. This directory is read by Nginx during startup:

sudo ln -s /etc/nginx/sites-available/blog_tekspace_io /etc/nginx/sites-enabled/

Keep in mind: Nginx employs a widely used method known as symbolic links, or symlinks, to manage the activation of server blocks. Crafting a symlink is akin to forming a disk shortcut. You can disable the server block by removing the symlink from the sites-enabled directory. However, you will still have the server block in the sites-available directory if you need it later.

To circumvent potential hash bucket memory issues that might occur when introducing extra server names, it’s essential to modify a singular value within the /etc/nginx/nginx.conf file. Proceed to open the file:

sudo nano /etc/nginx/nginx.conf

Find server_names_hash_bucket_size and remove # symbol to uncomment the line and save the file.

The content should look like this:

After you have saved the above file, we need to test Nginx configuration. Execute the below command:

sudo nginx -t

Output:

rahil@ubuntu:/etc/nginx/sites-enabled$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful\

If there are no errors in the output that means the configurations are applied currently. We will now restart Nginx service to apply new changes.

sudo systemctl restart nginx

Browse your website with the domain name you set it up:

Now that you have successfully completed Nginx setup. I highly recommend setting up a Let’s Encrypt certificate. Here is the link to the tutorial.

The post How To Install Nginx on Ubuntu 22.04 appeared first on TEKSpace Blog.

Using sudo, regular users can execute commands that require administrative privileges by temporarily switching to the root user or another user with appropriate permissions. This enhances security by limiting the exposure of the root account and providing a granular way to grant specific administrative access to individual users.

To use sudo, you typically prepend it to the command you want to execute with elevated privileges. For example:

sudo apt update

In this command, sudo is used to run the apt update command with administrative rights, allowing the system to update its package information.

To be able to use sudo, a user must be granted the necessary permissions through configuration files like /etc/sudoers. Usually, the first user created during the Ubuntu installation is granted sudo privileges by default, and additional users can be added to the sudo group or granted sudo access individually by the system administrator.

ssh root@192.168.1.234

Once you are logged in to your remote Ubuntu server, follow the below guide:

In Ubuntu Linux, the adduser command is used to add new user accounts to the system. It is a user management utility that simplifies the process of creating user accounts, setting their attributes, and configuring their initial settings. The adduser command is often used with administrative privileges, typically via the sudo command, since creating user accounts requires administrative access.

adduser rahil

Output:

root@ubuntu:~# adduser rahil
Adding user `rahil' ...
Adding new group `rahil' (1000) ...
Adding new user `rahil' (1000) with group `rahil' ...
Creating home directory `/home/rahil' ...
Copying files from `/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Changing the user information for rahil
Enter the new value, or press ENTER for the default
        Full Name []: Rahil
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [Y/n] Y

usermod -aG sudo rahil

The usermod -aG sudo rahil command is used to modify the user attributes in Linux. In this specific case, it adds the user named “rahil” to the “sudo” group, granting them administrative privileges. The -aG flag indicates adding the user to the specified group, while the “sudo” group provides permission to execute commands with elevated privileges using the sudo command. This enables the user “rahil” to perform administrative tasks on the system while maintaining a higher level of security by allowing limited access to privileged operations.

su - rahil

The su - rahil command is used in Linux to switch the current user’s session to the user account named “rahil.” The hyphen (-) after su indicates that a complete login environment for “rahil” should be loaded, simulating a full user login. This can be helpful when you need to access the user’s environment, including their shell preferences and environment variables. Once executed, the command prompts for “rahil”‘s password and, upon successful authentication, grants access to their user environment and permissions, allowing you to work within their context for various tasks.

sudo ls -la /root/

Output:

rahil@ubuntu:~$ sudo ls -la /root/
total 32
drwx------  5 root root 4096 Aug 30 19:42 .
drwxr-xr-x 19 root root 4096 Aug 30 19:38 ..
-rw-r--r--  1 root root 3106 Oct 15  2021 .bashrc
drwx------  2 root root 4096 Aug 30 19:42 .cache
-rw-r--r--  1 root root    0 Aug 30 19:38 .cloud-locale-test.skip
-rw-r--r--  1 root root  161 Jul  9  2019 .profile
drwx------  2 root root 4096 Aug 30 19:38 .ssh
-rw-r--r--  1 root root  185 Aug 30 19:39 .wget-hsts
drwx------  3 root root 4096 Aug 30 19:38 snap

Keep in mind that using sudo requires responsibility, as it provides powerful control over the system. Misusing sudo commands can lead to unintended consequences or security vulnerabilities. It’s recommended to use sudo only when necessary and to exercise caution when executing commands with administrative privileges.

The post How To Create A New Sudo User on Ubuntu 22.04 appeared first on TEKSpace Blog.

In the realm of Linux administration and engineering, proficiency in essential Linux commands transcends being an added benefit – it’s an imperative. These fundamental tools create the framework for streamlined system management, effective troubleshooting, and optimal performance. By engaging with the Linux command line, you equip yourself with a robust ability to interact deeply with your systems. For Linux administrators and engineers, mastering these crucial commands isn’t merely a suggestion – it’s a pathway to achieving competence and empowerment within the intricate world of Linux. So, seize the opportunity, dive into exploration, and unveil the boundless potential that the Linux command line has in store.

The post Essential Linux Commands Cheat Sheet: Your Ultimate Reference appeared first on TEKSpace Blog.