Computer System Administration

(ECC 4209)

Lecture 8
(Web servers)

[email protected]
1
 Contents
1. Building dynamic web servers using Apache
2. Managing backend application data with SQL
databases
3. Identifying and resolving application package
dependencies
4. Installing and configuring a MediaWiki CMS

2
 Introduction
• This lecture introduces how to set up a MediaWiki server
• Need blog to publish, or 30 years of technical and corporate
data spanning 100,000 pages?
– need some kind of content management system (CMS)
• CMS is an application designed as a framework for the
creation and administration of digital content
– popular CMS applications include WordPress and Joomla
• A wiki can be a particularly effective way to manage large
communities of contributors.
– CMS whose architecture is intentionally decentralized allowing users to
freely collaborate not only on the content itself, but on the larger
structure of the entire data collection
• A wiki engine is a platform on which wikis are built, usually
using some kind of simple and intuitive markup language
• MediaWiki is a popular example of an open source wiki 3
engine, but Atlassian Confluence is a mature commercial
 Introduction (continue)
• MediaWiki is a great way to illustrate the process of building a
web server (often known as a LAMP server) on Linux
• Considering that more than two of every three (2/3) web
servers on the internet today are running on Linux
• MediaWiki is the CMS originally created to power the tens of
millions of articles that make up Wikipedia and the other
Wikimedia Foundation projects
• Working through a MediaWiki deployment can teach about the
software packages that make up a Linux web server and how
they fit together
• As a Linux admin, there’s a good chance that you’ll be asked
to build web servers to support all kinds of applications

4
 Building a LAMP Server
• If your business has information, applications, or services, the
odds are that need to make them available for consumption by
web browsers
• A web server is software running on a computer that allows
locally hosted resources to be viewed and consumed by
remote visitors to a website
– the term web server is also often used to describe the computer
hosting the web server software
• Most Linux web servers are built on the four pillars of what’s
known as a LAMP server (Figure 7.1)
• The letters LAMP stand for
– Linux
– Apache web server administration software
– MySQL or MariaDB database engine
– PHP server-side scripting language (or, alternatively, Perl or Python).
5
 Building a LAMP Server
A LAMP Web Server Software Stack

File system
resources
(including the web
document root)

Internet Apache
Applications
(like MediaWiki)

PHP Database
(MariaDB)

Figure 7.1: The Apache web server software exposes HTTP-based resources to
external clients and coordinates internal services
 Building a LAMP Server
• The LAMP server is such a common Linux configuration that
Ubuntu, at least, has its own installation meta package
• The caret (^) at the end of this example identifies the target as
a special package bundled together to make installing
common software stacks simpler:
– #apt install lamp-server^
• That one command will, after asking to create a database
password, automatically drop a working web server
• Directing your web browser to the server’s IP address should
display a welcome page created when Apache was installed

7
 Building a LAMP Server
• But automation isn’t always the best solution
• Sometimes you’ll want to customize your software stack by
specifying particular release versions to ensure application
compatibility, or by substituting one package for another
(MariaDB over MySQL, for instance)
• Setting things up manually will be particularly helpful in this
case, as it’ll force you to better understand how each bit works
• Here’s a list of what needs doing to get you to your goal:
– (1) Install Apache
– (2) Add a web page or two to the web document root
– (3) Install an SQL engine (MariaDB in this case)
– (4) Install the PHP server-side scripting language
– (5) Install and configure MediaWiki
8
Manually setting up an Apache web
server
• Web server software has one primary job - to guide site
visitors to the right directories and files on the server host - so
appropriate website resources should be made available
• Entering a uniform resource locator (URL) address in your
browser address bar is a request for the web server
– to retrieve a web page, video, or other resource from the host file
system and load it in your browser
• Web server software integrate closely with other systems on
the host server like networking, security, and file system tools
so that access to local resources is well managed
• Apache is very popular, and despite the fact that Apache has
serious competitors including Nginx (also cross-platform) and
Microsoft’s IIS (which runs exclusively on Windows servers)
9
 Installing the Apache web server
on Ubuntu
• On Debian/Ubuntu install Apache
– #apt install apache2
• Once Apache is installed, open a browser and visiting your live
website right away as shown in Figure 7.2

10
Figure 7.2 The Apache default page displayed in browsers directed to your server’s
URL or IP address includes some important basic configuration and navigation
Populating your website document
root
• Now got yourself a working website and need to add some
customized contents but to know where the content goes
• The content’s location is controlled by the DocumentRoot
setting in an Apache configuration file.
– inside file called 000-default.conf in the
/etc/apache2/sites-available/ directory
• Searching the configuration file for DocumentRoot will
probably show you a value like this:
– DocumentRoot "/var/www/html"

11
Populating your website document
root (continue)
• This means that Apache will direct all incoming browser
requests to files in the /var/www/html/ directory
– Can change this value to point to any locations on your file system
– In fact if you plan to host multiple websites on your server, you’re able
to point to multiple file system locations
• Create a text file called index.html in your document root
– this file will overwrite Apache’s welcome page using the same name
• Can type some welcome text of your own in the file along
with a link to a second HTML file and a graphic image
• Make sure to create that second file along with an image.
• The index.html file might look like this:
<h2>Welcome!</h2>
Take a look at our <a href="info.html">company history</a>.
<br>
12
And how about a look at our new company logo: <img src="logo.png">
 Installing an SQL database
• Take a quick look at the US government’s Bureau of Labor
Statistics (BLS) (Figure 7.3)
– Occupational Outlook Handbook page for Network and Computer
Systems Administrators (http://mng.bz/kHN3)
• Given all the content displayed on each of the page’s nine
tabs, there’s quite a lot of text
– very little of it was manually added to this page by a human being
• Database on the BLS server contains terabytes of raw data,
within which can be found structured information related to
each of the many thousands of included occupations
• That data is probably then organized by information
categories (Summary, Work Environment, etc)
• When requested this page from the BLS menu (or through an
internet search engine), the BLS web server requested the
relevant raw data from the database and dynamically 13
organized it on the page
 Installing an SQL database
(continue)

Figure 7.3 A page from the Bureau of Labor Statistics.

The What Network and Computer Systems Administrators Do header
was probably expanded from something like this: What $selected_occupation
14 Do
 Installing an SQL Database
(continue)
• There are many more ways that a website can make use of
dynamic access to database engine installed in the backend
• The kind of database engine mostly used for a BLS-like
project (or for MediaWiki site) is called a relational database
– tool for organizing data into tables made up of columns and rows
• Data contained within an individual row is known as a record
• A record is identified by an ID value known as a key, which
can be used to reference records between tables
• The Structured Query Language (SQL) is a standardized
syntax for managing data on relational databases

15
 Installing an SQL Database
(continue)
• A database engine is software for managing relational
database data and exposing it to administrators and
automated processes using SQL syntax
• Because our long-term goal is a full LAMP server, it would
make sense to install this on the same
computer/VM/container where Apache web server installed:
– #apt update
– #apt install mariadb-server

16
 Installing an SQL Database
(continue)
• In addition to MariaDB and MySQL, there are other
important SQL database engines including Oracle,
PostgreSQL, and Amazon’s Aurora (AWS)
• Check the status of the database (DB) just installed?
– confirm the DB is running using systemctl:

17
 Hardening SQL
• Once MariaDB’s installed, it’s always a good idea to harden
your database security, so you’ll want to run the too
– #mysql_secure_installation
• Running this tool presents the interactive dialogs (see below)
• The values recommended by mysql_secure_installation
are aimed at preventing anonymous and remote users from
accessing your data

18
 SQL Administration
• Most of the times no need to run any of these commands
directly because most databases are accessed from within
application code, rather than from the command line
• Considering how inconvenient it would be to manually manage
the thousands or even millions of data records commonly
included in SQL databases, this makes a lot of sense
• But sometimes need to ceate own database manually
– need some test data to work with while you’re putting a new application t
• By default, you’ll access and administer the databases in your
MariaDB or MySQL installations using the root user
– That’s a bad idea!
• For security reasons, individual databases should be owned
and managed by regular database users who have been given
only the authority they need to do their specific jobs 19
 Accessing The Database
• Whether you’ve installed MariaDB or MySQL, you log in to your
shell using mysql, followed by -u root.
– This tells the database that you want to authenticate as the root user
• The -p means you’ll be prompted for your MariaDB password:

20
 Accessing The Database
• MariaDB might not let you log in unless you run the mysql
command as sudo
• If this happens, log in using sudo and provide the MariaDB
password you created
• Then run these three commands at the MySQL prompts
(substituting your password for your-password):

• The next time log in, no longer require sudo and, more
importantly, MediaWiki should be able to do its job properly
• Here’s how to create a new database:

21
 Accessing The Database
• Suppose your company needs to store customer contact
information.
• Create a new table for contacts within the database:

• Enter the new information:

22
 Accessing The Database
• Display all the data inside new Contacts table, type select *:

• Note the ID value in your table, which can be used as the key
value for your records
• When done, close the MariaDB/MySQL shell by typing exit
• Please note that most of the times accessing the database
manually is not necessary

23
Creating A Mediawiki Database User
• MariaDB comes with an active root user out of the box but
because that user has full admin rights over all the tables in
the system, it’s a bad idea to always use root
• Create unique users for each database consumer and giving
them only the access rights they need
• Create a new database called wikidb for MediaWiki to use
later and create a new user mw-admin
• The FLUSH PRIVILEGES command enables the new
settings and grants the mw-admin user full control over the
wikidb database:

24
 Installing PHP
• The final LAMP ingredient is the PHP scripting language
• PHP is a tool that can be used to write your own web
applications
– Prebuilt PHP applications are often used by third-party applications
like MediaWiki to access and process system resources
• Despite what the examples you’ve seen so far might suggest,
Ubuntu installations aren’t always simpler than CentOS
• Because you’ll want it to play nicely with Apache, need an
extension:
– #apt install php
– #apt install libapache2-mod-php
• You should get into the habit of restarting Apache whenever
making changes to a web server’s system configuration.
– #systemctl restart apache2
25
 Testing your PHP installation
• To make sure your PHP installation is live (and to learn
about PHP’s local environment and resource integration),
create a new file using the .php filename extension in the
Apache web document root directory
• Create the file with the lines of text as shown here:
– # nano /var/www/html/testmyphp.php
<?php
phpinfo();
?>
• Using browser, enter the IP address of the machine that’s
running PHP (or localhost, if it’s the desktop you’re working
on) and the name of the file you created:
– 10.0.3.184/testmyphp.php
• You’ll be treated to a long web page (Figure 7.4), broken
down into many sections, that describes your computer 26
and the ways PHP talks to it
 PHP Host system information
version

PHP
configuration
information

Figure 7.4: A small sample from the configuration and environment

data displayed by phpinfo
Installing and configuring MediaWiki
• Got documents and media to share
– Download and unpack the MediaWiki archive package
– Identify and install necessary software extensions
– Connect MediaWiki to your MariaDB database
– Run and test the installation
• Download MediaWiki to get the latest package
– www.mediawiki.org/wiki/Download
• Alternatively using command line:
– $wget
https://releases.wikimedia.org/mediawiki/1.37/mediawi
ki-1.37.1.zip
– $tar zxvf mediawiki-1.30.0.tar.gz
– $ls
mediawiki-1.30.0 mediawiki-1.30.0.tar.gz
– #cp -r mediawiki-1.30.0/* /var/www/html/
28
Troubleshooting missing extensions
• If it turns out that there’s something missing from your
configuration, rather than failing silently, you’ll get an error
page containing helpful information
• In this case, as illustrated by Figure 7.5, I seem to be
missing a couple of PHP extensions: mbstring and xml

Figure 7.5:A helpful error page telling me that my system is missing two
29
extensions and providing links to appropriate PHP documentation pages
Troubleshooting missing extensions

• Similar search for both xml and php tell about a package called
php7.0-xml that likely to satisfy MediaWiki’s XML requirements
– #apt search xml | grep php
• Install both packages and then use systemctl to restart Apache:
– # apt install php7.0-mbstring php7.0-xml
– # systemctl restart apache2

30
 Mediawiki Environmental Checks
• When the page loads, there’s a warning about a missing
LocalSettings.php file and a link to set up the wiki
• When click the link, get to select a language preference and
then, the MediaWiki Environmental Checks page and
more trouble!
• The biggest issue is the absence of a database driver that
would be the software used to negotiate between PHP and
database MariaDB and not having that installed is critical
• Although the suggested package shown in figure 7.6 is
php5-mysql, apt search tells us that we’re more likely to see
success with the php-mysql package

31
Mediawiki Environmental Checks

Figure 7.6 The bright x indicates a show-stopping hole in our

configuration;
other notes present less severe warnings
32
 Mediawiki Environmental Checks
• Also throw in the suggested PHP extensions for APCu (part of
a framework for caching and optimizing PHP intermediate
code) and ImageMagick (an imageprocessing tool)
• Another restart for Apache and another refresh of the browser
window, and you should be all set:
– #apt install php-mysql php-apcu php-imagick
– #systemctl restart apache2
• Click the Continue button at the bottom of the page
• Using browser, enter IP address of the machine that’s running
PHP (or localhost) and the name of the file you created:
– 10.0.3.184/testmyphp.php
• There’s long web page (Figure 7.4), broken down into many
sections, that describes your computer and the ways PHP
talks to it
33
 Connecting MediaWiki to the
database
• The information you provide through the Connect to Database
page tells MediaWiki:
– What kind of database you’ve got installed on your system (MySQL or
compatible, in this case)
– Where the database lives (it can be remote or even cloud-based, but this
is on the local server, so localhost is the correct value)
– The name you’d like to give the database that MediaWiki will use
(wikidb)
– The name of the existing database user account (mw-admin)
– The password of the current database account (this allows MediaWiki to
access MariaDB and create and administrate its database: Figure 7.7
• If MediaWiki cannot connect to your database, confirm using
the right password, but also make sure can log in to a MariaDB
shell from the command line
34
Connecting MediaWiki to the
database

Figure 7.7 Part of the MySQL settings page where you tell MediaWiki
how to 35
connect to the database
 Connecting MediaWiki to the
database
• If all goes well, a series of screens from which need to enter
configuration details like database settings, a name for your
wiki (something like Company Documentation for this
example) and a username, password, and contact email
address for a wiki administrator account
– This account is not connected to the accounts you already have on the
Linux host or MariaDB
• Some optional setup questions let you set preferences for user
rights, copyrights for the wiki content, a mail server to send
notification emails, and add-on software extensions for things
like an in-browser WikiEditor or anti-spam software
– With the possible exception of the return email address, the defaults
should work
36
 MediaWiki Final Setup
• When you’re done, MediaWiki starts its installation process and
when that’s complete, it prompts you to download a file called
LocalSettings.php and then save it to the Media-Wiki root
directory (/var/www/html/ in this example)
• Copy the saved file you’ve to your user’s home directory:
– $scp LocalSettings.php [email protected]:/home/ubuntu/
• Then move it to the document root:
– #cp /home/ubuntu/LocalSettings.php /var/www/html/
• With everything in place, head back to the browser page at the
same address being used earlier (e.g. 10.0.3.184/index.php).
– The main page of brand-new wiki is ready (Figure 7.8)
• Spend some time with the MediaWiki User’s Guide
(www.mediawiki.org/wiki/Help:Contents).
– learn how to work with files and write using the simple markup language
37
 MediaWiki Main Page

Figure 7.8: Add and edit the page’s contents and links by clicking the Edit tab at
the top
38
 Understanding network ports
• Network port is a way to identify a particular server resource to
network users
• Imagine that your server is hosting two separate applications
and isitors can reach your server using either its public IP
address or a corresponding DNS domain name (like
172.217.1.174 for google.com)
– But how will a browser know which of the two applications you want to
load?
– Applications can be told to listen for traffic coming to the server when a
predetermined port is specified
– Thus, one application could use port 50501 and another, port 50502.
– From Figure 7.9, the first application would, therefore, respond to
incoming requests using 192.168.2.10:50501 (assuming that
192.168.2.10 is your server’s IP address), and the second application
would expect traffic using 192.168.2.10:50502 39
 Port designations for multiple web-facing applications on a single server

Port
443
Application 1

Internet Apache
Port
80 Application 2

Port
30303 Application 3

Figure 7.9 Applications configured to listen on separate network ports

(80 = insecure HTTP; 443 = secure HTTPS; 30303 = a custom application)
 Controlling network traffic
• How do you control access to your network? One way is
through firewall rules
• On RedHat, that’s handled through the firewalld service
and its firewall-cmd tool
• Add the http service and, through the --permanent flag,
ensure that the rule will be active each time you restart the
service or boot the computer
• To apply the changes, restart the service:
– #firewall-cmd --add-service=http –permanent
success
– #systemctl restart firewalld

41
 Key Terms
• A wiki is a tool for creating and managing distributed,
collaborative projects
• A content management system (CMS) is an application
designed to make creating,sharing, and editing digital content
easy
• A web server is software designed to safely and reliably expose
server resources to remote clients
• DocumentRoot is the Apache setting determining where on the
file system the web server will look for website files
• Structured Query Language (SQL) is a syntax for managing
data in relational
• Package dependencies are programs or extensions required for
the proper function of installed applications
42
 Command-line Review
• apt install lamp-server^ (a single Ubuntu command) installs all the
elements of a LAMP server
• systemctl enable httpd launches Apache on a CentOS machine at
every system boot
• firewall-cmd --add-service=http --permanent permits HTTP
browser traffic into a RedHat system
• mysql_secure_installation resets your root password and tightens
database security
• mysql -u root -p logs in to MySQL (or MariaDB) as the root user
• CREATE DATABASE newdbname; creates a new database in MySQL (or
MariaDB)
• yum search php- | grep mysql searches for available packages
related to PHP on a RedHat machine.
• apt search mbstring searches for available packages related to
multibyte string encoding
43
 References
• Linux in Action, David Clinton:
– https://www.manning.com/books/linux-in-action
• Linux Philosophy for SysAdmins, David Both:
– https://link.springer.com/book/10.1007/978-1-4842-3730-4
• Linux Cookbook: Essential Skills for Linux Users and System &
Network Administrators (2nd Edition)
– https://www.oreilly.com/library/view/linux-cookbook-2nd/9781492087151/
• AWS Cookbook by John Culkin and Mike Zazon
– https://www.oreilly.com/library/view/aws-cookbook/9781492092599/
• Linux Service Management Made Easy with systemd, Donald A.
Tevault
– https://www.packtpub.com/product/linux-service-management-made-easy
-with-systemd/9781801811644

44