# Root install (OpenLiteSpeed)

This guide is for Ubuntu 20.04 (LTS) x64 and it will show you how to set up Chevereto with OpenLiteSpeed web server on Ubuntu.

Replace example.com with your own domain Point the A record of host.example.com on your server ip

# Prepare the system

Before begin, make sure that the base system is updated.

sudo apt update && sudo apt upgrade

# Set up hostname

Changing the hostname on Ubuntu 20.04 is a rather simple process involving just few steps. It is recommended to use a fully-qualified domain name (FQDN ) such as host.example.com for both static and transient names. First, check your current hostname, to do so use either hostnamectl or hostname command:

hostnamectl

Changing the system hostname is a simple process, the syntax is as follows:

sudo hostnamectl set-hostname host.example.com

Note: You shouldn’t use the same hostname on two different machines on the same network.

On most systems, the hostname is mapped to 127.0.0.1 in /etc/hosts, open the file and change the old hostname to the new one.

/etc/hosts
127.0.0.1   localhost
127.0.0.1   host.example.com

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

If you are running Ubuntu on a cloud instance and the cloud-init package is installed, you also need to edit the /etc/cloud/cloud.cfg file. This package is usually installed by default in the images provided by the cloud providers, and it is used to handle the initialization of the cloud instances. If the file exists on your system open it:

sudo nano /etc/cloud/cloud.cfg

Search for preserve_hostname, and change the value from false to true:

# This will cause the set+update hostname module to not operate (if true)
preserve_hostname: true

Save the file and close your editor, and let us verify the change:

hostnamectl

Your new hostname will be printed on the terminal:

   Static hostname: host.example.com
   Pretty hostname: Chevereto's Webserver
         Icon name: computer-vm
           Chassis: vm
        Machine ID: l04e355243f3da4602326b7c41e87a07
           Boot ID: ba315474704409fb9872ef2bd32c52c1
    Virtualization: kvm
  Operating System: Ubuntu 20.04 LTS
            Kernel: Linux 5.4.0-26-generic
      Architecture: x86-64

Note: The rebooting of the system is an optional step and not required.

sudo reboot

# Install OpenLiteSpeed

Unfortunately, OpenLiteSpeed is not in the official Ubuntu 20.04 repositories, so you will need to add OpenLiteSpeed official repository to your system:

wget -O - http://rpms.litespeedtech.com/debian/enable_lst_debian_repo.sh | sudo bash

Once the repository is added, now install the application by refreshing the APT cache and running the following command:

sudo apt update
sudo apt install openlitespeed

# Install PHP 7.4

Also, install the package that installs PHP 7.4 support for OpenLiteSpeed, you can install the PHP 7.4 by running this command:

sudo apt install lsphp74 lsphp74-common lsphp74-mysql lsphp74-dev lsphp74-curl lsphp74-dbg lsphp74-imagick -y

Now, enable PHP 7.4 support for OpenLiteSpeed, you will need to create a symbolic link of the installed package:

sudo ln -sf /usr/local/lsws/lsphp74/bin/lsphp /usr/local/lsws/fcgi-bin/lsphp5

# Install MySQL Database (MariaDB 10.5)

As first we have to import MariaDB gpk key:

sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'

Now you have to add MariaDB APT repository:

sudo add-apt-repository 'deb [arch=amd64] http://mariadb.mirror.globo.tech/repo/10.5/ubuntu focal main'
sudo apt update
sudo apt install mariadb-client mariadb-server

Once the installation is complete, start the MariaDB service and add it to the boot time:

systemctl start mariadb
systemctl enable mariadb

As first we have to secure our MySQL installation, and we will use the 'mysql_secure_installation' command-line tool for it:

mysql_secure_installation

Set up your root password, and type "Y" for the rest of the configuration:

Set a root password? [Y/n] Y
Remove anonymous users? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Enter to the MySQL console:

sudo mysql -u root

Once in the MySQL console, you will see a mysql> prompt. Run the following statements:

CREATE DATABASE chevereto;
CREATE USER 'chevereto' IDENTIFIED BY 'enter_a_password_here';
GRANT ALL ON chevereto.* TO 'chevereto' IDENTIFIED BY 'enter_a_password_here';
quit

Note: You must take note of the database name, user and password (where it reads enter_a_password_here) as these details will be required later on.

# Setup the website

Now, we can start running OpenLiteSpeed, and manage the webserver in a very fast and comfortable way, the graphical interface works through port 7080 and requires a username and password, therefore we need to set up the user and password authentication for the OpenLiteSpeed dashboard. Go to the /usr/local/lsws/admin/misc/ directory and now run the bash script admpass.sh as below.

cd /usr/local/lsws/admin/misc/
sh admpass.sh

Type your username and password, and you've completed the configuration of OpenLiteSpeed authentication. After that, you can visit the OpenLiteSpeed web interface. Open your favorite web browser and go to http://server-ip:7080 On the OpenLiteSpeed dashboard, click the Server Configuration menu on the left and click the External App tab. To add the new PHP 7.4 configuration, click the add + button on the right. For the type, choose the LiteSpeed SAPI App and click the Next button. Now type details configuration as below:

Name: lsphp74
Address: uds://tmp/lshttpd/lsphp.sock
Notes: lsphp74 for OpenLiteSpeed
Max Connections: 35
Initial Request Timeout (secs): 60
Retry Timeout (secs): 0
Command: $SERVER_ROOT/lsphp74/bin/lsphp

And click the 'Save' button, and the PHP 7.4 configuration has been added. Next, we will change the default PHP for OpenLiteSpeed to the PHP 7.4 version, in the Server Configuration menu, click the Script Handler tab. Now click the 'Edit' button on the action section, on the Handler Name, choose the lsphp74 that we just added and click the 'Save' button.

And as a result, you've added and enabled the PHP 7.4 configuration for OpenLiteSpeed, now we have to setup OpenLiteSpeed on Port 80, by default, the OpenLiteSpeed is running on default port '8088'. To run the OpenLiteSpeed on default http port '80', we can use the administration dashboard to change the configuration, navigate to the OpenliteSpeed dashboard, click the Listener menu on the left.

On the Default listeners, click the view button, then on the Address Settings section, click the edit button on the right side, now type details configuration as below:

Listener Name: Default
IP Address: ANY
Port: 80

After that save it and click on the restart button in the dashboard, now we got OpenLiteSpeed runing on Port 80, open your web browser and type the server IP address on the address bar, and you should get the default index page of OpenLiteSpeed.

It's time to setup Virtual Host, as first we have to create directorys for our Website:

sudo mkdir /usr/local/lsws/example.com/{html,logs} -p

The html directory contains the public files and the logs directory contains the server logs.

Next, navigate to the OpenLiteSpeed dashboard and access the Virtual Hosts section from the left and click the Add button, now enter the values as shown:

Virtual Host Name: example.com
Virtual Host Root: $SERVER_ROOT/example.com/
Config File: $SERVER_ROOT/conf/vhosts/$VH_NAME/vhconf.conf
Follow Symbolic Link: Yes
Enable Scripts/ExtApps: Yes
Restrained: Yes
External App Set UID Mode: Server UID

Click the Save button and when you're done, you will get following error:

⚠ file /usr/local/lsws/conf/vhosts/example.com/vhconf.conf does not exist. CLICK TO CREATE

Because the configuration file does not exist for now, click on the link to create the configuration file under the CLICK TO CREATE. Click the Save button again to complete the virtual host creation, once the virtual host is created, go to Virtual Hosts -> Select Virtual Host (example.com) -> General and change the configuration as indicated.

Document Root: $VH_ROOT/html/
Domain Name: example.com
Enable Compression: Yes

Click the Save button when you're done, next we need to set up index files, click the Edit button under Index files under the General section, set the following options:

Use Server Index Files: No
Index files: index.php, index.html, index.htm
Auto Index: No

Click Save when you're done, next we have to choose Log files, go to the Log section and click Edit against Virtual Host Log and enter the following values:

Use Server’s Log: Yes
File Name: $VH_ROOT/logs/error.log
Log Level: ERROR
Rolling Size (bytes): 10M

Note: You can select the DEBUG log level if you were on a production/development server.

Click Save, then click the plus sign in the Access Log section to add a new entry, enter the following values:

Log Control: Own Log File
File Name: $VH_ROOT/logs/access.log
Piped Logger: Not Set
Log Format: Not Set
Log Headers: Not Set
Rolling Size (bytes): 10M
Keep Days: 30
Bytes log: Not Set
Compress Archive: Yes

Click Save when you're done, next, we need to configure Access Control under the Security section, set the following values:

Allowed List: *
Denied List: Not set

Click Save when you're done, next we need to define the definition of the Script Handler, set the following values:

Suffixes: php
Handler Type: LiteSpeed SAPI
Handler Name: [Server Level]: lsphp74

Next we need to set the Rewrite Control in the Rewrite section, set the following values: Enable Rewrite: Yes Autoload from .htaccess Log level: Not Set Now we need to edit Rewrite Rules in the Rewrrite section, place there Chevereto's .htaccess and save it.

Next we have to set Listeners, for this go to the Listeners section and click the View on Default Listeners button, then click the Add button under Virtual Host Mappings to add a new mapping and set the following values:

Virtual Host: example.com
Domains: example.com

Click Save when you're done, now click the Graceful restart button to apply all of the above changes and to restart the server.

# Setup SSL

Setting up SSL in OpenLiteSpeed requires setting up two certificates, a self-signed certificate for the entire server and a Let's Encrypt location-specific server certificate, let's create the self-signed certificate first:

openssl req -x509 -days 365 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes

In order to be able to use Let's Encrypt, we have to install the Certbot tool:

sudo apt install certbot

Obtain the SSL certificate for Website:

sudo certbot certonly --webroot -w /usr/local/lsws/example.com/html/ -d example.com

Note: Follow the interactive prompt.

Now navigate to the OpenliteSpeed dashboard and go to Listeners >> Add New Listener and add the following values:

Listener Name: SSL
IP Address: ANY
Port: 443
Secure: Yes

Click Save when you're done, then go to the Virtual Host Mappings section under the SSL listener by clicking SSL, click the Add button and enter the following values:

Virtual Host: example.com
Domains: example.com

Click Save when you're done, go to Listeners >> SSL Listener >> SSL Tab >> SSL Private Key & Certificate (Edit button) and enter the following values for the self-signed certificate we created earlier:

Private Key File: /srv/self-signed/key.pem
Certificate File: /srv/self-signed/cert.pem
Chained Certificate: Yes

Move the self-signed certificate to another directory from root:

sudo mkdir /srv/self-signed
mv key.pem cert.pem /srv/self-signed

Next, go to Virtual Hosts >> example.com >> SSL tab >> Private SSL key & certificate (Edit button) and fill in the following values with the Let's Encrypt certificate:

Private Key File: /etc/letsencrypt/live/example.com/privkey.pem
Certificate File: /etc/letsencrypt/live/example.com/fullchain.pem
Chained Certificate: Yes

Click Save when you're done, restart the server by clicking the Graceful restart button, and now you should have successfully installed LetsEncrypt Certificate on your Website.

Before we can go through the web-based setup process for Chevereto, we need to adjust some entries in our Chevereto directory, start by giving ownership of all files in the directory to the user nobody and the group nogroup, which the OpenLiteSpeed web server runs by default. The following chown command grants OpenLiteSpeed the ability to read and write files in the Chevereto directory so that it can serve the website and do updates automatically:

chown -R nobody:nogroup /usr/local/lsws/example.com/

To change php.ini file and to increase the upload limit, you have to change following values in /usr/local/lsws/lsphp74/etc/php/7.4/litespeed/php.ini:

upload_max_filesize = 20M
post_max_size = 20M
max_execution_time = 30
memory_limit = 512M