This tutorial will guide you on how to install and configure FBEMP in FreeBSD 11.x latest release. FBEMP is an acronym which describes the following collection of software:
FreeBSD 11.1 Unix-like distribution, Nginx web server, MariaDB relational database management system (a community fork of MySQL) and PHP dynamic programming language which runs on server-side.
Requirements
Step 1: Install Nginx Web Server on FreeBSD
1. The first service we’ll install for our FBEMP stack in FreeBSD is the web server, represented by Nginx software.
Nginx web server has more pre-complied packages available in FreeBSD 11.x PORTS. In order to get a list of Nginx binaries from Ports repositories, issue the following commands in your server terminal.
# ls /usr/ports/www/ | grep nginx # pkg search -o nginx
2. In this particular configuration, we’ll install the main package version of Nginx by issuing the below command. The pkg package management will ask you if you want to proceed with installing the nginx package. Answer with yes (y in command line) in order to start the installation process.
# pkg install nginx
3. After Nginx web server package was installed in your system, execute the following commands in order to enable the daemon system-wide and start the service in your system.
# sysrc nginx_enable="yes" # service nginx start
4. Next, using the sockstat command, verify Nginx service network sockets, if they are binding on 80/TCP port, by issuing the below command. The output of sockstat command will be piped through grep utility in order to reduce the returned results only to nginx string.
# sockstat -4 | grep nginx
5. Finally, open a browser on a desktop computer in your network and visit Nginx default web page via HTTP protocol. Write the FQDN of your machine or your domain name or the IP address of your server in browser’s URL filed to request Nginx web server default web page. The message “Welcome to nginx!” should be displayed in your browser, as illustrated in the below screenshot.
http://yourdomain.com http://your_server_IP http://your_machine_FQDN
6. The default weboot directory for Nginx web content in located in /usr/local/www/nginx/ absolute system path. In this location you should create, copy or install web content files, such as .html or .php files, for your website.
To change this location, edit nginx main configuration file and change the root directive to reflect your new webroot path.
# nano /usr/local/etc/nginx/nginx.conf
Here, search and update the following line to reflect your new webroot path:
root /path/to/new/webroot;
Step 2: Install PHP on FreeBSD
7. Unlike Apache HTTP server, Nginx does not have the capability to natively process PHP code. In return, Nginx web server passes PHP requests to a PHP interpreter, such as php-fpm FastCGI daemon, which inspects and executes the code. The resulted code is then returned back to Nginx, which re-assembles the code back to the requested html format and sends the code further to visitor web browser.
FreeBSD 11.x Ports repositories offers multiple binary versions for PHP programming language, such as PHP 5.6, PHP 7.0 and PHP 7.1 releases. In order to display all available pre-compiled PHP versions in FreeBSD 11.x, run the below commands .
# pkg search -o php # ls /usr/ports/lang/ | grep php
8. You can choose to install whatever version of PHP you find best suited for the web application you run in your system. However, in this guide we’ll install PHP latest version.
To install PHP 7.1 release and some PHP important modules required for diverse web applications, run the following command.
# pkg install php71 php71-mysqli php71-mcrypt php71-zlib php71-gd php71-json mod_php71 php71-mbstring php71-curl
9. After you’ve installed PHP packages in your system, open PHP-FPM configuration file for Nginx and adjust the user and group values to match the value on the Nginx runtime user, which is www. First, make a backup of the file with the below command.
# cp /usr/local/etc/php-fpm.d/www.conf{,.backup}
Then, open the file and update the following lines as presented in the below sample.
user = www group = www
10. Also, create a PHP configuration file used for production by issuing the below command. On this file you can make custom changes that will be applied to PHP interpreter at runtime.
# cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
For instance, change the date.timezone setting for PHP interpreter in order to update your machine physical location as shown in the below example. PHP timezone list can be found here: http://php.net/manual/en/timezones.php.
# vi /usr/local/etc/php.ini
Add following timezone (set timezone as per your country).
date.timezone = Europe/London
You can also adjust other PHP variables, such as maximum file size of uploaded file, which can be increased by modifying the below values:
upload_max_filesize = 10M post_max_size = 10M
11. After, you’ve made the custom settings for PHP, enable and start PHP-FPM daemon in order to apply the new configurations by issuing the below commands.
# sysrc php_fpm_enable=yes # service php-fpm start
12. By default, PHP-FPM daemon in FreeBSD binds on a local network socket on port 9000/TCP. To display PHP-FPM network sockets execute the following command.
# sockstat -4 -6| grep php-fpm
13. In order for Nginx web server to pass the PHP scripts to FastCGI gateway server, which is listening on 127.0.0.1:9000 socket, open Nginx main configuration file and add the following block of code as illustrated in the below sample.
# vi /usr/local/etc/nginx/nginx.conf
FastCGI code block for nginx:
location ~ \.php$ {
root /usr/local/www/nginx;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
14. In order to view the current PHP information for your server, create an info.php file in Nginx weboot path by issuing the following command.
# echo "<?php phpinfo(); ?>" | tee /usr/local/www/nginx/info.php
15. Then, test and restart Nginx daemon to apply the PHP FastCGI settings and visit the info.php page in a browser.
# nginx -t # Test nginx configuration file for syntax errors # service nginx restart
Replace the IP address or domain name in the below links accordingly. PHP info page should display information as illustrated in the below screenshot.
http://yourdomain.com/info.php http://server_IP-or-FQDN/info.php
Step 3: Install MariaDB on FreeBSD
16. The last component missing from your FEMP stack in the database. MariaDB/MySQL is one of the most associated open source RDBMS software with Nginx web server used for deploying dynamic websites.
Actually, MariaDB/MySQL is one of the most used relational databases in the world. Searching through FreeBSD Ports, you can find multiple releases of MariaDB/MySQL.
In this guide we’ll install MariaDB database, which is a community fork of MySQL database. To search for available versions of MariaDB, issue the following commands in terminal.
# ls -al /usr/ports/databases/ | grep mariadb # pkg search mariadb
17. To install the latest version of MariaDB database server execute the following command. You should also install the PHP relational database driver module used by PHP scripts for connecting to MySQL.
# pkg install mariadb102-server php71-mysqli
18. After the database has been installed, enable MySQL daemon and start the database service by running the following commands.
# sysrc mysql_enable="YES" # service mysql-server start
19. Also, make sure you restart PHP-FPM daemon in order to load MySQL driver extension.
# service php-fpm restart
20. On the next step, secure MariaDB database by launching mysql_secure_installation script. Use the below sample of the installation script in order to answer the questions. Basically, say yes (y) for all asked questions to secure the database and type a strong password for MySQL root user.
# /usr/local/bin/mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
21. To test MariaDB database connection from console, execute the below command.
# mysql -u root -p -e "show status like ‘Connections’"
22. In order to further secure MariaDB, which by default to listens for incoming network connections on 0.0.0.0:3306/TCP socket, issue the below command to force the service to bind on loopback interface and completely disallow remote access. Afterwards, restart MySQL service to apply the new configuration.
# sysrc mysql_args="--bind-address=127.0.0.1" # service mysql-server restart
Verify if the localhost binding was successfully applied by running netstat command as shown in the below example.
# netstat -an -p tcp
That’s all! You’ve successfully installed Nginx web server, MariaDB relational database and PHP server-side programming language in FreeBSD. You can now start building dynamic web pages to serve web content to your visitors.
Thank you for sharing.
The article is wrong and should be removed, leave FreeBSD up to the experts and stop teaching people the wrong information
@Mickey,
If are so expert, then tell me whats’ wrong with the article? I will tell author to correct based on your findings..