Build a Pi web server
Sean Conway demonstrates how to install the three software foundations: web server, database and language for a CMS web server.
Sean Conway guides you through setting up the Nginx server then configuring your own CMS of choice for a custom web server.
This tutorial will configure a Raspberry Pi as a web server to set up a content management system (CMS) using the popular WordPress platform. Before starting the configuration, we’ll cover what makes a CMS and follow up with how to install and configure a WordPress server and have it running and accessible from a browser. For this tutorial, you’ll need a Raspberry Pi for booting into Raspbian. You’ll also need some experience using the terminal and be comfortable using a text editor to work with files.
Drupal, WordPress and Joomla are just three examples of free open source CMS software platforms available. Drupal came to life as an open source project in 2001 while WordPress first appeared in 2003. Joomla was a software fork of Mambo in 2005. Each has something that makes their CMS successful but we’re going to use WordPress.
CMSPi
A Raspberry Pi with Ethernet network capability provides a simple yet ideal platform to experiment with a CMS. To run our WordPress CMS web server, we used a Model B Revision 2.0 running Raspbian (Wheezy) which you can download from www.raspbian.org and load onto a 4GB SDHC memory card. Other Pi models and Linux distros will work, but before we start, we need to run through the boxout. (See The usual updates, to pright.)
Now let’s begin by adding the three software components that establish a LAMP (Linux Apache MySQL PhP) server. sudo apt-get install -y nginx mysql-server php5-fpm php5-cli php5-gd php5-mysql
This line of code installs the web server ( nginx ), relation database ( mysql-server ) and programming language PHP ( php5-fpm php5-cli php5-gd php5-mysql ) of the LAMP server. For this tutorial, we’ve replaced the ‘A’ for Apache in LAMP with Nginx, which is a simpler web server to configure. Also note, the PHP installation contains packages to support CGI scripts, command-line interface, graphics and communicate with our relational database.
During the installation of the MySQL relational database, the installation process will stop and display a screen that asks for a password. This password is for the database superuser account (i.e. root under MySQL). This account has god-like privileges on the database, so apply some forethought in creating a secure password for this database access account.
When the software installation process completes, the command prompt will return. Initiate a reboot (i.e. sudo shutdown -r now ) to ensure the Pi comes back up after the software installations. Log in again and open a terminal window to proceed with configuring the software.
During configuration of the software, a number of different accounts will be used for specific tasks, which can get confusing for a novice because some accounts have the same names. One of the goals of this Pi tutorial is to assist the reader in understanding the different accounts that are used during configuration.
A user accesses (i.e. logs in) Raspbian with user account credentials. In the case of a Raspberry Pi the credentials are username: pi with a default password: raspberry. Software applications running on the OS also use credentials. For instance, the web server has an account username: www-data and the relational database MySQL has an account username: mysql.
When software is running and accessing system resources they are functioning under their OS user account name, which is similar to a user’s account used to log in to access files. Typically the accounts for the software components are prevented from logging into the system.
Relational database
Within the relation database software itself there are additional accounts. The accounts used within the database provide control to manage and access the database resources (i.e. databases and tables, etc). The relational database is built containing an account called root. This root account is for the MySQL software and is separate from the root account for the OS.
Starting off first in the LAMP configuration batting order is the database. From the command line open the MySQL relational database console using the software root user ( -u ) account: mysql -u root -p . The application will ask for the password ( -p ) that you have assigned during the software installation. From the MySQL command prompt (i.e. mysql>) issue the following command: show databases ; . Commands entered in the MySQL console must end with a semi-colon to
be recognised. The output from the command will show the databases that currently exists (see the grab bottom right). create database wpDB; create user wpdbprime@localhost identified by "WordPressDB"; grant all privileges on wpDB.* to wpdbprime@localhost; flush privileges;
The database names displayed are the databases the application itself uses to store information. Next, we use the database root user account, to create a new database for the exclusive use of the CMS. Finally, we’ll also create a user account that has the permission necessary to manage the new database.
Let’s do a quick recap. First, a command was issued inside the database console to create a database with the name
wpDB . Next, we have a command to create a database user to access the database from the localhost with the user name
wpdbprime and password WordPressDB . The next command assigns all privileges required to manage the database named wpDB to the database user wpdbprime . Finally, The last command we use enables the permissions to take effect.
To confirm that the tasks were completed, we issue the following commands and examine the outputs: show databases; The output should show that the name of the new database has been created. use mysql; We can also examine the database that holds the data for the databases with. select user,host, password from user; And see that yes, both the user account and the password are encrypted exit;
We’re partial to an OS reboot and a LXF Cup of TeaTM at this time. However, it could be argued, that it’s not required [NO TEA?!–Ed] because the changes were all contained within a resident application and not to the OS therefore a reboot is not necessary—but we like a cup of tea.
Now that the database setup is complete let’s tackle the web server. The directory /etc/nginx is the location for the configuration files used by Nginx. Using your favourite text editor, create a file in the directory specified and add the contents shown. We’re old school and haven’t stopped to learn some of the improved text editors, so we bang out text files using legacy vi using the filename: wordpress and the directory: /etc/nginx/sites-available/.
server { server_name webpi;
listen 80;
root /home/pi/www/wordpress;
index index.php index.html;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ .php$ {
try_files $uri /index.php;
include fastcgi_params; fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_ root$fastcgi_script_name;
fastcgi_index index.php; }
}
Web server
Let’s examine the lines of code ( above). The first set of parenthesis defines the web server’s name and what port it should be listening on (i.e. port 80). The next section defines where the root of the web server file system starts and what file or files you should find there by default if nothing else is specified. The last set of parenthesis are configuration options to tailor the use of PHP scripts.
Whatever name you chose to put in the server_name file edit the /etc/hosts file and add the IP address and hostname (i.e. server_name) details at the top of the file.
In this tutorial, it was 192.168.2.104 webpi. The file will already contain a reference to the hostname that points to
127.0.1.1 (i.e. 127.0.1.1 webpi). Remove the entry and save. The next series of commands will remove the web server default configuration file and enable the new web server configuration. A restart of the web server ends the series: sudo rm /etc/nginx/sites-enabled/default sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/ sites-enabled/wordpress sudo service nginx restart
With the web server restarted, let’s use a few commands to see under the hood. The web server will have a process associated with it and there will be a port open (i.e. LISTEN) for the web service to use. sudo ps -ef|grep nginx sudo lsof -i:80 sudo netstat -an|more
The terminal window screenshot ( see,right) shows the output from the three CLI commands that show there is a web server running. The first command displays the web server master process started by the operating system root and then the worker process owned by www-data. You recall this is the OS account used by the web server.
In the output of the next command notice the worker processes are listening on a TCP port for HTTP, the web service protocol. If you’re not sure what services are associated with what ports, use a text editor to examine the /etc/services. Never again, will you need to remember port numbers!
In the last command output, you can see the web service port 80 is listening. If you aren’t convinced, issue the command to stop the Nginx service (i.e. replace restart in the service command with stop ) and run the same series of commands again and examine the output.
From the last command output take note there’s a port 3306 in LISTEN. Venture to guess what software installed so far would be listening for a connection? The /etc/service file is one place to look. If your response was MySQL you would be right. You may recall it was configured just before we did the web server.
A final test for the web server is to use your browser to connect to the web server using the IP address assigned to the server. The browser should display an error page generated by the web server. The web server throws up an error because it cannot find the directory specified in its configuration file.
That is two software components: relational database and web server installed for a CMS. Next, we’ll supply the WordPress content that the web server is looking for.
You may recall the first part of setting up a LAMP server was installing the PHP applications. But what about WordPress? In the web server configuration, a root directory and file were specified. Let’s create that directory and camp out in it, to load and configure WordPress: sudo mkdir /home/pi/www && cd /home/pi/www/
The WordPress website holds a repo (repository) of the most current build of the file package. Download the file (i.e. latest.zip) and unzip it to deposit the contents in the web server’s home directory: sudo wget https://wordpress.org/latest.zip sudo unzip latest.zip
PHP/WordPress
To fine tune the configuration, it’s necessary to establish ownership and permission to the WordPress directories. The WordPress ZIP package was downloaded and installed using the pi user account using sudo for root access. For that reason, all the directories and files belong to the owner root and the group root.
The web server needs access to the directories and files of the WordPress installation. The web server has it own group www.data and owner www-data. Looking back at the command that displayed the worker process for the web server, notice that OS root starts the Nginx service but it then spawns ownership of the process to the web server owner, www-data—this is all part of an elaborate plot to ensure a secure system. sudo chown -R pi.www-data /home/pi/www/wordpress/ sudo find /home/pi/www/wordpress/ -type d -exec chmod 755 {} \; sudo find /home/pi/www/wordpress/ -type f -exec chmod 644 {} \; sudo chmod -R 775 /home/pi/www/wordpress/wp-content
When the website setup is complete, it’s necessary to reset the wp-content directory to ensure everything is locked down and not open for others to change. To do so enter the following command and follow the walkthrough ( right): sudo chmod -R 755 /home/pi/www/wordpress/wp-content
There you have it: a pocket size, portable WordPress server. Remember if you decide to take your development system to a different network, there’s a good chance DHCP will supply a IP address that wasn’t used during configuration. A quick edit of the Pi /etc/hosts file is all that is required to have your web server up and accessible!