I have just installed Ubuntu Server 10.04 with a LAMP setup. I want to host a website there but I'm not sure which is the best way to get/edit my files on the server. Googling provides many options but I'm not sure which is best?
Unless there's a better option, I'd like to be create the pages on another PC (Windows or Linux) and use SFTP to sync the changes to the server - but do I do this to a symlinked folder in ~/ or by changing rights on the /var/www/ folder?
Every setup is different. For me I have a lot of users on a server that each hosts websites, for you, you likely won't need to create more than just one user on the system. However, if you manage multiple websites on this server this setup will help you to manage, configure, and debug each domain in a fashion easier than a standard LAMP setup. In order for that to happen I utilize several devices by Apache to get around permission errors.
First, this is the document structure I use:
/home/[USER]/domains/[DOMAIN]/html
/home/[USER]/domains/[DOMAIN]/logs
Each user has their own account with a domains folder (which I added to /etc/skel so it gets created every time. Each domain has it's own folder in the domains folder with an html folder (I have my reasons for this, primarily so domains can have web files outside of the public realm). Feel free to modify this structure as you see fit, just remember to carry those changes throughout this post.
Secondly, I host a lot of PHP sites so I use suPHP in my configuration. By default the standard archive package doesn't have the proper compile flag enabled resulting in a less secure version of suPHP. I've made my own suPHP package which I use on my servers, installation instructions below. suPHP allows you to define what user PHP scripts should be executed as (among other things including: custom php.ini for each site, etc). I also enable suExec for Apache - further removing the need to have any ownership to www-data user (a user which I despise).
First ensure you have Apache, and all other services installed on your server. Make sure they are at least working. After that I recommend installing suphp-common and the required libapache2-mod-suphp module (More information: What are PPAs and how do I use them?). Then, after those install, activate suPHP and suexec using a2enmod
sudo a2enmod suphp
sudo a2enmod suexec
sudo a2dismod php5
sudo /etc/init.d/apache restart
Next will come the configuration file. I've made various tools that automatically generate the configuration files everytime I add a new site; however, here is the basic template I use:
<VirtualHost *:80>
ServerAdmin [EMAIL]
ServerName [DOMAIN]
ServerAlias www.[DOMAIN] [DOMAIN]
DocumentRoot /home/[USER]/domains/[DOMAIN]/html
<Directory /home/[USER]/domains/[DOMAIN]>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
</Directory>
ErrorLog /home/[USER]/domains/[DOMAIN]/logs/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /home/[USER]/domains/[DOMAIN]/logs/access.log combined
SuexecUserGroup [USER] [USER]
suPHP_UserGroup [USER] [USER]
suPHP_ConfigPath /home/[USER]/etc
</VirtualHost>
This sets up logging for that domain, the document root, and all other basic necessities for the domain to operate. I place these files in /etc/apache2/sites-available/ typically named [USER]-[DOMAIN] and enable/disable them with a2ensite like so:
sudo a2ensite [USER]-[DOMAIN]
sudo a2dissite [USER]-[DOMAIN]
After each modification to configuration files Apache will need to be reloaded with
sudo /etc/init.d/apache reload
While it may seem like a lot to setup the amount of flexibility gained, in my opinion, far outweighs the setup time. Though you only need a single user webserver, in the future if you ever wanted anything other than a single user webserver, you would need to perform further actions (or just drop security all together) in order to do so.
Sftp is very easy to install. Just install the package openssh-server and you will have sftp. Make sure your user has a good password if you can get to it from the internet. (8+ characters, not a dictionary word, has symbols and numbers).
For permissions, I usually do this
sudo adduser <username> www-data
sudo chown -R www-data:www-data /var/www
sudo chmod -R g+rw /var/www
You should then be able to post pages by connecting with sftp (using your username and password) and then going to the /var/www folder and placing your files there.
I use webdav. It's very easy to install on Ubuntu Server. If you have apache installed you're almost done. Just sudo a2enmod dav; service apache2 restart. You'll need to do a little configuration of your virtual site. Here's an example that I'm using in production:
<VirtualHost *>
ServerName webdav.mysite.com
ServerAdmin webmaster@mysite.com
DocumentRoot /srv/mysite
DAVLockDB /var/lock/apache2/DAVLock
<Directory /srv/mysite>
Order allow,deny
Allow from all
Dav On
DAVMinTimeout 600
DAVDepthInfinity On
AuthName "mysite login"
AuthType Basic
AuthUserFile /srv/mysite/.htpassword
Require valid-user
</Directory>
php_admin_value engine off
</VirtualHost>
<VirtualHost *>
ServerName mysite.com
ServerAlias *.mysite.com
ServerAdmin webmaster@mysite.com
DocumentRoot /srv/mysite/www
<Directory /srv/mysite/www>
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /srv/mysite/cgi-bin/
</VirtualHost>
You can put this in /srv/etc/apache2/sites-available/mysite and then do sudo a2ensite mysite; sudo service apache2 reload.
What is happening here is you've created two virtual sites. One is www.mysite.com and the other is webdav.mysite.com. PHP has been disabled on webdav.mysite.com which is important.
Now you can access your site over http on Ubuntu, Windows and MacOS. All three have built in webdav support. Here are instructions on adding a webdav network location in Ubuntu.
I would give write permissions to /var/www to the www-data and add your user to that group. That way it would be easy to control which users can write to that directory.
sudo chgrp -R www-data /var/www
sudo chmod g+w -R /var/www
usermod -a -G www-data your-user
Are you using any framework for your site? Drupal, Wordpress, etc? Drupal for example has tools to upload via browser interaction.
Have you looked into Samba? You can setup a Samba share (and there are tons of resources on the web for them) and simply use Windows Explorer to open/edit/save/delete. Setup /var/www to be shared and then map the "network drive" to windows.
Is this a work or a home environment? It sounds like home, but if you are in a work environment... you can pair Samba with Active Directory with tools like Likewise-Open. I have a server/website setup such that those in the IT shop can log in to either side of the server (linux or website) via their AD credentials.
I'd also suggest looking into something like Mercurial. Create a repository on the server, and sync with windows via something like TortiseHG. I assume it's like rsync, but you would have version-ing, backups, ability to distribute, etc (SVN, Mercurial, Git, etc all options)
Are you after something like this
rsync -az --rsh "ssh" --rsync-path "sudo rsync" ~/website ubuntu@REMOTE-IP:/var/www
