Create LEMP Stack
LEMP Stack consists of:
Linux
Nginx
MySQL
PHP
Templates
Similar to installing a LAMP stack, you create a template that will execute a bash script to install LEMP on a server. The bash script below can be used in conjuction with the templates on the Create a LAMP stack docs at https://stfc-cloud-docs.readthedocs.io/en/latest/Heat/CreateALAMPStack.html.
Bash Script
A bash script can be added to a stack template so that when a virtual machine is built, it will automatically set up the VM with the components for a LEMP stack. This script also shows how to automate mysql_secure_installation as well.
#!/bin/bash -v
apt-get update
# packages for PAM should not be updated by using a bash script
# these return prompts to ask if the configuration on the VM can be changed
# and the script becomes 'stuck'
#To overcome this, use apt-mark hold <packages>
apt-mark hold libpam-krb5 libpam-modules libpam-modules-bin libpam-runtime libpam-systemd libpam0g
apt-get -y upgrade
#Then unhold the packages
apt-mark unhold libpam-krb5 libpam-modules libpam-modules-bin libpam-runtime libpam-systemd libpam0g
#Install nginx
apt-get install -y nginx
# In this example, we will install and set up mysql. Alternatively this step can be done after VM creation
apt-get install -y expect #to run intereactive script inside bash shell
#Install mySQL and set up root access
apt-get install -y mysql-server
SECURE_MYSQL=$(expect -c "
set timeout 5
spawn mysql_secure_installation
expect \"Press y|Y for Yes, any other key for No:\"
send \"n\r\"
expect \"Please set the password for root here.\"
send \"temporarypw\r\"
expect \"Re-enter password:\"
send \"temporarypw\r\"
expect \"Remove anonymous users? (Press y|Y for Yes, any other key for No):\"
send \"y\r\"
expect \"Disallow root login remotely? (Press y|Y for Yes, any other key for No):\"
send \"y\r\"
expect \"Remove test database and access to it? (Press y|Y for Yes, any other key for No):\"
send \"y\r\"
expect \"Reload privilege tables now? (Press y|Y for Yes, any other key for No)\"
send \"y\r\"
expect eof
")
echo "$SECURE_MYSQL"
mysql <<EOF
SELECT user,authentication_string,plugin,host FROM mysql.user;
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'secret';
FLUSH PRIVILEGES;
SELECT user,authentication_string,plugin,host FROM mysql.user;
EOF
#add-apt-repository universe #already available for ubuntu bionic
#install PHP and PHP packages
apt-get install -y php-fpm php-mysql
echo "All components for LEMP stack have been installed!"
This script sets up the root password as a temporary password. If you set up a temporary password, this must be changed once the root user has signed into mySQL. Alternatively, the Heat resource OS::Heat::RandomString can be used in the Heat Template to generate a password that can be used when setting up MySQL with this bash script.