Ubuntu 16.04 LAMP Install

Ubuntu_16.04_LAMP_Install.txt

# CREATE USERS
sudo su <enter root password>
adduser devops
usermod -aG sudo devops

# SSH KEYGEN (LOCAL)
ssh-keygen <follow prompts and save>
cat ~/.ssh/yourkey_rsa.pub <copy contents>

# SSH KEYGEN (SERVER)
su - devops
mkdir ~/.ssh
chmod 700 ~/.ssh
nano ~/.ssh/authorized_keys <paste key data>
chmod 600 ~/.ssh/authorized_keys

# DISABLE PASSWORD AUTH
sudo nano /etc/ssh/sshd_config
- PasswordAuthentication no
- PubkeyAuthentication yes
- ChallengeResponseAuthentication no
sudo systemctl reload sshd

# INSTALL FIREWALL
sudo ufw app list
sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status

# INSTALL APACHE
sudo apt update
sudo apt install apache2

# SET SERVER NAME
sudo nano /etc/apache2/apache2.conf
ServerName <server_domain_or_IP>

# TEST CONFIG
sudo apache2ctl configtest
sudo systemctl restart apache2

# ADJUST FIREWALL
sudo ufw allow in "Apache Full"

# INSTALL MYSQL
sudo apt install mysql-server
sudo mysql_secure_installation

# INSTALL PHP
sudo apt install php libapache2-mod-php php-mcrypt php-mysql

# ADJUST APACHE LOAD ORDER
sudo nano /etc/apache2/mods-enabled/dir.conf
<FROM: DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm>
<TO: DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm>

# REBOOT AND TEST
sudo systemctl restart apache2
sudo systemctl status apache2

# FIND MORE PHP MODULES
sudo apt-cache search php7
sudo apt install php-whatevs1 php-whatevs2

# SET WEBROOT PERMISSIONS
chown -R www-data:www-data /var/www/html

# ADD USER TO WWW-DATA
usermod -a -G www-data devops

# SET DEFAULT ACL RULES
getfacl /var/www/html
setfacl -Rd -m u:devops:rwx /var/www/html
setfacl -Rd -m g:www-data:rwx /var/www/html

# SET ACL RULES
setfacl -R -m u:devops:rwx /var/www/html
setfacl -R -m g:www-data:rwx /var/www/html

# SET CONTENT DEFAULT
chmod -R g+s /var/www/html

# CHANGE CONTENT PERMISSIONS
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;